This adds a middleware for noauth that would inject a fake
project_id for create requests. This would ensure that api
consumers don't have to provide a fake project_id in requests.
Closes-Bug: #1934039
Change-Id: I5e1de571034be41f1147c130fce66e6cf70b1369
When a security group rule deletion command is issued, before executing
the database operations, a "BEFORE_DELETE" event is raised.
The OVN handler attending to this event should not fail if the security
group rule does not exist; the database transaction [1] will in case of
not finding it, raising the correct exception and HTTP 404 error:
Jun 29 16:58:28 dev20 neutron-server[8820]: INFO neutron.wsgi [None \
req-1821ec9f-2439-420b-80eb-1138896de865 demo admin] 192.168.10.70 \
"GET /v2.0/security-group-rules/missing_sg_rule_example HTTP/1.1" \
status: 404 len: 348 time: 0.0352871
[1]6196c0873b/neutron/db/securitygroups_db.py (L858-L868)
Change-Id: I58f6e5b309e089f6681d2c4bbff4ff7fda96435f
Closes-Bug: #1933638
This extension should be enabled with ML2/OVN backend also but
recent changes in how supported extensions are calculated ([1])
it was filtered out.
[1] https://review.opendev.org/c/openstack/neutron/+/793141
Closes-Bug: #1933954
Change-Id: Ic8ab322683e72101a8f797b108bf23bc169092cb
Align the config with DHCP agent options `dhcp_renewal_time`
and `dhcp_rebinding_time` for ovs-agent dhcp extension.
Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Related-Bug: #1900934
Change-Id: I671f23fcb763b847b1dc2b1d2de0567569aba892
The SubPortNotFound exception gets the port id of the subport that was
not found. This is now correctly labeled as SubPort, not as parent port
anymore.
Change-Id: I6e33ff4a7e0cb7864535a0905b5dc197a0aa8a5d
Instead of spawning new thread for each OVO change,
keep one long running thread fetching changes
from queue.
Closes-Bug: #1926417
Change-Id: I390cabeaf6ebbc1c6206fe2cc226ef437462c7fd
This patch will create two fake VMs to verify the DHCP R/R
for its NIC. Ping 4/6 will be run after the interface request
and config the IP address via DHCPv4/6 by using dhclient.
For fullstack test fake environment, setting enable_traditional_dhcp
to False means enable DHCP extension for OVS agent automatically.
Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Closes-Bug: #1900934
Change-Id: I40d6464953fbc4d4ca2c05a6051eba43cd05fedd
This patch switches over to callback payloads for SECURITY_GROUP
events. To do so a few shims are put into place the handle both
payload and kwarg style callbacks; these shims will be removed once
all events use payloads. In addition a few UT updates are included to
get the tests working properly with payloads.
Change-Id: I6161a8b387812808c4d679f882a3193c93235647
Only OVS agent uses os-ken library, makes sense that the CI job
testing it uses this backend.
Closes-Bug: #1933626
Change-Id: I8b2eb11dfae5bc67ee9c3629f609e4b461e0ad7c
All Neutron CI jobs (except for unit, functional and fullstack jobs),
have explicitly defined the network backend used:
- linuxbridge
- ovs
- ovn
That was discussed and approved during the Neutron CI meetings [1].
[1]https://meetings.opendev.org/meetings/neutron_ci/2021/neutron_ci.2021-06-15-15.00.log.html
Change-Id: I036924f13b77dd5957ad5e60b9f536562deb9f05
Previously if extension was not supported by one of the mech drivers,
but it wasn't filtered out by next mech driver, it was available finally
in the list.
Now, this patch changes that so if extension is disabled by one of the
drivers it isn't available on the list at all.
This will work better e.g. with discoverability of what is available
e.g. when OVN backend is used by Neutron.
Closes-Bug: #1929676
Change-Id: I6a4ff42f47f7ee90365516d37472c09ac87773e5
dns-integration extension is actually implemented as ML2 extension
driver, so has nothing to do with the L3 plugin.
In OVN it was listed in the ML2_SUPPORTED_API_EXTENSIONS_OVN_L3 but it
should be in ML2_SUPPORTED_API_EXTENSIONS. This patch moves it to the
correct list.
This patch also removes disable_dns_extension_by_extension_drivers
method from the OVN L3 plugin class as there is no need to disable this
extension by L3 agent.
Related-Bug: #1929676
Change-Id: I456afcc9054627e74b18460d169052f262451c22
Because the DHCP agent does not know the IAID (identity association
identifier) of assigned IPv6 addresses it's not possible to generate the
lease file including IPv6 leases. Because of this IPv6 addresses are
excluded when generating the lease file in case of DHCP agent restarts.
This causes DHCPv6 clients to fail to RENEW their lease and to go
through a full address discovery cycle with possible short connectivity
disruption.
This commit copies the existing IPv6 leaes from an already existing
lease file if present. While this does not allow for DHCP agent
failover, this is still better than just skipping the IPv6 addresses.
A lease file without the IPv6 addresses is still generated if an agent
is migrated to a different host.
This commit complements the fix implemented in
Ib1b2f284ab81f1c4af7b08b5257b45a3f6e79c3e which just skips the IPv6
leases as otherwise the lease file would be invalid and all leases would
be lost. It does not change the behavior for still valid IPv4 leases.
With this issue fixed an additional fix is required to not loose DHCPv6
leases when the agent restarts dnsmasq. Currently the DHCP agent
regenerates all configuration files on restart. This means that DHCPv6
leases are lost as they can't be regenerated. This changes the agent to
only delete the config files if the agent's ports are also removed.
Closes-Bug: #1722126
Related-Change: Ib1b2f284ab81f1c4af7b08b5257b45a3f6e79c3e
Change-Id: I40761b30563749251b9d74731bbe7a80a124da89
Add a new ovs agent extension to support distributed DHCP for
VMs in compute nodes directly. For large scale deployment, this
can be used to reduce the number of neutron agents. Large scale
cloud can benefit from it.
From the perspective of virtual machine, this will reduce the
probability of DHCP request failure. The VMs will get a higher
level availability for DHCP R/R, no single point of failure
permanently. If one host goes down, VMs in other hosts will not
be influnced by it.
For the perspective of network performance, after using this
extension, the DHCP broadcasting packages will be limited
to the host locally.
Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Closes-Bug: #1900934
Change-Id: Id8a4c501daad7c2185e6d69441182666ef987e61
It is set to true by default in base jobs. Also e.g. in
functional job for neutron-dynamic-routing it is set to True so
it should be fine to use default value in the neutron-functional job as
well.
Related-bug: #1932483
Change-Id: I2c8392628dd63ca612c6d8428daab66724e88c20
This API extension is supported by ML2 plugin and is database only
thing. So there is no need to filter it out when OVN backend is used.
Related-Bug: #1933115
Change-Id: Ica4490d3ec36e227301e3f3a7b093750b2e18b83