Commit Graph

157 Commits

Author SHA1 Message Date
Ghanshyam Mann bc8e512b4a Drop lower-constraints.txt and its testing
As discussed in TC PTG[1] and TC resolution[2], we are
dropping the lower-constraints.txt file and its testing.
We will keep lower bounds in the requirements.txt file but
with a note that these are not tested lower bounds and we
try our best to keep them updated.

[1] https://etherpad.opendev.org/p/tc-zed-ptg#L326
[2] https://governance.openstack.org/tc/resolutions/20220414-drop-lower-constraints.html#proposal

Change-Id: If17736114adedf44b502fd7c91423a7822d7170b
2022-05-02 13:01:42 -05:00
Slawek Kaplonski 3939ec35af Bump oslo.policy to 3.12.0
It allows us to revert temporary fix part from [1] as now InvalidScope
exception is properly handled by oslo.policy.

[1] https://review.opendev.org/c/openstack/neutron/+/826872

Related-bug: #1959333
Change-Id: I6b42306479c134ad8b07b8bf87d5c650fef9faae
2022-05-02 12:47:16 +02:00
Terry Wilson a13a4cb2da Fix setting table monitoring conditions
After the monitor_cond_since/update3 support patch in ovs
(46d44cf3be0), directly setting table.condition is broken. This
isn't something that was every truly supported. Prior to that
patch, using Idl.cond_change() before a connection was made
did not work, but after that patch it does.

This patch uses the old behavior when the OVS library does not
have the ConditionState object, and uses cond_change() otherwise.

Related-Bug: #1965819
Change-Id: I0503037b803a3c99fb7988bc20394c111ac456db
2022-04-19 15:39:21 +00:00
elajkat 74a9e832d7 Add retry for privsep get_link_devices
pyroute 0.6.6 introduced a new exception NetlinkDumpInterrupted which
is raised when NLM_F_DUMP_INTR is set in the flags during dump of
devices.
The suggestion from pyroute developers is to retry in case of this
exception (see [1]).

[1]: https://github.com/svinota/pyroute2/issues/874#issuecomment-1063139555

Closes-Bug: #1962608

Change-Id: Ie195ad596fd148708fc30946bde964d52444afee
2022-03-17 10:27:31 +01:00
LIU Yulong b4a192a74c Bump python-neutronclient version to 7.8.0
Fullstack test cases need this release [1] of python-neutronclient.
Update the cliff version because:
    python-neutronclient 7.8.0 depends on cliff>=3.4.0
    cliff==3.4.0 requires stevedore>=2.0.1
    python-neutronclient 7.8.0 depends on osc-lib>=1.12.0

[1] https://review.opendev.org/c/openstack/releases/+/828442

Partially-Implements: bp/packet-rate-limit
Related-Bug: #1938966
Related-Bug: #1912460
Change-Id: Ibc1fbb90bf22128cd783c8d8598fb3c49591eae2
2022-02-23 08:55:49 +08:00
Frode Nordahl 7d64d0c116
[OVN] Off-path SmartNIC DPU Port Binding with OVN
Traditionally it has been the CMSs, in OpenStacks case Nova's,
responsibility to create Virtual Interfaces (VIFs) as part of
instance life cycle, and subsequently manage plug/unplug operations
on the Open vSwitch integration bridge.

With the advent of SmartNIC DPUs which are connected to multiple
distinct CPUs we can have a topology where the instance runs on one
host and Open vSwitch and OVN runs on a different host, the
SmartNIC DPU control plane CPU.

One of the main use cases for having this topology is security
where we treat the hypervisor host as untrusted and prohibit
direct communication between the hypervisor host and the SmartNIC
DPU control plane host.  In addition to that control facilities
such as switchdev devices are only visible from the SmartNIC DPU
control plane CPUs.

Adds support for binding ports of type VNIC_REMOTE_MANAGED by
looking up chassis based on serial number that Nova provides in
the binding_profile.

Information required by the OVN controller to successfully look up
and plug representor port is provided as options on the LSP as
defined by the representor plug provider documentation [0][1].

