diff --git a/octavia/amphorae/backends/agent/api_server/haproxy_compatibility.py b/octavia/amphorae/backends/agent/api_server/haproxy_compatibility.py
index 85451c5228..c8915379ce 100644
--- a/octavia/amphorae/backends/agent/api_server/haproxy_compatibility.py
+++ b/octavia/amphorae/backends/agent/api_server/haproxy_compatibility.py
@@ -30,7 +30,7 @@ def get_haproxy_versions():
 
     version = subprocess.check_output(cmd.split(), stderr=subprocess.STDOUT)
 
-    version_re = re.search('.*version (.+?)\.(.+?)\..*',
+    version_re = re.search(r'.*version (.+?)\.(.+?)\..*',
                            version.decode('utf-8'))
 
     major_version = int(version_re.group(1))
diff --git a/octavia/amphorae/backends/agent/api_server/listener.py b/octavia/amphorae/backends/agent/api_server/listener.py
index 1b83c47dde..46f5cbb408 100644
--- a/octavia/amphorae/backends/agent/api_server/listener.py
+++ b/octavia/amphorae/backends/agent/api_server/listener.py
@@ -483,17 +483,17 @@ class Listener(object):
         with open(util.config_path(listener_id), 'r') as file:
             cfg = file.read()
 
-            m = re.search('mode\s+(http|tcp)', cfg)
+            m = re.search(r'mode\s+(http|tcp)', cfg)
             if not m:
                 raise ParsingError()
             mode = m.group(1).upper()
 
-            m = re.search('stats socket\s+(\S+)', cfg)
+            m = re.search(r'stats socket\s+(\S+)', cfg)
             if not m:
                 raise ParsingError()
             stats_socket = m.group(1)
 
-            m = re.search('ssl crt\s+(\S+)', cfg)
+            m = re.search(r'ssl crt\s+(\S+)', cfg)
             ssl_crt = None
             if m:
                 ssl_crt = m.group(1)
@@ -514,7 +514,7 @@ class Listener(object):
 
     def _check_ssl_filename_format(self, filename):
         # check if the format is (xxx.)*xxx.pem
-        if not re.search('(\w.)+pem', filename):
+        if not re.search(r'(\w.)+pem', filename):
             raise exceptions.HTTPException(
                 response=webob.Response(json=dict(
                     message='Filename has wrong format'), status=400))
diff --git a/octavia/amphorae/backends/utils/keepalivedlvs_query.py b/octavia/amphorae/backends/utils/keepalivedlvs_query.py
index 5c826fa464..52988d55be 100644
--- a/octavia/amphorae/backends/utils/keepalivedlvs_query.py
+++ b/octavia/amphorae/backends/utils/keepalivedlvs_query.py
@@ -70,7 +70,7 @@ def get_listener_realserver_mapping(ns_name, listener_ip_port):
     if ip_obj.version == 4:
         ip_to_hex_format = "0%X" % ip_obj._ip
     else:
-        ip_to_hex_format = '\[' + ip_obj.exploded + '\]'
+        ip_to_hex_format = r'\[' + ip_obj.exploded + r'\]'
     port_hex_format = "%.4X" % int(listener_port)
     idex = ip_to_hex_format + ':' + port_hex_format
 
diff --git a/octavia/api/v2/controllers/listener.py b/octavia/api/v2/controllers/listener.py
index 7182b014c2..7a9d5e747b 100644
--- a/octavia/api/v2/controllers/listener.py
+++ b/octavia/api/v2/controllers/listener.py
@@ -375,9 +375,9 @@ class ListenersController(base.BaseController):
 
         # Make sure we have a client CA cert if they enable client auth
         if ((listener.client_authentication != wtypes.Unset and
-             listener.client_authentication != constants.CLIENT_AUTH_NONE)
-            and not (db_listener.client_ca_tls_certificate_id or
-                     listener.client_ca_tls_container_ref)):
+             listener.client_authentication != constants.CLIENT_AUTH_NONE) and
+            not (db_listener.client_ca_tls_certificate_id or
+                 listener.client_ca_tls_container_ref)):
             raise exceptions.ValidationException(detail=_(
                 "Client authentication setting %s requires a client CA "
                 "container reference.") %
diff --git a/octavia/hacking/checks.py b/octavia/hacking/checks.py
index b373b91165..aee11a188d 100644
--- a/octavia/hacking/checks.py
+++ b/octavia/hacking/checks.py
@@ -41,7 +41,7 @@ _log_translation_hint = re.compile(
 
