As part of the Secure RBAC community goal, we should switch options
"enforce_new_defaults" and "enforce_scope" to be True by default.
It will be still possible to fallback to old policy rules by configuring
those config options to False in Neutron config.
Change-Id: I09c0026ccf87e6c0bb1fa59165c03dc508fba6fa
If the database "port" child register "ml2_port_bindings" has been
manually deleted from the database, now is possible to delete the
Neutron Port resource (that implies the "port" database register and
all other child registers)
Before this patch, the port deletion CLI command succeeded (no exception
was raised) but the Port resource was not deleted.
Closes-Bug: #1988323
Change-Id: I02de276d0cd8e4ae27355d4aee5f48e92634f318
Neutron-lib 1.1.0 is now out and contains the portbindings
API definition (as per commit [1]). This patch moves neutron
references over to the neutron-lib version.
NeutronLibImpact
- Consumers using the public constants within neutron's
portbindings API extension must now use the values
from neutron-lib.
[1] 87e42f993c07ae320159d5123662ee9f3bd4d903
Change-Id: I669af9b4c712877772d91a03857ab108714001d4
Make function _bind_port_if_needed to bind at least one time when the port's
binding status passed in is already in binding_failed.
This is the second attempt to introduce the patch (the first one was
reverted due to regression that broke Ironic), now with proper
notification sent even when binding attempt failed.
The patch also fixes several cases when we attempted to notify with a
binding context that was not committed into database.
The patch changes _attempt_binding to call _commit_port_binding only
with the binding final state:
1. Successful binding: will just call _commit_port_binding.
2. Unsuccessful binding: will call _commit_port_binding at the final
attempt to bind the port.
This is in order to refrain from reverts, with will really complicate
things even more.
Co-Authored-By: Yalei Wang <yalei.wang@intel.com>
Co-Authored-By: Nir Magnezi <nmagnezi@redhat.com>
Co-Authored-By: John Schwarz <jschwarz@redhat.com>
Change-Id: I437290affd8eb87177d0626bf7935a165859cbdd
Closes-Bug: #1399249
Slawek Kaplonski