Commit Graph

63 Commits

Author SHA1 Message Date
Thomas Bachman b076090cf7 Avoid flake8 package
The latest flake8 breaks the upstream build.

Change-Id: Idab49e9a59e94898d0072e5604e78d11d8c91f9c
2023-12-10 16:58:47 +00:00
Pulkit vajpayee 1a825ef921 Add_zed_support
Change-Id: I48b96bfd44330f9e75fa27c5b9ecc63ab95f4ffd
2023-10-03 05:57:54 +00:00
Thomas Bachman d1f32d9958 Remove python39 from voting
A recent change upstream has broken the python39 job.
Remove voting rights for this gate temporarily, as
python39 currently isn't being deployed.

Change-Id: Ib664e576f306d16afc20a1a4d62c8105cece2877
2022-09-29 02:25:43 +00:00
pulkitvajpayee07 549f0f3688 Add support for yoga
Change-Id: I010a02cc9e4128c92f4bfed1b62844c57961df08
2022-05-26 16:01:17 +00:00
snehal Tembhurne ada3eee179 Add support for xena
Change-Id: Id533f439bc0e832b03a20352aca903cbc7ba212e
2022-02-07 06:10:57 +00:00
Sayali Naval 76d9efb688 Add support for Wallaby
Add support for wallaby.
Below were the extra changes needed to support
the wallaby branch:
1. Add new attribute 'remote_address_group_id'
for the security group resource.
2. Handle new standard_attr_id argument for resources.
3. Fix kwargs passed to the alembic migrations
create_foreign_key and create_primary_key.
4. Change CONTEXT_WRITER to CONTEXT_READER in the
get_subnets function.

Change-Id: I3835df151cad2f7ca52afcb701de2bc508c90014
2021-07-12 21:50:23 -07:00
Thomas Bachman 0a1c33e667 Add support for victoria
Add support for stable victoria. Changes include:
* https://review.opendev.org/#/c/716049/ switched to unittest for mock

Change-Id: I053657f535d985205ae9d3548291ec1d1409cb74
2021-02-18 18:39:08 +00:00
Thomas Bachman d58f6d4d07 Fix upstream gate
Some repos get their stable branch from the upstream requirements.
This patch reverts to using that for neutron.

Change-Id: I6401e83e85a0e0256bf31960c7fa7013b8909be5
2021-01-11 16:33:08 +00:00
Thomas Bachman 0dbc7a0159 Fix upstream gate
Change-Id: I4089c718d6caea3fcb3d17fd2f4f7c6080f49238
2020-12-19 00:42:29 +00:00
Thomas Bachman 8445e0fe9a Fix top of tree in gate
Fix the top of tree in the gate by pinning things to the latest
stable branch.

Change-Id: Id5bfd015155ada709c9175da706b2bb112e858f0
2020-10-21 13:34:18 +00:00
Thomas Bachman 5588d7217e Add support for ussuri
Add support for the ussuri stable branch.
* Removed use of services in devstack (e.g. FWaaS and LBaas), which
  were only used by the deprecated legacy plugin.
* https://review.opendev.org/#/c/572767/ changed the return
  value of _get_security_groups_on_port from a list of security
  group IDs to a list of security group OVOs. The monkey patch
  of this method has been updated to be consistent with this
  upstream change.
* https://review.opendev.org/#/c/703143/ removed the upstream
  get_binding_levels, which is replaced by the corresponding
  OVO call, get_binding_level_objs.
* https://review.opendev.org/#/c/709122/ broke the __repr__
  method in the AddressScope model class. This patch works
  around this by using the dictionary representation instead.
* https://review.opendev.org/#/c/679399/ made the MTU field
  of networks non-nullable, and sets it to a constant if not
  set explicitly. This broke GBP APIs which create networks
  as part of their implementation. This patch adds a monkey
  patch to pass in a value of 0, if one wasn't specified.
* Fixed alias uncovered by PEP8 checks.

Change-Id: I219bc9a5c2034499e59788ab11ef0ae310e97e1e
2020-09-23 21:35:47 +00:00
Thomas Bachman edfc259d88 Add support for train
Add support for stable/train branch.

