These were deprecated during Xena cycle[1], so can be removed now.
[1] adfd853267
Related-Bug: #1927494
Change-Id: I9fadaa6cfcd66409da47422505c145d9d67f6b8c
As part of the Secure RBAC community goal, we should switch options
"enforce_new_defaults" and "enforce_scope" to be True by default.
It will be still possible to fallback to old policy rules by configuring
those config options to False in Neutron config.
Change-Id: I09c0026ccf87e6c0bb1fa59165c03dc508fba6fa
Those modules needs to ensure that common config options
are registered.
Otherwise it can't be successfully run without other tests as it was
then failing due to unregistered config option.
Trivial-fix
Change-Id: Ifa348218229b6be64bb7403d933df82f03afafdf
When a port is created the dns-assignment (dns-domain part)
was always taken form Neutron config dns_domain which is not
always true, since it could be Neutron network dns_domain or
the dns_domain sent when creating the port
Change-Id: I7f4366ff5a26f73013433bfbfb299fd06294f359
Closes-Bug:1873091
Now that we are python3 only, we should move to using the built
in version of mock that supports all of our testing needs and
remove the dependency on the "mock" package.
This patch moves all references to "import mock" to
"from unittest import mock". It also cleans up some new line
inconsistency.
Fixed an inconsistency in the OVSBridge.deferred() definition
as it needs to also have an *args argument.
Fixed an issue where an l3-agent test was mocking
functools.partial, causing a python3.8 failure.
Unit tests only, removing from tests/base.py affects
functional tests which need additional work.
Change-Id: I40e8a8410840c3774c72ae1a8054574445d66ece
Removed E125 (continuation line does not distinguish itself
from next logical line) from the ignore list and fixed all
the indentation issues. Didn't think it was going to be
close to 100 files when I started.
Change-Id: I0a6f5efec4b7d8d3632dd9dbb43e0ab58af9dff3
The unittests do some mocks of the keystoneauth Session contructor to
make sure Sessions are being constructed properly. In keystoneauth 3.7.0
we added two new options that can be used from oslo.config files, and
those options in turn now get passed to the Session constructor - which
breaks the mocks.
The thing is, neutron doesn't need to test that
load_session_from_conf_options works, keystoneauth tests that. What we
want to test here is that setting various config options has a specific
result. So instead of testing the entire args list (which could change)
test for the specific results we're concerned about.
Change-Id: I3048cdb8f8b07f6b243a0ab7d08484278c60995f
Needed-By: https://review.openstack.org/569447
Fix W503 (line break before binary operator) pep8 warnings
and no longer ignore new failures.
Trivialfix
Change-Id: I7539f3b7187f2ad40681781f74b6e05a01bac474
neutron-lib contains the dns API definition and associated exceptions,
constants, etc. This patch moves all references over to use the API
def from neutron-lib.
NeutronLibImpact
Change-Id: If180cf92d8ae31a0857080239e8233095cd6c768
Refactoring neutron ml2 config opts to be in neutron/conf/plugins/ml2.
This would allow centralization of all configuration options and
provides an easy way to import.
NeutronLibImpact
Change-Id: Ibc5a9ab268578c243ef13f7e0041bacd6c0c410b
Partial-Bug: #1563069
Needed-By: Id0a97dda7718f06e33b2d30ce01cdcb3e9a46f7d
The records found in ip_allocations contain objects of type IPAddress,
but the external dns service expects them as string, so we need to
insert a conversion.
Change-Id: I622993fc273121bfd051d2fd9c7811e2ae49a1d8
Closes-Bug: 1714641
This patchset adds logic to the ML2 DNS integration extension to process
a new dns_domain attribute associated to ports.
This patchset belongs to a series that adds dns_domain attribute
functionality to ports.
DocImpact: Ports have a new dns_domain attribute, that takes precedence
over networks dns_domain when published to an external DNS
service.
APIImpact: Users can now specify a dns_domain attribute in port POST and
PUT operations.
Change-Id: I02d8587d3a1f9f3f6b8cbc79dbe8df4b4b99a893
Partial-Bug: #1650678
This change adds a dns_domain attribute to ports in the API.
This patchset belongs to a series that adds dns_domain attribute
functionality to ports.
