9046 Commits

Author SHA1 Message Date
Jenkins
7ece23f5ee Merge "NSX|v3 update_port on backend only if it was created on backend" 2016-03-02 14:15:34 +00:00
Kobi Samoray
42342b3cfa Translate LBaaS TERMINATED_HTTPS to NSX equivalent
When LBaaS specifies protocol as TERMINATED_HTTPS, NSX Edge should be
configured with protocol-type=https.
Also, as Edge supports HTTPS without termination as well, we do not need
to use TCP as protocol type for HTTPS as well.

Change-Id: I16ae69537706862634e1f1bda3be6ae0aeb052d3
2016-03-02 09:02:12 +00:00
Adit Sarfaty
f7eae6fe00 NSX|v3 update_port on backend only if it was created on backend
Otherwise updating ports on external networks may crash.

Change-Id: Idcbe1c588e762826c1caa2db3ac72858143a7507
2016-03-02 08:21:19 +02:00
Jenkins
e3fd04ea1b Merge "Fix router intf port deleted when are in use" 2016-03-02 04:05:18 +00:00
Jenkins
c751dce4c8 Merge "NSX|V3: use oslo_serialization instaed of json import" 2016-03-02 02:10:57 +00:00
Shih-Hao Li
bba54fe4b9 NSX|V3: Add support for vxlan in provider:network_type
Add vxlan enum in tz_network_bindings table, thus it can be
used for provider:network_type.

Also make provider:network_type required when creating a
provider network.

Change-Id: I4f07cea2149964c75eb72d6acf7b8fc5fcba4044
2016-03-01 21:07:09 +00:00
Kobi Samoray
2da087a8a2 Change length of cert_id field to 128
Patch https://review.openstack.org/#/c/259534 have modified the length
of the id fields for the certificates in neutron-lbaas.
Id field in vmware-nsx should match the length in neutron.

Change-Id: I25d868747c79dcaaeb5691b8cc1cf3cacf804de7
2016-03-01 11:42:52 +00:00
Gary Kotton
3f37015b08 NSX|V3: fix broken unit tests
Skip the new test test_route_update_with_external_route. This was
added by commit 3d5d378769f0715e3254ac00b6f091a6f9f6960b. This
is not supported by the plugin.

Change-Id: I9c96736162bd8ba92fb32e88ebd82f39ae4adbf5
2016-03-01 00:57:11 -08:00
Gary Kotton
c7b529e775 NSX|V3: use oslo_serialization instaed of json import
TrivialFix

Change-Id: I38b88c687a883e260a976855f7fbf21fb0dc5ee6
2016-02-29 04:07:40 -08:00
linb
4d90e8949c Fix router intf port deleted when are in use
When trying to delete router interface which is in use such as FIP
case, the request should be rejected and we should not delete the port
the backend.
Fixes-Bug: #1548624

Change-Id: I3a77f7dd47faca84e15950f40cc43a74d24ffab9
2016-02-28 15:27:29 +00:00
OpenStack Proposal Bot
2fabb839a6 Updated from global requirements
Change-Id: I4b99a84ee8d7811a81269e09384f4ff964c49b0d
2016-02-28 10:15:38 +00:00
Alex Kang
9dd37f8241 [Tempest]: fix upstream remove commands module
Make copy_file_to_host to test module as upstream
remove the command module.

Change-Id: I904d53e24d337d650731deb834dcba1e3cc4386b
2016-02-28 09:04:29 +00:00
Gary Kotton
33d72e2745 NSXv: fix broken unit tests
Commit 8052c3985325e9067d83496936092ee9334df75b broke the unit
tests for the NSXv plugin. The tests added upstream updated
the MAC address and this is not supported and should be skipped
in the NSX|V

Co-Authored-By: Aaron Rosen <aaronorosen@gmail.com>

Change-Id: I876e7f74e74bd48430cdd42ab7c5533e495e9a49
2016-02-28 00:22:50 -08:00
Jenkins
9a27261384 Merge "Add internal metadata network on demand" 2016-02-26 19:27:44 +00:00
Jenkins
bd6b854d5f Merge "nsx_v3: Move db access in update_port under same update transaction" 2016-02-26 14:51:34 +00:00
Jenkins
c64554eefe Merge "Tempest: Add placeholder for common tempest tests" 2016-02-26 02:20:12 +00:00
Jenkins
2b3eed13c1 Merge "Apply routes on VDR's PLR when no-snat is enabled" 2016-02-26 01:23:44 +00:00
Tong Liu
364044e200 Tempest: Add placeholder for common tempest tests
Some of the api/scenario tempest tests are common across all NSX
plugins. Instead of putting one under each plugin test directory,
create api and scenario folders as a placeholder for all tests
that all common across the plugins.

