For Neutron's compute agent in a XenServer's compute node, the commands
actually need run in Dom0. Currently XenServer only supports rootwrap
for that purpose by invoking a script which invokes XenAPI to execute
commands in dom0. There are much performance overhead due to it requires
parsing on the script and the configuration file every time running
commands.
This change is to support daemon mode with which each agent service will
call XenAPI directly to execute commands in dom0. And it will keep the
single XenAPI session.
DocImpact: Need update the following configuration.
file: /etc/neutron/plugins/ml2/openvswitch_agent.ini
[agent]
root_helper_daemon = xenapi_root_helper
[xenapi]
connection_url = http://169.254.0.1
connection_username = root
connection_password = xenroot
Closes-Bug: #1585510
Change-Id: I684034359fe0571bc92dbcf342a9821553b1da35
This patch will kill processes that are listening on any port/UNIX
socket within the namespace to be cleaned up. To kill them it will
issue a SIGTERM to them (or to their parents if they were forked) and,
if they don't die after a few seconds, a SIGKILL to them and all their
children.
This is intended for those cases when there's no specific cleanup and
serves as a fallback method.
Change-Id: I4195f633ef4a1788496d1293846f19eef89416aa
Partial-Bug: #1403455
These were deprecated in https://review.openstack.org/247906
Now that Liberty is EOL we can remove these legacy entrypoints.
Closes-Bug: #1639103
Change-Id: I94e61cb219b23ce2f5d0f34dc9ae1c87650568bd
The SR-IOV option supported_pci_vendor_devs has been deprecated in Newton
and This change removes it from Ocata.
Change-Id: I42dadfd0b62730ca2d34d37cb63f19f6fec75567
Agent state options (report_interval), or interface related options
(f.e. ovs_integration_bridge) should be exposed into all configuration
files for all agents that may report a state, or instantiate a bridge
object.
Since some of options that were previously considered 'base' don't apply
to metering agent (specifically, availability_zone), moved them into
separate lists and included them into relevant agents (l3 and dhcp).
The only glitch with the change is that log_agent_heartbeats option is
now exposed into metering agent configuration file, even though the
agent does not honour it. I think it's minor and we can live with it.
Change-Id: Ibceca20cec60e75a8c6ddd35f3f9cb8cca272a9e
This file was added in https://review.openstack.org/#/c/185977, but was
not listed in setup.cfg
As a consequence, it is not installed in current RDO packages
Closes-Bug: #1626132
Change-Id: I1b87d89367ab534164394f9f18e81223ff4111ce
The Neutron 'created_at'/'updated_at' fields on API resources
were inconsistent with other OpenStack projects because we did
not include timezone information. This patch addressed that
problem by adding the zulu time indicator onto the end of the
fields.
Because this could break clients expecting no timezone, this patch
also eliminates the 'timestamp_core' and 'timestamp_ext' extensions
and consolidates them into a new 'timestamp' extension. This makes
the change discoverable via the API.
This is assuming the current API development paradigm where
extensions can come and go depending on the deployment and the client
is expected to handle this by checking the loaded extensions.
Once we decide extensions are permanent, this type of change will
no longer be possible.
Even though this is being proposed late in the cycle, it is better
to get this change in before the release where we expose even more
resources with incorrectly formatted timestamps.
APIImpact
Closes-Bug: #1561200
Change-Id: I2ee2ed4c713d88345adc55b022feb95653eec663
The service plugin is maintained in a separate neutron-vpnaas repo, and
hence its aliases should be maintained there too.
The patch that introduces those aliases in neutron-vpnaas repo is:
Ieb4e9fce9f5cf9b5a60f1207ec38a59adfe400a8
Change-Id: I86b5b554ed9995a0d4538fb968526b370cad036b
The service plugin was removed from neutron-lbaas repo lately:
I506949e75bc62681412358ba689cb07b16311b68
We can now clean those remnants from neutron tree.
Change-Id: I2136a530a8351cc290418d9ae18af08b480707c5
Remove FWaaS directives from neutron's setup.cfg. See [1] for the
change to add them to the FWaaS setup.cfg.
[1] https://review.openstack.org/362324
Change-Id: I94b224813c85b7e611e9681323a2f0d2806e0d41
This adds the logic to increment the revision numbers
for objects whenever there are changes and it exposes
the revision number via a field in the API.
This is handled with a new default service plugin that
subscribes to DB events and bumps revision numbers for
any objects that were modified.
It also handles the logic for bumping the revision number
of a parent in a relationship where the children aren't
top-level neutron objects that would be tracked individually.
This is accomplished with a 'revises_on_change' attribute
on the child models that the service plugin will use to
find the parent and bump its revision.