0: https://docs.ovn.org/en/stable/topics/vif-plug-providers/vif-plug-providers.html
1: https://github.com/ovn-org/ovn-vif/blob/main/Documentation/topics/vif-plug-providers/vif-plug-representor.rst
Partial-Bug: #1932154
Depends-On: I496db96ea40da3bee5b81bcee1edc79e1f46b541
Depends-On: I83a128a260acdd8bf78fede566af6881b8b82a9c
Change-Id: Icc6c2d0f7f8f5cc94997db6244175a8e8884789f
2022-02-18 07:17:36 +01:00
Rodolfo Alonso Hernandez cde5657a50 [OVN] Sync QoS policies
The tool "neutron-ovn-db-sync-util" now syncs the Neutron QoS policies
with the OVN NB database. The tools reads the port and the floaiting IP
QoS policies and creates the corresponding OVN QoS rules.

The ovsdbapp library is bumped to version 1.15.0. This version updates
the "QoSAddCommand" to allow register updates. If the OVN NB QoS
register to be created is present in the DB and all parameters match,
no transaction is commited to the DB.

Depends-On: https://review.opendev.org/c/openstack/ovsdbapp/+/822138
Closes-Bug: #1947334

Change-Id: Ib597b62017b56b41009dd4d7359e169f424272b0
2022-02-02 19:21:21 +00:00
Zuul da9fd503ce Merge "Disable tracebacks of eventlet.wsgi.server" 2022-01-12 10:39:14 +00:00
Bence Romsics 0256e494d0 Disable tracebacks of eventlet.wsgi.server
Security folks considered tracebacks in API responses unwanted.

Some additional lower constraints had to be bumped for the
lower-constraints job to pass.

Change-Id: Ibaefbb9935020318ed670774b0205f3bcffef4ad
Closes-Bug: #1951429
Depends-On: https://review.opendev.org/c/openstack/oslo.service/+/818548
2022-01-11 09:33:12 +01:00
Zuul 051face9d7 Merge "[OVN] Correctly set dns_server in dhcpv4/v6 options" 2022-01-11 08:03:37 +00:00
Zuul 204735f506 Merge "Fix expected exception raised when new scope types are enforced" 2022-01-11 01:41:34 +00:00
yatinkarel 4a06685098 [OVN] Correctly set dns_server in dhcpv4/v6 options
When ovn/dns_servers consist of IPv6 dns nameservers,
it was getting added to IPv4 dhcp options also, and due to
this an invalid nameserver(last 4 octets of an IPv6 address)
is set in the instances.

This patch filters IPv4/IPv6 dns nameservers and set
dhcpv4/dhcpv6 options accordingly.

Also when dns_nameservers are not set for IPv6 subnets,
get those from ovn/dns_servers config or system nameservers
just like it's done with the IPv4 subnets. Updated
get_system_dns_resolvers to pick both IPv4/IPv6 valid
ips, this also requires bump of oslo.utils minimum version
to 4.8.0 to use strict option for IPv4[1].

Additionally fix some unit tests which were setting IPv4 dns
nameservers on the IPv6 subnets, this is not allowed with api.

[1] https://github.com/openstack/oslo.utils/commit/3288539

Closes-Bug: #1951816
Change-Id: I9f914e721201072e43a8c6c266ed97ca85fcc13d
2022-01-06 05:02:35 +00:00
Takashi Kajinami eee92f5eaf Sync rootwrap.conf from oslo.rootwrap
The current rootwrap.conf file is outdated and doesn't include some
parameters. This change updates the content to make it consistent with
the latest example file in oslo.rootwrap.

Change-Id: I0b40b0bea4bbcbc78490dbfa3877cdd3a26ac298
2022-01-03 09:17:04 +09:00
Slawek Kaplonski da8d0eaeea Fix expected exception raised when new scope types are enforced
After fix for the related bug will be fixed in oslo_policy [1],
InvalidScope exception will be raised for the API requests done with
project scope when "system" scope is required.
This patch changes our API policies unit tests to expect proper
exception to be raised in such cases.

This patch also bumps minimum required oslo.policy version to
3.10.1 which contains fix for the scope enforcement in the
custom rules.
Finally it also re-enables enforcing scope in those UT.

[1] https://review.opendev.org/c/openstack/oslo.policy/+/804980

Related-Bug: #1923503
Change-Id: I4c209fa4f504440a44d21a05f2703259f62519a5
2021-12-20 15:26:48 +01:00
yatinkarel 7b61adbb4a List ports when attempt to delete network with ports
When there is attempt to delete network with ports,
a general error message is displayed that one or more
ports are in use on the network. This patch proposes
to also return the ports which are in use as part of
the message.

Also modify test_delete_network_if_port_exists unit
test to check for port id and network id in Error
message.

