If one runs the lbaas agent from packages and does not have the l3-agent
installed on the same box as the lbaas agent it will fail to add the
default gw route. This is because it's missing the rootwrap filter for
route which is only present in l3.filters.
Conflicts:
etc/neutron/rootwrap.d/lbaas-haproxy.filters
Change-Id: I59cd0a549a1f1d1564d139d42daf55d02898bf76
Closes-bug: 1325406
(cherry picked from commit c9a0eaacaa)
* Change the plug method in MidonetInterfaceDriver to use mm-ctl
* Move MidonetInterfaceDriver to interface.py
* adapt interface driver midonet unit tests to mm-ctl
Change-Id: Ib6cfbc212b793fa939cad17017c0b2b8b0a5b7fb
Closes-Bug: #1245797
This change adds the ability to monitor the local ovsdb for
interface changes so that the l2 agent can avoid unnecessary
polling. Minimal changes are made to the agent so the risk
of breakage should be low. Future efforts to make the agent
entirely event-based may be able to use OvsdbMonitor as a
starting point.
By default polling minimization is not done, and can only be
enabled by setting 'minimize_polling = True' in the ovs
section of the l2 agent's config file.
Closes-Bug: #1177973
Change-Id: I26c035b48a74df2148696869c5a9affae5ab3d27
This patch introduces VXLAN support for Linuxbridge agent alongside
with ml2 plugin support in linubridge mechnism driver.
A new vxlan configuration section is added for vxlan related parameters.
The agent also implements l2population RPC callbacks which allows ml2
plugin using l2population mechnism driver to populate vxlan forwarding
and neighbor tables following portbinding events. It allows agent to
respond locally to ARP requests for remote VMs and avoid dataplane based
learning. This should help limiting the use of multicast or flooding
for broadcast emulation in vxlan networks.
These changes should anyway have a limited risk, as agent behaviour
shouldn't be affected, except when vxlan is enabled alongside ml2 plugin.
Implements: blueprint l2-population
Change-Id: I99a961c53f9e451409f1affb079042936d8ae5c6
Some users of the Pidfile class don't specify root_helper,
which then defaults to 'sudo', which will generate an error.
Remove root_helper altogether since we actually don't need
root priveleges to read /proc/$pid/cmdline.
Changed code to use open.readline() instead of a shell, and
tweaked tests accordingly.
Also cleaned-up the rootwrap filters that allow it as they
are not used anymore.
Fixes bug 1218142
Change-Id: I6691feb1c9f7bfa261a7ec464fd8f3f92168c302
Implements blueprint ipsec-vpn-reference
This patch implements reference driver implementation for VPNaaS.
The driver uses openswan to manage vpn connections.
Future work: Support ikepolicy and ipsec update
Support service type framework
Intelligent updating of resources
This commit adds jinja2 for requirements.txt for
generating cofig file.
Change-Id: I8c5ed800a71ca014dc7bdbb6a57c4f8d18fa82e0
Previously neutron was keeping track of dhcp lease time in order
to ensure it didn't hand out an ip address that was already leased.
This patch removes that logic and instead leverages the dhcp_release
utility. This allows us to reuse ip addresses immediately after a port
is deleted. This patch also bumps the lease time to 24 hours instead
of 2 minutes with reduces the amount of dhcp traffic.
DocImpact
There is a DocImpact for this bug related to the upgrade path. One should
first upgrade their dhcp-agents. Then wait till the dhcp_lease time has
expired. Lastly, update neutron-server in order to avoid the case where
an instance is deleted and the dnsmasq process has not released the lease
and neturon allocates that ip to a new port.
Fixes bug: 1202392
Implements blueprint: remove-dhcp-lease
Change-Id: Ifcb4f093c92904ceb896438987d53e692eb7fb26
Use the common oslo-incubator rootwrap rather than maintain a
specific fork within Neutron.
- Migrated DnsmasqFilter use in dhcp.filters to the new EnvFilter
- Changed environment passing in ip_lib's netns.execute so that
it can be properly matched using IpNetNsExecFilter + EnvFilter.
It now calls "ip netns exec ns env A=B C=D command" instead of
"A=B C=D ip netns exec ns command". Adjusted tests accordingly.
All the other changes are coming directly from the Oslo "rootwrap"
module sync.
Notes:
- Neutron locates its rootwrap.conf in etc/ rather than in etc/neutron
- Neutron maintains a specific bin/quantum-rootwrap-xen-dom0 which
requires additional config in rootwrap.conf
Both behaviors were preserved in this commit, but this may need to be
addressed in the future to simplify future oslo-rootwrap updates.
Implements bp: quantum-common-rootwrap
Change-Id: I02879942a9d1169a71aa4d684c1b9ec109a6de32
This change renames everything to Neutron while providing backwards
compatible adjustments for Grizzly configuration files.
implements blueprint: remove-use-of-quantum
Change-Id: Ie7d07ba7c89857e13d4ddc8f0e9b68de020a3d19
Aaron Rosen