This job is used only in stable/ocata branch so there is no need to
keep those hooks in master branch anymore.
Change-Id: I65f712934314122da0bb2f14d1e3fe9cbd5dd759
This patch also removes config of osprofiler middleware in api-paste.ini
file in neutron-tempest-iptables_hybrid job as this middleware is
currently enabled by default.
Change-Id: Ifd3fdc33ba5c489618a568cccc20ee14e7d600a6
Some L3 ports can directly modify the IP address now,
but there are some types of device_owner, for instance
network:router_centralized_snat, should not allow to
change the IP address, otherwise it will increase L3
agent code complexity.
Since router public gateway port is related to the
external network, and this port can be used for some
service, like VPN. So after this patch we will only
allow the gateway port to update the IP address
directly, aka device_owner network:router_gateway.
The following l3 router ports will not be allowed to
directly update the IP address:
network:ha_router_replicated_interface
network:router_centralized_snat
network:router_ha_interface
network:router_interface
network:router_interface_distributed
Remove one unit test case since it will not occur in
neutron.
Change-Id: I2890a71abc82cb781b601afb879bdcca10e39257
Closes-Bug: #1796824
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.
API update router gateway json:
{
router": {
"external_gateway_info": {
...
"qos_policy_id": "policy-uuid"
}
}
}
Depends-On: https://review.openstack.org/#/c/567497/
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
In the Neutron CI meeting on 2018-10-02 [1] we decided on the proper
approach for fullstack testing of Neutron in Zuul. The approach is:
1. There should be only one fullstack CI job, named "neutron-fullstack"
2. The neutron-fullstack job should invoke python3 in tox.ini
This change implements the agreed-upon approach.
Switching the nodeset to newer OS will be handled in a separate step
[1] http://eavesdrop.openstack.org/meetings/neutron_ci/2018/neutron_ci.2018-10-02-16.00.html
Co-Authored-By: Nate Johnston <nate.johnston@redhat.com>
Change-Id: I37c1cb42b3a94532e7b7fea21a929a39fe63f00b
Add support for listing floating ip pools (subnets).
A new API resource ``floatingip-pools`` is introduced.
This API endpoint can return a list floating ip pools
which are essentially mappings between network UUIDs and
subnet CIDRs. Users can use this API to find out the pool
to create the floating IPs.
Related patches:
* neutron-lib: https://review.openstack.org/#/c/556674/
* tempest-plugin: https://review.openstack.org/#/c/562038/
APIImpact add floatingip pools api
Change-Id: Iaa995630645042520df67d95271e14f11ffcff8c
Partial-Bug: #1653932
The gate_hook.sh file uses `tempfile`, which does not exist in Fedora
28. In Ubuntu it is marked as deprecated in favor of `mktemp`, which
does exist in Fedora 28. Since we would like to add a set of tests
running on Fedora 28 it makes sense to replace references to `tempfile`
with `mktemp`.
Change-Id: I9c97cc03b569f8ded6b65358c23f04353e12169d
Nested virt doesn't work well on infra nodes.
This reverts commit 73f111e7e8.
Change-Id: Ie76684e656066834fc0600d618004ca21ccb1223
Closes-Bug: #1788006
virt_type option in nova-compute will be now set to "kvm" instead
of "qemu" if test job will be running on node which supports
nested virtualization.
In case of nodes where it's not supported, devstack will
automatically switch it to "qemu" again. It's in [1].
This should improve time of booting vms so tests should be finished
faster and there should be less errors with ssh to instance timeouts.
[1]
http://git.openstack.org/cgit/openstack-dev/devstack/tree/lib/nova#n289
Change-Id: Ia361f33f0b103ed44ef372c1464b3c0473a19291
Enforce validation on filter parameters on list requests.
If an API request contains an unknown or unsupported parameter,
the server will return a 400 response instead of silently ignoring
the invalid input.
In resource attributes map, all filter parameters are annotated by
the ``is_filter`` keyword. Attributes with is_filter set to True
are candidates for validation.
Enabling filter validation requires support from core plugin and
all service plugins so each plugin need to indicate if it supports
the validation by setting ``__filter_validation_support`` to True.
