Oslo config generator was introduced in patch [1] to
automatically generate the sample Neutron core configuration
files.
This patch removes the static example configuration files from
the repository as they are now redundant.
[1] https://review.openstack.org/#/c/204206/
DocImpact
Change-Id: Ic7ae2e038b5bd7b215c65c9c565bfe31ef551520
Partially-Implements: blueprint autogen-neutron-conf-file
Closes-bug: #1199963
Depends-On: Ic37a16b6cf8eb92030649f1fc8b198738a8cc104
The use_namespaces option has been defined as a workaround to kernels
not properly supporting namespaces. This limitation is behind us, it's
time to remove use_namespaces after its deprecation in Kilo in order to
simplify code and remove a poorly tested case (use_namespaces=False).
This change prepares for removal pullup_route method[1] which was only
used when use_namespaces=False.
[1] neutron.agent.linux.ip_lib
DocImpact
UpgradeImpact
Closes-Bug: #1508188
Related-Bug: #1435382
Depends-On: I303038eec560a6d99421140c2822aed8b518470b
Depends-On: I4feb2a15c7e1e4bfdbed2531b18b8e7d798ab3cc
Change-Id: I2fbf65df1250d9f9f1656b3964ee3b6de1ef1118
This reverts commit 3101e2b62f.
The lease duration isn't DHCP agent specific. DHCP is a feature that
should be provided by whatever plugin is loaded and operators would
still like to set lease times for DHCP.
In the reference implementation we just consume it directly in the
agent, but that doesn't mean it's specific to the agent implementation.
Change-Id: I5efb6aa5e196d4cac5ff7c0c35be5a350401b925
It is DHCP agent specific, and so it should not be present in
neutron.conf or be reported as a valid option for other services.
Also modified the help message slightly to avoid mentioning dnsmasq
since the option could in theory be used by alternative dhcp drivers.
Change-Id: I66bcea1c3a6ce6fa9ce56ea8137a94858f18dc5a
dhcp/router_delete_namespaces[1] options have been defined as a
workaround to an iproute2 limitation[1] corrected 2 years ago.
That's why the change removes these options after their deprecation
in Liberty.
[1] in neutron.agent.dhcp/l3.config
DocImpact
Closes-Bug: #1508189
Related-Bug: #1418079
Change-Id: I2a879213c3b095a007a4531f430a33cea9fdf1bd
Changed the interface_driver configure for agents from class
imports to stevedor aliases. The loading method needed to be
updated to load as a DriverManager. Backward compatability
for configuration as class import.
DocImpact
Change-Id: Ic349691989484286cd7c60eaf3ad1454c5852d1f
Closes-Bug: #1504536
Functionallity is added to enable users to specify a dns_label field during
port creation and update. This dns_label field will be used for DNS resolution
of the hostname in dnsmasq and also will be used when Neutron can integrate
with external DNS systems.
Change-Id: I6beab336dfd9b70b1af6e975939c602047faa651
DocImpact
APIImpact
Closes-Bug: #1459030
Implements: blueprint internal-dns-resolution
Vendors implementing Neutron L3 API in their devices may not be able to provide
metadata server access via the Neutron router. In such cases we want to allow
the metadata service as done for non-isolated networks segments.
DocImpact
Change-Id: I5f6ee9788717c3d4f1f2e2a4b9734fdd8dd92b40
Closes-Bug:#1483939
Enable set DNS and DHCP log of dnsmasq for dhcp agent
Add a new configuration named 'dnsmasq_base_log_dir'
in dhcp_agent.ini.
This entry should be a path of log file. It should
like this:
dnsmasq_base_log_dir=/tmp
And the DNS and DHCP log will be written into the file
"/tmp/aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa/dhcp_dns_log".
The dir path will be created if the given path doesn't exists.
DocImpact
Closes-Bug: #1475636
Change-Id: I87be346ec5059eaa8a29f48fe53933af82d1b155
When troubleshooting problems with cluster it would be
very convenient to have information about agent heartbeats
logged with some searchable identifier which could create
1-to-1 mapping between events in agent's logs and server's logs.
Currently agent's heartbeats are not logged at all on server side.
Since on a large cluster that could create too much logging
(even for troubleshooting cases), it might make sense to make
this configurable both on neutron-server side and on agent-side.
DocImpact
Change-Id: I0a127ef274a84bba5de47395d47b62f48bd4be16
Closes-Bug: #1452582
These 2 configuration options are no longer be necessary.
They are marked as deprecated in this release and will be removed in the
next release.