Changes include:
* neutron-lbaas doesn't have a stable/train branch. The
  legacy services code references LBaaS, but is no longer
  supported, so the include can be removed. A patch series
  should be created to deprecate the legacy services code.
* https://review.opendev.org/#/c/635664/ removed the
  common_db_mixin
* https://review.opendev.org/#/c/649672/ moved the trunk
  services constants to neutron-lib
* https://review.opendev.org/#/c/666409/ removed the
  _check_router_needs_rescheduling function, so it no
  longer needs to be mocked during UTs.
* https://review.opendev.org/#/c/635664/ removed the
  CommonDbMixin.
* https://review.opendev.org/#/c/648761/ moved the
  neutron constants to neutron-lib
* https://review.opendev.org/#/c/634497/ moved the
  neutron exceptions to neutron-lib
* https://review.opendev.org/#/c/649672/ moved the
  trunk constants to neutron-lib, which uses different
  trunk state constant names.
* Use the trunk resource names defined in neutron-lib
  callbacks, instead of trunk constants.
* https://review.opendev.org/#/c/729250/ moved the constant
  used for auto-deletion of neutron ports.
* https://review.opendev.org/#/c/657887/ moved the StaticSqlFixture
  class to neutron-lib.

Change-Id: I9a79c590de7e1654d815987d0f99cfdb4e7baab0
2020-09-14 22:07:48 +00:00
Robert Kukura 25c7d0c6c8 Add support for upstream Stein release
Import stable/stein rather than stable/rocky branches of upstream
and ACI-specific repositories.

Changes include:
* https://review.opendev.org/#/c/634790/ removed the rpc module
  from neutron.common, which was rehomed to neutron-lib.
* https://review.opendev.org/#/c/634497/ removed the exceptions
  module from neutron.common, which was rehomed to neutron-lib.
* https://review.opendev.org/#/c/581377/ removed exercises from the
  devstack gate. The shell scripts that ran the tests from the
  devstack exercises are now called directly.
* https://review.opendev.org/#/c/619087/ removed the common_db_mixin
  from the FlowClassifierDbPlugin, replacing it with the use of a
  method in neutron-lib.
* https://review.opendev.org/#/c/595369/ removed _setUpExtension,
  replacing it with the setup_extension method.
* https://review.opendev.org/#/c/623415/ added validation to host
  route CIDRs. The metadata CIDRs have been corrected to pass
  this new validation.
* https://review.opendev.org/#/c/615486/ added a call to get a
  nova client, and https://review.opendev.org/#/c/368631/ was
  added to ensure it was a singleton. These are now used to get
  a notifier for nova.
* https://review.opendev.org/#/c/628033/ removed the use of the
  _resource_extend module, which has been moved to neutron-lib.
* https://review.opendev.org/#/c/585037/ converted policy.json
  to policy in code. This resulted in better policy enforcement,
  and flagged problems with existing UTs, mainly in the use of
  shared resources (requires admin privileges). These UTs have
  been fixed.

Change-Id: Ia7bd0799a814e38ff37b7ff062fa1eae7928991c
2020-08-31 20:18:14 +00:00
Robert Kukura 4fa2839c9d Add support for upstream Rocky release
Import stable/rocky rather than stable/queens branches of upstream
and ACI-specific repositories. Changes needed for compatability
with stable/rocky that were also compatible with stable/queens were
made in previous patches, so only rocky-specific changes are included
here.

Change-Id: If533a955fb4bc23d6e4081a43df7018b1b36a0ba
2020-06-11 14:38:53 -04:00
Robert Kukura ca82a36cb1 Cleanup Queens (part 2)
Enhance compatabilty with newer Neutron branches while maintaining
compatability with stable/queens Neutron, and improve the build/test
process. Highlights include:

* Eliminate unneeded requirements and test-requirements, and update
  remaining ones to match upstream stable/queens Neutron.

* Use pip directly instead of the tox_install.sh script to install
  dependencies, as is done on newer upstream branches.

* Use stestr directly instead of ostestr to run UTs, as is done in newer
  upstream branches.

* Specify basepython as python2.7 for pep8, cover, functional and
  dsvm-functional jobs, in case a python3 version of tox is used.

* Fix pep8 issues that result in failures with the versions of hacking
  and flake8 used by Neutron's stable/rocky through stable/train
  branches. These changes are not necessary with the hacking and
  flake8 versions used in stable/queens, but we want to minimize code
  differences across our currently supported stable branches.

