25077 Commits

Author SHA1 Message Date
ramishra
ec550f5f52 Add fake_project_id middleware for noauth
This adds a middleware for noauth that would inject a fake
project_id for create requests. This would ensure that api
consumers don't have to provide a fake project_id in requests.

Closes-Bug: #1934039
Change-Id: I5e1de571034be41f1147c130fce66e6cf70b1369
2021-07-05 21:18:09 +05:30
Zuul
13e96bf6bd Merge "Add extra logs to the network update callback in L3 agent" 2021-07-01 02:08:23 +00:00
Zuul
7e8da3c0b8 Merge "[OVN] Add binding-extended to the ML2_SUPPORTED_API_EXTENSIONS" 2021-06-30 10:13:24 +00:00
Zuul
25207ed9c0 Merge "[OVN] Do not fail when processing SG rule deletion" 2021-06-30 05:03:01 +00:00
Zuul
1789ca0d3d Merge "Fix ObjectChangeHandler thread usage" 2021-06-30 01:22:18 +00:00
Rodolfo Alonso Hernandez
6a74cd76fd [OVN] Do not fail when processing SG rule deletion
When a security group rule deletion command is issued, before executing
the database operations, a "BEFORE_DELETE" event is raised.

The OVN handler attending to this event should not fail if the security
group rule does not exist; the database transaction [1]  will in case of
not finding it, raising the correct exception and HTTP 404 error:

  Jun 29 16:58:28 dev20 neutron-server[8820]: INFO neutron.wsgi [None \
    req-1821ec9f-2439-420b-80eb-1138896de865 demo admin] 192.168.10.70 \
    "GET /v2.0/security-group-rules/missing_sg_rule_example HTTP/1.1" \
    status: 404 len: 348 time: 0.0352871

[1]6196c0873b/neutron/db/securitygroups_db.py (L858-L868)

Change-Id: I58f6e5b309e089f6681d2c4bbff4ff7fda96435f
Closes-Bug: #1933638
2021-06-29 16:48:26 +00:00
Slawek Kaplonski
5c9a7fe1b4 Add extra logs to the network update callback in L3 agent
It may be useful during debugging some L3 and events related issues.

Related-bug: #1933234
Change-Id: I4bcba0ae82d99fac962d758b48b1727f344ec7bb
2021-06-29 13:48:59 +02:00
Zuul
6196c0873b Merge "Refactor DHCP common config options" 2021-06-29 10:34:46 +00:00
Slawek Kaplonski
cde0f68f9e [OVN] Add binding-extended to the ML2_SUPPORTED_API_EXTENSIONS
This extension should be enabled with ML2/OVN backend also but
recent changes in how supported extensions are calculated ([1])
it was filtered out.

[1] https://review.opendev.org/c/openstack/neutron/+/793141

Closes-Bug: #1933954
Change-Id: Ic8ab322683e72101a8f797b108bf23bc169092cb
2021-06-29 12:10:39 +02:00
Zuul
cbbab2fac5 Merge "Add fullstack test case for OVS DHCP extension" 2021-06-29 08:36:32 +00:00
Zuul
46bc5c4d52 Merge "Copy existing IPv6 leases to generated lease file" 2021-06-29 02:14:23 +00:00
LIU Yulong
1a99adb530 Refactor DHCP common config options
Align the config with DHCP agent options `dhcp_renewal_time`
and `dhcp_rebinding_time` for ovs-agent dhcp extension.

Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Related-Bug: #1900934

Change-Id: I671f23fcb763b847b1dc2b1d2de0567569aba892
2021-06-29 08:46:54 +08:00
Zuul
a33588b086 Merge "Correctly label port as SubPort in SubPortNotFound" 2021-06-28 21:27:46 +00:00
Zuul
d77b82935e Merge "Use OVS backend for testing os-ken library" 2021-06-28 18:55:31 +00:00
Zuul
804cc660e7 Merge "Make explicit the network backend used in the CI jobs" 2021-06-28 18:55:11 +00:00
Sebastian Lohff
31c0ef9dbe Correctly label port as SubPort in SubPortNotFound
The SubPortNotFound exception gets the port id of the subport that was
not found. This is now correctly labeled as SubPort, not as parent port
anymore.

Change-Id: I6e33ff4a7e0cb7864535a0905b5dc197a0aa8a5d
2021-06-28 17:19:41 +00:00
Szymon Wroblewski
9ae22b1fef Fix ObjectChangeHandler thread usage
Instead of spawning new thread for each OVO change,
keep one long running thread fetching changes
from queue.