Change-Id: Ife53c86699942a6ad47bf0a49eb3c2190b9b64f5
2016-02-25 22:36:47 +00:00
Shih-Hao Li
61c19f3e9c Add internal metadata network on demand
Previously, an internal metadata network is created
for a router whenever a subnet is attached to this router.
The purpose of this internal network is to help processing
metadata requests from instances on DHCP-disabled networks.

This commit adds a config option to create internal metadata
networks only when a DHCP-disabled subnet is attached to a router.
This will help saving system resources because each metadata
network consumes one DHCP name space.

Change-Id: Ia56050b3f431dbd65bb39da29ba6dbf8e62e36ea
2016-02-25 13:10:15 -08:00
Aaron Rosen
0c2cda0859 nsx_v3: Move db access in update_port under same update transaction
Change-Id: I576aa62cf776bfa75c8dcb6d019796260856dc48
2016-02-25 12:39:02 -08:00
Kobi Samoray
1fe18c91b4 Apply routes on VDR's PLR when no-snat is enabled
When creating a router with --no-snat option, routes were not published
to PLR and therefore returning traffic could not reach the TLR.
This patch addresses this issue

Change-Id: I50f7015547a9461da0d2e5cff6d8a3f3ca41c1e0
2016-02-25 14:54:33 +02:00
Jenkins
56be50105f Merge "[Tempest]: NSX-v dhcp service is not reachable" 2016-02-25 03:23:01 +00:00
Jenkins
98df3e7cb3 Merge "Updated from global requirements" 2016-02-24 15:46:52 +00:00
Jenkins
0f5d09837c Merge "[NSX-v]: Use oslo_serialization for jsonutils" 2016-02-24 11:47:20 +00:00
OpenStack Proposal Bot
fd57d04910 Updated from global requirements
Change-Id: I335ba396a347866bc50eaeb78ffd926a35f0182b
2016-02-24 08:38:56 +00:00
Jenkins
4e636f176d Merge "Revert "Move router db call ahead of backend call"" 2016-02-24 04:24:10 +00:00
Bo Lin
eb95abb7c0 Revert "Move router db call ahead of backend call"
This reverts commit e4f1f85d1c9e6a0d1e80d65ea7e5a62e56bdcc5b.

Change-Id: I302496a639157abce3521ca369ad15f9ba00deef
2016-02-24 03:08:56 +00:00
Jenkins
732cea39fa Merge "Move remove_router_interface_info db call ahead of backend call" 2016-02-23 21:30:29 +00:00
linb
e4f1f85d1c Move remove_router_interface_info db call ahead of backend call
This patch moves remove_router_interface_info db call ahead of backend
call so that any validation check can be executed before calling
backend.
Fixes-Bug: #1548624

Change-Id: I34052efb5a39c40987d720720cb62c292d0b4859
2016-02-23 16:28:21 +00:00
Alex Kang
7b218a962d [Tempest]: NSX-v dhcp service is not reachable
1. remove test_network_basic_ops from tempest-scenario suite.
2. test_network_basic_ops in nsxv/scenario that overwrite the
   checking_network_internal_connectivity to by-pass dhcp
   service tests.
3. skip test_update_instance_port_admin_state by set
   port_admin_state_change = False
   under network-feature-enabled session

Change-Id: Iede18daa61f9e5211a6669edb72778696011223b
2016-02-23 08:19:27 -08:00
linb
735fdc50b0 Fix vdr interface deletion sometime failed error
Sometimes vdr interface deletion rest call would fail due to NSX
manager's internal handle error. Once it happened, DB inconstency may
occur. The patch fixed the bug by adding retrying method to ensure
deletion rest call can finally be executed at the backend.

Change-Id: I9e5ded204dbd22771f79eedab50f56f9a456f4cd
2016-02-23 11:58:35 +00:00
Jenkins
905695951e Merge "Revert "NSX-T separate the neutron network id from nsx network id"" 2016-02-23 11:53:26 +00:00
garyk
f0772e2207 Revert "NSX-T separate the neutron network id from nsx network id"
This reverts commit 3d9b3610ebbb97b90ef8e219df18a0ab137cfe0f.

