When deleting a firewall, errors like shared router attached to the FW
should be ignored, to allow the router deletion
Change-Id: I1c1d62418dbea5c9162fc7c84ee517928d4b12ee
- Refactor nsx-v3 admin utilities by moving some of the code to a different
file which will later be consumed by the housekeeper code as well
- Adding orphaned firewall sections list/clean utilities
- Adding a capability to detect problems in logical port address bindings
- Update the documentation
Change-Id: If6aba167c2dd1234d1bb10a8a115fcdfe13cf2f0
In commit I0775e284f21012a01298168d5ca3dd1c74b95f05 we mocked the
db retry in order to prevent duplications in global SG creation
causeing the plugin to fail.
The mocked api was not enough, and should be replaces by teh oslo_db
api to cover all cases.
Change-Id: I31dfc519fc52c31d861352763b5b4d62adcbccea
For the TVD drivers, we need to get the relevant V/V3 core plugin
This support was neglected when we refactored the LBaaS drivers
recently.
Change-Id: I02c96ccdd23d1470c6d8a3945c6e0dea071a20d2
This patch is part of the community goals to enable python 3 first, and
only use python 2 when explict.
To do so, this patch:
- Makes python 3 the default env for non py27 tox targets.
- Adds a py3-dev target for running py3 locally.
- Refactors the pip install commands for stable dependency install into
their own target and refs them where needed.
- Updates the code to pass pep8 in python 3.
- Bumps the version of pylint to 1.7.1 to address some py3 issues in
earlier versions.
As part of this effort we should also look into making python 3 the
default for our VMware NSX 3rd party CI jobs.
Change-Id: Ibaa3e9d717f32ffb6479346163c14d4be7df50cf
In case the NSX backend fails to update the logical switch the plugin
should roll back the changes.
The availability_zones_hints attribute of the network, that should not
be updated at all, faild this action.
Change-Id: Iaa4f675cbaad4e40f65b296c934ab6a8c1a0918c
Adding implementation for the LBaaS driver to update the backend
health monitor
In addition - add failure notification in the monitor create code
Change-Id: I96410f60835fd2920d4c53bab59725b8d0d147ef
As a consequence of implementing multiple port bindings in the Neutron
reference implementation [1], the following attributes were made lists:
- 'port_binding' in the in the SQLAlchemy Port model.
- 'binding' in the Port OVO
As a consequence of this change, these attributes names were changed to
'port_bindings' and 'bindings' respectively. This patch updates the
references to those attributes.
To support neutron envs, both with and without the neutron change [2],
this patch adds a shim to use the proper port binding accessor.
NB: this shim may allow the tests to pass but does not test using the
proper "depends on" approach since that doesn't work today with the 3rd
party VMware NSX CI.
For more details see [1][2].
[1] https://review.openstack.org/#/c/571041
[2] https://review.openstack.org/#/c/414251
Change-Id: I35c24b83150d84a15997c5ebe3e7b51015f87e99
This patch updates tox ini to support both a dev and build target;
lower-constraints-dev and lower-constraints respectively.
The dev target is for running locally so it manually installs the
required projects whereas the build target doesn't as per zuul's
required project definition in project.yaml.
Also see https://review.openstack.org/#/c/573386/
Change-Id: I0e6cf1ca0f4b07c080ff5a7b221dabedfd8bf6cf
This patch updates our local zuul.yaml to define the required projects
so they are pulled into the jobs.
Change-Id: I1e668f9413363954f148f35f88c4c0687ce4f2c0
In LBaaS legacy mode we use the exclusive router edge as platform for
neutron LBaaS.
The following patch addresses two issues in this mode:
- In the legacy code, LBaaS driver maintained a DFW section which allows
traffic between the LB and its members. This code wasn't added when we
added the legacy mode.
- The original code had a bug which failed to cleanup these DFW rules when
a pool or members were deleted. The patch adds an admin utility which
cleans up such stale DFW rules.
Change-Id: I1c95ec6292e6cf50641581a65cbb4bdf8942aa8f
Some out hte unittests have DB errors while trying to insert badly
formatted entries to the DB.
This was the results of Mocks returning the wrong type of output,
or just a mock object.
Change-Id: Ia67f91672ef07885fe27865e75ad1ac860e15d40
Depends-on: Ia0d3b58b7e66aead01f1dcaa53b67129cb98a60b
The recent Octavia preparation caused the LB drivers not to have
a core_plugin property which fails the on-router-action callbacks.
This patch will address it.
Change-Id: I6b2c98bd605ff33bf173911898267a8ed3f7045f
Currently the plugin does not support shared routers with FWaaS firewalls.
So it should fail when the user tries to change the type of a
router with a firewall to 'shared'.
Depends-on: Ib31210121a56561fb33a8ed0a1fbbdf6b01db727
Change-Id: Ieeed46ffd7309a8a8d423e44f766fec5f47b6184
Commit I4ebd24f1b13eb823c4d63452fd37cace5bcf5481 moved some files
that the FWaaS callbacks import.
Change-Id: Iec0d68f2d62f1f32e12e09db40253f5545f8fcec
When trying to add interface to another distributed
router, a proper message should notify the user
that this is incorrect and not supported.
Change-Id: If9230c821665813939e676fbaafe296d42cac498
Signed-off-by: Michal Kelner Mishali <mkelnermishal@vmware.com>
Add a lock around operations that read LB pools from the backend
and adjust members to add/update/remove items.
This ensures that in case of concurrent operations no stale items
could be added back to the pool accidentally.
Change-Id: I91b5c1d9eb4493c0d19dadaca0af271d0a2afe5c
When a router is deleted, we check if any of its subnets is used
by LBaaS.
Since normally there are no subnets at this point, the check fails.
Should verify the subnets existence in teh callback.
Change-Id: I2c23722e616a8a05f6fc6d24336356355b96ca9b
This patch bumps the neutron-lib required version to 1.16.0, mainly to
pick up the fix in https://review.openstack.org/#/c/574068/
Change-Id: I8c445f7214164ff91c1513cb019d37b167eb0c9f
Create internal drivers for each object that will use dictionaries
instead of objects, and will use a generic fail/success notifiers.
The LBaaS nsx-v/v3 drivers will translate the objects to dictionaries
and use the LBaaS callbacks for successful_completion and failed_completion.
Later we can add drivers for Octavia that will use the same internal
drivers.
Change-Id: I5f99f979bd5333ccfc781217379d217d611cb015