Closes-Bug: #1926417
Change-Id: I390cabeaf6ebbc1c6206fe2cc226ef437462c7fd
2021-06-28 18:32:31 +02:00
Zuul
ebbf51c2b3 Merge "[OVN] Add subnet-service-types as supported by OVN mech driver" 2021-06-28 13:44:28 +00:00
Zuul
67848ea309 Merge "use callback payloads for SECURITY_GROUP" 2021-06-28 11:18:38 +00:00
LIU Yulong
4b22eea4be Add fullstack test case for OVS DHCP extension
This patch will create two fake VMs to verify the DHCP R/R
for its NIC. Ping 4/6 will be run after the interface request
and config the IP address via DHCPv4/6 by using dhclient.

For fullstack test fake environment, setting enable_traditional_dhcp
to False means enable DHCP extension for OVS agent automatically.

Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Closes-Bug: #1900934
Change-Id: I40d6464953fbc4d4ca2c05a6051eba43cd05fedd
2021-06-28 17:27:47 +08:00
Zuul
3127bd1d57 Merge "[ML2] Change way how list of supported API extensions is made" 2021-06-28 00:54:46 +00:00
Zuul
e24f217f52 Merge "Move dns-integration extension to the ML2_SUPPORTED_API_EXTENSIONS list" 2021-06-28 00:54:31 +00:00
Zuul
2873fbe5f1 Merge "[L3] Add some logs for router processing" 2021-06-27 20:37:54 +00:00
Zuul
9a44dd0365 Merge "Enable tls-proxy support in the tempest jobs" 2021-06-26 20:02:10 +00:00
Zuul
825133cf18 Merge "[ovn] Add 'address_group' extension to OVN" 2021-06-26 18:59:53 +00:00
Zuul
88fed5a286 Merge "Add script to aid in using ovn-trace with OpenStack" 2021-06-26 17:39:24 +00:00
Zuul
c90043f853 Merge "Add agent extension 'dhcp' for ovs agent" 2021-06-26 12:12:45 +00:00
Zuul
25afdbe70d Merge "Fix phys network lost after reconfigure" 2021-06-25 14:34:43 +00:00
Zuul
8a1fdddc5c Merge "Bump minimal ovsdbapp version to 1.11.0" 2021-06-25 14:34:28 +00:00
Boden R
b05a9186d1 use callback payloads for SECURITY_GROUP
This patch switches over to callback payloads for SECURITY_GROUP
events. To do so a few shims are put into place the handle both
payload and kwarg style callbacks; these shims will be removed once
all events use payloads. In addition a few UT updates are included to
get the tests working properly with payloads.

Change-Id: I6161a8b387812808c4d679f882a3193c93235647
2021-06-25 16:07:18 +03:00
Zuul
7fd6d169f5 Merge "use callback payloads for SUBNET" 2021-06-25 12:57:25 +00:00
Rodolfo Alonso Hernandez
b189b0f322 Use OVS backend for testing os-ken library
Only OVS agent uses os-ken library, makes sense that the CI job
testing it uses this backend.

Closes-Bug: #1933626
Change-Id: I8b2eb11dfae5bc67ee9c3629f609e4b461e0ad7c
2021-06-25 08:54:32 +00:00
Rodolfo Alonso Hernandez
d7ca286e6c Make explicit the network backend used in the CI jobs
All Neutron CI jobs (except for unit, functional and fullstack jobs),
have explicitly defined the network backend used:
- linuxbridge
- ovs
- ovn

That was discussed and approved during the Neutron CI meetings [1].

[1]https://meetings.opendev.org/meetings/neutron_ci/2021/neutron_ci.2021-06-15-15.00.log.html

Change-Id: I036924f13b77dd5957ad5e60b9f536562deb9f05
2021-06-25 08:53:04 +00:00
Slawek Kaplonski
db2207f32d [ML2] Change way how list of supported API extensions is made
Previously if extension was not supported by one of the mech drivers,
but it wasn't filtered out by next mech driver, it was available finally
in the list.
Now, this patch changes that so if extension is disabled by one of the
drivers it isn't available on the list at all.
This will work better e.g. with discoverability of what is available
e.g. when OVN backend is used by Neutron.

Closes-Bug: #1929676
Change-Id: I6a4ff42f47f7ee90365516d37472c09ac87773e5
2021-06-25 07:41:11 +00:00
Slawek Kaplonski
bc82a664b6 Move dns-integration extension to the ML2_SUPPORTED_API_EXTENSIONS list
dns-integration extension is actually implemented as ML2 extension
driver, so has nothing to do with the L3 plugin.
In OVN it was listed in the ML2_SUPPORTED_API_EXTENSIONS_OVN_L3 but it
should be in ML2_SUPPORTED_API_EXTENSIONS. This patch moves it to the
correct list.
This patch also removes disable_dns_extension_by_extension_drivers
method from the OVN L3 plugin class as there is no need to disable this
extension by L3 agent.