* Enable flake8-import-order and fix all the pep8 issues that it
  uncovered, particularly with order and grouping of import
  statements.

* Update pep8 configuration in tox.ini to more closely match upstream
  Neutron, and fix resulting issues. Remaining ignored checks that
  should be fixed but haven't been are marked with REVISIT in tox.ini.

* Update devstack scripts with proper branches and repository URLs.

Change-Id: I538b8c95c61a09d834be4b7c28a3becf2f3e6a50
2020-06-09 13:14:11 -04:00
Robert Kukura 46652386db Fix CI again
Use new opendev.org URIs.

Change-Id: I56684897007eb3dcf642e9880cef668e03ebdb31
2019-04-24 16:03:59 -04:00
Robert Kukura 9e2cb1fc9d Re-enable unit tests and fix CI jobs
1) Revert "Remove tests for master branch", commit
d149f30a4b.

2) Use test-requirements.txt from stable/queens to select the
stable/queens branches of python-opflex-agent and
python-group-based-policy-client, and the noiro-lite branch of
acitoolkit.

3) Use pushd/popd in tox_install.sh to restore initial CWD after
switching requirements branch.

Change-Id: I39895732aac0bdfaee95274cbcb262d6744faeb1
2019-04-16 14:02:09 -04:00
Thomas Bachman d149f30a4b Remove tests for master branch
This is an ugly temporary fix to the upstream master gate,
until we can work out the correct way to fix it with the
openstack-infra folks.

Change-Id: Ibc76c899074890564b4579ee6e6e66e9a4af12e7
2019-04-08 14:57:00 +00:00
Robert Kukura 77a7df0a70 [AIM] Improve validation output for missing external VRF
Previously, if an external network's AIM L3Outside referenced a VRF
that did not exist, validation would fail with a message that an
exception occurred, but with no indication of what caused the
problem. Now, the backtrace is logged when an exception is caught, a
specific error is reported if any of the resources needed for the
NetworkMapping DB record are missing, and a very specific error is
reported if the external VRF is missing.

Also, a requirement on acitoolkit is added to test-requirements.txt to
ensure that acitoolkit's noiro-lite branch is used. This is intended
to avoid acitoolkit's master branch's requirement on deepdiff, whose
latest version no longer supports python 2.

Similarly, the configuration files for the
legacy-group-based-policy-dsvm-aim CI job are modified to explicitly
install the noiro-lite branch of acitoolkit.

Change-Id: I7955f8e77633d9662a629c8c0628b128be3ae546
2019-03-21 12:31:29 -04:00
Kent Wu c215f71376 For queens sync
Change-Id: I381411ad2285257b49bd78ae22c734cea07315c9
2018-09-07 16:24:08 -07:00
Ivar Lazzaro d77da01dcb SFC integration for AIM driver
Based on the openstack networking-sfc project API:

- Introducing an SFC driver that maps the SFC model (port pairs,
  port pair groups, port chains) to the AIM Service Graph model;
- Introducing a FlowClassifier driver that maps the FLOWC model (flow
  classifier) to the AIM Service Graph model;
- Adding some registry notifications to the AIM MD and the FLOWC driver
  for business logic validation.

Current divergence/limitations from the upstream SFC API:

- Added 2 l7_parameters to the flow classifier API,
  source_logica_network and destination_logical_network. Representing
  the networks involved in the traffic redirection mechanism;
- Every valid flow classifier must include the l7_parameters as
  mentioned above. Internal networks and SVI networks are valid values,
  but --external networks are excluded;
  When SVI networks are specified, the corresponding source/destination
  IP prefix must be specified in the API;
- Any other FlowClassifier parameter other than the ones mentioned
  above will be ignored;
- On port binding, the chain will fix itself;
- Trunk ports are supported on port-pairs;
- On PPGs, all the Port Pairs must be in the same network pair;
- Ports in Port Pairs must have a univocally retrievable APIC Domain;
- Ports in Port Pairs can't be in the same network;
- Flowc src/dst networks must be distinct;
- Flowc can't be updated if in use by a chain;
- Networks partecipating a port chain must be in the same VRF;
- Src and Dst networks in a chain must be in the same tenant
  (temporarily);
- Port Pair's ports' network can't be external or SVI;
- Port Pair's ports' networks can't be re-used in the same PPG.