Also bump required version of neutron-lib to 2.18.0
as that's needed for custom message in NetworkInUse
Exception.

Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/821806

Closes-Bug: #1953716
Change-Id: Ib0b40402746c6a487a226b238907142384608d3c
2021-12-16 16:31:44 +05:30
yatinkarel e41d82e374 Bump lower-constraints for eventlet to 0.26.1
eventlet before 0.32.0 have issues with
dnspython>=2.0.0, eventlet-0.26.1+[1] have
pinned dnspython for this, so let's use that
version instead for lower-constraints.

This should help with timeouts seen in
openstack-tox-lower-constraints job.

[1] https://github.com/eventlet/eventlet/commit/4236143

Change-Id: I09826681cf61eb0ff6c82421e8e85a2044e95a4a
2021-11-24 11:44:01 +00:00
Rodolfo Alonso Hernandez 4909c8c18d Bump neutron-lib to 2.17.0
Remove the QoS constants from Neutron code. QoS constants are now
located in ``neutron_lib.services.qos.constants``.

This patch also reverts [1]. This patch was merged in order to
allow a newer neutron-lib release in "requirements". This test
was failing because the element order of the "VALID_RULE_TYPES"
list was different between Neutron and neutron-lib. That was
modifying the "QosRuleType" OVO hash.

[1]https://review.opendev.org/c/openstack/neutron/+/817940

Closes-Bug: #1950977
Related-Bug: #1922237
Change-Id: I31edea3cc0f4a284a773a35302997ca6069efc95
2021-11-17 10:09:14 +00:00
Rodolfo Alonso Hernandez d4d90fb6d7 Improve "get_collection_count" calls
Reduce the object retrieval to one single field to improve the
collection count.

Bumped neutron-lib to 2.16.0. This version contains [1], needed for
this patch.

[1]https://review.opendev.org/c/openstack/neutron-lib/+/807686

Related-Bug: #1942863

Change-Id: I160e8084e97b23a2bacb49ceb40efbac2d0715be
2021-10-18 07:56:13 +00:00
Slawek Kaplonski 5665fc437b Bump os-ken to 2.2.0
Related-Bug: #1944201
Change-Id: Ib699fd096cf7e7d5df83ee4942e287eecf5a0b8f
2021-10-12 17:53:16 +02:00
Rodolfo Alonso Hernandez 42fda206e9 Replace "Inspector.from_engine()" with "sqlalchemy.inspect()"
Since SQLAlchemy 1.4, the method "Inspector.from_engine()" is
deprecated.

Error message:
"The from_engine() method on Inspector is deprecated and will be removed
in a future release.  Please use the sqlalchemy.inspect() function on an
Engine or Connection in order to acquire an Inspector. (deprecated
since: 1.4)"

Minimum version of SQLAlchemy required is bumped to 1.4.23.

Change-Id: I6cf5944ccb3a0532cbf123ddc0d7df6b6de80af1
Closes-Bug: #1943155
2021-09-23 13:41:50 +00:00
elajkat 781edc8f64 req: Bump some dependencies
Neutron's lower-constraint job started to fail and
bump of the following packages seems to solve the issue:
* decorator to 4.1.0
* Mako to 1.0.7

Change-Id: I31d20cc0dc1fc0e745e16718e6c7c8dc896da855
2021-09-17 15:48:59 +00:00
Rodolfo Alonso Hernandez 82f72896db Add pagging and sorting support for "network_ip_availability"
Added pagging and sorting support for the extension
"network_ip_availability".

Closes-Bug: #1940518

Change-Id: Ic520ceb060c4a914d72ef66f58eeaa667382c53b
2021-09-02 16:51:08 +02:00
Zuul dd46eb69fc Merge "Bump neutron-lib to 2.13.0" 2021-09-02 14:39:44 +00:00
Przemyslaw Szczerbik 31c09cd3b7 Bump os-resource-classes lib to 1.1.0
Newer version provides access to packet rate related resource classes:

* NET_PACKET_RATE_KILOPACKET_PER_SEC
* NET_PACKET_RATE_EGR_KILOPACKET_PER_SEC
* NET_PACKET_RATE_IGR_KILOPACKET_PER_SEC

Related-Bug: #1922237
See-Also: https://review.opendev.org/785236
Change-Id: I505911412fd903d351f39ebb733ef8e872cb16fb
2021-08-24 11:00:22 +02:00
Slawek Kaplonski 5ee9325fcc Bump neutron-lib to 2.13.0
Change-Id: I96100d3f62835d66f6ddf252c7ef638aca1f487b
2021-08-09 07:15:00 +00:00
Przemyslaw Szczerbik 2356f0eb87 Bump oslo.log to version 4.5.0
In this version versionutils were updated for Xena release.

