4269 Commits

Author SHA1 Message Date
Zuul
d3aa8b2fc4 Merge "NSXP: Update Octavia with object statuses" 2020-07-07 07:31:35 +00:00
Zuul
012f9f6740 Merge "NSX|V3+P: Transalte nsxlib ServiceUnavailable exception" 2020-07-07 06:56:24 +00:00
Zuul
a486e558c5 Merge "NSX|P: Fix DHCP server onfig for migrated networks" 2020-07-06 14:56:06 +00:00
asarfaty
e4724a3a3c NSX|V3+P: Transalte nsxlib ServiceUnavailable exception
to HTTPServiceUnavailable

Change-Id: I5f9159368dfbb4a0935afc9b83d72aba2dfc58b2
2020-07-06 12:24:40 +02:00
Zuul
c6bf85ef63 Merge "NSX|P: Verify no ports before subnet deletion" 2020-07-06 07:25:55 +00:00
asarfaty
7a2cc3cbf9 NSX|P: Fix DHCP server onfig for migrated networks
Use existing dhcp server config in case adding a new subnet on a
migrated network

Change-Id: I78a22231ad2d6c0d76689e0c986d68433abbc223
2020-07-06 05:54:12 +00:00
Zuul
eeee8ba769 Merge "NSX|P: Issue proper error in external network creation" 2020-07-06 04:48:54 +00:00
asarfaty
9164613f49 NSX|P: Issue proper error in external network creation
Change-Id: If9633b4e74d8a354ff93d2a75968d41cee0f8ad3
2020-07-05 10:42:28 +02:00
asarfaty
7212f1f1bb NSX|P: Verify no ports before subnet deletion
Change-Id: I8b20457279d5e6cbc09a4f285b43c7e92b9c67df
2020-07-05 10:27:02 +02:00
asarfaty
3fabb980ce MP2P migration: check unsupported services pre migration
Change-Id: I7cfeec89a48c40cd65b199286f22903c4267f57e
2020-07-05 10:08:55 +02:00
asarfaty
698309bc35 MP2P migration: fix post migration code
Skip updating GW for neutron subnets without a gateway

Change-Id: I617b7c70a6e6711ef69b81912ee6312a29340f6c
2020-07-05 05:30:22 +02:00
asarfaty
373090daa2 NSX|P: fix syntax error in plugin
Change-Id: I2b97e1ba218d37139e24d1d76bef7e1353d84377
2020-07-02 16:36:33 +02:00
Zuul
a845675574 Merge "NSX|P: Fix post migration segment dhcp" 2020-07-02 10:25:20 +00:00
Zuul
efd8ddcac6 Merge "NSX|P: Fix certificate secret to use the correct password" 2020-07-02 10:13:06 +00:00
Kobi Samoray
2d5b7422ed NSXP: Update Octavia with object statuses
Send object updates about statuses: loadbalancers, listeners, pools, and members.

Change-Id: Ifd893818c2ddb1325f3bed9f618b72754ed0689f
2020-07-02 08:33:14 +00:00
Zuul
d366383af6 Merge "NSX|P: Fix listener create & update" 2020-07-02 07:50:23 +00:00
asarfaty
fad279721d NSX|P: Fix post migration segment dhcp
Migrated segments have different dhcp server config.
When updating the segment, the correct one should be used as changing
it is not allowed

Change-Id: I64a5bfec0da892bcd3cdee6ab1fe0c6466655711
2020-07-02 07:27:21 +02:00
asarfaty
d553f307ed NSX|P: Fix certificate secret to use the correct password
DbCertificateStorageDriver should use the pk_password from the
nsx_p config section and not from the nsx_v3 one

Change-Id: Ibe843e9e994bb679bdae68b0683aa36e2c78d891
2020-07-02 03:23:57 +00:00
asarfaty
1aa1013e8e MP2P migration: Few fixes
- Migrate MDproxy with admin user
- When creating the dhcp server config post migration it should be done with
with the admin uer and not the openstack principle identity
- Select Tier1 locale-service id even if there is no edge cluster

Change-Id: I68c184d245e50e363bcf5b53ea71cce661ee7aa3
2020-07-01 17:13:33 +00:00
asarfaty
321d5f440d NSX|P: Fix listener create & update
Use tags to find the lb service id from the loadbalancer id

