summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | | | Fix L3 HA network creation to allow user to create routerSachi King2014-11-112-5/+30
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update HA Network creation to use an admin context to allow Neutron to create the tenant-less network required for the HA router when it does not yet exist and is being created by a non-admin user. Neutron creates these resources without a tenant so users cannot see or modify the HA network, ports, etc. Port creation and association already use elivated admin contexts to allow their function when an user attempts to create a HA L3 router. Conflicts: neutron/tests/unit/db/test_l3_ha_db.py Change-Id: I36166158a0970b8d08d6702054b11a43fb684281 Closes-Bug: #1388716 (cherry picked from commit cc9bc24229f1d79dc99303db1affc03c030c011e)
* | | | | Remove openvswitch core plugin entry pointCedric Brandily2014-11-111-1/+0
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The openvswitch core plugin has been removed but not its associated "neutron.core_plugins" entry point. This change removes it from setup.cfg. Change-Id: I79f7c334cdeb0f4d0d68743734f69c0ec8523467 Related-Bug: #1323729 Closes-Bug: #1391326 (cherry picked from commit f36c29903afb713670f9e7c3f9530e117dfc6bcb)
* | | | Merge "Set vif_details to reflect enable_security_group" into stable/junoJenkins2014-11-1110-38/+102
|\ \ \ \
| * | | | Set vif_details to reflect enable_security_groupRyota MIBU2014-11-0510-38/+102
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While plugging vif, VIFDriver in Nova follows "ovs_hybrid_plug" and "port_filter" in "binding:vif_detail" which is passed from Neutron, but those are always true. This patch make ML2 OVS mech driver set those param depends on enable_security_group flag. It enables users to avoid ovs_hybrid plugging. This patch also fixes the same issue in the following plugins/drivers: * NEC Plugin * BigSwitch Plugin * Ryu Plugin * ML2 Plugin - OFAgent Mech Driver Closes-Bug: #1336624 Change-Id: I2b7fb526a6f1b730ad65289307b24fd28b996e1b (cherry picked from commit e73f8da072cb41559ecee7f29f864a10db475444)
* | | | Allow to add router interface to IPv6 SLAAC networksridhargaddam2014-11-105-19/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch will allow an IPv6 subnet configured with SLAAC (or dhcpv6-stateless) to be attached to a router interface. Closes-Bug: #1382076 Change-Id: If0c48a7287a828eef4a0f0b0859d4f898d2937bd (cherry picked from commit 95accb535017f1384b38b12eb78f0e58287d8e08)
* | | | Merge "Big Switch: Fix SSL version on get_server_cert" into stable/junoJenkins2014-11-053-3/+7
|\ \ \ \
| * | | | Big Switch: Fix SSL version on get_server_certKevin Benton2014-10-303-3/+7
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ssl.get_server_certificate method uses SSLv3 by default. Support for SSLv3 was dropped on the backend controller in response to the POODLE vulnerability. This patch fixes it to use TLSv1 like the wrap_socket method. Closes-Bug: #1384487 Change-Id: I9cb5f219d327d62168bef2d7dbee22534b2e454e (cherry picked from commit 77e283c94f51e21dcf126a316098c54a7cdfca0f)
* | | | Merge "Create DHCP port for IPv6 subnet" into stable/junoJenkins2014-11-052-2/+18
|\ \ \ \
| * | | | Create DHCP port for IPv6 subnetXu Han Peng2014-10-292-2/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a bug in dhcp agent code that when first port is created in an IPv6 subnet, DHCP port is not automatically created. This fix resolves this problem by removing the IP version check in configure_dhcp_for_network method. Change-Id: If3f405d367a7099d9f33d72d11ffcb7a393abe23 Closes-Bug: #1367500 (cherry picked from commit 1b66e11b5d8c0b3de0610ca02c3e10b6f64ae375)
* | | | | Fix sleep function callSamer Deeb2014-11-042-4/+2
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | Remove time.sleep method reference in class and use time.sleep directly. Change-Id: Ib4c02061b29c0d584d603746a78ab50922f781c3 Closes-Bug: 1375698 (cherry picked from commit 8e36ba8d24c198cb5e6c0e4ddc29a08904e3e10c)
* | | | Merge "Cisco N1kv: Remove vmnetwork delete REST call on last port delete" ↵Jenkins2014-10-302-2/+18
|\ \ \ \ | | | | | | | | | | | | | | | into stable/juno
| * | | | Cisco N1kv: Remove vmnetwork delete REST call on last port deleteAbhishek Raut2014-10-182-2/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove the vm network delete call to the VSM on final port call and ensure that vm network is deleted from the database when the port count becomes 0. Change-Id: I6c08a099adfce2fdba8eefec6aadeb68a780ac37 Closes-Bug: 1373547 (cherry picked from commit 4e1c4cbcd71833095534bea9ff7617c582c300d2)
