Passing newline to the dnsmasq may cause security issues, especially
that in case of Neutron that dhcp options' values are controlled by
cloud users.
This patch removes everything what is after first newline character
in the dhcp_extra_opt's values before passing them to dnsmasq.
Closes-Bug: #1939733
Change-Id: Ifeaf258f0b5ea86f25620ac4116d618980a7272e
Some functional and unit tests uses range and len built-in functions to iterate
over items. Those can be replaced by enumerate which makes the code more
readable.
Change-Id: Icb507681578dbb50128aaf017bd598d98c26a6d4
A patch [1] that updates upper-constraints.txt for neutron-lib 2.14 fails
to pass check pipeline.
Due to development sequence it's necessary to append a new rule type
to VALID_RULE_TYPES in Neutron first, and then move it to neutron-lib.
Because of this process, there's a risk that the new rule type is
present in both Neutron and in neutron-lib.
This is why check pipeline keeps failing with neutron-lib v2.14, as it
contains 'packet_rate_limit' and in Neutron we append it to the list
anyways, ending up with duplicates.
This patch ensures that there are no duplicates in VALID_RULE_TYPES.
[1] https://review.opendev.org/c/openstack/requirements/+/805352
Change-Id: Ib6963f402c9fec8169afcf467d613bba4e06130d
Bulk port creation should honor binding:vnic_type
and binding:profile attributes from request.
Closes-Bug: #1940074
Change-Id: I99d27d568f66c6330f6373843d096c6ee1b4ec54
SECURITY_GROUP and SECURITY_GROUP_RULE resources now
is using payload style callback. Shim can be removed
Change-Id: Icd8e61100b5e2db24a737e852441548eca8f8424
Change FloatingIP AFTER_ notifications in l3_db to use publish calls.
Move association_event field into Payload metadata.
Closes-Bug: #1933502
Change-Id: Ie4c0f4a63a87c32026c49b03068e5f461deb38b6
This change adds missing oslo.config.opts endpoints to the config file
to generated neutron.conf, so that the following options are included
in the neutron.conf generated by the oslo-config-generator command.
1) Some options of the oslo.service library, related to periodic tasks
and base service implementation
2) Options of the oslo.reports library
3) Options of the healthcheck middleware from oslo.middleware
Closes-Bug: #1940009
Change-Id: I9f4763efc02e5cacca3a00e9f101f83d3f3fb1e7
If not set availability_zone_hits when create router, should use
configuration parameter default_availability_zones.
At present, only the creation parameters are validate, and the default
availability zones not validate.
Creating a network is the same as creating a route.
Closes-bug: #1938261
Change-Id: I1c7f50b69a31d725b762e3061f09a0bd5b077a58
During migration from OVS to OVN it can happen that gateway ports are
scheduled to a different gateway chassis when Neutron is running. This
patch doesn't fail in such case. The migration procedure runs the db
sync twice in a row so it should be good to not perform any action when
this happens and let the next migration handle that.
Change-Id: I28a4a5fef20d5049f4887d43006947b434de3d78
Closes-Bug: #1939704
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
Some extra debug logs may be useful to understand exactly what happens
during ha states transitions and e.g. to understand failures like
described in the related bug.
Related-bug: #1939507
Change-Id: Id708b2c7a602df8d4ba1b32e58d4b152b5c58ba6
DVR-HA check job has become pretty stable after latest DVR fix [1].
Let's make it voting to prevent further DVR-HA regressions.
[1] https://review.opendev.org/c/openstack/neutron/+/803211
Change-Id: Ieac9a8bf9f01a18069fc419cf52ca7a0624fec32
This patch switches over to callback payloads for
FLOATING_IP PRECOMMIT_CREATE and PRECOMMIT_UPDATE events
Change-Id: I886a360b838c78b0596c042fb5650bc73848af31
This patch switches over to callback payloads for ROUTER
AFTER_CREATE, AFTER_UPDATE and AFTER_DELETE events.
Change-Id: Ie818ffbb1a291faa80501157b46ff6671d5c26ba
This patch changes the get_candidates_for_scheduling() method to also
consider all gateway chassis as potential candidates (limited by
Availability Zones) in case physnet parameter is empty (as for the
segmented networks case).
This patch is a simpler/backportable fix for the segmented networks +
Router AZs use case. In the future we should consider refactoring the
code responsible for scheduling the gateway router ports, a more detailed
explanation of what is happening/needed can be found at LP #1939144.
Change-Id: I8dc5336c6e2acd0b0a2cad0e80eee91280b9f945
Closes-Bug: #1939144
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
With new scopes, when e.g. project admin context is used to ensure
default SG for different tenant, elevated context needs to be used
to make db query. Otherwise default SG will not be found and attempt to
create it in DB may fail with DuplicateDbEntry error.
Closes-Bug: #1938910
Change-Id: Ib884be6aa12bd0d3faf83f3e753f8e7aad503b68
Invalid OFPORT (-1) causes ofctl errors and timeouts if set
it as output in a flow rule.
Closes-Bug: #1938685
Change-Id: Ib8be66c3068309832e08066af4e0b75c30e8163a
Slawek Kaplonski