This table has a 1:1 relationship with the "port" table, providing
the "hardware_offload_type" field (string).
The "neutron-lib" library minimum version is 3.8.0, that contains
[1].
NOTE: once the OSC patch is merged [2], the documentation will be
updated to reflect how to create a hardware offloaded port without
manually defining the port binding profile,
[1]https://review.opendev.org/c/openstack/neutron-lib/+/882726
[2]https://review.opendev.org/c/openstack/python-openstackclient/+/892792
Partial-Bug: #2013228
Change-Id: I04f232d6c43e39f254c4559caf041dcf05acec21
This new extension adds a new synthetic field, "belongs_to_default_sg",
to the security group rule OVO. This read only boolean field determines
if the security group rule belongs to a default security group or not.
This new field will be used in a new set of policy rules. By default,
these new rules will allow to create and delete security group rules
into the default security group of a project only to the admin user
NOTE: the follow-up patch will introduce the policy rules check,
during the creation/deletion operations, of the
"belongs_to_default_sg" field and the user executing this action.
Partial-Bug: #2019960
Change-Id: I0b3ded52e1ff8160c5804c59635c0fd34ce9995b
This patch adds DB model, OVO class and DB migration script for
SG rules template used for every new SG created.
It also implements Create/Get/Delete actions for that new resource and
adds API policies for those APIs
Related-Bug: #1983053
Change-Id: Ib3cde1710edd400b972f493b13666d0679a7753c
This new synthetic field is linked to a
"QosRouterGatewayIPPolicyBinding" register. This binding register will
bind a QoS policy and a Router. Now is possible to provide this field
in the create/update input parameters. If provided, the "Router" OVO will
create/delete the "QosRouterGatewayIPPolicyBinding" register.
The "Router" OVO takes this parameter from the DB object. When the DB
object is retrieved, the QoS policy binding register is retrieved too
due to a backref link in the "QosRouterGatewayIPPolicyBinding" DB model to
the "Router" DB model.
Related-Bug: #1893625
Related-Bug: #1950454
Change-Id: I59ed68b2c1e19f1f31e72b4868e3db750ef06d6f
Added information of the floating IP network QoS policy to the
``FloatingIP`` OVO. The view-only parameter added allows to check
the network QoS policy in the floating IP object.
This patch does not implement any change in the L3 code (OVS or
OVN). This patch does not change any existing behaviour.
NOTE: bump neutron-lib version
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/817936
Partial-Bug: #1950454
Change-Id: I9d7bb54b14fb983161fdf51c96b6fda107db4fe6
Remove the QoS constants from Neutron code. QoS constants are now
located in ``neutron_lib.services.qos.constants``.
This patch also reverts [1]. This patch was merged in order to
allow a newer neutron-lib release in "requirements". This test
was failing because the element order of the "VALID_RULE_TYPES"
list was different between Neutron and neutron-lib. That was
modifying the "QosRuleType" OVO hash.
[1]https://review.opendev.org/c/openstack/neutron/+/817940
Closes-Bug: #1950977
Related-Bug: #1922237
Change-Id: I31edea3cc0f4a284a773a35302997ca6069efc95
Disabled "TestObjectVersions.test_versions" until n-lib 2.17.0 is
released and the OVO "QosRuleType" hash is updated.
Change-Id: I5b850314297e40b57d7d8152aaf9c60c81d353e8
Related-Bug: #1950977
This adds Local IP API extension, DB and OVO models, DB mixin,
migration and service plugin.
Partial-Bug: #1930200
Change-Id: I0ab7c5e9bc918f7fad282673ac6e32e1b01985c5
Add the shared field to security group API responses and support
using shared as a query filter.
A follow-up patch will remove the temporary api def once it is merged
and released in neutron-lib.
Related-Bug: #1942615
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/812617
Change-Id: Ic04be8f0b7097c8aed19365f06089aa7af333eb9
This patch implements support for CRUD operations for QoS minimum
packet rate, for example:
DELETE /qos/policies/$POLICY_ID/minimum_packet_rate_rules/$RULE_ID
Placement or dataplane enforcement is not implemented yet.
Partial-Bug: #1922237
See-Also: https://review.opendev.org/785236
Change-Id: Ie994bdab62bab33737f25287e568519c782dea9a
This patch adds new API extension to QoS service plugin
to allow CURD actions for packet rate limit (packet per
second) rule in Neutron server side.
NOTE: This patch will NOT implement the real functionality
in L2/L3 backend to limit the pps.
