The functionality within neutron.db.common_db_mixin is available via
neutron-lib APIs. This patch removes common_db_mixin and updates any
uses of it to use neutron-lib instead.
Depends-On: https://review.openstack.org/#/c/636159/
NeutronLibImpact
Change-Id: I2388f90b37abb09408809dda8c21da551bcd94bb
The ml2 plugin driver API was rehomed into neutron-lib with commit
Ifc829953ef4d5859c3475903965dc08aba42fd9c and the API was shimmed in
neutron with I86a10091b55d1123e8d16f16155e0312bb10e54c. This patch
consumes the ML2 driver api from neutron lib thereby removing the
driver_api module from neutron.
NeutronLibImpact
Change-Id: Ice49572e217eeaf820e48d40f2251d08766490b5
Since Pike log messages should not be translated.
This patch removes calls to i18n _LC, _LI, _LE, _LW from
logging logic throughout the code. Translators definition
from neutron._i18n is removed as well.
This patch also removes log translation verification from
ignore directive in tox.ini.
Change-Id: If9aa76fcf121c0e61a7c08088006c5873faee56e
neutron-lib 1.6.0 is out and among other things contains the rehomed
is_port_trusted function. This patch switches usage of that function
from neutron to neutron-lib.
NeutronLibImpact
Change-Id: I1c8a32d4806092daae99cd4860523c7d6335fc75
The port security API definition has been in neutron-lib for awhile.
This patch consumes the definition from neutron-lib.
NeutronLibImpact
- Consumers using the public definitions from
neutron.extensions.portsecurity must now switch over to the api-def in
neutron-lib. See the changes herein for additional details.
Change-Id: If43b65861efc536d01c43dc0d2bbcbcf062c1271
Resources could be created before the extension was enabled in the
setup. In that case, no bindings are created for them. In that case, we
should gracefully return default (True) value when extracting the value
using the mixin; and we should also create binding model on update
request, if there is no existing binding model for the resource.
While at it, introduced a constant to store the default value for port
security (True) and changed several tests to use the constant instead of
extracting it from extension resource map.
Change-Id: I8607cdecdc16c5f94635c94e2f02700c732806eb
Closes-Bug: #1509312
- This does NOT break other projects that rely on neutron.i18n,
as this change includes a debtcollector shim to maintain those
older entry points, until they can migrate.
- Also updates _i18n.py to the latest pattern defined by oslo_i18n
- Guidance and template are from the reference:
http://docs.openstack.org/developer/oslo.i18n/usage.html
Partially-Closes-Bug: #1519493
Change-Id: I1aa3a5fd837d9156da4643a367013c869ed8bf9d
Ports that have a device_owner that starts with 'network:'
are trusted in several places throughout the codebase. Each
of these did a startswith check on each field and it's not
immediately obvious why it's done.
This patch adds a utility function called 'is_port_trusted'
that performs the same check and makes it obvious what is
being done.
Change-Id: I542c753776d5cfb2fd736b25ea6e111867c89c89
Previously, the default value would be populated into attr by API
controller, but some codes in plugin or service plugins call plugin
to create network directly, such as l3, which will have no default
value populated.
This patch fixes it by populating default port_security value into
network data.
In addition, for network without port-security set, we also give the
default value to populate the return network dict object, which will
let the extension construct the response dictionary gracefully for
those existing network.
Co-Authored-By: gong yong sheng <gong.yongsheng@99cloud.net>
Change-Id: I73abc98d83372f6259f17680806e6541458e2077
Closes-bug: #1461519
Closes-Bug: #1461647
Closes-Bug: #1468588
Add portsecurity extension driver into ML2 plugin and implement it in
iptables_firewall.
The scope of this change is:
- Abstract a common class PortSecurityDbCommon from the old
PortSecurityDbMixin
- Add a new extension driver port-security, implement process_xxx and
extend_xxx_dict method and provide a db migration from the existing
networks and ports
- Update the new added 'unfiltered_ports' in iptables firewall of l2 agent
to reflect the update of port-security
Co-Authored-By: Shweta P <shpadubi@cisco.com>
Change-Id: I2da53168e2529db7a8094ce90ef3a8a93fe55727
Partially Implements: blueprint ml2-ovs-portsecurity
Boden R