 assert_trueinst_re = re.compile(
     r"(.)*assertTrue\(isinstance\((\w|\.|\'|\"|\[|\])+, "
-    "(\w|\.|\'|\"|\[|\])+\)\)")
+    r"(\w|\.|\'|\"|\[|\])+\)\)")
 assert_equal_in_end_with_true_or_false_re = re.compile(
     r"assertEqual\((\w|[][.'\"])+ in (\w|[][.'\", ])+, (True|False)\)")
 assert_equal_in_start_with_true_or_false_re = re.compile(
@@ -264,7 +264,7 @@ def check_line_continuation_no_backslash(logical_line, tokens):
 
 
 def revert_must_have_kwargs(logical_line):
-    """O347 - Taskflow revert methods must have \*\*kwargs.
+    """O347 - Taskflow revert methods must have \\*\\*kwargs.
 
     :param logical_line: The logical line to check.
     :returns: None if the logical line passes the check, otherwise a tuple
diff --git a/octavia/tests/unit/certificates/generator/test_local.py b/octavia/tests/unit/certificates/generator/test_local.py
index 16afc6a543..dd73e4f800 100644
--- a/octavia/tests/unit/certificates/generator/test_local.py
+++ b/octavia/tests/unit/certificates/generator/test_local.py
@@ -81,7 +81,7 @@ class TestLocalGenerator(local_csr.BaseLocalCSRTestCase):
         should_expire = (datetime.datetime.utcnow() +
                          datetime.timedelta(seconds=2 * 365 * 24 * 60 * 60))
         diff = should_expire - cert.not_valid_after
-        self.assertTrue(diff < datetime.timedelta(seconds=10))
+        self.assertLess(diff, datetime.timedelta(seconds=10))
 
         # Make sure this is a version 3 X509.
         self.assertEqual('v3', cert.version.name)
@@ -126,7 +126,7 @@ class TestLocalGenerator(local_csr.BaseLocalCSRTestCase):
         should_expire = (datetime.datetime.utcnow() +
                          datetime.timedelta(seconds=2 * 365 * 24 * 60 * 60))
         diff = should_expire - cert.not_valid_after
-        self.assertTrue(diff < datetime.timedelta(seconds=10))
+        self.assertLess(diff, datetime.timedelta(seconds=10))
 
         # Make sure this is a version 3 X509.
         self.assertEqual('v3', cert.version.name)
diff --git a/octavia/tests/unit/common/sample_configs/sample_configs.py b/octavia/tests/unit/common/sample_configs/sample_configs.py
index 8606fd31a5..38dfed951c 100644
--- a/octavia/tests/unit/common/sample_configs/sample_configs.py
+++ b/octavia/tests/unit/common/sample_configs/sample_configs.py
@@ -967,7 +967,7 @@ def sample_l7rule_tuple(id,
         type = constants.L7RULE_TYPE_SSL_DN_FIELD
         compare_type = constants.L7RULE_COMPARE_TYPE_REGEX
         key = 'STREET'
-        value = '^STREET.*NO\.$'
+        value = r'^STREET.*NO\.$'
         invert = True
         enabled = True
     if sample_rule == 10:
diff --git a/octavia/tests/unit/test_hacking.py b/octavia/tests/unit/test_hacking.py
index 31c682de83..48d8bb88ee 100644
--- a/octavia/tests/unit/test_hacking.py
+++ b/octavia/tests/unit/test_hacking.py
@@ -71,7 +71,7 @@ class HackingTestCase(base.BaseTestCase):
         return check_fns
 
     def test_factory(self):
-        self.assertTrue(len(self._get_factory_checks(checks.factory)) > 0)
+        self.assertGreater(len(self._get_factory_checks(checks.factory)), 0)
 
     def test_assert_true_instance(self):
         self.assertEqual(1, len(list(checks.assert_true_instance(
diff --git a/test-requirements.txt b/test-requirements.txt
index 191e63b409..62b6619b05 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,7 +1,7 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
+hacking>=1.1.0 # Apache-2.0
 requests-mock>=1.2.0 # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0
 flake8-import-order==0.12 # LGPLv3