* | | | | Merge "Race for l2pop when ports go up/down on same host" into stable/junoJenkins2014-10-293-28/+29
|\ \ \ \ \ | |_|/ / / |/| | | |
| * | | | Race for l2pop when ports go up/down on same hostVivekanandan Narasimhan2014-10-173-28/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With l2pop enabled, race exists in delete_port_postcommit when both create/update_port and delete_port deal with different ports on the same host, where such ports are either the first (or) last on same network for that host. This race happens outside the DB locking zones in the respective methods of ML2 plugin. To fix this, we have moved determination of fdb_entries back to delete_port_postcommit and removed delete_port_precommit altogether from l2pop mechanism driver. In order to accomodate dvr interfaces, we are storing and re-using the mechanism-driver context which hold dvr-port-binding information while invoking delete_port_postcommit. We loop through dvr interface bindings invoking delete_port_postcommit similar to delete_port_precommit. Closes-Bug: #1372438 Change-Id: If0502f57382441fdb4510c81a89794f57a38e696 (cherry picked from commit 3cd2163d5105faad389bee5175ef446f0bb90289)
* | | | | Merge "NSX: allow multiple networks with same vlan on different phy_net" ↵Jenkins2014-10-293-4/+22
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | into stable/juno
| * | | | NSX: allow multiple networks with same vlan on different phy_netAaron Rosen2014-10-283-4/+22
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the NSX plugin prevented one from creating multiple networks on the same vlan even if they were being created on different physical_networks. This patch corrects this issue and allows this to now occur. Closes-bug: 1367034 Change-Id: I343449648304328dffdd5ba070491e05686ee22d (cherry picked from commit 6d1f864531d169a54bc239561840176012629316)
* | | | Big Switch: Switch to TLSv1 in server managerKevin Benton2014-10-222-7/+11
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switch to TLSv1 for the connections to the backend controllers. The default SSLv3 is no longer considered secure. TLSv1 was chosen over .1 or .2 because the .1 and .2 weren't added until python 2.7.9 so TLSv1 is the only compatible option for py26. Closes-Bug: #1384487 Change-Id: I68bd72fc4d90a102003d9ce48c47a4a6a3dd6e03 (cherry picked from commit 62588957fbeccfb4f80eaa72bef2b86b6f08dcf8)
* | | Merge "Big Switch: Don't clear hash before sync" into stable/junoJenkins2014-10-221-2/+0
|\ \ \ | |_|/ |/| |
| * | Big Switch: Don't clear hash before syncKevin Benton2014-10-181-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the step of clearing the consistency hash from the DB before a topology sync. This will ensure that inconsistency will be detected if the topology sync fails. This logic was originally there to make sure the hash header was not present on the topology sync call to the backend. However, the hash header is ignored by the backend in a sync call so it wasn't necessary. Closes-Bug: #1379510 Change-Id: I2d58fa2aea3b692834d64192d06ace727c7df8a0 (cherry picked from commit 24e4110eb284078775496501ff81630eb1619c11)
* | | Merge "Use EUI64 for IPv6 SLAAC when subnet is specified" into stable/junoJenkins2014-10-202-28/+111
|\ \ \ | |/ / |/| |
| * | Use EUI64 for IPv6 SLAAC when subnet is specifiedXu Han Peng2014-10-172-28/+111
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit uses EUI64 for SLAAC and stateless IPv6 address when subnet id in fixed_ip is specified. After this patch, all the ports created on a subnet which has ipv6_address_mod=slaac or ipv6_address_mod=dhcpv6-stateless will use EUI64 as the address. This patch also checks if fixed IP address is specified for a IPv6 subnet with address mode slaac or dhcpv6-stateless during creating or updating a port. If yes, raise InvalidInput error to stop the port creation or update. Remove unit test test_generated_duplicate_ip_ipv6 because fixed_ip should not be specified for a slaac subnet. Change-Id: Ie481cfb2f4313baf44bf1a838ebda374a5c74c6a Closes-Bug: 1330826 (cherry picked from commit 3ba06618f79fed899188aac87a8694b3344ee995)
* | Opening stable/junoThierry Carrez2014-10-162-1/+2