Related-bug: #1922237
Change-Id: I89f52929cec067bbe55b183f5dcdbc64a92805de
2021-08-02 10:59:32 +02:00
Przemyslaw Szczerbik 26b06d246a Use os-resource-classes lib for resource classes names
The os-resource-classes lib is the official source of the standard
placement resource classes. Currently, the neutron-lib contains a copy
of those constants. However, they are already marked as deprecated and
are going to be removed with next major release.

Related-Bug: #1934256
Change-Id: I33ecd6f32410f9b7ab1e87a6640201ea157bc383
2021-07-07 09:33:54 +02:00
Zuul 8a1fdddc5c Merge "Bump minimal ovsdbapp version to 1.11.0" 2021-06-25 14:34:28 +00:00
Zuul 7070538db4 Merge "Update version of doc8" 2021-06-25 07:02:21 +00:00
LIU Yulong 2ea7d66216 Bump neutron-lib to 2.12.0
Related-bug: #1912460
Change-Id: If86e42c7c56bb0fc571d68818febf54a29a31aa2
2021-06-22 09:43:04 +08:00
Ihar Hrachyshka 8954b33576 Bump minimal ovsdbapp version to 1.11.0
This is to make sure stateless-security-groups API extension works
for OVN. (The new ovsdbapp version contains support for
allow-stateless ACL verb.)

Change-Id: I812b7e8669bf1ef7b30a3670612d14bc65a93190
2021-06-17 21:32:47 -04:00
Zuul 87fd945119 Merge "Bump os-ken to 2.0.0" 2021-06-11 01:15:48 +00:00
Zuul fd80100437 Merge "Remove "mitogen" library installation from "docs" job" 2021-06-10 18:13:50 +00:00
Rodolfo Alonso Hernandez e3bb98c7e7 Bump os-ken to 2.0.0
That will avoid problems with eventlet 0.31.0 version, as seen during
the requirements upgrade.

Change-Id: I9a6798a6b0438149af8190dc90c70f79735bb01d
Closes-Bug: #1930195
2021-06-10 14:45:58 +00:00
Zuul b7299c1571 Merge "Bump alembic to 1.6.5" 2021-06-09 15:06:09 +00:00
Rodolfo Alonso Hernandez a660f77d38 Remove "mitogen" library installation from "docs" job
Since pyroute 0.6.2, this dependency is not needed anymore. The
pyroute version is bumped both in requirements and doc/requirements.

This patch bumps the pyroute2 version to 0.6.4 (newest version
provided in upper-requirements).

Change-Id: I627e902e32fe59c6829c3bc92af19abff4b70f9a
Related-Bug: #1928913
2021-06-07 12:39:28 +00:00
Rodolfo Alonso Hernandez 6afdff8494 Bump lower version of evenlet to 0.25.1
That fixes the lower-constraints job with pyroute >=0.6.2.

Change-Id: I849d777903b10a809947f0564205deb73e668c3c
Closes-Bug: #1931098
2021-06-07 12:38:27 +00:00
Rodolfo Alonso Hernandez c915b93e76 Bump alembic to 1.6.5
This version fixes the problem reported in LP#1929518 as described
in [1].

[1]acc82bff39

Change-Id: I894eb3524681a3abaca5eeca0aa47028e7f1ff44
Closes-Bug: #1929518
2021-06-07 08:23:18 +00:00
Rodolfo Alonso Hernandez f9bda4b1e4 Set the default ``Backend.lookup`` timeout to 2 seconds
In order to broadly cover the issue described in the referred bug,
this patch sets a default timeout of 2 seconds in the
``ovs_idl.Backend.lookup`` method.

This timeout should cover most of the situations where the IDL local
cache update is delayed. This patch does not change the default
behavior, except it will not fail if the DB cache is synchronized
within 2 seconds.

If we don't pass the notify handler or the backend does not implement
one, in case of not finding the requested register, the method will
raise like before.

ovsdbapp library is bumped to version 1.10.0 to receive the change
that introduces the active wait in ``Backend.lookup`` and adds the
timeout parameter to the method signature.