API tests are included to test the revision numbers
added to each standard attribute enabled object.
Partially-Implements: bp/push-notifications
Change-Id: I476d3e03c8ee763cc4be6d679fe9f501eb3a19b5
This patch enables basic CRUD operations on trunk ports and defines
related API extensions. Trunk ports and sub-ports can be persisted
in the Neutron model and are made visible through the API, but the
L2 agent is not notified and no trunk ports or subports are actually
instantiated on compute hosts.
This one of the main patches in the series that implement the end
to end functionality.
Partially-implements: blueprint vlan-aware-vms
Co-Authored-By: Armando Migliaccio <armamig@gmail.com>
Change-Id: I26453eb9a1b25e116193417271400994ac57e4c1
The purpose of this extension is updating the FDB table upon changes of
normal port instances thus enabling communication between direct port
SR-IOV instances and normal port instances.
Additionally enabling communication to direct port
instances with floating ips.
Support for OVS agent and linux bridge.
DocImpact
Change-Id: I61a8aacb1b21b2a6e452389633d7dcccf9964fea
Closes-Bug: #1492228
Closes-Bug: #1527991
This feature is not working for a while, which potentially allowed
errors to sneak into the tree. The next pbr release will fix the
feature, effectively re-enabling it for us. It may break our gate if at
that point we will have warnings in the documentation.
So just disable the flag for now, wait for the next pbr release, and
revert the patch back, fixing any warnings that may be present in the
tree at that time.
Change-Id: I117a458d2b4b043fa0238eebc061586761691841
Current code replaces 'memory' backend with 'oslo_cache.dict' backend in
order to keep backward compatibility.
Related-Bug: 1517883
Change-Id: Ibcefa13eaf4b1021322eb5bd4320b8306aa0c510
This patch enables CRUD on Segments by defining a new entity called
'Segment' with an extension definition and some DB code to read the
existing segments DB. A basic framework for create, update, and
delete are provided.
For now, this is just the basic boiler-plate but I've got to start
somewhere. It is implemented as a service plugin that is disabled by
default because it has not been fully tested with any plugin.
Follow-on patches will implement support for this new extension in
ML2 and OVN at least.
Change-Id: Ifc370fdd38f9a5b296334635fa85bd93d270b910
Partially-Implements: blueprint routed-networks
Once the spinout is undergoing we should perform the eviction.
Partially-implements: blueprint bgp-spinout
Depends-on: I8be510153edbc496575cde34943ca4c56645e0fb
Change-Id: I20b6ddd37d10eae70e8294d578e53137c0f866fe
Make use of the Tempest plugin interface instead of copying Neutron
files into Tempest. This will remove the burden to port Neutron
tests onto Tempest master recurrently.
It uses neutron/tests/tempest/ as new top folder for all Tempest
tests. It follows the model of Heat [1].
[1]: https://github.com/openstack/heat/tree/master/heat_integrationtests
Partially implements bp external-plugin-interface
Change-Id: Ia233aa162746845f6ae08a8157dcd242dcd58eab
No config generator hooks should ever be registered with a name that
belongs to another project. In this case, using oslo.middleware.cors
means that *every other project* that loads the middleware gets neutron's
defaults when the generator is run on a system with everything installed
(such as a dev box with devstack). Use the name neutron instead, to
ensure that the defaults are only set when neutron's sample config and
documentation are being generated.
Change-Id: I6a8c7d44b9db9325003ff2fdb667b0ced7739e96
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Currently, neutron core resources (like net, subnet, port and subnetpool)
do not save time-stamps upon their creation and updation. This
information can be critical for debugging purposes.
This patch introduces a new extension called "timestamp" extending existing
the neutron core resources to allow their creation and modification times
to be record. Now this patch add this resource schema and the functions which
listen db events to add timestamp fields.
APIImpact
DocImpact: Neutron core resources now contain 'timestamp' fields like
'created_at' and 'updated_at'
Change-Id: I24114b464403435d9c1e1e123d2bc2f37c8fc6ea
Partially-Implements: blueprint add-port-timestamp
Introduce a generic mechanism to allow the user to set tags
on Neutron resources. This patch adds the function for "network"
resource with tags.
APIImpact
DocImpact: allow users to set tags on network resources
Partial-Implements: blueprint add-tags-to-core-resources
Related-Bug: #1489291
Change-Id: I4d9e80d2c46d07fc22de8015eac4bd3dacf4c03a
The default values needed for neutron's implementation of cors
middleware have been moved from paste.ini into the configuration
hooks provided by oslo.config. Furthermore, these values have been
added to neutron's default configuration parsing. This ensures
that if a value remains unset in neutron.conf, it will be set to use
sane defaults, and that an operator modifying the configuration
file will be presented with a default set of necessary sane headers.