|/ | | | | | | Bump version to next stable release on juno branch, and set defaultbranch in .gitreview for convenience. Change-Id: Ib6bd6b400ae15d5ae1bcb99b11221d58b9acae70
* Merge "Remove two sets that are not referenced" into proposed/juno2014.2.rc32014.2proposed/junoJenkins2014-10-142-29/+0
|\
| * Remove two sets that are not referencedCarl Baldwin2014-10-132-29/+0
| | | | | | | | | | | | | | | | | | | | The code no longer references the updated_routers and removed_routers sets. This should have been cleaned up before but was missed. Closes-bug: #1232525 Change-Id: I0396e13d2f7c3789928e0c6a4c0a071b02d5ff17 (cherry picked from commit edb26bfcddf9d9a0e95955a6590d11fa7245ea2b)
* | Merge "Forbid update of HA property of routers" into proposed/junoJenkins2014-10-141-1/+1
|\ \ | |/ |/|
| * Forbid update of HA property of routersAssaf Muller2014-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | While the HA property is update-able, and resulting router-get invocations suggest that the router is HA, the migration itself fails on the agent. This is deceiving and confusing and should be blocked until the migration itself is fixed in a future patch. Change-Id: I4171ab481e3943e0110bd9a300d965bbebe44871 Related-Bug: #1365426 Closes-Bug: #1378525 (cherry picked from commit 1fd7dd99ca7e5e9736200360aa354cada7fb43ff)
* | Add Juno release milestone2014.2.rc2Mark McClain2014-10-092-1/+37
| | | | | | | | | | | | Change-Id: Iea584b00329d9474c14847db958f8743d4058525 Closes-Bug: #1378855 (cherry picked from commit 4e8a5b7de71ba6f8c050c424613c025310498940)
* | Add database relationship between router and portsMark McClain2014-10-084-96/+249
| | | | | | | | | | | | | | | | | | | | Add an explicit schema relationship between a router and its ports. This change ensures referential integrity among the entities and prevents orphaned ports. Change-Id: I09e8a694cdff7f64a642a39b45cbd12422132806 Closes-Bug: #1378866 (cherry picked from commit 93012915a3445a8ac8a0b30b702df30febbbb728)
* | Disable PUT for IPv6 subnet attributesHenry Gessau2014-10-093-63/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In Juno we are not ready for allowing the IPv6 attributes on a subnet to be updated after the subnet is created, because: - The implementation for supporting updates is incomplete. - Perceived lack of usefulness, no good use cases known yet. - Allowing updates causes more complexity in the code. - Have not tested that radvd, dhcp, etc. behave OK after update. Therefore, for now, we set 'allow_put' to False for the two IPv6 attributes, ipv6_ra_mode and ipv6_address_mode. This prevents the modes from being updated via the PUT:subnets API. Closes-bug: #1378952 Change-Id: Id6ce894d223c91421b62f82d266cfc15fa63ed0e (cherry picked from commit 8a08a3cb47d0dd69d4aa2e8fa661d04054fe95ae)
* | Skip IPv6 Tests in the OpenContrail pluginSean M. Collins2014-10-091-14/+2
| | | | | | | | | | | | | | | | | | | | Similar to the way we are skipping tests in the OneConvergence plugin, introduced by Kevin Benton in 9294de441e684a81f6e802ba0564083f1ad319d6. Partial-Bug: #1378952 Change-Id: I1650b0708af73ce63e92c55bc842607bb69efe60 (cherry picked from commit 67962943969bc737a3f680a0defc2fc9df03c429)
* | Merge "Removed kombu from requirements" into proposed/junoJenkins2014-10-091-1/+0
|\ \
| * | Removed kombu from requirementsIhar Hrachyshka2014-10-081-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | Since we've replaced oslo-incubator RPC layer with oslo.messaging, we don't ship any code that uses kombu. Change-Id: Ia8a74f1326ecd98c47cbe447f04d475bf61e19d3 (cherry picked from commit 424c7faa75d96950d80f49f20f5414d1a297af72)
* | | Merge "Updated from global requirements" into proposed/junoJenkins2014-10-092-8/+8
|\ \ \ | |/ /
| * | Updated from global requirementsIhar Hrachyshka2014-10-082-8/+8
| |/ | | | | | | Change-Id: Ifb5cac5b1529fef7862f5a63a0d1592f5bcc01d0
* | Imported Translations from TransifexKyle Mestery2014-10-0828-21596/+172
| | | | | | | | Change-Id: I67a0eec64c0e0513df3f3e9f1f3489086f6316f9
* | Merge "Retry getting the list of service plugins" into proposed/junoJenkins2014-10-092-11/+52
|\ \
| * | Retry getting the list of service pluginsDerek Higgins2014-10-072-11/+52
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | On systems that start both neutron-server and neutron-l3-agent together, there is a chance that the first call to neutron will timeout. Retry upto 4 more times to avoid the l3 agent exiting on startup. This should make the l3 agent a little more robust on startup but still not ideal, ideally it wouldn't exit and retry periodically. Change-Id: I2171a164f3f77bccd89895d73c1c8d67f7190488 Closes-Bug: #1353953 Closes-Bug: #1368152 Closes-Bug: #1368795 (cherry picked from commit e7f0b56d74fbfbb08a3b7a0d2da4cefb6fe2aa67)
