Removed E125 (continuation line does not distinguish itself
from next logical line) from the ignore list and fixed all
the indentation issues. Didn't think it was going to be
close to 100 files when I started.
Enabling osprofiler tracing on class OVSNeutronAgent decorates all of
its methods. Doing this as label "rpc" for locally called methods is
More importantly later we want to enable tracing triggered by a vif
plug. For that profiler.init() must be called sometime in
OVSNeutronAgent.process_ports_events(). If process_ports_events() is
decorated for tracing and we call profiler.init() inside then we'll have
the end of the method call traced, but not its beginning. The unmatching
end-trace-event makes osprofiler raise.
Filter neutron_lib.objects.utils.NotIn, designed to work with OVO objects
was used in db query and because of that ports belong to network wasn't
filtered by vif_type thus if there were any ports in network, it was not
possible to change its segmentation id.
Bulk ports were not binding correctly when they were created. This is
due to a few inconsistencies between the create_port code and the
create_port_bulk code, mostly a result of the use of the Port object in
the bulk code.
Added "connectivity" parameter to mech driver vif_details. The default
value is "legacy". The in-tree drivers (Linux Bridge, Open vSwitch, SR-IOV
and MacVTap) have "l2" connectivity.
Ovs-agent will scan and process the ports during the
first rpc_loop, and a local port update notification
will be sent out. This will cause these ports to
be processed again in the ovs-agent next (second)
This patch passes the restart flag (iteration num 0)
to the local port_update call trace. After this patch,
the local port_update notification will be ignored in
the first RPC loop.
This changes provides the implementation of the subnetpool prefix
operations extension. This exposes explicit API's for adding to and
removing from the prefix list of a subnetpool. Prefixes added to a
subnetpool are subject to the prefix uniqueness constraints imposed
by address scopes. Prefixes to be removed from a subnetpool must not
be allocated to an existing subnet, and the subnet using the prefix
must be deleted before the prefix can be removed from the subnetpool.
If a network has several segments, the provider network segmentation ID
cannot be changed. This is defined in the feature spec .
In the case of having a multisegment network, the OVS agent RPC call
"get_network_details" will return the following value:
The provider network information will be contained inside the "segments"
list, instead of being container in the parent "network" dictionary.
A simple dvr router admin-state down action can cause the
exception "TypeError: 'int' object is not iterable" in snat
node ovs-agent. This patch addresses that.
In patch  there was added usage of context parameter in method
get_vif_type in openvswitch mech_driver.
This exposed that previously "wrong" context was passed to this method
in _update_segmentation_id() method in ml2 plugin and that caused
raising AttributeError as "Context" object didn't have attribute
This patch adds new method "get_supported_vif_type" to mechanism
drivers and this method don't need context to return what vif_types
are supported regarding agent type.
direct-physical ports inherit MAC address of physical device
when binding happens (VM created). When VM is deleted this
MAC has to be cleared so other ports may be bound to same device
It may happen that subnet is connected to dvr router using IP address
different than subnet's gateway_ip.
So in br-tun arp to dvr router's port should be dropped instead of
dropping arp to subnet's gateway_ip (or mac in case of IPv6).
DVR does the ARP table update through the control plane, and does not
allow any ARP requests to get out of the node.
In order to address the allowed address pair VRRP IP issue with DVR,
we need to add an ARP entry into the ARP Responder table for the
allowed address pair IP ( which is taken care by the patch in )
This patch adds a rule in the br-int to redirect the packet
destinated to the router to the actual router-port and also moves
the arp filtering rule to the tunnel or the physical port based on the
By adding the above rule it allows the ARP requests to reach the
ARP Responder table and filters the ARP requests before it reaches
the physical network or the tunnel.
Default value for "of_interface" config option was switched
to "native" in Pike release.
In the same release this option was deprecated to removal.
Now it's time to remove it and force use of "native" driver to
Co-Authored-By: Ihar Hrachyshka <firstname.lastname@example.org>
Co-Authored-By: Slawek Kaplonski <email@example.com>
In case of Smart NIC vNIC type neutron should mimic nova-compute
that plug the port to the ovs bridge.
Extend the Neutron OVS mechanism driver and Neutron OVS Agent to bind
the Neutron port for the baremetal host with Smart NIC. This will allow
the Neutron OVS Agent to configure the pipeline of the OVS running on
the Smart NIC and leverage the pipeline features such as: VXLAN,
Security Groups and ARP Responder.
Added the ability to change the segmentation ID of a network
with ports bound to OVS agent. The rules, both in the integration
bridge and the physical bridge, to convert the internal VLAN tag
and the external segmentation ID (external VLAN tag) are deleted
and created again with the new value. The traffic from the tenant
networks will be tagged then with the new segmentation ID.
Added get network details agent RPC call to retrieve the information
of the updated network.
This parameter applies to the OVSDB Controller table when the
native openflow driver is used. There are reports that increasing
it can reduce errors on busy systems. This patch also sets the
default value to 10s which is more than the OVS default of 5s.
See the ovs-vswitchd.conf.db man page for full description.
as with https://review.opendev.org/#/c/656066/ if limit is applied in
any place other than at the end of the filters, sql alchemy will return
an error, and possibily we could return less result than intended.
Concurrent calls to _bind_port_if_needed may lead to a missing RPC
notification which can cause a port stuck in a DOWN state. If the only
caller that succeeds in the concurrency does not specify that an RPC
notification is allowed then no RPC would be sent to the agent. The
other caller which needs to send an RPC notification will fail since the
resulting PortContext instance will not have any binding levels set.
The failure has negative effects on consumers of the L2Population
functionality because the L2Population mechanism driver will not be
triggered to publish that a port is UP on a given compute node. Manual
intervention is required in this case.
This patch proposes to handle this by populating the PortContext with
the current binding levels so that the caller can continue on and have
an RPC notification sent out.
When the vlan and vxlan both exist in env, and l2population
and arp_responder are enabled, if we update a port's ip address
from vlan network, there will be arp responder related flows
added into br-tun, this will cause too many arp reply for
one arp request, and vm connections will be unnormal.
Rehomed provider_network_attribute_updates_supported to
plugins.ml2.api.MechanismDriver, in order to be inherited in other
For auto-address IPv6 subnets postcommit has update port action
if the net already has ports. This results in
"cannot be called within a transaction" error for bulk IPv6 subnet
The functionality within neutron.db.common_db_mixin is available via
neutron-lib APIs. This patch removes common_db_mixin and updates any
uses of it to use neutron-lib instead.