Use oslo_db helper that will allow to restart the whole
transaction in case it needs a certain operation to be repeated.
This is a workaround for the REPEATABLE READ problem where
retrying logic will not work because queries inside a transation
will not see updates made by other transactions.
So, run every attempt in a separate transaction.
Change-Id: I68f9ae8019879725df58f5da2c83bb699a548255
Closes-Bug: #1382064
This is an initial patch in a series that, by using an event framework,
cleans up the relationship between ML2 and L3, so that they are no longer
tightly coupled. A follow-up will take address the coupling during the
port delete operation.
The newly introduced notification hooks not only benefit the L3 service
plugin, but any other plugin that has an interest in knowing about port
events.
Long term, the notification bits can move in a more 'common' place so that
other plugins can take advantage of them, but as mentioned in a parent patch,
the perestroika is not quite there yet.
Related-blueprint: services-split
Related-blueprint: plugin-interface-perestroika
Change-Id: I6527b1cb53a71a1f68329a7a3b1878094558f8c2
It's mostly a matter of changing imports to a new location.
Non-obvious changes needed:
* pass overwrite= argument to oslo_context since oslo.log reads context
from its thread local store and not local.store from incubator
* don't store context at local.store now that there is no code that
would consume it
* LOG.deprecated() -> versionutils.report_deprecated_feature()
* dropped LOG.audit check from hacking rule since now the method does
not exist
* WritableLogger is now located in oslo_log.loggers
Dropped log module from the tree. Also dropped local module that is now
of no use (and obsolete, as per oslo team).
Added versionutils back to openstack-common.conf since now we use the
module directly from neutron code and not just as a dependency of some
other oslo-incubator module.
Note: tempest tests are expected to be broken now, so instead of fixing
all the oslo.log related issues for the subtree in this patch, I only
added TODOs with directions for later fix.
Closes-Bug: #1425013
Change-Id: I310e059a815377579de6bb2aa204de168e72571e
Fixes an issue where SLAAC and DHCPV6-stateless subnets can be
deleted even if they are attached to an internal router port.
This patch raises an exception whenever a subnet is deleted
that has existing IP Allocations on an internal router port.
Change-Id: I0a16156274b5736236654fca6700ef2d67f4519b
Closes-Bug: #1424760
ml2 plugin sometimes uses immediates and constants as the key for
resource like 'network'. Such inconsistency is undesirable, this patch
makes use of constants in neutron.api.v2.attributes consistently.
Change-Id: I965035a6db54a5db54942eb4b584aaf8d6a68c43
This patch adds more tests for ML2 extension driver.
It also fixes a minor bug which was revealed.
The data argument for process/update method of extension driver
was inconsist. some are given data like
{'resource': {'arg': 'value'...}}. But some are given one like
{'arg': 'value'}.
This inconsistency needs to be fixed so that argument is
{'arg': 'value'}. Given the argument is known to be network,
there is no point to carry outer dictionary.
Partially Implements: blueprint ml2-ovs-portsecurity
Change-Id: I4614c3ba5eff0ace46cc928517e31c14b7b2e448
When we remove a router from an agent that has already been
unscheduled from we raise an exception that eventually causes an error.
The method '_unbind_router' raises a 'RouterNotHostedByL3Agent' exception
on failure. In both cases the actual removal of the router
from the same agent has no effect.
The solution is to stop raising 'RouterNotHostedByL3Agent' so
that _unbind_router() being invoked without error can indicate that
the router is no longer bound.
This solution matches the behaviour found when trying
to schedule a router to the same agent twice.
This change is a result of the discussion in:
https://review.openstack.org/#/c/144681/2
Closes-Bug: #1406705
Change-Id: I015bfc0fde11ba4f39417e4c134faa8132cb3eac
Sentinel patch to establish whether commit [1] is at
fault of the sudden spike of DBDeadlock errors.
[1] d6a55c1736
Change-Id: I021e94e322f9b5eca665ea3aede41e034d3047cc
Closed-Bug: #1426543
Added code to implement filters for provider network attributes
in ML2 plugin. There was a todo item in code but never got done.
It is needed to lookup networks based on provider network attributes.
Change-Id: I9eaa8bd8fa35cfe2b94551f9c27336503f118ce6
Closes-Bug: 1333475
Many neutron extensions(like portsecurity) use the plugin_context
variable instead of just the database session. This change
modifies the extension driver api to pass the plugin_context
Change request also modifies the extend_XXX resource api to use the
respective data model(network/subnet/port) passed to it.
