Network profile of type Trunk expects a subtype field for
creation. If a subtype is missing in the request body, plugin
should raise an exception. This patch fixes the validation logic
to detect missing subtype field.
Change-Id: I6b4fb533576a317f7d568b4a0fe4117b5464ffa6
Closes-Bug: 1315197
(cherry picked from commit 1dd0bdc06d)
Updates the consistency watchdog fuction to call
the correct rest method.
Closes-Bug: #1328321
Change-Id: I86ce0af36f6764a3f1e789602cef52758caedc8b
(cherry picked from commit c8bdff1533)
When using migration tool from LB/OVS plugin to Ml2, there is no
guarantee current scheme is supported by migration tool. This patch
checks version stored in DB by alembic and compares whether version
is supported.
Closes-bug: #1307720
Change-Id: I4519a0e5a0f3027675958a68d1f9e0440b177229
(cherry picked from commit de10d7299b)
Previously, the NSX request_id in the api_client would always be
0 because the current request id was stored in the class which is
always initialized on each request. This patch fixes that by storing
the request_id as a class variable.
Change-Id: I9ff4d3eb09899fe6d14b462dddf9daddbf77873b
Closes-bug: 1325100
(cherry picked from commit 7a12da7be0)
Previously we were passing the tenant_id as the security_profile_id
to NSX so these ids would be switched around in the system backend.
This does not affect any operations as this is just extra metadata
in nsx to help an operator debug.
Change-Id: I1afdcc3621fef8fdd7d4eb3c57bff749a71d0d33
Closes-bug: 1325118
(cherry picked from commit 8d5dd751fa)
In some cases when firewall is created and then deleted in short
period of time, there could be a race condition of firewall status
changes. Agent may change firewall status from PENDING_DELETE to ACTIVE
because the agent has just set it up on the backend.
Delete request then is not properly served and firewall remains in ERROR
state and can't be deleted at all.
To fix this changing status from PENDING_DELETE is not allowed.
Deleting firewall in ERROR state is allowed.
Change-Id: Iec3cfcb1e03b33dda8e1f10ca51bd9b61fa8030d
Closes-Bug: #1328162
(cherry picked from commit 58e6bb5893)
During cloud-init there are several calls that asks neutron API for the
same data which will not be most likely changed. Specifically router's
networks are cached.
Closes-bug: #1276440
Conflicts:
neutron/tests/unit/test_metadata_agent.py
Change-Id: Ic5eedb8057c7f4934eed08869ebf55c91e6edfc9
(cherry picked from commit 3faea81c60)
This change is already merged in oslo-incubator. Original commit
message body includes:
Porting this fix from oslo.messaging. This fixes the impl_qpid.py
driver to allow it to work with the latest stable upstream QPID broker
(version 0.28). See the Apache Qpid Jira bug
https://issues.apache.org/jira/browse/QPID-5557
Change-Id: If71f78e50f8a9b3acfd1e9d02c8271f17c4ebee7
Related-Bug: #1300318
(cherry picked from commit 9b8e7362f5)
Set the fail-mode on the integration bridge to be secure. This means if the agent
is stopped or crashes, and OVS is also restarted, OVS will not program a default
NORMAL action. As soon as the agent is restarted, it will correctly program the
integration bridge.
Change-Id: Icf7e3e14ee747c8ce92c14c95a0a1bbf35986252
Closes-Bug: #1324703
(cherry picked from commit 0412c8a3c4)
setup_rpc spawns rpc-consuming thread that can access
self.updated_ports before it is created in the constructor
Change-Id: Icc447c3bb7099125aae30e2430a6ad98ba00f6f9
Closes-Bug: #1314472
(cherry picked from commit 717a0a0ab4)
Port the following patch to OFAgent.
commit: 5e6e592132https://review.openstack.org/#/c/61964/
Partial-Bug: 1293265
Conflicts:
neutron/plugins/ofagent/agent/ofa_neutron_agent.py
Change-Id: I53813d12c66dc746cd373fd91ff9bd9bdbf222db
(cherry picked from commit 34e3be16a1)
_set_default_route() was using an RPC to the plugin to get the DHCP
port for the network on the current host, and then used it to form
the tap device name. This happened on every allocation reload too.
This fix removes the RPC and gets the tap device name using local
methods instead. It also removes an unnecessary call to set the
default route in the restart method.
Closes-Bug: 1290068
Related-Bug: 1294254
Change-Id: I639bcf93725c4969d1011d2d20491d461ccfdbed
(cherry picked from commit 9dbd1e5e5a)
As the number of ports per default security group increases, the
number of iptables entries on the Compute Node grows. Because of
this, there is a gradual increase in the time taken to apply chains
and rules.