* | Merge "Allow reading a tenant router's external IP" into proposed/junoJenkins2014-10-086-9/+50
|\ \
| * | Allow reading a tenant router's external IPKevin Benton2014-10-076-9/+50
| |/ | | | | | | | | | | | | | | | | | | | | | | Adds an external IPs field to the external gateway information for a router so the external IP address of the router can be read by the tenant. DocImpact Closes-Bug: #1255142 Change-Id: If4e77c445e9b855ff77deea6c8df4a0b3cf249d4 (cherry picked from commit c7baaa068ed1d3c8b02717232edef60ba1b655f6)
* | Merge "Raise exception if ipv6 prefix is inappropriate for address mode" ↵Jenkins2014-10-082-9/+36
|\ \ | | | | | | | | | into proposed/juno
| * | Raise exception if ipv6 prefix is inappropriate for address modeEugene Nikanorov2014-10-072-9/+36
| |/ | | | | | | | | | | | | | | | | | | | | Address prefix to use with slaac and stateless ipv6 address modes should be equal to 64 in order to work properly. The patch adds corresponding validation and fixes unit tests accordingly. Change-Id: I6c344b21a69f85f2885a72377171f70309b26775 Closes-Bug: #1357084 (cherry picked from commit 0d8911115e1b722da2f1e92f444e53b22223ee32)
* | Merge "Add missing methods to NoopFirewallDriver" into proposed/junoJenkins2014-10-081-0/+14
|\ \
| * | Add missing methods to NoopFirewallDriverEugene Nikanorov2014-10-071-0/+14
| |/ | | | | | | | | | | | | | | | | | | The fix adds missing methods into generic Firewall class and in NoopFirewall driver class. Change-Id: I6402448075ed414434dc007f5c403fc85b6b1456 Closes-Bug: #1369685 Related-Bug: #1365806 (cherry picked from commit 9a6c073656a7e0b1a26b2bca0ba381489d04e322)
* | Don't fail when trying to unbind a routerEd Bak2014-10-072-3/+34
|/ | | | | | | | | | | | | | If a router is already unbound from an l3 agent, don't fail. Log the condition and go on. This is harmless since it can happen due to a delete race condition between multiple neutron-server processes. One delete request can determine that it needs to unbind the router. A second process may also determine that it needs to unbind the router. The exception thrown will result in a port delete failure and cause nova to mark a deleted instance as ERROR. Change-Id: Ia667ea77a0a483deff8acfdcf90ca84cd3adf44f Closes-Bug: 1367892
* remove openvswitch plugin2014.2.rc1Mark McClain2014-10-0113-1781/+33
| | | | | | | | | This changeset removes the openvswitch plugin, but retains the agent for ML2 The database models were not removed since operators will need to migrate the data. Change-Id: I8b519cb2bbebcbec2c78bb0ec9325716970736cf Closes-Bug: 1323729
* Merge "Fix pid file location to avoid I->J changes that break metadata"Jenkins2014-10-022-17/+15
|\
| * Fix pid file location to avoid I->J changes that break metadataMiguel Angel Ajo2014-10-012-17/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | Changes in commit 7f8ae630b87392193974dd9cb198c1165cdec93b moved pid files handled by agent/linux/external_process.py from $state_path/external/<uuid>.pid to $state_path/external/<uuid>/pid that breaks the neutron-ns-metadata-proxy respawn after upgrades becase the l3 or dhcp agent can't find the old pid file so they try to start a new neutron-ns-metadata-proxy which won't succeed, because the old one is holding the port already. Closes-Bug: #1376128 Change-Id: Id166ec8e508aaab8eea35d89d010a5a0b7fdba1f
* | Merge "Update migration scripts to support DB2"Jenkins2014-10-023-31/+95
|\ \
| * | Update migration scripts to support DB2John Kasperski2014-09-293-31/+95
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Three of the migration scripts are causing failures with DB2. - DB2 doesn't support nullable column in primary key - Hard coded SQL statements which use False/True as Boolean arguments are not compatible with DB2. In DB2, Boolean columns are created as small integer with a constraint to allow only 0 & 1. - Hardcoded update rows from other table sql is not compatible with DB2 - Foreign key constraints require additional handling Co-authored-by: Rahul Priyadarshi <rahul.priyadarshi@in.ibm.com> Change-Id: I82e2d1c522b81fed90a1e5cc6f2321f80797cf7b Closes-Bug: #1328019
* | | Merge "remove linuxbridge plugin"Jenkins2014-10-0211-1486/+33
|\ \ \
View Lorry Controller Status