Change-Id: I4e02a291738b16c7c9b7600f0bc9a47fb1318569
Partial-Bug: #1418079
There has been a problem with iproute package that resulted in errors
when deleting the namespaces, so deleting was turned off by default.
According to tests with iproute version 3.12.0 there is no such issue
so the option could be safely turned on by default.
DocImpact
Related-Bug: #1052535
Related-Bug: #1402739
Change-Id: I4c831f98fb2462382ef0f9216e265555186b965a
This change moves metadata proxy options shared between dhcp and l3
agents to neutron.conf. This change prepares follow-up changes allowing
to run metadata proxy with nobody user/group
Change-Id: I1828e322791b8a697765cad2f12857e3d6deae68
Related-bug: #1427228
Currently neutron-ns-metadata-proxy runs with root permissions when
namespaces are enabled on the dhcp agent because root permissions are
required to "enter" in the namespace. But neutron-ns-metadata-proxy
permissions should be reduced as much as possible because it is
reachable from vms.
This change allows to change neutron-ns-metadata-proxy permissions
after its startup through the 2 new options metadata_proxy_user and
metadata_proxy_group which allow to define user/group running metadata
proxy after its initialization. Their default values are
neutron-dhcp-agent effective user and group.
This change delegates metadata proxy management to metadata driver
methods in order to reuse the work already done on l3 agent side.
Permissions drop is done after metadata proxy daemon writes its
pid in its pidfile (it could be disallowed after permissions drop) and
after metadata proxy daemon binds its privileged server port (80).
Using nobody as metadata_proxy_user/group (more secure) is currently
not supported because:
* nobody has not the permission to connect the metadata socket,
* nobody has not the permission to log to file because neutron uses
WatchedFileHandler (which requires read/write permissions after
permissions drop).
This limitation will be addressed in a daughter change.
DocImpact
Closes-Bug: #1187107
Change-Id: I53e97254d560e608101010f67bd2dcdec81fb6a2
Adds a flag for DHCP agent configuration
to add dhcp-broadcast flag to Dnsmasq process
In order to support virtual network on top of Infiniband
Fabric, there is a requirement to receive DHCP response
via broadcast message (according to IB Spec).
DocImpact
Change-Id: I95329e535bacf14b650a8f37179ecd020b5bfafe
Closes-Bug: #1293953
Thanks to the commit c73b54e50b,
the way of DHCP agent determines how a subnet is isolated evolves.
But the flag help message wasn't updtated accordingly to this evolution.
Change-Id: If07d8e0802524f9babdee0c8cc07d40cb0803afb
Closes-bug: #1269722
This patch change the dnsmasq_server configuration option to a ListOpt
in order to enable user to specify multiple DNS forwarders for each
dnsmasq instance.
DocImpact
Change-Id: I21963b4a6c99e4edb11040d77a6aeaa35ff44641
Closes-bug: #1240027
This patch adds a new configuration variable for the timeout on
ovs-vsctl commands, and sets the default timeout to 10 seconds.
This is aimed at allowing users to tune the agents in order to avoid
timeout errors on their deployments.
Change-Id: I73ea0d0de49a4b4a118bc2d68ad9c093ea122717
Closes-Bug: #1254520
Add an option item into dhcp_agent.ini to sync with the codes.
* Add ovs_integration_bridge in /etc/dhcp_agent.ini
* Add corresponding unit test
Change-Id: Ia78e7ca6c1fcbeca3e962f870a393e44183d719c
closes-Bug: #1256197
Adds a configuration option to tell the network agents to delete
namespaces when they are no longer in use. The option defaults to
False so that the agent will not attempt to delete namespaces in
environments where this is not safe.
This has been working well in deployments where iproute2 has been
patched with commit 58a3e8270fe72f8ed92687d3a3132c2a708582dd or it is
new enough to include it without being patched.
Change-Id: Ice5242c6f0446d16aaaa7ee353d674310297ef72
Closes-Bug: #1250596
Related-Bug: #1052535
This change dynamically adjusts the maximum number of leases based on
the size of the subnets associated with a network. The upper bound is
limited by a configurable option to keep the max reasonable and prevent
denial of service.
Closes bug: 1225200
Change-Id: I75c3907bcf45cd991eadf5dd8c8ad7f1eaab3c85
Previously when starting the dhcp agent the sync_state() process would
be extremely expensive as it would query quantum server for each network.
In order to improve performance a get_active_networks_info() was added
so this information could be retrieved in one query rather than doing a
query for each active network.