Implements: blueprint extensions-in-ml2
Partially Implements: blueprint ml2-ovs-portsecurity
Closes-Bug: 1382448
Change-Id: Icf84615e5fee8b59cbc95ab9b634f1a49f4b56a3
There's no need to get the network from the DB in
_commit_port_binding since it's stored in the PortContext
Change-Id: Icd5200746dc8fbba336bd4e5714b90b9f89704c0
This change allows combining multiple RPC calls for
security group member/provider updates that are needed
as a result of create bulk port operations.
Change-Id: Ibfe84f40e55a9847cbcaa4a7344988b2d3fb895e
Closes-Bug: #1373634
This reverts commit 67e45d324a.
This commit caused a regression in tripleo-ci where some dhcp
options ended up missing(tftp options).
Closes-Bug: #1421835
Change-Id: Ibe68eceb2f5a36cf40cc1c378c1a59a35bfcbf7f
The ML2 port binding logic is modified to support hierarchical
bindings. If a mechanism driver's bind_port() calls continue_binding()
rather than set_binding(), the supplied dynamic segments are used for
another level of binding.
Gerrit Spec: https://review.openstack.org/#/c/139886/
Implements: blueprint ml2-hierarchical-port-binding
Change-Id: Id741c2d6c443fa0eac5ecf8d964b3fc14b5d3abe
To support hierarchical port binding, the driver and segment columns
are moved from the ml2_port_bindings and ml2_dvr_port_bindings tables
to a new ml2_port_binding_levels table. This new table can store
multiple levels of binding information for each port. It has the host
as part of its primary key so that it can be used for both normal and
DVR port bindings.
The cap_port_filter column is also removed from the
ml2_dvr_port_bindings table, since the adjacent driver and segment
columns are being moved, and this can trivially be done via the same
DB migration. It was included in the table by mistake and was never
used.
The logic required for hierarchical port binding will be implemented
in a dependent patch.
Gerrit Spec: https://review.openstack.org/#/c/139886/
Partially-implements: blueprint ml2-hierarchical-port-binding
Change-Id: I08ddc384763087fbac0fa3da3ed6e99b897df031
When port is being deleted via API it is not removed
from ovsdb and corresponding iptables chains remain
even though the port does not exist.
This patch adds a notification for the ovs neutron agent,
upon which the port is deleted from ovsdb.
Co-Authored-By: Akash Gangil <akashg1611@gmail.com>
Closes-Bug: #1333365
Change-Id: Iccda3bee98d561ef3a06d0317d3d68d6b1dfb76b
Make function _bind_port_if_needed to bind at least one time when the port's
binding status passed in is already in binding_failed.
Change-Id: I823ff5ca66833cdca459f13ab28f5075ae03ded3
Closes-Bug: #1399249
Oslo project decided to move away from using oslo.* namespace for all their
libraries [1], so we should migrate to new import path.
This patch applies new paths for:
- oslo.config
- oslo.db
- oslo.i18n
- oslo.messaging
- oslo.middleware
- oslo.rootwrap
- oslo.serialization
- oslo.utils
Added hacking check to enforce new import paths for all oslo libraries.
Updated setup.cfg entry points.
We'll cleanup old imports from oslo-incubator modules on demand or
if/when oslo officially deprecates old namespace in one of the next
cycles.
[1]: https://blueprints.launchpad.net/oslo-incubator/+spec/drop-namespace-packages
Depends-On: https://review.openstack.org/#/c/147248/
Depends-On: https://review.openstack.org/#/c/152292/
Depends-On: https://review.openstack.org/#/c/147240/
Closes-Bug: #1409733
Change-Id: If0dce29a0980206ace9866112be529436194d47e
DVR ports are now bound using the same function,
Ml2Plugin._bind_port_if_needed(), that is used to bind non-DVR ports,
so that concurrent binding attempts are properly handled and mechanism
driver update_port_precommit() and update_port_postcommit() methods
are called. The Ml2Plugin._commit_dvr_port_binding() function is
eliminated, and the DvrPortContext class has been folded into the
PortContext class, reducing duplicated logic.
A followup patch will address the duplication of ML2 DB schema for DVR
and further reduce the duplicated and special-case port binding logic
supporting DVR.
Closes-Bug: 1415526
Closes-Bug: 1416783
Partial-Bug: 1367391
Change-Id: Ic32241297c5f8c67dc77d0af836b1cc0a5df988a
This adjusts the prevent_l3_port_deletion function to handle
the case where the port ID that is passed to it does not have
an entry in the database.
Previously it was raising an exception in this case, which is
inconsistent to how ML2 was handling concurrent port_delete requests
further in the port delete function (log them but don't fail).