Co-Authored-By: NANALI <lin203@chinaunicom.cn>
Closes-bug: #1912460
Change-Id: Icc88accb88d9cec40c960c56f032c3c27317b42e
Added a new port extension: device profile (``port_device_profile``).
This extension adds the "device_profile" parameter to the "port" API
and specifies the device profile per port. This parameter is a
string.
This parameter is passed to Nova and Nova retrieves the requested
device profile from Cyborg. Reference:
https://docs.openstack.org/api-ref/accelerator/v2/index.html#
device-profiles
For backwards compatibility, this parameter will be "None" by
default.
Closes-Bug: #1906602
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/767586
Change-Id: I1202a8388e64ae4270ef4ca118993504ae7c1731
New API extension was added in [1] to extend security group rules with
"normalized_cidr" read only attribute.
This patch implements this API extension in Neutron ML2 plugin and
extends security group rules with "normalized_cidr" value.
[1] https://review.opendev.org/#/c/743630/
Related-Bug: #1869129
Change-Id: I65584817a22f952da8da979ab68cd6cfaa2143be
Need the revision_number attribute to support address group update in
rpc resource_cache.
Change-Id: I6355c9394c23f7d94496e9c06e061d6d3fd4128d
Implements: blueprint address-groups-in-sg-rules
- Add api extension and db model changes to support remote_address_group_id
in SG rules.
- RPC and firewall agent changes will be in the follow-up patches.
Change-Id: I99681736d05eefd82bdba72b3866eab9468ef5dd
Implements: blueprint address-groups-in-sg-rules
Added a new port extension: NUMA affinity policy. This extension adds
the "numa_affinity_policy" parameter to the "port" API and specifies
the NUMA affinity policy per port.
This parameter is passed to Nova when a virtual machine is created.
Nova will use this information to schedule the virtual machine.
For backwards compatibility, this parameter will be "None" by default.
Depends-On: https://review.opendev.org/#/c/740058/
Closes-Bug: #1886798
Change-Id: Ie3d68c098ddb727ab8333aa1de4064e67a4f00a7
When "uplink-status-propagation" extension is enabled, new ports
created will default the value of "propagate_uplink_status" to True.
Closes-Bug: #1888487
Change-Id: If1e533a61aeebbb4761d669c516fe86a4381765c
Add support for basic address group CRUD. Subsequent patches will be added to
use address groups in security group rules.
Implements: blueprint address-groups-in-sg-rules
Change-Id: I4555c068ec6229b1d7ac1168d5687549370893b4
This new synthetic field is linked to a "QosPolicyFloatingIPBinding"
register. This binding register will bind a QoS policy and a
floating IP.
Now is possible to provide this field in the create/update input
parameters. If provided, the "FloatingIP" OVO will create/delete the
"QosPolicyFloatingIPBinding" register.
The OVO takes this parameter from the DB object. When the DB object
is retrieved, the QoS policy binding register is retrieved too due
to a backref link in the "QosFIPPolicyBinding" DB model to the
"FloatingIP" DB model.
Change-Id: Ideb042a71336b110bbe0f9e81ed8e0c21434fc42
Closes-Bug: #1877404
Related-Bug: #1877408
In patch [1] there was introduced simple lock for creation of
DVR agent's floating IP gateway ports for network to avoid races
and creation of duplicated ports for one agent and one network.
This fix from [1] works in simple examples with only one neutron-server,
so it helped e.g. in CI but it wasn't proper fix for production
deployments which are much bigger and have more neutron server api
workers.
So this patch introduces constraint on database level so this works even
across cluster with multiple neutron-server api workers.
[1] https://review.opendev.org/#/c/673331/
Change-Id: Id55b8a21d6ecf5e029d1ca267b2cbd2ed91cca4c
Closes-Bug: #1830763
Add the `description` field to `PortForwardings`
using the standard attributes like in the
`FloatingIPs`.
Depends-On: https://review.opendev.org/#/c/692580/
Depends-On: https://review.opendev.org/#/c/698662/
Implements: blueprint portforwarding-description
Closes-Bug: #1850818
Change-Id: Ibac91d24da2b82cdce72165d1295fa5d4475ffd3
Signed-off-by: Pedro Martins <phpm13@gmail.com>
As described in [0] a new attribute ``dns_publish_fixed_ip`` is added
to subnets, allowing to specify directly whether DNS records should be
published for this subnet. This overrides the previous behaviour that
makes this decision based on various properties of the network that
the subnet is contained in, see [1].