Related-Bug: #1929676
Change-Id: I456afcc9054627e74b18460d169052f262451c22
2021-06-25 07:40:41 +00:00
Zuul
7070538db4 Merge "Update version of doc8" 2021-06-25 07:02:21 +00:00
Zuul
cb8ecd5b7f Merge "Remove tox_install_siblings=False from the functional job's definition" 2021-06-25 03:29:25 +00:00
Gaudenz Steinlin
6bc1c00d66 Copy existing IPv6 leases to generated lease file
Because the DHCP agent does not know the IAID (identity association
identifier) of assigned IPv6 addresses it's not possible to generate the
lease file including IPv6 leases. Because of this IPv6 addresses are
excluded when generating the lease file in case of DHCP agent restarts.
This causes DHCPv6 clients to fail to RENEW their lease and to go
through a full address discovery cycle with possible short connectivity
disruption.

This commit copies the existing IPv6 leaes from an already existing
lease file if present. While this does not allow for DHCP agent
failover, this is still better than just skipping the IPv6 addresses.

A lease file without the IPv6 addresses is still generated if an agent
is migrated to a different host.

This commit complements the fix implemented in
Ib1b2f284ab81f1c4af7b08b5257b45a3f6e79c3e which just skips the IPv6
leases as otherwise the lease file would be invalid and all leases would
be lost. It does not change the behavior for still valid IPv4 leases.

With this issue fixed an additional fix is required to not loose DHCPv6
leases when the agent restarts dnsmasq. Currently the DHCP agent
regenerates all configuration files on restart. This means that DHCPv6
leases are lost as they can't be regenerated. This changes the agent to
only delete the config files if the agent's ports are also removed.

Closes-Bug: #1722126
Related-Change: Ib1b2f284ab81f1c4af7b08b5257b45a3f6e79c3e

Change-Id: I40761b30563749251b9d74731bbe7a80a124da89
2021-06-24 22:42:09 +02:00
Zuul
e12ba06e8b Merge "use payloads for PORT BEFORE_UPDATE events" 2021-06-24 09:33:31 +00:00
Zuul
2692953017 Merge "Remove FIP agent's gw port when L3 agent is deleted" 2021-06-24 06:38:48 +00:00
LIU Yulong
56e8498a4d Add agent extension 'dhcp' for ovs agent
Add a new ovs agent extension to support distributed DHCP for
VMs in compute nodes directly. For large scale deployment, this
can be used to reduce the number of neutron agents. Large scale
cloud can benefit from it.

From the perspective of virtual machine, this will reduce the
probability of DHCP request failure. The VMs will get a higher
level availability for DHCP R/R, no single point of failure
permanently. If one host goes down, VMs in other hosts will not
be influnced by it.

For the perspective of network performance, after using this
extension, the DHCP broadcasting packages will be limited
to the host locally.

Partially-Implements: bp/distributed-dhcp-for-ml2-ovs
Closes-Bug: #1900934
Change-Id: Id8a4c501daad7c2185e6d69441182666ef987e61
2021-06-24 08:38:38 +08:00
Zuul
ad2bc847ab Merge "Bump neutron-lib to 2.12.0" 2021-06-23 22:37:33 +00:00
Nurmatov Mamatisa
cd8c4f7e30 use callback payloads for SUBNET
This patch switches over to callback payloads for
SUBNET events.

Change-Id: Ic4c3490aed4f899293be993d4663bb537c34ab8b
2021-06-24 00:14:52 +03:00
Zuul
9a760b9b14 Merge "[ovn] Clean-up unused ACL method for DHCP" 2021-06-23 20:58:36 +00:00
Zuul
887dc1049c Merge "Config option to enable OVN IDL on other workers" 2021-06-23 20:22:50 +00:00
Zuul
2893609af8 Merge "use callback payloads for SECURITY_GROUP_RULE" 2021-06-23 20:22:34 +00:00
Zuul
6c704c5852 Merge "[OVN] Disable mcast_flood on localnet ports" 2021-06-23 15:51:10 +00:00
Slawek Kaplonski
dbfa1b5d92 Remove tox_install_siblings=False from the functional job's definition
It is set to true by default in base jobs. Also e.g. in
functional job for neutron-dynamic-routing it is set to True so
it should be fine to use default value in the neutron-functional job as
well.

Related-bug: #1932483
Change-Id: I2c8392628dd63ca612c6d8428daab66724e88c20
2021-06-23 13:10:40 +02:00
Nurmatov Mamatisa
324a35a3d0 use payloads for PORT BEFORE_UPDATE events
This patch switches the code over to the payload style of callbacks
for PORT BEFORE_UPDATE events

Change-Id: Ie55a04deac6c2f54f7f5d475c350f0fbf7b1fe77
2021-06-23 12:14:48 +03:00
Slawek Kaplonski
0cd01edc9c [OVN] Add subnet-service-types as supported by OVN mech driver
This API extension is supported by ML2 plugin and is database only
thing. So there is no need to filter it out when OVN backend is used.

Related-Bug: #1933115
Change-Id: Ica4490d3ec36e227301e3f3a7b093750b2e18b83
2021-06-23 09:42:30 +02:00