Closes-Bug: #1416554
Change-Id: I6da021bdf0c79f72336416d02ab989407f352904
With ironic servers, a NIC can fail and be replaced with one that has a
different mac. The corresponding neutron port needs to be updated with
the new mac address so the NIC can be guaranteed to retain the same IP
address.
This change enables this feature in the ml2 plugin. There may need to
be changes to other plugins to disable or complete the implementation of
this feature.
Closes-Bug: #1341268
Partially-implements: blueprint allow-mac-to-be-updated
APIImpact: Ports
DocImpact: minor port update api change
Change-Id: I1864c0882cda7eddc9ced519ed3f96c91b2b63f3
Networks are removed from dead agents after a certain
configurable time.
Then unhosted networks could be picked up by alive DHCP agents.
The feature is added for all plugins that support DHCP scheduling
DocImpact
Change-Id: I6ab03b1642f54aa1d5de8844d95c758f1cb273f1
Closes-Bug: #1386794
For auto-address subnets such as those with SLAAC and DHCP_STATELESS
address modes it is ok to delete them even when there are active IP
allocations.
The current logic might trigger unexpected 409 errors if IP
allocations are made on these subnets concurrently with their
deletion.
This patch simply ensures the final check for active IP allocations is
not performed for this class of subnets; since all IP allocations will
be removed anyway, it does not make sense to check whether there are
allocations at all. In fact, doing this check might cause a failure
of the delete operation if an IP allocation is made concurrently.
This patch also factors out the logic for checking whether there are
IP allocations on the subnet to avoid code duplication.
Closes-Bug: #1414199
Change-Id: I1c4ca6f677845f6e2e8d88f3629c0e91ca73b5d0
The following ML2 driver API changes are required to support
hierarchical port binding:
* Add segments_to_bind PortContext property containing the list of
network segments with which a mechanism driver should try to bind
the port. All mechanism drivers that bind ports should now use this
property in place of network.network_segments, which contains only
the network's static segments.
* Replace several PortContext properties (bound_segment, bound_driver,
original_bound_segment, original_bound_driver) with new properties
(binding_levels, top_bound_segment, bottom_bound_segment,
original_binding_levels, original_top_bound_segment,
original_bottom_bound_segment) in order to represent hierarchical
bindings.
* Add stubbed-out continue_binding() method to PortContext, allowing
mechanism drivers to partially bind the port.
All existing drivers and unit tests are updated accordingly.
The DB schema changes and logic required for hierarchical port binding
will be implemented in dependent patches.
Gerrit Spec: https://review.openstack.org/#/c/139886/
Partially-implements: blueprint ml2-hierarchical-port-binding
Change-Id: Icb1a016f4661e427cb6cfa3452802ba5e64b7124
Namespaces are not used anymore, so imports are for oslo_concurrency,
not oslo.concurrency.
lockutils direct call is not supported anymore, so using shipped
lockutils-wrapper instead.
Use ExternalLockFixture to set lock_path for unit testing.
Updated cache and cache/_backends module from oslo-incubator to use
oslo.concurrency and not incubator version of lockutils module.
Dropped lockutils incubator module that is now moved to oslo.concurrency. Not
dropping fixture module that includes lockutils fixture since other fixtures
are still used in the tree.
Closes-Bug: #1387092
Change-Id: I2ba2295f8f5d55f272a9d23555940586b25b5a1c
Currently, "is_slaac_subnet" method only checks "ipv6_address_mode".
This will let neutron allocate a stateful IPv6 address for instance
when ipv6_ra_mode set to "stateless" or "slaac", and "ipv6_address_mode"
unset. But actually, instance get IPv6 address prefix from radvd, and
auto configure IPv6 address by itself. This change will let "is_slaac_
subnet" also check ipv6_ra_mode attribute, which will no longer allow
fixed IPs on auto-address subnets and delete subnet will correctly delete
auto-address ports.
Change-Id: Ic99193a0a2669fb281759d9b47c7aae6a4f6ecce
Closes-Bug: 1406436
Currently, the bulk create operations in ML2 are executed in
a transaction. This means all precommit and postcommit operations
for such operations are in a transaction. Postcommit operations
are expected to be executed outside of transactions as they may
communicate with a backend and introduce substantial delays. This
fix removes the postcommit operations from the transaction for
bulk create network/subnet/port operations.
Change-Id: I9a9683058088e50d9443040223232bf5e1396ccf
Closes-Bug: #1193861
In some cases PortNotFound exception during network_delete
could be caused by concurrent port deletion by DHCP agent.
This condition should not prevent network from deleting.
Change-Id: Ie6eae4cecb64120c41de9823d9e72066094ad2ce
Closes-Bug: #1405197
Jenkins