Commit Graph

2436 Commits (cb60d0bb4e0cc0cba68f59fdf5f4e89d6ec52950)

Author SHA1 Message Date
Jenkins a320a9bf15 Merge "L2 agent RPC add new RPC calls" 8 years ago
Ivar Lazzaro e0ba53a09a Decompose Apic ML2 mechanism driver
As a part of the vendor decomposition effort, the
apic ML2 driver code is removed and replaced by
its version in the openstack/networking-cisco

Change-Id: Iffb5245b4c88b65afe62dd7435ee80489a654fee
Partial-implements: blueprint core-vendor-decomposition
8 years ago
rossella ced2e63cb8 L2 agent RPC add new RPC calls
This patch introduces two new RPC calls:
* update_device_list
* get_devices_details_list_and_failed_devices

update_device_up and update_device_down are the RPC calls
used by the L2 agent to notify the plugin that
a device is up or down. These calls accept only one device.
update_device_list accepts a list of devices that will
be put up or down and returns a list of devices for which
the operation failed.

get_devices_details_list_and_failed_devices is a new RPC
call that returns a list of devices details and a list of
devices for which it was not possible to retrieve the

Thanks to these new calls, the agent will be able to update
the status of several devices using one RPC call
and to retry the operation only for the devices that failed
instead of performing a full resync.
This will be implemented in another patch.

This patch introduces the new calls only for the OVS agent.
A following patch will take care of the other L2 agents.

Partially-Implements: blueprint restructure-l2-agent

Change-Id: Idb4e81f4399cf66025ec7edfcb78801c15e493af
8 years ago
Hirofumi Ichihara 6ff8582896 Metaplugin removal
Metaplugin is removed in Liberty.
Remove all metaplugin related codes.


Co-Authored-By: Itsuro Oda <>
Change-Id: I9cf36e1fd3a009c175e0d475af407a30f4e5c408
Closes-Bug: #1465126
8 years ago
Jenkins be4ac4d00b Merge "Remove deprecated OVS and LB plugin DB tables" 8 years ago
Jenkins 9b2ddcb85b Merge "OVS agent factor our port stats processing" 8 years ago
Jenkins 14b4a0e1d1 Merge "Always use BridgeDevice to manage linuxbridges" 8 years ago
Henry Gessau d6e36b4e2f Remove deprecated OVS and LB plugin DB tables
Now that the openvswitch and linuxbridge monolithic plugins have been
deprecated and replaced by ML2 mechanism drivers, we can remove their
database tables.

Also remove the script which is no longer supported.

Change-Id: Ia8d77cb7e4e4b3d4957365cc124ac71a59e62745
Partially-Implements: blueprint reference-implementation-split
Closes-Bug: #1468433
8 years ago
Cedric Brandily 59a61c351d Always use BridgeDevice to manage linuxbridges
BridgeDevice[1] class provides methods to manage linuxbridges through
brctl. This change adds some methods to BridgeDevice in order to
always use BridgeDevice to manage linuxbridges and respect DRY

[1] neutron.agent.linux.bridge_lib

Change-Id: I4b9d755677bba0d487a261004d9ba9b11116101f
8 years ago
Jenkins dc8436c190 Merge "Python 3: Wrap map() in a list call" 8 years ago
Jenkins 486c0ee522 Merge "Use oslo_log.helpers.log_method_call" 8 years ago
Jenkins dbe7cac34b Merge "Network RBAC DB setup and legacy migration" 8 years ago
rossella d82a2f75ac OVS agent factor our port stats processing
Move the port stats processing from the rpc loop to a new method

Change-Id: I4a927f5c11328d854fbb5f76d560bbd9425651ea
8 years ago
Cyril Roelandt 9976048b60 Python3: Do not compare NoneType and integers
In Python 2:
>>> None > 0

In Python 3:
>>> None > 0
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: unorderable types: NoneType() > int()

This commit does not change the behaviour of the affected code, but fixes the
TypeError that is raised in Python 3.

Some tests have been added to the py34 section of tox.ini, but are currently
commented out: these are tests that work with this patch and a fixed version of

Change-Id: Ia00a2ad90206853f78ed93cf540bce54baab00e7
Blueprint: neutron-python3
8 years ago
Cedric Brandily 1b3c7c6ee0 Use oslo_log.helpers.log_method_call
log[1] decorator is deprecated, this change replaces it with oslo_log

[1] neutron.common.log
[2] oslo_log.helpers.log_method_call

Change-Id: I61cf3c010e1f33a45ff700f4e8d4824ebdb378c7
8 years ago
fumihiko kakuma 24521055df Python 3: Wrap map() in a list call
map() returns an iterator in python 3. In a case that a list is expected,
we wrap map() in a list call.

Change-Id: I623d854c410176c8ec43b732dc8f4e087dadefd9
Blueprint: neutron-python3
8 years ago
Jenkins 12a148b8b3 Merge "OVS-agent: Fix a docstring typo" 8 years ago
Eugene Nikanorov e0eed14a1e Flavor Framework implementation
This patch introduces API and DB plugin for flavor framework.
API adds Flavors and Service Profiles which are resources
available only for admins to operate.

