To complete the DHCP support for non-local routed networks via relay
agent the dhcp agent must configure the netmask in the --dhcp-range
option for IPv4 networks. This was previously not required becuase
dnsmasq can determine it from the local interface information for
local networks.
DNSMASQ(8)
For directly connected networks (ie, networks on which the machine
running dnsmasq has an interface) the netmask is optional: dnsmasq
will determine it from the interface configuration. For networks
which receive DHCP service via a relay agent, dnsmasq cannot
determine the netmask itself, so it should be specified, otherwise
dnsmasq will have to guess, based on the class (A, B or C) of the
network address. The broadcast address is always optional. It is
always allowed to have more than one dhcp-range in a single subnet.
Change-Id: I5d609e47a3463c11338dd38aedebfb4a6822f503
Closes-Bug: #1699754
The 'securitygroup' is registered as cfg.CONF.SECURITYGROUP. Currently,
this check always raise error as no 'cfg.CONF.securitygroup', then neutron
will abort the trunk_create. So nova will error when create VM with trunk
parent port for waiting timeout about the network-vif-plugged event.
Closes-Bug: #1699516
Related-Bug: #1669074
Change-Id: I0b0bdb5a39f1978e12ddaeddd4e0d825894ea241
Saw this recently in a tempest test run:
DeprecationWarning: Read-only property 'manager'
has moved to 'os_primary' in version 'Pike' and
will be removed in version 'Queens'
Tempest BaseTestCase class credential names have changed
from manager->os_primary, admin->os_admin, and
alt_manager->os_alt, so we should start using them.
Closes-bug: #1697588
Change-Id: I44de8046fc983bf6780c310e8db174a5902c2826
This patch is follow up for [1].
When updating security group, pass updated value to precommit.
old value is passed as original_security_group and new value
is passed as security_group.
[1] https://review.openstack.org/#/c/448420/
Although argument to callbacks will be unified by EventPayload
eventually, it's necessary to unbreak decomposed modules.
Change-Id: I5a27d1d218a0be4fae6f9740559bbbf773518821
Related-bug: #1546910
In l3_db, we had already defined DEVICE_OWNER_ROUTER_GW from
neutron_lib, we can avoid import that module again.
TrivialFix
Change-Id: I7e7339e7f8d4201d3ca50cf24d08ee965ec099a0
If user set gateway for router first, and gateway subnet
overlapped with tenant subnet, will cause add router interface
to fail.
Add router interface checking for duplicated subnets should
ingore the gateway network.
This patch also filters gateway network when creating gw port.
Change-Id: Idcc8be221656ace13b12b62f559e4cb9a6af4f32
Closes-Bug: #1697410
Add missing information that Openvswitch agent supports now
both ingress and egress direction for QoS bandwidth limit rule.
Support for ingress bandwidth limit was added in
I9d94e27db5d574b61061689dc99f12f095625ca0
TrivialFix
Change-Id: I70058d1d8f16c58e41dab08fc66d5d3f5fcefa4b
DVR flows are not compatible with OVS firewall flows as firewall flows
have higher priority. As a consequence, rules for DVR were never match
as firewall uses output directly.
This patch replaces flows using normal or output actions and resends
packets to TRANSIENT table instead. This transient table then uses
either those normal or output action rules. With this split, we will be
able to match egress/ingress flows in TRANSIENT table instead of
LOCAL_SWITCHING putting DVR pipeline in front of OVS firewall pipeline.
Change-Id: I9f738047f131b42d11a90f539435006d16ea7883
Closes-bug: #1696983
All of the ML2 binding models were missing the revises_on_change
attribute to bump the revision of the port whenever they are
created/updated/deleted.
These are important because port binding happens in a separate
transaction so without them the revision number before and after
port binding was exactly the same. This opened up the L2 agent
to a race condition dependent on the order of processed push
notifications.
Closes-Bug: #1699034
Change-Id: I75f3c63941130ce845574e60214ac34e99111693
The workaround of using deepcopy calls on the PortBinding
and PortBindingLevel objects prevents the port relationship
from being loaded to bump its revision because it then fails
to merge.
So in order to allow port bindings to bump the revision we
need to stop using sqlalchemy objects in the PortContext. This
patch adds a new snapshot object that just copies the column
values and provides a method to reconcile them back into the
session.
This workaround can go away after we switch to using OVOs, but
this needs to be backportable so we can't just wait for OVO
adoption.
Partial-Bug: #1699034
Change-Id: Ib85ec8182117fa3c4844dabfffe881e38e68b556
This is needed to retrieve all ports in a given set of
security groups.
Partially-Implements: blueprint push-notifications
Partially-Implements: blueprint adopt-oslo-versioned-objects-for-db
Change-Id: Iffa1bd341d9d20277ec153aa1dac6f61f05ec5bd
Fix a regression from the recent change. [1]
[1] I6f49f25eb2ad16221357024f45a6bb6175d5cd55
Closes-Bug: #1698812
Change-Id: Ifef2561ef4ff2a44068fc008475b216fdabe7095
When creating an IPv6 auto-address subnet for a network, ports can be
created or updated concurrently in the same network, before the subnet
creation concludes. In such a situation, an IpAddressAlreadyAllocated
exception may be raised, because the subnet create request attempts to
allocate auto addresses to the concurrently created or updated ports,
which have been already allocated by the port requests.
This patchset adds code to the IPAM to skip the attempt to assign the
auto address to ports if they already have received them.
Change-Id: If1eb4046865f43b15ba97c52e2d0b9343dc72c19
Closes-Bug: #1655567
In Python 3 str is unicode by default and hence there is no unicode
global function. This switches our use of it to to six.u() which handles
the py2/py3 difference under the covers.
Change-Id: I3cfff2fe8e07e2a9ed8b89c93d24351b1f440b00
In order to allow the DHCP agent to service other subnets on the
network in other segments via DHCP relay, we need to use the
'non_local_subnets' network attribute returned by rpc to set up dhcp
for off-link subnets.
Change-Id: I88e1c574bc429dc599ad7c956c03fa0688338186
Closes-Bug: 1692486
In order to allow the DHCP agent to service other subnets
on the network in other segments via DHCP relay, we need to
return all subnets regardless of segment association.
However, this behavior will break older DHCP agents that
then try to get IPs on the subnets belonging to other segments.
This patch adds a new subnet attribute, 'non_local_subnets'
that will be returned in the DHCP RPC calls, so that agents
that can deal with off-link subnets can handle them
accordingly.
Change-Id: I9cce7b8a19c1201435df0c6baac7be57c57847e6
Partial-Bug: #1692486
The segmentation_id of a new segment is assigned by the
_handle_segment_change callback in the ML2 plugin, which is executed
after the segment was created, before commiting it to the DB. This
patchset adds code to update the newly created segment with the
segmentation_id assigned by the callback.
Change-Id: I493278a0bf5a3a0aadad10e5bee546d83b949fdc
Closes-Bug: #1698596