Currently we are using list comprehensions to find if a new chain or
rule matches an existing one. Instead, walk through the list in
reverse to find a matching entry.
Added a new method, _find_last_entry(), to return the entry we are
searching for.
Change-Id: I3585479ffa00be556b8b21dc9dbd6b36ad37f4de
Closes-Bug: #1302272
Related-Bug: #1253993
(cherry picked from commit 0c202ab3e4)
References the raw REST response in the capabilities
parsing code so json.loads doesn't get an object
that may already be decoded and fail.
Conflicts:
neutron/tests/unit/bigswitch/test_capabilities.py
neutron/tests/unit/bigswitch/test_servermanager.py
Closes-Bug: #1326173
Change-Id: Ia3179b7499f35a6ab2e9ce1631ab15ed27d64647
The maximum length of a veth interface name is 15 characters.
This patch limits the length of the veth names created for
integration bridges by switching to a fixed-length hashing
mechanism if the normal name would exceed the allowed length.
Closes-Bug: #1328288
Change-Id: I432cee62a6dc91f268becbc91f8024c23dd0bfac
(cherry-picked from 1222366f6d)
The function dump_flows_for_table() calls run_ofctl(). If this occurs during an OVS
restart, run_ofctl() will return None. dump_flows_for_table() needs to realize this
and not try to call splitlines() on a None object.
Change-Id: Ide26028656e634113f955dfc89569149d4d5b306
Closes-Bug: #1324659
(cherry picked from commit b5d596877f)
If one runs the lbaas agent from packages and does not have the l3-agent
installed on the same box as the lbaas agent it will fail to add the
default gw route. This is because it's missing the rootwrap filter for
route which is only present in l3.filters.
Conflicts:
etc/neutron/rootwrap.d/lbaas-haproxy.filters
Change-Id: I59cd0a549a1f1d1564d139d42daf55d02898bf76
Closes-bug: 1325406
(cherry picked from commit c9a0eaacaa)
By default, iptables apply is deferred in L3 agent. For
external gateways, iptables is applied immediately (to
enable NAT for floating IP). Similarly, when firewall
is created/updated/deleted, iptable rules are applies
immediately.
Change-Id: I4f652a030ae23a71a2e20af2e8ef0ad5b882b80e
Closes-Bug: #1320775
(cherry picked from commit 6167cb55e2)
Sets the consistency hash header to empty instead
of False since 'False' is handled like a string on
the backend and requires special-casing to detect.
Conflicts:
neutron/tests/unit/bigswitch/test_servermanager.py
Change-Id: Iee1651574c01a32e78167a9bbed4e0433abbdec2
Closes-Bug: #1325771
(cherry-picked from 7b9ed4edee)
In the hyperv unit tests, an rpc method is
manually replaced with a MagicMock using setattr.
This prevents it from being cleaned up by mock.patch.stopall.
This patch replaces it with a short-lived patch call
in a with statement.
Change-Id: I7b10a8115c474977e3acd16dc49d6f3ae67b0c3b
Partial-Bug: #1316401
(cherry picked from commit 2df56ffe93)
When OVS is restarted, by default it will not reprogram flows which were
programmed. For the case of the OVS agent, this means a restart will cause
all traffic to be switched using the NORMAL action. This is undesirable for
a number of reasons, including obvious security reasons.
This change provides a way for the agent to check if a restart of ovs-vswitchd
has happened in the main agent loop. If a restart of ovs-vswitchd is detected,
the agent will run through the setup of the bridges on the host and reprogram
flows for all the ports connected.
DocImpact
This changes adds a new table (table 23) to the integration bridge, with a
single 'drop' flow. This is used to monitor OVS restarts and to reprogram
flows from the agent.
Conflicts:
neutron/plugins/openvswitch/common/constants.py
Change-Id: If9e07465c43115838de23e12a4e0087c9218cea2
Closes-Bug: #1290486
(cherry picked from commit 8e9f00a19d)
Some plugin .ini configuration files were missing and hence not
installed via 'setup.py install'.
Conflicts:
setup.cfg
Change-Id: I31f096e7fbf9f7a182ba8535ca8cadc4fecc6632
Partial-Bug: 1324487
(cherry picked from commit a75e156af6)
The flat provider network would cause an exception when writing to
database. This is due to the fact that the DB expected an integer
and received an object instead.
Change-Id: Ib9d38711c0c2ef16d8bf74bfae44864a1bc272b1
Closes-bug: #1324120
(cherry picked from commit 84dfaa8a87)
Jenkins