Change-Id: If40595584ef46f1ac2aa0cf7525e16447f491f48
2018-02-26 21:48:09 +00:00
Sumit Naiksatam d649785c9e Pike sync
The following changes have been made to coordinate with the changes
made in Neutron for Pike:

* Partial use of Neutron context has been completely moved to neutron_lib's
context.

* The patching of neutron.db.api.get_session() has been replaced with
patching of sqlalchemy.orm.session to add the notification_queue attribute.
This significantly reduces the earlier complexity of patching.

* Use of top-level start of transaction in GBP plugins:
with context.session.begin(subtransactions=True):
has been migrated to use of:
with db_api.context_manager.writer.using(context):
or
with db_api.context_manager.reader.using(context)
as relevant.

* Calls to _make_resource_xxx_dict() in GBP plugins have been moved
to inside the transaction.

* The use of:
neutron.callbacks.events
neutron.callbacks.exceptions
neutron.callbacks.registry
to
neutron_lib.callbacks.events
neutron_lib.callbacks.exceptions
neutron_lib.callbacks.registry

* The use of:
neutron.api.v2.attributes.resource_xxx
neutron.extensions.extension_xxx
to:
from neutron_lib.api.definitions.resource_xxx
from neutron_lib.api.definitions.extension_xxx
resp.

* The use of:
neutron.db.db_base_plugin_v2.NeutronDbPluginV2.register_dict_extend_funcs
to:
neutron.db._resource_extend.resource_extend
(the latter is a decorator)

* The use of:
neutron.db.db_base_plugin_v2.NeutronDbPluginV2.register_model_query_hook()
to:
from neutron.db import _model_query as model_query.register_hook()

* The use of:
neutron.db.segments_db.NetworkSegment
to:
neutron.db.models.segment.NetworkSegment

* In the case of Neutron ml2plus plugin (used by APIC/AIM solution),
the use of get_admin_context() has been patched to return elevated
version of the current context in use. This helps to preserve the session
and transaction semantics. Ideally, context.elevated() would have been
directly used in all these places, however the current context is not
available in these places, and hence getting the current context and elevating
it is wrapped in the get_admin_context() patched method.

* In the case of the components used by the APIC/AIM solution (including
the ml2plus and l3_plugin) the use of:
with context.session.begin(subtransactions=True):
to
with db_api.context_manager.writer.using(context):
or
with db_api.context_manager.reader.using(context):
as relevant.

* Patching of methods from Neutron which is no longer relevant have been
removed from gbpservice.neutron.extensions.patch module.

* Setting up of UTs has been fixed to load and reset configurations
appropriately. This helps to eleminate some failures when tests are
run in non-deterministic orders.

* In tree devstack plugin has been updated (aim repo commit pin needs
to be reverted).

* Gate jobs have been updated as relevant (including fixes to the exercise
scripts and job configurations).

The associated repos, namely, client, UI and automation have also been
updated (the reference to the client's gerrit patch needs to be updated
once the patch has been merged).

Change-Id: I11dd089effbf40cf104afd720dc40a9911dcf28d
2018-01-06 19:36:36 -08:00
Thomas Bachman 285d7e0ba9 Use stable/ocata vmware_nsxlib
While GBP master is pinned to stable/ocata, use the stable/ocata
version of vmware_nsxlib.

Change-Id: Idd00b76a69278c39d00f718a160591415a9934f4
2017-09-01 14:15:41 +00:00
Thomas Bachman 3246275177 Remove use of apic-ml2-driver library
The legacy plugin was deprecated in stable/newton, and
is removed in ocata. This patch removes the references to
the apic-ml2-driver library, which should only be required
by the legacy driver.

Change-Id: I027edc9b74137cd242fab6243536c8331b42ccda
2017-08-29 14:30:50 +00:00
Sumit Naiksatam 380b567afc Fix aim and apicapi repo dependencies for ocata
Some of these got left out of an earlier commit.