Change-Id: Ic6a756aaa98c27362d34f3eff488864a4eedd036
2020-07-01 16:46:42 +02:00
Zuul
b662977ca2 Merge "NSX|P: fix vlan interface removal" 2020-07-01 04:50:09 +00:00
Zuul
5e0c3bf18a Merge "NSX|P: Support update of listener with certificate" 2020-06-30 21:14:14 +00:00
asarfaty
99deb2275a NSX|P: fix vlan interface removal
replace indirect call the SR removal with a direct one
(The indirect call via _core_plugin also works)

Change-Id: Ie379cbda369f7d45818275294f10e05cb9a7ef3b
2020-06-30 15:12:01 +00:00
Zuul
f5fb20d1cd Merge "NSX|P: Fix handling LB member on external subnet" 2020-06-30 13:18:41 +00:00
asarfaty
b0550ef194 NSX|P: Fix handling LB member on external subnet
If the LB has an external vip, the member must have a local subnet-id
connected to a router with an uplink,
or the member must have an IP which is a FIP address

In addition, remove one leftover log, and remove a lock on router
id when it is None

Change-Id: Iefb492e43b5cc47a84ce82e4dfbcb0d1e5e6bffe
2020-06-30 08:26:58 +02:00
asarfaty
311eb4e175 NSX|P: Support update of listener with certificate
Change-Id: Ia32a61eae8456a6c8f0f475e9bcc58da88af29e1
2020-06-30 05:43:46 +00:00
asarfaty
60939ea1d0 MP2P migration: Add pre migration check
Before starting the migration, check for unsupported configurations
that will fail the migration.
Currently those include:
- Tier0 with BGP disabled and BGP rules
- DFW/Edge firewall sections witl 1500 rules or more

Change-Id: I702417c287b629844f2b8e1adda98b137e1ee9ff
2020-06-29 13:21:01 +02:00
asarfaty
b95e53a28d MP2P migration: improve logging
Add logfile option, use verbose to decide on logging level, and
add timestamp to logfile lines

Change-Id: I26a1d41b321044e7ba93a44f4ae6f083af3fe1ed
2020-06-29 11:56:59 +02:00
asarfaty
1891dbc1dd MP2P migration support for LB certificates
Add migration of LB certificates + some more minor fixing

Change-Id: I67dc0dc5f7b09c147a2a4715f6240a8a0556e565
2020-06-28 12:33:21 +02:00
Adit Sarfaty
0bad4876dc T2P migration
This patch will allow moving neutron from using the nsx_v3 plugin to the nsx_p plugin.
This includes:
- admin utility to move all resources to the policy api:
  nsxadmin -r nsx-migrate-t2p -o import (--verbose)
  This utility will:
  -- Migrate all neutron used & created resource using the nsx migration api
  -- roll back all resources in case it failed
  -- post migration fix some of the policy resources to better match the expectation
     of the policy plugin
- admin utility that will cleanup left overs in the nsx_v3 db:
  nsxadmin -r nsx-migrate-t2p -o clean-all
  (can be used, but everything should work without calling it as well)
- Some minor changes to the policy plugin and drivers to allow it to handle migrated resource
  which are a bit different than those created with the policy plugin
  -- Delete DHCP server config once a migrated network is deleted
  -- Update LB L7 rules by their name suffix as their full display name is unknown

Change-Id: Ic17e0de1f4b2a2d95afa61ce33ffb0bc9e667b89
2020-06-23 09:03:23 +00:00
Zuul
bc54e93478 Merge "NSX|V: Fix init connectivity validation" 2020-06-22 15:01:29 +00:00
asarfaty
4effe88ac6 NSX|V: Fix init connectivity validation
1. Make the validation optional (If False - only log the warnings)
2. Validate each resource against all clusters and fail only if not
   connected to any

Change-Id: I9abd091fc42d4dbe22e1b806df4d9131ab054726
2020-06-22 11:46:05 +02:00
asarfaty
3f6653d7f9 NSX|V3+P: prevent overlapping address pairs
Change-Id: Ic5c1cad47a5b646a1404b3bd94f11922598268c4
2020-06-21 16:15:18 +00:00
asarfaty
419b3b56c1 Fix default args in nsxadmin
Commit I0c75f0a616d8016a840611edab1e3b3edb53c4ad removed
the selected -r / -o by mistake

