- Migrate MDproxy with admin user
- When creating the dhcp server config post migration it should be done with
with the admin uer and not the openstack principle identity
- Select Tier1 locale-service id even if there is no edge cluster
Change-Id: I68c184d245e50e363bcf5b53ea71cce661ee7aa3
replace indirect call the SR removal with a direct one
(The indirect call via _core_plugin also works)
Change-Id: Ie379cbda369f7d45818275294f10e05cb9a7ef3b
If the LB has an external vip, the member must have a local subnet-id
connected to a router with an uplink,
or the member must have an IP which is a FIP address
In addition, remove one leftover log, and remove a lock on router
id when it is None
Change-Id: Iefb492e43b5cc47a84ce82e4dfbcb0d1e5e6bffe
Before starting the migration, check for unsupported configurations
that will fail the migration.
Currently those include:
- Tier0 with BGP disabled and BGP rules
- DFW/Edge firewall sections witl 1500 rules or more
Change-Id: I702417c287b629844f2b8e1adda98b137e1ee9ff
This patch will allow moving neutron from using the nsx_v3 plugin to the nsx_p plugin.
This includes:
- admin utility to move all resources to the policy api:
nsxadmin -r nsx-migrate-t2p -o import (--verbose)
This utility will:
-- Migrate all neutron used & created resource using the nsx migration api
-- roll back all resources in case it failed
-- post migration fix some of the policy resources to better match the expectation
of the policy plugin
- admin utility that will cleanup left overs in the nsx_v3 db:
nsxadmin -r nsx-migrate-t2p -o clean-all
(can be used, but everything should work without calling it as well)
- Some minor changes to the policy plugin and drivers to allow it to handle migrated resource
which are a bit different than those created with the policy plugin
-- Delete DHCP server config once a migrated network is deleted
-- Update LB L7 rules by their name suffix as their full display name is unknown
Change-Id: Ic17e0de1f4b2a2d95afa61ce33ffb0bc9e667b89
1. Make the validation optional (If False - only log the warnings)
2. Validate each resource against all clusters and fail only if not
connected to any
Change-Id: I9abd091fc42d4dbe22e1b806df4d9131ab054726
The admin utilities usually run with the default config files:
/etc/neutron/neutron.conf and /etc/neutron/plugins/vmware/nsx.ini
In order to run it with custom files you can use:
nsxadmin --config-file <neutron conf path> --config-file <nsx conf path>
Change-Id: I0c75f0a616d8016a840611edab1e3b3edb53c4ad
Commit I475a5c984aed7b6cae26951e64971ec463a43c5e
changed the error handling of this api, so the plugin will need to handle the errors
Change-Id: I1ba3d0a64793674c97c62f6ff26fa00e34a7c4fe
In some cases the edge policy ids are different from the nsx ids.
Since validation is using those ids with the nsxlib objects, the nsx ids
should be used.
In addition - Do not fail plugin init or neutron action when failing to get
the transport nodes. Just issue a warning
Change-Id: I080ac86b1cebf66f11749c5256d1885a9bc7ef9f
Make sure to set the DHCP config only if there is a dhcp server ip.
Missing ip can happen during the process of deleting a subnet.
Change-Id: I1e8071935a01a7e07732c5033744f74769210043
When deleting a listener which doesn't exist in the backend, the call
shouldn't fail but delete from OpenStack DB and issue an error to the
log file.
Change-Id: I1ee816d82986a651ea2889b1a4a74889e8724dbb
Upon sunbet update and create, validate that the GW:
- has the same ip versions the network
- is part of the network
- In case of ipv6, match the NSX limitations
Change-Id: I21ef0a313569e8d025fe31c934c57ce2d54f2fec
The loadbalancers using the router LB service will be marked on
a new tag on the NSX service.
Also adin an admin utility to update existing Lb services with the tag.
Change-Id: I6c38b45e4d683681a6915fd07ca296264c7d2495
There is no need to validate the nsx provider network
(LS/segment already created on the NSX) against the MDproxy
Change-Id: I375c2cf81a3cf82c5954b6f5898e51e9fde661e9
Commit I7e68c9d0e40e03c0e3e708e04c996fdceed56df4 fixed the sg rule quota
issue in the admin utilities tests, instead of in their mock plugins
Change-Id: I95b6411e960c62def3bbc6a9d7b6cdd92fc4aa92