Change-Id: Ied1f2f0c1e96ae21c309b6e6fed9e3c602b0450b
Partial-Bug: #1650678
Openstack common has a wrapper for generating uuids. We should
use that function when generating uuids for consistency.
Change-Id: I9e8097f7254e9cd63f27898ab49c473aa6177121
Closes-Bug: #1082248
Neutron-lib 1.1.0 is now out and contains the provider
network API definition (as per commit [1]). This patch
moves neutron references over to the neutron-lib
version.
NeutronLibImpact
- Consumers using the public constants within neutron's
providernet API extension must now use the values
from neutron-lib.
[1] cba0f9f0dd920b1f828c4bba3bd388d5b4eb9abf
Change-Id: I46390a159e93642901de87ea6604f2e7ffa03bad
We should use addCleanup instead of tearDown because:
- tearDown is executed only if the test succeeds
- cleanups (defined with addCleanup) are executed even if the test fails
This change removes useless tearDown and transforms remaining ones into
addCleanup.
Change-Id: I44bd26dcb5c8456126a35cb807f0bafc772c0ab0
Using the session loader has the benefit of compatibility with
settings in other sections (like keystone_authtoken), and the
ability to use client certs and setting the timeout. This changes
the designate.ca_cert setting to designate.cafile, but the former
is added as a deprecated option, so existing config files will work.
DocImpact
ca_cert in [designate] is deprecated, use cafile instead.
Change-Id: I9f2173b02af5c3929a96ef8c773d587e9b673d62
Using the loader from keystoneauth1, it is possible to easily use
keystone v3 options in [designate].
For the end user, it means she/he must specify designate.auth_type,
then she/he can specify an Keystone v3 endpoint in designate.auth_url.
Change-Id: I8bb02f11e60767dacdf6ac852979cfa82de1e08b
Closes-bug: #1585976
DocImpact
Neutron Manager is loaded at the very startup of the neutron
server process and with it plugins are loaded and stored for
lookup purposes as their references are widely used across the
entire neutron codebase.
Rather than holding these references directly in NeutronManager
this patch refactors the code so that these references are held
by a plugin directory.
This allows subprojects and other parts of the Neutron codebase
to use the directory in lieu of the manager. The result is a
leaner, cleaner, and more decoupled code.
Usage pattern [1,2] can be translated to [3,4] respectively.
[1] manager.NeutronManager.get_service_plugins()[FOO]
[2] manager.NeutronManager.get_plugin()
[3] directory.get_plugin(FOO)
[4] directory.get_plugin()
The more entangled part is in the neutron unit tests, where the
use of the manager can be simplified as mocking is typically
replaced by a call to the directory add_plugin() method. This is
safe as each test case gets its own copy of the plugin directory.
That said, unit tests that look more like API tests and that rely on
the entire plugin machinery, need some tweaking to avoid stumbling
into plugin loading failures.
Due to the massive use of the manager, deprecation warnings are
considered impractical as they cause logs to bloat out of proportion.
Follow-up patches that show how to adopt the directory in neutron
subprojects are tagged with topic:plugin-directory.
NeutronLibImpact
Partially-implements: blueprint neutron-lib
Change-Id: I7331e914234c5f0b7abe836604fdd7e4067551cf
This patch will introduce ovo for NetworkDNSDomain and
FloatingIPDNS. It also integrates the ovo use for PortDNS
NetworkDNSDomain, FloatingIPDNS
Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com>
Change-Id: I90ace59735c8cb9fa8a02b0e7636a58f0912efa7
Partially-Implements: blueprint adopt-oslo-versioned-objects-for-db
If a port update specifies only a subnet_id for a fixed_ip then we
want to look at existing fixed_ips to see if that subnet_id is already
there. This avoids allocating a new IP address on the subnet and
deallocating the old one.
Without some special care, this breaks the code path for prefix
delegation. One could argue that PD needs reworking. However, as a
stop-gap measure, we still run the old code path if the address is an
EUI-64 address. This allows PD to continue to work as it was
originally written and it doesn't do any harm because allocating
EUI-64 addresses is repeatable.
This commit removes a test case from the DNS integration tests. The
test was specifically testing that DNS records we updated in the case
where a subnet id was passed to re-allocate a fixed_ip. Since the use
case no longer works, the test doesn't make sense.