Change-Id: Ieff9e94ba3cb87b5ff3405cd0c2e27e74229c704
2017-08-22 20:24:04 -07:00
Thomas Bachman 9e4302c1d8 Fix dependencies for ocata
The apicapi and python-opflex-agent dependencies are using
temporary branches to allow GBP to build for ocata. The master
branches on these dependencies have been updated, allowing GBP
to build using their master branch.

Change-Id: I4855c24fbf570e17aa4b13a44aee822cf1aebb41
2017-08-18 18:44:14 +00:00
Anna Khmelnitsky e30de6e13d [VMware] VMware NSX Policy driver
This introduces driver for Vmware NSX Policy.
The driver assumes nsx_v3 core plugin.
It implements direct configuration of NSX Policy endpoint for security
and inherits connectivity functionality from resource mapping driver.

On startup, the driver will configure NSX Policy enforcement point to be
the NSX manager core plugin is running against.

The driver implements the following resource mapping:

Openstack project => NSX Policy domain
GBP group = > NSX Policy group + communication maps
GBP classifier => NSX Policy service
GBP rule set => NSX Policy communication profile

Change-Id: I0d5593b458f7e51c21fc2b34d1ab4d898abb6c51
2017-07-17 14:01:12 -07:00
Anna Khmelnitsky 8284bf9b3a Ocata sync
* use neutron_lib.directory for plugin retrieval

* switch to neutron_lib for neutron constants, exceptions,
  extensions

* add neutron.plugins.ml2.ovo_rpc to OUT_OF_PROCESS_NOTIFICATIONS:
  neutron added ovo rpc callback mechanism for ovo objects, and aim
  notification manager needs to recognize those as out of process.
  Since neutron moved away from get_session API to get_reader_session
  and get_writer_session, override for these was added.
  Few bugs were fixed in the delayed notification area as well.

* new engine facade: make use of reader and writer to grab db engine

* remove _update_fip_assoc override (didn't find a reason for the
  override)

* aim driver: a fix in update_subnetpool_precommit - not to assume
  address_scope_id field is returned from neutron update call if it
  was not updated.

* extend_XXX_dict call was switched to receive ovo instead of db
  object. As a result, foreign keys are not part of the object
  anymore, and need to be retrieved from db.

* remove_router_interface - receive port dictinary rather than port
  object

* fix patched neutron functions to receive correct parameter types
  (like patched_get_locked_port_and_binding)

* use add_agent_status_check_worker instead of add_agent_status_check

* advertise_mtu configuration parameter was removed from neutron. It
  is used in aim driver, hence added to aim driver config.

* use of project_id instead of tenant_id where required

* use segments_db module for network segments

* test_aim_mapping_driver: the test used to override uuid generation
  in order to get predictable uuid results. New neutron code makes
  use of python uuid module where overrides are complicated. It was
  easire to remove all uuid-based values from dictionaries under test

* add filters parameter to get_address_scopes calls, otherwise the
  call fails (probably should be fixed in neutron)

* in routing tests, remove the assumption that routes are returned in
  specific order

Change-Id: I1943fd4196ea6199d825ae53f0e9f5b54d54a260
2017-07-05 15:25:25 -07:00
Robert Kukura 953e5d6ae5 [aim] Fix retry issues and logging
Pass create_if_absent=False to AIM's get_status() to hopefully reduce
transaction retries due to DBDuplicateEntry exceptions. This required
unpinning the version of AIM used, as well as a couple of fixes in the
AIM repo.

Change the RPC handlers to use Neutron's retry_db_errors decorator
rather than its own, so that DBDuplicateEntry exceptions are retried.

Avoid logging at error level when processing retriable exceptions.

Change-Id: I53740eea3cb7cacafceae589deec3b573ef6a68a
2017-06-07 05:18:06 -04:00
Sumit Naiksatam f7f1bfdaf4 [aim] Update UTs to correctly define AciStatus
Also temporarily pinning the aci-integration-module repo to avoid
repeated breakage.

Change-Id: Id0835f6f0b12c48b285e0b84789766930c54b889
2017-04-20 16:07:58 -07:00
Sumit Naiksatam e7b45aaac0 Move apicapi dependency to master branch
Change-Id: Ib43c0b30deb4b72e9df8fe45085a6ca7896704d0
2017-04-12 12:40:51 -07:00
Sumit Naiksatam 725c7aa466 Newton sync
* The IP addresses handed by Neutron’s ipam are no longer sequential per the
following commit:
dcb2a931b5

Several UTs were making sequential assignment assumptions and were expecting
specific IP address allocations. These had to be refactored appropriately by
checking if the assigned IP address belongs to the expected CIDR.