This framework then should be leveraged by advanced services.

Included tempest API tests in neutron tree

Implements: blueprint neutron-flavor-framework
Change-Id: I99ba0ce520ae3d8696eca5c994777c7d5ba3d4b1
Co-Authored-By: Doug Wiegley <>
Co-Authored-By: Madhusudhan Kandadai <>
8 years ago
Jenkins 0d93458d1e Merge "Lower log level for extending network/subnet/port" 8 years ago
Kevin Benton 3e0328b992 Network RBAC DB setup and legacy migration
This patch implements the database model required for the network
RBAC work. In addition it migrates the current network and subnet
'shared' attributes to leverage the new table.

'shared' is no longer a property of the DB model because its status
is based on the tenant ID of the API caller. From an API perspective
this is the same (tenants will see networks as 'shared=True' if the
network is shared with them). However, internal callers (e.g. plugins,
drivers, services) will not be able to check for the 'shared' attribute
on network and subnet db objects any more.

This patch just achieves parity with the current shared behavior so it
doesn't add the ability to manipulate the RBAC entries directly. The
RBAC API is in the following patch.

Partially-Implements: blueprint rbac-networks
Change-Id: I3426b13eede8bfa29729cf3efea3419fb91175c4
8 years ago
Jenkins 9407b642ed Merge "Avoid using logging in signal handler" 8 years ago
YAMAMOTO Takashi e155ace68b OVS-agent: Fix a docstring typo
Change-Id: Ib917d8c77060acaec491c459eb3c0a434f7610af
8 years ago
Jenkins 58b34471c5 Merge "populate port security default into network" 8 years ago
Jenkins dfb7c826d0 Merge "Remove db-access semaphore in ML2" 8 years ago
Jenkins dfef431e54 Merge "Fix update_port_postcommit and port not found with DVR" 8 years ago
shihanzhang bc38335d58 Avoid using logging in signal handler
In some cases, logging can grab locks and thusly attempt to reschedule,
which will fail in signal handlers. this patch removes the actions
from the signal handers, just set a flat if it got a signal, then in
rpc_loop, check the flag and perform appropriate actions.

Change-Id: I7a477e1c95b63fa8070ec9d08656156571421bb6
Partial-Bug: #1029727
8 years ago
Cedric Brandily d0820e716f Galera multi-writers compliant sync_allocations
Currently sync_allocations[1] uses with_lockmode('update) which implies
possible deadlocks with Galera multi-writers. This change decorates the
method in order to catch and retry sync_allocations.

[1] neutron.plugins.ml2.drivers.type_tunnel

Change-Id: Ic01614cb5daf174848cf14a6aa4b38c4ed40fe1e
8 years ago
Jenkins 9d84a424f2 Merge "Abstract sync_allocations" 8 years ago
Jenkins 10085552ce Merge "Cleanup unused method get_plugin_version" 8 years ago
Jenkins ed33968e70 Merge "Register extraroute extension" 8 years ago
Swaminathan Vasudevan 9eed4167b6 Fix update_port_postcommit and port not found with DVR
Updating DVR Router interface ports was throwing
errors in the l2pop mechanism drivers function

PortContext's portbinding information does not show
the status of the ports. For DVR Router interface
ports the DVRPortbinding table contains the status
information for the ports.

In the case of the update_port method, there was
no code related to DVR that retreives the port
binding information from the DVRPortBinding table.

This was working before, since in the driver_context,
the PortContext was just returning the port status for
all router interfaces.

With the recent refactor to the driver_context, this
behavior changed and the PortContext was returning the
_binding.status for the DVR router interface ports and
the _port.status for the non DVR ports.

When the update_port function calls update_port_postcommit
with PortContext for DVR router interface ports, l2pop
was throwing an error saying that Portbinding does not
have the attribute 'status'.

This was causing addition of any second subnet to the
same network with respect to IPv6 to fail.
Because in the case of IPv6, when you add additional
subnets to the existing network, it just updates the port
with the IPv6 prefix instead of creating additional port.

In the case of IPv4 still we could see that there are
two different ports created for each subnet we try to

This patch fixes the above issue in l2pop and allows the
DVR router interface ports to be successfull.

Also the _find_ipv6_router_port_by_network was returning
all the ports for DVR including the DVR CSNAT internal
ports which are not part of the router interface ports.

This patch also fixes this problem by returning false,
when it finds a DVR SNAT port.

Closes-Bug: #1465434

Change-Id: Id243a4b3f30071226411ace6d12550fc099901cc
8 years ago
gong yong sheng 69952c0765 Lower log level for extending network/subnet/port
These extensions are too normal and happens lots, So there is
no need to use info level.