If this field is not set, the default is False and validation is
turned off. Right now, the ML2 plugin and all the in-tree service
plugin support filter validation. Out-of-tree plugins will have
filter validation disabled by default.
An API extension is introduced to allow API users to discover this
new API behavior. This feature can be disabled by cloud operators
if they choose to do that. If it is disabled, the extension won't
be presented.
Depends-On: Ic3ab5b3ffdc378d570678b9c967cb42b0c7a8a9b
Depends-On: I4397df1c35463a8b532afdc9c5d28b37224a37b4
Depends-On: I3f2e6e861adaeef81a1a5819a57b28f5c6281d80
Depends-On: I1189bc9a50308df5c7e18c329f3a1262c90b9e12
Depends-On: I057cd917628c77dd20c0ff7747936c3fec7b4844
Depends-On: I0b24a304cc3466a2c05426cdbb6f9d99f1797edd
Change-Id: I21bf8a752813802822fd9966dda6ab3b6c4abfdc
Partial-Bug: #1749820
Functionality is added to the ML2 plugin to handle multiple port
bindings
Co-Authored-By: Anindita Das <anindita.das@intel.com>
Co-Authored-By: Miguel Lavalle <miguel.lavalle@huawei.com>
Partial-Bug: #1580880
Change-Id: Ie31d4e27e3f55edfe334c4029ca9ed685e684c39
In before, filtering of AZs is using the filter implementation of
agents. To filter the AZs, users need to find the AZ fields to filter,
locate their corresponding fields in agent, and compile the filters
based on the mapping between AZ and agent. This is undesirable.
This patch improve the filtering of AZ by converting the AZ filters
to agent filters. The supporting AZ filters are:
* name: the name of the availability zone
* state: the value is either 'available' or 'unavailable'
* resource: the value is either 'network' or 'router'
NOTE: For backward-compatibility, the old filters still works but
its usage is discourage.
APIImpact: Add filters to specify attributes of availability zones
Needed-By: Icbf427f20ca912a40d68e8042abeeabffeb3005f
Change-Id: Id882f949cc73a34290c311f3ce3d69d1b809c29f
Ensure that host routes are maintained for each subnet within
a network. Subnets associated with different segments on the
same network get host_routes entries added/removed as subnets
are created, deleted or updated.
This change handle the host_routes for the peer subnets on the
same network when a subnet is created or deleted.
Also adds a shim api extension.
APIImpact: Host routes are now calculated for routed networks.
Closes-Bug: #1766380
Change-Id: Iafbabe6352283e7f1a535a7b147bd81fb32f0ed1
Passing 'null' (None) as the mac address in a port update
request causes the port's mac address to be re-generated
using the base MAC address Neutron uses for VIFs.
This change implementes a temporary lib api definition
with a new converter that will generate valid mac if the
data provided is None.
APIImpact: Port mac_addr regenerated if None passed on update.
Closes-Bug: #1768690
Change-Id: I7d04beea4810718c3b745de8ea97897b1323267e
In commit [1] openvswitch firewall driver is switched to be
default one used in devstack.
So various tempest jobs will use this driver and it will be
tested.
We now need separate job to test non-default firewall driver
which currently is iptables-hybrid driver.
[1] https://review.openstack.org/#/c/568297/
Depends-On: https://review.openstack.org/#/c/568297/
Change-Id: I6061a173c95c8a41a61bfa298ae5964cc9b5d2e8
The release we are using is more than a year old, let's update to a
recent release in order to make sure we stay up to date.
Change-Id: Ie26870495719bb4d702be3fa3068440714edd3e9
In some test jobs, like fullstack and ovsfw-scenario job
openvswitch kernel module is compiled from source before tests.
This compilation was failing because of new kernel 4.4.0-127 provided
by Ubuntu.
Kernel module will be compiled from source which contains
fix for this change in kernel.
See related openvswitch commit message for details:
138df3e563
As current Ubuntu uses ovs 2.9.0 we don't need to compile ovs for
ovsfw-scenario-job anymore because fix we needed is already contained
in ovs 2.9.0.