Change-Id: I327d1d7ce50dd4a20d781e6251a5af81c57e6ca1
Closes-Bug: 1551836
There is a new QoS extension driver for the linuxbridge agent
being added. This driver provides support for QoS configuring
on the linuxbridge agent.
This patch introduces two new config options for Linuxbridge agent:
kernel_hz - HZ value of host kernel,
tbf_latency - value of latency in tbf qdisc to calculate size of queue.
Co-Authored-By: vikram.choudhary <vikram.choudhary@huawei.com>
Change-Id: I457ca2569b5d4a916ba09e71040505cd0ad3257b
Closes-Bug: #1500012
Closes-Bug: #1550514
DocImpact Update agent configuration to show settings related to
QoS and bandwidth limiting
Implements an API extension for reporting availibility of IP
addresses on Neutron networks/subnets based on the blueprint
proposed at https://review.openstack.org/#/c/180803/
This provides an easy way for operators to count the number of
used and total IP addresses on any or all networks and/or
subnets.
Co-Authored-By: David Bingham <dbingham@godaddy.com>
Co-Authored-By: Craig Jellick <craig.jellick@gmail.com>
APIImpact
DocImpact: As a new API, will need all new docs. See devref for details.
Implements: blueprint network-ip-usage-api
Closes-Bug: 1457986
Change-Id: I81406054d46b2c0e0ffcd56e898e329f943ba46f
This agent is required by the macvtap ml2 driver to support
macvtap attachments for libvirt qemu/kvm instances. It introduces
a new configuration option MACVTAP.physical_interface_mappings.
The review is submitted in three parts:
- Part 1
Common functions that are used by the ml2 driver and the agent
- Part 2
The Mechanism Driver to support port binding for macvtap attachments
- Part 3 (this part)
The Macvtap L2 Agent.
DocImpact
New ML2 mech driver + l2 agent
New config option "macvtap.physical_interface_mappings"
Change-Id: I219d80b4c704ac2f41edd3501f4b2198925778d6
Closes-Bug: #1480979
This patch implements a new agent named "BgpDrAgent". The new agent
will host different BGP speaking drivers and makes the required BGP
peering session/s for neutron. The agent takes the needed "peer/s and
route/s" information from the BGP speaker entity and synchronize the
same to the registerd driver.
For realizing HA, two BgpDrAgents should host the same BGP speaker.
Partially-Implements: blueprint bgp-dynamic-routing
Co-Authored-By: Ryan Tidwell <ryan.tidwell@hpe.com>
Co-Authored-By: Jaume Devesa <devvesa@gmail.com>
Co-Authored-By: Numan Siddique <nusiddiq@redhat.com>
Change-Id: I3217795bdd0fa2d9d4b39274f4f95fc013c8d29d
This driver uses the vif_type 'macvtap'. It enriches the vif_details
with the corresponding attributes required by nova [1] to support
macvtap attachments for libvirt qemu/kvm guests.
The review is submitted in three parts:
- Part 1
Common functions that are used by the ml2 driver and the agent
- Part 2 (this part)
The Mechanism Driver to support port binding for macvtap attachments
- Part 3
The Macvtap L2 Agent.
[1] https://review.openstack.org/#/c/182283
Change-Id: I206f58a21c36e55de957d8a23993aa9bc26d1595
Partial-Bug: #1480979
This firewall requires OVS 2.5+ version supporting conntrack and kernel
conntrack datapath support (kernel>=4.3). For more information, see
https://github.com/openvswitch/ovs/blob/master/FAQ.md
As part of this new entry points for current reference firewalls were
added.
Configuration:
in openvswitch_agent.ini:
- in securitygroup section set firewall_driver to openvswitch
DocImpact
Closes-bug: #1461000
Co-Authored-By: Miguel Angel Ajo Pelayo <mangelajo@redhat.com>
Co-Authored-By: Amir Sadoughi <amir.sadoughi@rackspace.com>
Change-Id: I13e5cda8b5f3a13a60b14d80e54f198f32d7a529
This patch enables basic CRUD on BGP dynamic routing
entities bgp_speaker and bgp_peer, as well as
bgp_speaker-bgp_peer and bgp_speaker-network
bindings.
An admin user can create BgpSpeakers and configure
peering entities (BgpPeers) for BgpSpeakers. BgpSpeaker
to BgpPeer association is n-to-n. An admin user can
also associate networks with BgpSpeakers. Relationship
between BgpSpeaker and Network is 1-to-n.
This patch provides BGP-related functionality only to
the admin users.