This commit also preserves the ability to add an additional IP from a
subnet for which the port already has IPs.
Change-Id: Iba5d54efa7f99ed82275ffc8e5be975b373c29d3
Related-Bug: #1622616
Closes-Bug: #1625334
This reverts commit f07c07b16f.
This broke the ability to add fixed IPs to a port based on
subnet_id.
API test to prevent regression in child patch.
Change-Id: Ia13abea59431744ce7a0270f480f4bf61a7161e0
Closes-Bug: #1623800
If a port update specifies only a subnet_id for a fixed_ip then we
want to look at existing fixed_ips to see if that subnet_id is already
there. This avoids allocating a new IP address on the subnet and
deallocating the old one.
Without some special care, this breaks the code path for prefix
delegation. One could argue that PD needs reworking. However, as a
stop-gap measure, we still run the old code path if the address is an
EUI-64 address. This allows PD to continue to work as it was
originally written and it doesn't do any harm because allocating
EUI-64 addresses is repeatable.
This commit removes a test case from the DNS integration tests. The
test was specifically testing that DNS records we updated in the case
where a subnet id was passed to re-allocate a fixed_ip. Since the use
case no longer works, the test doesn't make sense.
Change-Id: I887cd23cf65a1df9bd1d59ab897a1ecd005a588c
Closes-Bug: #1622616
Neutron LBaaS does not pass a full copy of the request_data
into this function, and causes the port create to fail
with a KeyError
Change-Id: Ib81cbbaf24a4ffaa983e1b05146aea0dc74e29bb
Fixes-Bug: #1605336
This patch set aims to move all the code related to DNS integration
from the DB core plugin to the DNS ML2 extension module.
By doing this, this patchset removes the dns related code in
db_base_plugin_v2 and the dns exteions module talks with core plugin
only through the method extension_manager and apply_dict_extend_functions
By properly implementing the generation of the dns_assignment attribute
for ports in the DNS ML2 extension module, this patchset also fixes
https://bugs.launchpad.net/neutron/+bug/1579977
Change-Id: I63afb1a1bfeeb14eefb54681dc64959144deeb25
Closes-Bug: #1579601
Closes-Bug: #1579977
This test was modifying the driver session method without making an
effort to restore the original value after the test case completion.
This resulted in two consequent tests that relied on the method that
were triggered in the same test thread, to trigger a failure for one of
them.
Changed the setup logic for the test class to use mock.patch(..).start()
instead.
Closes-Bug: #1593647
Change-Id: I08be90691b5417025c40c5a18308d820dc7a43d2
Allow setting options in designate section to specify if want
to skip SSL cert check. This makes it possible to work with HTTPS
based endpoints, the default behavior of keystoneclient is to always
set verify=True however in current code, one cannot either provide
a valid CA cert or skip the verification.
DocImpact: Introduce two additional options for `[designate]` section
in neutron.conf
CONF.designate.insecure to allow insecure connections over SSL.
CONF.designate.ca_cert for a valid cert when connecting over SSL
Change-Id: Ic371cc11d783618c38ee40a18206b0c2a197bb3e
Closes-Bug: #1588067
Replace references to IPV[46]_MAX_PREFIXLEN with IPv[46]_BITS from
neutron-lib. Replace several integer literals used to represent IP
address sizes with these constants too.
Remove IPV4_MAX_PREFIXLEN and IPV6_MAX_PREFIXLEN from neutron constants
as they are no longer referenced:
http://codesearch.openstack.org/?q=IPV[46]_MAX_PREFIXLEN
Change-Id: I03e1405e71f08db9ac6e759258625139c28ecc89
These unit tests initially asserted sequential allocation of IP
addresses, even though they have no need to specifically assert
that a specific IP was allocated. This made it difficult to
change out the IP allocation algorithm in the future and made
these tests fragile and poorly isolated.
This change breaks the dependency these unit tests have on a
specific IP allocation strategy and isolates them from any
changes that may be made to the order in which IP addresses
are allocated on a subnet.
Change-Id: Idc879b7f1e6496aa96b4f7ae6c3eaca6079bdcac
Partial-Bug: #1543094