[0] https://launchpad.net/bugs/1784879
[1] https://docs.openstack.org/neutron/latest/admin/config-dns-int-ext-serv.html
Change-Id: I14605ead2694d9e9422b3d7b519aed2e3c340e2a
Partial-Bug: 1784879
Add a new DB table "network_subnet_lock". The primary key will be the
network_id. When a subnet is created, inside the write context during
the "subnet" object creation, a register in the mentioned table is
created or updated. This will enforce the serialization of the "subnet"
registers belonging to the same network, due to the write lock in the
DB.
This will solve the problem of attending several "subnet" creation
requests, described in the related bug. If several subnets with the
same CIDR are processed in parallel, the implemented logic won't reject
them because any of them will not contain the information of each other.
This DB lock will also work in case of distributed servers because the
lock is not enforced in the server logic but in the DB backend.
Change-Id: Iecbb096e0b7e080a3e0299ea340f8b03e87ddfd2
Closes-Bug: #1852777
This patch sets the MTU attribute to non-nullable, the code
that get the MTU and update the network in some methods can
be removed. If the MTU is empty before the pike version, it
is set to the default value of 1500.
Change-Id: Id4d738dde7fa4b7caccabad0aac542b82b4d7af1
Closes-Bug: #1842261
The patch proposes adding a new binding_index to the
NetworkDhcpAgentBinding table, with an additional Unique
Constraint that enforces a single <network_id, binding_index>
per network.
1. When a network is triggered to be auto-scheduled to DHCP
agents, the number of DHCP agents is constrained by
dhcp_agents_per_network in neutron.conf. This prevents
too many DHCP agents from being scheduled in the first place.
2. If users manually schedule a network to specific DHCP
agents, the binding_index increments to show the number of
DHCP agents hosting this network.
Co-Authored-By: Oleg Bondarev <obondarev@mirantis.com>
Change-Id: I1bc3f8b69c337f7c1cf7375509a0da61def9baf1
Closes-Bug: #1535554
Added field "qos_network_policy_id" to Port OVO. This parameter
will be used to retrieve the QoS policy bound to the port network.
This reduces the number of calls to the database by creating a join
between the QosNetworkPolicyBinding table and the Port table, based
on the network ID.
This backref association is not persistent (marked as "viewonly").
This relationship is using for loading the QoS policy ID of the
port network in the Port OVO.
Related-Bug: #1834484
Change-Id: I219a925d5e269b8c73a0481daa879d72c399fd8f
Implements the conntrack helper OVO and db layer code.
- New object 'ConntrackHelper'
- New db model
- migration db script
Related-Bug: #1823633
Change-Id: I0d9c039b260845b6544eccf63f5a2ffaa929120b
This patch adds the support for network segment range CRUD. Subsequent
patches will be added to use this network segment range on segment
allocation if this extension is loaded.
Changes include:
- an API extension which exposes the segment range to be administered;
- standard attributes with tagging support for the new resource;
- a new service plugin "network_segment_range" for the feature
enabling/disabling;
- a new network segment range DB table model along with operation
logic;
- Oslo Versioned Objects for network segment range data model;
- policy-in-code support for network segment range.
Co-authored-by: Allain Legacy <Allain.legacy@windriver.com>
Partially-implements: blueprint network-segment-range-management
Change-Id: I75814e50b2c9402fe6776229d469745d7a72290b
Agents supporting the guaranteed minimum bandwidth feature need to share
their resource view with neutron-server and in turn with Placement too.
The resource information is synchronized to neutron-server via the
periodic agent heartbeat therefore transient synchronization errors are
fixed by the next heartbeat. But synchronization to Placement is not
done periodically, but on a (mostly) on demand basis. Therefore to fix
transient errors of the synchronization to Placement we must remember
the success/failure of the last synchronization attempt.
This change implements the extension 'agent-resources-synced' and
therefore extends the agent db model and object with a new attribute:
'resources_synced'. This attribute in only meant to be updated
internally. But it can be read via the API for debugging purposes.
APIImpact: The agent resource has a new attribute: resources_synced.
Change-Id: I757d659cea63c8172ca3618d1f581d10236f5e71
Depends-On: https://review.openstack.org/626210
Partial-Bug: #1578989
See-Also: https://review.openstack.org/502306 (nova spec)
See-Also: https://review.openstack.org/508149 (neutron spec)
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.
API update router gateway json:
{
router": {
"external_gateway_info": {
...
"qos_policy_id": "policy-uuid"
}
}
}
Depends-On: https://review.openstack.org/#/c/567497/
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
Rodolfo Alonso Hernandez