The second part of this patch optimizes the logic to avoid calling
get_dhcp_port(). Previously, this method was called once for each network
which makes a call to get_subnets() and get_ports() unnecessarily as
the dhcp agent can determine itself if it needs to update a port or create a
port for dhcp.
This patch also threads the inital sync process and maintains backwards
compatibility with the previous rpc api.
There was also a trivial change to the nvp_plugin where filters are assumed to
be a dict.
implements blueprint improve-dhcp-agent-performance
Change-Id: I3b631057f595250dad76516faa9b421789f60953
This change renames everything to Neutron while providing backwards
compatible adjustments for Grizzly configuration files.
implements blueprint: remove-use-of-quantum
Change-Id: Ie7d07ba7c89857e13d4ddc8f0e9b68de020a3d19
This patch changes dhcp_agent_manager to be DhcpAgent instead of
DhcpAgentWithStateReport since not all plugins support DhcpAgentWithStateReport
and having this as the default breaks all current deployments that upgrade
source without changing their config files.
Fixes bug 1131446
Change-Id: I6415f85714b03e9bf59d597e8ec2397fedc92b02
2nd part of blueprint quantum-scheduler
Remove openstack openstack listener on DHCP agent side.
Add DHCPagent notifier on quantum server side.
Change-Id: I196691650a99ba865bf06081a1fc4546f9fac7bd
Bug #1121119
Allows the NVP plugin to leverage the metadata proxy, by creating an
ad-hoc topology for allowing access to a metadata proxy from a NVP
router leveraging existing agents.
This patch also removes previous code for metadata support in the
NVP plugin, which was based on DHCP Option 121. This is now provided
by the dhcp agent as well.
Change-Id: If37ef388e063f40bb06908ee2f72c431f29dac31
implements blueprint metadata-non-routed
This patchset completes Quantum metadata support by adding metadata
proxy support for isolated network segments. The support requires that
the guest instance request host routes, so that the DHCP port can be
used to proxy metadata requests. NOTE: The cirros image does not support
host router, so the UEC or equivalent required for testing and usage.
Change-Id: I962deef7c164ecb2a93b7af326ef8dca6e2b183a
Fixes bug 1105523
The patch set adds 2 new functions:
1. register_root_helper - this enables all wanting to use
the root_helper variable. This is under the section AGENT.
2. get_root_helper - this is a helper function that returns the
root_helper. This should be used when the application used to
have the root_helper defined under the section DEFAULT. This
ensures backward compatability.
Change-Id: Iba72c4fc89ba5329ea045483287012f82b306250
Bug 1089223
RyuInterfaceDriver is eliminated, so update the example of
dhcp_agent.ini, l3_agent.ini for Ryu plugin and other OVS
based plugins.
Change-Id: Icc95c213ecd96946bd5a90d5d60df88c94cc1454
fixes bug 1085249
This patch sets the default state_path to match a reasonable deployment
value instead of the devstack default.
Change-Id: Ib0c10621d91760588a68a62df8a60682d780e015
fixes bug 1047605
This patch adds a periodic resync check to the DHCP agent that will
resync state with the Quantum server if any notification or rpc errors
have occurred since the last check.
Change-Id: I879662ff44f2991cd2ff07062bb4e770a2981528
Fix bug 1037815
Summary: Copy/paste the essential parts of the rootwrap
mechanism from nova/cinder into quantum. This includes
the core changes to filter.py and wrapper.py which deal
with loading filters from files pointed to by
rootwrap.conf
Detailed changes:
Transliterate the old rootwrap/*-agent.py files to
new format, and put the results in etc/quantum/rootwrap.d
Delete the *-agent.py files.
Add conf to point to etc/quantum/rootwrap.d
Add a unit test cribbed from nova to exercise the filter
mechanism
Add a unit test to exercise the actual filtered execution
Note that as written, this patch does not set the default
execute mechanism (in the agent .ini files) to rootwrap,
leaves it as sudo. That can be done in a followon
change, or in distro specific packaging.
Note also that there is still work to do around finishing
and testing the filter specs themselves. We've decided
that that is out of scope for this patch.
Change-Id: I9aba6adc5ba40b6145be5fa38c5ece3b666ae5ca
blueprint non-polling-dhcp-impl
This requires a change to devstack/stack.sh.
See https://review.openstack.org/#/c/11278/ for the required changes.
Change-Id: I1ea22c8e1b80e630bcb83f27a31aaeef482aff6c
This patch adds Ryu support to dhcp-agent.
fixes bug 1030830
Ryu devstack support is available at https://review.openstack.org/#/c/10117/
Change-Id: I3f5fbe8600b4b674834e317e158bac1856b0349c
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>