Change-Id: Ib40eabd6a8e9d59896e0e20383d8061eb4b5c710
Related-Bug: #1922934
2021-05-17 07:46:02 +00:00
Zuul b4812af4ee Merge "Improve "objects.db.api.count" method" 2021-04-29 17:31:15 +00:00
Rodolfo Alonso Hernandez 9911d414c6 Improve "objects.db.api.count" method
Two improvements are implemented in this method:
- Add a query limit number parameter. This parameter is used by
  "NeutronDbObject.objects_exist" to limit the number of registers
  retrieved to 1.
- Add a query field parameter. This is the name (string) of the
  "obj_cls.fields" list. That will reduce the columns to be
  retrieved to only one. To check the existence of a DB register,
  there is not need to retrieve the full DB model including the back
  references.
  In case of not passing any value, the first "obj_cls.primary_keys"
  value will be used instead.

Closes-Bug: #1925528

Change-Id: I9fd5e306e293102c366d89c01bbe8b13721d59b0
2021-04-28 07:50:56 +00:00
Rodolfo Alonso Hernandez 8b39060ddf Fix SQLAlchemy backref warnings for viewonly columns
Fixed backref warning for two view only relationship defined in the
ORM, "QosNetworkPolicyBinding.port" and "Tag.standard_attr".

Change-Id: I7fcb1268f4fc637e7f39eae4fcde33f82cb9772c
Closes-Bug: #1925841
2021-04-26 16:06:16 +00:00
Zuul 79452ab892 Merge "Bump neutron-lib to 2.10.1" 2021-03-24 01:23:40 +00:00
Zuul 793f147291 Merge "Move policy rules "deprecated_*" params to the DeprecatedRule" 2021-03-22 17:48:52 +00:00
Slawek Kaplonski 67a9f46d80 Move policy rules "deprecated_*" params to the DeprecatedRule
Oslo policy moved those parameters to the DeprecatedRule object in [1]
and deprecated it in DocumentedRule object.
To avoid many deprecation warnings e.g. in our tests, this patch moves
"deprecated_since" and "deprecated_reason" parameters to the
DeprecatedRule object.

That change requires also bump of the oslo_policy to the 3.7.0 version
as change [1] isn't available in oslo_policy 3.6.2.

Additionally this patch also changes simple string "Wallaby" to
oslo_log.versionutils constant.

[1] https://review.opendev.org/c/openstack/oslo.policy/+/766628

Change-Id: I3234e04f417171db0d90e3e70661cc69bff8a4b1
2021-03-18 21:31:56 +01:00
Slawek Kaplonski c3427ca292 Bump neutron-lib to 2.10.1
Change-Id: I48a66b434bea7f7551f9631982eef70a2df369b3
2021-03-18 10:09:23 +01:00
Rodolfo Alonso Hernandez f628905279 Fix VLAN driver tests
Since [1], the physical network VLAN ranges parser populates the
ranges for those entries without a defined range, allowing all
valid VLAN ranges ([1, 4094]).

Some VLAN driver tests, relying on the previous implementation,
considered that the physical network without a defined VLAN
range does not have segments to allocated (those segments
are created on the fly by
"SegmentTypeDriverallocate_fully_specified_segment).

Since [1], all physical network segments are stored in the
"ml2_vlan_allocations" table and set as non allocated.

This patch also reverts [2]. When the physical networks are defined
in "network_vlan_ranges", there is no distinction between tenant
and provided networks; the physical network segments are assigned
by the user. It is possible to create a provider network without
defining the segmentation ID, it will be provided by the Neutron
VLAN driver, if there are free segments for the required physical
network.

[1]https://review.opendev.org/c/openstack/neutron-lib/+/779515
[2]1376df7873c2ac77c256ab2fed928de41a2c1d58

Closes-Bug: #1919280
Related-Bug: #1918274
Related-Bug: #1649750

Change-Id: I191e020ddb97dcf8fb41139d35bfd699e125379b
2021-03-16 15:43:33 +00:00
Zuul 1f74030e66 Merge "Follow-up: Move linters dependencies to tox.ini" 2021-03-08 17:44:12 +00:00
Zuul 47eecd9b67 Merge "Use agent chassis table based on schema" 2021-02-21 14:31:31 +00:00
Slawek Kaplonski 86c03faa23 Bump neutron-lib to 2.9.0
Change-Id: Ifbb368d4e4c497079a3c3d7a8b9ca0df43bee65d
2021-02-16 12:21:35 +01:00