Change-Id: I2b017e3642f07908086a46baf9fe1c6cc8544fb1
2020-06-21 10:22:01 +02:00
Zuul
d8aa8db80c Merge "Support custom config files in admin utilities" 2020-06-20 05:08:05 +00:00
Zuul
367773a8e5 Merge "NSX|V3+P: Fix listener creation when LB has no name" 2020-06-19 14:36:09 +00:00
Zuul
23d54dae93 Merge "Catch nsgroup deletion exceptions and log" 2020-06-19 09:45:55 +00:00
Zuul
2ec54160a2 Merge "NSX|P: Use silent gets for neutron nsx profiles get" 2020-06-19 09:45:54 +00:00
Zuul
9bcbee31bc Merge "NSX|P: use edge nodes nsx ids for validation" 2020-06-18 14:36:40 +00:00
asarfaty
fdd9681740 NSX|V3+P: Fix listener creation when LB has no name
Change-Id: Idaa39e140a724d01892e6c29a914d47ec4f5b18a
2020-06-18 15:36:55 +02:00
asarfaty
8f23198533 NSX|P: Use silent gets for neutron nsx profiles get
Change-Id: Id461029d07d217f1cc7e0ef52f9fcfefc604f71c
2020-06-18 12:34:39 +00:00
asarfaty
ed6bd1f4e9 Support custom config files in admin utilities
The admin utilities usually run with the default config files:
/etc/neutron/neutron.conf and /etc/neutron/plugins/vmware/nsx.ini

In order to run it with custom files you can use:
nsxadmin --config-file <neutron conf path> --config-file <nsx conf path>

Change-Id: I0c75f0a616d8016a840611edab1e3b3edb53c4ad
2020-06-18 13:37:50 +02:00
asarfaty
2866341f7c NSX|P: Remove redundent logs when updating fwaas groups
Change-Id: Ia814adae63c76c1e54c55ba98ea51a4d569eeeb1
2020-06-16 09:35:26 +02:00
asarfaty
4a0b872d77 Catch nsgroup deletion exceptions and log
Commit I475a5c984aed7b6cae26951e64971ec463a43c5e
changed the error handling of this api, so the plugin  will need to handle the errors

Change-Id: I1ba3d0a64793674c97c62f6ff26fa00e34a7c4fe
2020-06-15 16:31:24 +02:00
asarfaty
f741e10ba4 Remove FWaas rules table from migration unit tests
Change-Id: I4d9480f1e4d9b71c0afebe6c9fa4b067f7bc5bc4
2020-06-15 11:11:29 +02:00
asarfaty
b132650794 NSX|P: use edge nodes nsx ids for validation
In some cases the edge policy ids are different from the nsx ids.
Since validation is using those ids with the nsxlib objects, the nsx ids
should be used.

In addition - Do not fail plugin init or neutron action when failing to get
the transport nodes. Just issue a warning

Change-Id: I080ac86b1cebf66f11749c5256d1885a9bc7ef9f
2020-06-10 10:43:00 +02:00
asarfaty
04c79ec662 NSX|P: update dhcp config on segent subnet
Make sure to set the DHCP config only if there is a dhcp server ip.
Missing ip can happen during the process of deleting a subnet.

Change-Id: I1e8071935a01a7e07732c5033744f74769210043
2020-06-09 11:51:11 +02:00
asarfaty
a29d498b49 NSX|V3+P: Support ipv4 CIDR in allowed address pairs
Change-Id: Ifabf9451cd0d530677c8cb7da7d76a6878e5fae5
2020-06-07 10:37:43 +00:00
Zuul
8a7ec0d50b Merge "NSXV: allow DHCP reply on DHCP edges" 2020-06-04 06:34:06 +00:00
Kobi Samoray
279b3ef225 NSXT LB: handle listener deletion failures
When deleting a listener which doesn't exist in the backend, the call
shouldn't fail but delete from OpenStack DB and issue an error to the
log file.

Change-Id: I1ee816d82986a651ea2889b1a4a74889e8724dbb
2020-06-02 08:31:45 +00:00