Change-Id: Idc34776e5b2fad105e246f7718220c23f0a94164
Closes-bug: #1772689
This will enable users to filter list of results with attributes
with empty value. For example, the request below will list
all unbound ports (unbound ports have blank device_id).
GET "/ports?device_id="
APIImpact
Change-Id: I9001214de126eb888c2425b6a6275f59ec8478e7
Closes-Bug: #1749304
Standard attributes has been added to segment [1] and we need
a shim extension to indicate this.
[1] https://review.openstack.org/#/c/558318/
Change-Id: I761fa7cb684a457726dedc95fde92d6adb86f5e4
Partial-Bug: #1765008
It is required to run FloatingIP QoS scenario test in test jobs
which uses legacy zuul playbooks (like dvr-multinode job for example)
Change-Id: Id3e94383bc385176e1b19a9c2f64fe29026b59e2
The tag and tag_ext extensions are deprecated for removal, but are not
used widely today [1]. Rather than rehoming these extensions to
neutron-lib and carrying out their deprecation life-cycle for no
apparent reason, this patch proposes we just remove them now.
While [2] initially removed these extensions, we had to revert
them with [3].
Depends-On: I295a5b84eb7fa3439561fa009b7499f94d8df4d2
[1] http://codesearch.openstack.org/?q=from%20neutron.extensions%20import%20(tag_ext%7Ctag)
[2] I0d7bcd789b468b1dd3f7ea13e6751a46203d6778
[3] If16443616eee703b66d57b6422dd451a443fbc64
Change-Id: I97095453610fff114d999a526d67e78119546ff5
It looks that many scenario tests are failing because of too long
instance booting time and reached ssh timeout during checking
connectivity.
So longer timeout should solve this problem and tests should
not fail with this reason.
Change-Id: I5d0678ea2383483e6106976c148353ef4352befd
Closes-Bug: #1754327
It looks this patch breaks Zun's gate. The reason might be
that Zun depends on Kuryr-libnetwork which still use the
legacy tag extension. I propose to revert this for now and
give the kuryr team some time to migrate to the new extension.
This reverts commit 38148d1752.
Change-Id: If16443616eee703b66d57b6422dd451a443fbc64
The tag and tag_ext extensions are deprecated for removal, but are not
used today [1]. Rather than rehoming these extensions to neutron-lib and
carrying out their deprecation life-cycle for no apparent reason, this
patch proposes we just remove them now.
[1] http://codesearch.openstack.org/?q=from%20neutron.extensions%20import%20(tag_ext%7Ctag)
Change-Id: I0d7bcd789b468b1dd3f7ea13e6751a46203d6778
This patch allows users to filter ports depending on security groups.
In addition to that I added a unit test to verify this change.
TODO: move security_groups_port_filtering_lib.py into neutron-lib.
Closes-Bug: 1405057
Change-Id: I528719d895fc1d89f74e2ee85b9ddc470323c601
We still run API tests agains logging API and the job has OVS enabled.
As all linuxbridge flavors contain same string, this patch changes when
logging service plugin is configured which is always but in linuxbridge
scenario job.
Change-Id: I66234f45ee74c070119d84830790df296ba8d5f7
Related-bug: #1743463
Current implementation of the agent l2 extension is not compatible with
linuxbridge. More work should happen before it's possible to enable it
back.
Change-Id: I2db1ffea4c172a9461b22c46e99f0abbb4fc1d85
Related-Bug: #1743463
Neutron currently supports filtering ports by matching the exact
IP address. This patch adds support for substring matching using
"LIKE" SQL operator.
This patch also added a new API extension to show whether or not
the substring matching capability is available.
APIImpact add IP address substring filtering on listing ports
API-ref: I97259b85a2dce5a54bb6ea2cb9d9779ec0a25504
Co-Authored-By: Zhenyu Zheng <zhengzhenyu@huawei.com>
Change-Id: I9549b2ba676e1bad0812682c3f3f3c97de15f5f6
Closes-Bug: #1718605
Having environment that supports different MTUs for networks,
check connectivity between 2 VMs with such networks
Change-Id: I5721a9ee35235c15bef1a9e8d62568abbfb5dc45
Slawek Kaplonski