* There was a bug in Neutron until stable/mitaka which prevented duplicate SG
rules being added. Since that is fixed in stable/newton overlapping SG rules
can be added within the same tenant, see:
3c1a068c7a
We actually dont want to add overlapping rules in the resource_mapping driver,
hence a check was added to prevent adding of duplicate rules.

* The unit test discovery path is being set to "gbpservice/neutron" in
.testr.conf to avoid running the tests in gbpservice/contrib path which
currently have some NFP related tests. The path can be reverted back to
“gbpservice” once the contrib code has been updated.

* There is a bug in the neutron code which always requires passing the filters
argument (even if empty) to get_sg_rules() call.

* The flavors service plugin needs to be explicitly configured in the UTs:
0e3f4b8335

* The use of unittest has been migrated to using unittest2.

* The default tenant in the Neutron UTs is no longer ‘test-tenant’. Instead the
following constant should be used:
neutron.tests.unit.db.test_db_base_plugin_v2.TEST_TENANT_ID

* The project_id is now being added to the resource by the API layer. The
extension test cases had to be updated to accommodate for this extra
argument.

* Neutron now sends DHCP and Nova notifications for operations on resources
from the ML2 plugin. See the following relevant commits in Neutron:
181bdb374f
a5cd3b65d1
877778ee4c
a4df99ff5d

With the above changes, it is no longer needed for GBP to send DHCP and Nova
notifications (previously being sent from local_api.py). The neutron_resource
and the aim_mapping drivers, which attempt to provide transactional semantics,
still need the queueing functionality on the notification framework, so this is
being preserved. The send_or_queue_notification method from this framework is
also being preserved since the aim_mapping driver makes use of this method to
send specific notifications which are outside the scope of the notifications
that Neutron sends. When the ML2Plus plugin is used for the aim_mapping driver,
Neutron’s registry notification is patched to allow the notification to be
queued. It should be noted that at this point, some notifications cannot be
queued since for some resources the existence checks fail if they are queued
and sent at a later time. In such cases, the notifications are sent
immediately. This logic needs to be revisited.

* The _get_tenant_id_for_create() method was removed in Neutron since the
context object provides the project_id:
5d53dfb8d6

GBP should also follow this approach, however its a big change, mostly in the
UTs. So this patch temporarily adds the _get_tenant_id_for_create() method to
the GBP service plugins.

* The patch for create_floatingip in gbpservice/neutron/extensions/patch.py is
no longer needed and is being removed. Other such methods in the module
cannot be blindly removed, so for now, they have been updated to sync with
their newton version, but should be revisited to explore their removal.

* The ml2_network_segments table was renamed to network segments, and the
allowed_address_pair definition was moved in neutron:
c8fca1c96f
7c0f189309

* DB objects are being detached from the session when the extension attribute
processing happens. However, ml2plus needs the session context in the
extend_dict functions. Hence, a utility function was added in
gbpservice/neutron/plugins/ml2plus/patch_neutron.py to get the currently
active session.

* The following change adds a transaction guard to some operations which
prevent then from being called from within a transaction:
https://review.openstack.org/gitweb?p=openstack/neutron.git;a=commitdiff;h=afe1a834000d33900b8646d308fa26fa807a2ca0

ml2plus however needs to support calling these operations from within a
transaction. Hence the transaction guard is disabled by use of a decorator on
the ml2plus functions.

* Neutron defines a new dns-integration extension and all the DB related DNS
handling was moved out of the DB core plugin:
64f5fc8259

* Retry decorator has been added to ml2plus methods to align with the
following:
acbabaa3db
09c87425fa

* A bug in the aim_mapping log statements was fixed by using vars() to displace
aim resource dictionary attributes.

* A bug was fixed in the test_apic_aim code, where the tests set the expected
value of dns_name to None, but the implementation sets it to ‘’.

* The following changes were made to move things to neutron_lib and have been
refactored in this patch:

** neutron.db.model_base was moved to neutron_lib:
61cc14fd67

** neutron.common.exceptions was moved to neutron_lib, and has been refactored
here.

** The converter and validator functions in neutron.api.v2.attributes were
moved to neutron_lib and has been refactored here.