Change-Id: Ic6700bc1874efff8e7ecb63fe6d6c7151578e64d
Closes-bug: 1473859
8 years ago
Kenji Yasui 5745536aa8 Cleanup unused method get_plugin_version
This patch removes get_plugin_version because it's left over
from the original plugin api and is not in the current api.

Change-Id: Icc9f4e6074b30edfe46364819f812731ad514b47
8 years ago
Jenkins 4895cac7bd Merge "Install more-specific ICMPv6 rule in DVR routers" 8 years ago
Kevin Benton fc9afcd981 Remove db-access semaphore in ML2
With the addition of the deadlock retry decorator in
I635cc49ca69f589f99ab145d4d51e511b24194d2 and the change
to instantaneous deadlock feedback under the pymysql driver,
this semaphore should no longer be necessary. Removing it
will allow us to benefit from processing multiple requests

Change-Id: If5dc76a2974d13d45f0cc88419bcccb3332576cf
8 years ago
Sukhdev Kapur 581438a5b6 Arista ML2 driver should ignore non-vlan networks
Arista ML2 Mech driver for VLANs presently does
not filter out non-vlan type networks (e.g vxlan).
This fix will simply ignore the request if a
non-vlan based network request is seen.

Change-Id: I99ec5c5772a9f1f63cf871a98be50bdd2ba5db62
Closes-Bug: 1472458
8 years ago
Jenkins f4e0762b4a Merge "In Arista ML2 driver Reconfigure VLAN on VM migration" 8 years ago
Jenkins fb21626a86 Merge "lb-agent: handle security group updates in main loop" 8 years ago
Jenkins 4d3d58dc11 Merge "Add ARP spoofing protection for LinuxBridge agent" 8 years ago
Shashank Hegde e0abd3f103 In Arista ML2 driver Reconfigure VLAN on VM migration
Whenever a VM moves from one compute node to the other, the VLAN on the old
switch interface was not removed and the VLAN was not being provisioned on the
new switch interface. With this patch, the VLANs are provisioned correctly.

Closes-Bug: #1471050
Change-Id: I658ef87ffd82119f41beda9ba019e29a62dc96ff
8 years ago
Brian Haley c28b6b0ef8 Remove lingering traces of q_
The rename from Quantum to Neutron left a few q_ strings
around, let's go ahead and clean them up.

Change-Id: I06e6bdbd0c2f3a25bb90b5fa291009b9ec2d471d
8 years ago
Kevin Benton 04197bc4bb Add ARP spoofing protection for LinuxBridge agent
This patch adds ARP spoofing protection for the Linux Bridge
agent based on ebtables. This code was written to be minimally
invasive with the intent of back-porting to Kilo.

The protection is enabled and disabled with the same
'prevent_arp_spoofing' agent config flag added for the OVS agent
in I7c079b779245a0af6bc793564fa8a560e4226afe.

The protection works by setting up an ebtables chain for each port
and jumping all ARP traffic to that chain. The port-specific chains
have a default DROP policy and then have allow rules installed that
only allow ARP traffic with a source CIDR that matches one of the
port's fixed IPs or an allowed address pair.

Closes-Bug: #1274034
Change-Id: I0b0e3b1272472385dff060897ecbd25e93fd78e7
8 years ago
armando-migliaccio 18bc67d56f COMMON_PREFIXES cleanup - patch 5/5
Get rid of COMMON_PREFIXES, as now the prefix is a service's declaritive property.

Change-Id: I3d306131df94188f75e69edb13d262721d10bee5
Depends-on: I0450d0b2bf409d470a3a87bfd96518939759a84e
Depends-on: Ia34695967cbbec0a1cf0884dad82e096de8539b8
Depends-on: Ib9517b772fe426eaf0809c439aa3ba0448c7abaa
8 years ago
Kevin Benton 26f50761ef Update DVR agent to use get_vifs_by_id
The new get_vifs_by_id function retrieves all of the VIFs
for a port iteration at once to eliminate unnecessary multiple
calls to OVSDB.

Change-Id: If18557faead836121bfa3b4e6efccd0318ce72d3
Related-Bug: #1460233
8 years ago
Jenkins f3fe4c22f5 Merge "Python3: do not use urllib.urlencode" 8 years ago
Jenkins 76cb37a29f Merge "COMMON_PREFIXES cleanup - patch 1/5" 8 years ago
Jenkins 7286af11ae Merge "Downgrade log level for gone port on status update" 8 years ago
Jenkins 32eda8628c Merge "Remove unused linux bridge agent configuration options" 8 years ago
armando-migliaccio 59ae35ba8f COMMON_PREFIXES cleanup - patch 1/5
This dictionary does not belong to the plugins directory as it captures
API business, but practically speaking it does not even deserve to exist
and can be removed altogether.

This is patch one in a series that aims at addressing this monkey business.

Change-Id: I95cd71dfc35e266f6f3cc5715ab8a0deb10058e7
8 years ago
Jenkins caa70a113a Merge "Use EXT_TO_SERVICE_MAPPING instead of ALLOWED_SERVICES" 8 years ago