Partially-Implements: blueprint bgp-dynamic-routing
Co-Authored-By: Ryan Tidwell <ryan.tidwell@hpe.com>
Co-Authored-By: Jaume Devesa <devvesa@gmail.com>
Co-Authored-By: vikram.choudhary <vikram.choudhary@huawei.com>
Change-Id: I2412c1689683da9d7ec884a4cea506d4eed99453
Service plugins are a great way of adding functionality in a
cohesive way. Some plugins (e.g. network ip availability or
auto_allocate) extend the capabilities of the Neutron server
by being completely orthogonal to the core plugin, and yet may
be considered an integral part of functionality available in
any Neutron deployment. For this reason, it makes sense to
include them seamlessly in the service plugin loading process.
This patch, in particular, introduces the 'auto_allocate' service
plugin for default loading, as we'd want this feature to be enabled
for Nova to use irrespective of the chosen underlying core plugin.
The feature requires subnetpools, external_net and router, while
the first is part of the core, the others can be plugin specific
and they must be explicitly advertised. That said, they all are
features that any deployment can hardly live without.
DocImpact: The "get-me-a-network" feature simplifies the process
for launching an instance with basic network connectivity (via an
externally connected private tenant network).
Once leveraged by Nova, a tenant/admin is no longer required to
provision networking resources ahead of boot process in order to
successfully launch an instance.
Implements: blueprint get-me-a-network
Change-Id: Ia35e8a946bf0ac0bb085cde46b675d17b0bb2f51
Some spring cleaning:
- Remove obsolete cisco vpn configs
- Remove obsolete references from UT check script
- Remove obsolete script for cleaning up plugins
- Remove obsolete mock of heleosapi module
Change-Id: I0051e0b75b17279ffb61de328d7ccc7a12dc99dc
An interface with an external DNS service is defined for Neutron. A reference
implementation is also included, based on Designate. The interface and the
driver will enable users to publish in the external DNS service the dns_name
and dns_domain attributes associated with floating ips, ports and networks. As
a consequence, the floating ips and networks api is extended to manage dns_name
and dns_domain attributes. The dns_name attribute was added to ports in a
preceding commit
DocImpact: Introduce config option external_dns_driver to specify a driver
for external dns integration. For more info, see
doc/source/devref/external_dns_integration.rst
APIImpact
Implements: blueprint external-dns-resolution
Change-Id: Ic298ad2558410ab9a614f22e1757d1fc8b22c482
Launch pecan server instead of home-grown wsgi server using
a new config option. This will make it easier to test out
pecan without invasive changes to devstack.
Related Blueprint: wsgi-pecan-switch
Change-Id: I99261e6bfc9b16c0d601828f97553a9192804216
OVS agent already supports GMR, but LinuxBridge and SR-IOV agents don't.
To enable them for those agents, we should move their main() entry
points under neutron/cmd/, so that __init__.py code that initializes
them is triggered on their invocation.
Since we put their entrypoints under neutron/cmd/eventlet/, there is now
also no need to explicitly monkey patch stdlib for eventlet in the
agents code (neutron/cmd/eventlet/__init__.py already does it for us).
With that, there is no more code in the tree that directly patches
stdlib except neutron/cmd/eventlet/__init__.py.
Also removed a way to execute agent modules as scripts since it's not a
supported way to invoke them (instead, stevedore generated console
scripts should always be used).
Change-Id: I9b823d07a41b575334e52065eed7e6be2741e79d
Implements: blueprint guru-meditation-report
All 3rd-party code is required to be removed from the neutron tree.
This change removes definition for ofagent mechanism driver from
neutron repository.
Change-Id: Ia21387eeaed71f38822356e22e4adbd237c1e64c
Closes-Bug: #1524164
Depends-On: I04c741daf12e7628e2c1e2d1b81b2b2ce1310542
setup_rpc func need the eventlet monkey_patch,
otherwise the main process will be blocked.
Change-Id: I9f4a0b7c957b7dc7740e3cf6e75f18778ad562d0
Closes-Bug: #1522681
Icehouse is dead and gone, at least upstream. These special driver
registrations are not tested in the gate-tempest-dsvm-neutron-full job
which means they are also not tested in requirements constraints jobs.
oslo.messaging 2.6.0 broke these already by removing the internal modules,
which was fixed in o.m 3.0.0 with (deprecated) alias modules.
The minimum required version of o.m in mitaka is currently greater than
2.6.1, so we're OK to remove these once stable/mitaka is our oldest
supported branch. So add a TODO to remove these once liberty-eol happens.
Proper configuration for notification drivers happens through the
config file using the oslo_messaging options:
http://docs.openstack.org/developer/oslo.messaging/opts.html
Adds a release note for the deprecation and timetable.
Change-Id: I2c04117b0f531fe3604e74401d0ffd8d8d3dd308
Related-Bug: #1513630