** Constants like ATTR_NOT_SPECIFIED have been moved from
neutron.api.v2.attributes to neutron_lib and has been refactored here.

Note that the integration tests fail in this patch since the DB schema needs to
be updated to rename the tenant_id column to project_id. This is being done in
the dependent patch, and the integration tests should be validated on that
patch.

Follow up items:

* The following test fails sporadically:
gbpservice.neutron.tests.unit.services.grouppolicy.test_aim_mapping_driver.TestNeutronPortOperation.test_gbp_details_for_allowed_address_pair
* Some hacking directives have been disabled and need to enabled but will
* require significant code refactoring.
* HasId and HasTenant are deprecated, move to HasProject and HasId in
* model_base, see commit:
61cc14fd67 (diff-b923b82d6a7b3c5cd77c32354ffc9f13)
* A couple of UTs are being skipped in:
* gbpservice/neutron/tests/unit/plugins/ml2plus/test_extension_driver_api.py
* and need to updated per the comments in the code.

Change-Id: I887ee6cfca8199710cf5c653b5f57dff86bb035a
2017-03-17 01:35:29 -07:00
Robert Kukura e382e7611f [apic_aim] Map neutron resources to AIM, part 3
Implements an L3 service plugin, apic_aim_l3, that, in conjunction
with the apic_aim mechanism driver, maps each Neutron router to an AIM
Contract and ContractSubject whose DNs and status are exposed via
extended attributes similar to those on the core Neutron resources. An
"any" Filter and FilterEntry are created per-tenant, and referenced in
this contract, allowing all traffic from EPGs providing and consuming
this contract to be routed.

The add_router_interface and remove_router_interface methods are stubs
that will be implemented in the next patch set. They will manage the
mapping of router interfaces to AIM Subnets, along with having the
default EPGs associated with those interfaces provide and consume the
router's Contract.

The corresponding GBP policy driver's extension is renamed
apic_aim_gbp for consistency with the apic_aim and apic_aim_l3
extensions at the Neutron level, and all extensions are now in the
gbpservice.neutron.extensions module.

The GBP policy driver's unit tests are updated to account for the
Filter and FilterEntry resources created by the mechanism driver.

The apic_aim unit tests wipe the AIM DB in tearDown, and use the
aci_integration_manager branch of the apicapi repo.

The GBP devstack plugin, when ENABLE_APIC_AIM=True, configures neutron
to use the apic_aim_l3 service plugin, and installs the
aci_integration_manager branch of the apicapi repo.

Change-Id: I1b7f0c80e66d55d58c27fe9e4cb461f62aec3c42
2016-09-15 14:56:52 -04:00
Rahul Shikhare 06e8e3ada4 NFP (contrib) - Config Orchestrator
This changeset implements under the cloud receiver for neutron resources.
It registers agents for firewall, loadbalancer and VPN. It receives
notifications from over the cloud and forwards it to neutron plugins.

Change-Id: I1f884aed57b6f0aa156dbbe918e8079401bb12a2
Implements: blueprint gbp-network-services-framework
Co-Authored-By: Deepak S <in.live.in@live.in>
2016-07-26 06:09:15 -07:00
Robert Kukura 60e2d249ed [apic-aim] Associate network's default EPG with its BD
Set bd_name to reference the network's BridgeDomain when creating the
default AIM EndpointGroup for a neutron network.

Closes-Bug: 1604899

Change-Id: I13299f73680486ee7e3e22577a017887ca572c73
2016-07-27 22:32:50 -04:00
Hemanth Ravi 376dca9dd2 Avoid install of older version of opflexagent
Fix the order of pkgs to avoid install of an older version of
opflexagent. Sources for the current version and an older version
were both being installed.

Closes-Bug: 1607011
Change-Id: I1768a192390ed14ae76de7f4b1497ded57f6c32c
2016-07-27 18:49:07 +00:00
Robert Kukura 6e307e0a38 New APIC mechanism and extension drivers
This is a very preliminary version of a new APIC mechanism driver
utilizing the ACI Integration Module (AIM) library concurrently being
developed. A corresponding extension driver exposes details regarding
the mapping of the Neutron resources to APIC. These drivers require
the Ml2Plus extended driver APIs.