We need to revert this as it break Nova. The reason is that Nova gets the network-id and expects that that be the ID of the NSX network...

Change-Id: I0e8db2dd5504e8b60f278d4664f80749e557dca5
2016-02-23 07:43:09 +00:00
Gary Kotton
4dc5481bd7 NSX|V and NSX|V3: add in support for 'subnet_allocation' extension
Add in support for the aforementioned extension.

Change-Id: I139758e4fdd0b9a8c3613aa5fd68fa86dd041472
2016-02-22 07:20:01 -08:00
Gary Kotton
93934a7221 NSX|V fix broken unit tests
Commit b6126bc0f17f348ff6303b9bd6041cb018479ef9 broke the V
unit tests.

Change-Id: I31f5817ef5d181237475114e44fd371bcefc866e
2016-02-22 00:23:35 -08:00
Jenkins
b6a1c2d3d8 Merge "Reorganize locking for NSXv" 2016-02-22 02:33:57 +00:00
Jenkins
7e726b258e Merge "NSXv: Add DNAT rules for the interfaces of the shared routers" 2016-02-21 10:41:00 +00:00
OpenStack Proposal Bot
f557384b81 Updated from global requirements
Change-Id: Ibf9a959d0adfd2e058572f6af5450cb357716bc2
2016-02-20 22:02:09 +00:00
Abhishek Raut
38df73bf51 [NSX-v]: Use oslo_serialization for jsonutils
Change-Id: I3ce18732d39a1a89a390c76c53d363024ba45790
2016-02-19 21:54:52 -08:00
Jenkins
7e5fde4cb7 Merge "NSX-v3 disable psec per port" 2016-02-19 07:56:29 +00:00
Jenkins
0fdeb8b9a7 Merge "Don't assume backend resource was created if no ManagerError raised" 2016-02-19 03:17:13 +00:00
Jenkins
75631aa8f8 Merge "NSX-T separate the neutron network id from nsx network id" 2016-02-18 21:42:36 +00:00
Jenkins
edd6625632 Merge "nix.ini: fix typos" 2016-02-18 21:42:22 +00:00
Jenkins
49c83bc142 Merge "Multiple Transport Zones Scenario Tests" 2016-02-18 17:09:28 +00:00
Jenkins
2c02718154 Merge "Add force=true option to NSgroups DELETE call" 2016-02-18 14:52:50 +00:00
Roey Chen
6f68b51626 Don't assume backend resource was created if no ManagerError raised
A backend call may fail with ServiceClusterUnavailable, which is not a
ManagerError, therefore, we should not assume that backend resources were
succesfully created if no ManagerError was raised.

This patch only changes the create_security_group method with that
logic, other methods may also require a similar change.

Change-Id: I0170b910f246e8bb0d05fca12d4d8de3cbb26a4f
Closes-Bug: #1546474
2016-02-18 06:33:08 -08:00
Gary Kotton
f9504e3789 nix.ini: fix typos
TrivialFix

Change-Id: Ib19f06a2a1070e1bccd482af8dfc72009d619665
2016-02-18 03:19:04 -08:00
Kobi Samoray
34475f4fc4 Reorganize locking for NSXv
Do the following for NSXv locking:
- Drop external=True from get_lock() calls: this is redundant as
 locking wrapper appends this anyway.
- Add locking for distributed router module.
- Use edge-id as lock id when locking various edge attributes.
- Drop the use of lock_file_prefix as it is not supported by
 distributed locking.

Change-Id: I13115f65a89d5fae507f87f7fb1ac096089e385a
2016-02-18 11:35:43 +02:00
asarfaty
3d9b3610eb NSX-T separate the neutron network id from nsx network id
Create a separate network (logical switch) id from the nsx-t,
keep it in the db binding table, and use it later for update/delete
network actions.
This also removes an extra call to update the backend when creating
a network.

Change-Id: I56188e3b0aa80cf46013afe1c1c6013489007c05
2016-02-18 11:00:45 +02:00
Alex Kang
ef9f87f51a Multiple Transport Zones Scenario Tests
Initial release of MTZ scenario test cases.
Those tests validate VMs booted from networks with different TZs
and be able to reach others under shared or exclusive routers.

Change-Id: I4b71976b663c978c33a801b29c58b320c2348b53
2016-02-17 18:11:18 -08:00