See the apic-aim-ml2-driver devref for implementation details and for
devstack configuration instructions.

Change-Id: I82df32f0880d6a0d53b305f6c6391fcbea049d1b
2016-07-13 22:11:30 -04:00
rajendramachani 7bf29ca7b2 NFP - Client utilities for OpenStack services
This changeset include mainly two utility drivers
(1) openstack client driver
 - provides client utilities for Keystone, Nova, Neutron, and GBP clients.
(2) COAL(Commom Openstack Abstration Layer)
 - The idea of this driver is to abstract the Network(Neutron/GBP), Compute(VM/Docker), and Fabric(APIC) APIs
 - At present, only network APIs are abstracted.

This changeset also include the patch to the test requirements, which has the package names that needs to be installed during integration by the gate.

Change-Id: I5f94290c4fc5955b6797ca9789b7f7d8325d8add
Implements: blueprint gbp-network-services-framework
Co-Authored-By: Ashutosh Mishra <mca.ashu4@gmail.com>
Co-Authored-By: Akash Deep <akash.deep@oneconvergence.com>
2016-07-04 18:10:23 +00:00
Amit Bose ee1f29f0d0 Update opflex-agent requirements to mitaka branch
Change-Id: I97670c4ae883c91a18b9eb16eae7e08af9898e4e
Signed-off-by: Amit Bose <amitbose@gmail.com>
2016-04-19 11:57:29 -07:00
Sumit Naiksatam 3547998d61 Remove tempest repo install
Since we don't use it.

Change-Id: I6cc453e06271eabdb2692f8b37b959cf8fb240bd
Closes-bug: 1565143
2016-04-01 16:22:43 -07:00
Robert Kukura 8cc152f965 Use upper-constraints for requirements' versions
Related-Bug: #1563028

Change-Id: I4bfc5222ef76ba1934da29b86f623ba7dc201fea
2016-03-29 23:07:45 -04:00
Sumit Naiksatam ade374bd48 Pinning to stable/mitaka
Change-Id: Ib2f5b50005983b9f6cbd63a1f38af68ee7de1059
2016-03-22 23:09:56 -07:00
Sumit Naiksatam c614996bcf Syncing with mitaka dependencies
Change-Id: Ice1c6555d7e008fff0cb174f1ed6d6d4a3f152e3
2016-02-25 18:35:47 -08:00
Sumit Naiksatam f4d46b14be Use openstack repos instead of github
git.openstack.org is the authoritative source for openstack repos.
github is a mirror is not gauranteed to be immediately in sync.

Change-Id: I63415d96a4a89b34964e7a3eaa957c269425b56a
2016-01-27 19:32:08 -08:00
Amit Bose 097a2cdaa5 [APIC mapping] Update liberty dependencies
Change-Id: Ifdefea353d89fc3d17836fe41532a22089152f81
Signed-off-by: Amit Bose <bose@noironetworks.com>
2016-01-14 23:34:03 +00:00
Sumit Naiksatam 3143af2781 Pin keystoneclient to liberty branch
Change-Id: I98ce9524428c532bbb19af3093f8dc771f503081
2016-01-14 10:08:36 -08:00
Sumit Naiksatam c806a88f3f Aligning with liberty dependencies
Change-Id: Ia1800b633e3172bdcabfefed6bead1d460dd590e
2016-01-06 12:26:55 -08:00
Amit Bose b09bb383cc [APIC mapping] Update IP address ownership info based on notifications
Closes-Bug: 1509142

Signed-off-by: Amit Bose <bose@noironetworks.com>
Change-Id: I00d3cbc40dfa0d9880bd8bf5b1c2ab963d58833a
2015-10-24 05:12:36 +00:00
Ivar Lazzaro ae4c08e08b [apic-mapping] add details info based on owned addresses
Closes-Bug: 1509142
Change-Id: I2dcc30518f8f5686ffb80998df10b1d64ac70ff4
2015-10-22 18:20:32 -07:00
Sumit Naiksatam e66f13e99b Update test-requirements per global requirements
Change-Id: Ic3a01a8f85a08f6dfa74b19bcbb552f1f70cb0a6
2015-07-16 09:02:12 -07:00