This new extension adds a new parameter to the NUMA affinity policy
list: "socket". The "socket" NUMA affinity policy has been supported
in Nova since [1].
[1]https://review.opendev.org/c/openstack/nova/+/773792
Closes-Bug: #2052786
Change-Id: Iad2d4c461a2aceef6ed2d5e622cce38362d79687
Update hacking to a more recent version, along with
flake8-import-order.
Remove N347 (import mock library) check as that is the
default with later hacking versions.
Update the builtins override of '_' to be the neutron.i18n
version due to the code triggering a false positive. This
is done in a couple of other projects as well.
Fix a number of new warnings it found.
Added some ignore directives for new whitespace issues
found in the test tree, can fix later.
TrivialFix
Change-Id: I5923255af86cf1fa11ab8e3b03bb9efac7dd7b58
This table has a 1:1 relationship with the "port" table, providing
the "hardware_offload_type" field (string).
The "neutron-lib" library minimum version is 3.8.0, that contains
[1].
NOTE: once the OSC patch is merged [2], the documentation will be
updated to reflect how to create a hardware offloaded port without
manually defining the port binding profile,
[1]https://review.opendev.org/c/openstack/neutron-lib/+/882726
[2]https://review.opendev.org/c/openstack/python-openstackclient/+/892792
Partial-Bug: #2013228
Change-Id: I04f232d6c43e39f254c4559caf041dcf05acec21
The optional network argument was deprecated in
update_port_status() in Pike. Let's remove it as there
are are only in-tree callers passing it anymore.
TrivialFix
Change-Id: Iab8d3dada2e147da009e195700e64b072e5bfabb
The vnic type should not be changed once the port is bound since it's
related to the actual port binding. The patch validates the port update
operation and fails the update if the vnic type is attempted to be
changed on a bound port.
Closes-bug: #2033090
Change-Id: I5cb79d9da96ba41a7787083c81f522c328fae049
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
During the port bulk creation, if an IPAM allocation fails (for
example, if the IP address is outside of the subnet CIDR), the
other IPAM allocations already created are deleted before raising
the exception.
Closes-Bug: #2039550
Change-Id: I7fd6e38016d099c03f80874bfa1fb8bdaff8bd2c
The extension "security-groups-rules-belongs-to-default-sg" definition
in the ``Ml2Plugin`` supported extension aliases was missing from
patch [1].
[1]https://review.opendev.org/c/openstack/neutron/+/883907
Partial-Bug: #2019960
Change-Id: I3488657c1f093db192681fcba931f2aa6e7e9c8d
When running behind a wsgi server like apache/mod_wsgi, neutron should
not register on Signals, it will overlap with the Signals registered by
the wsgi server.
Related-Bug: #2021814
Change-Id: I3c74846a8337d019f1ab6759ebb03f18c3f00238
Signed-off-by: Arnaud Morin <arnaud.morin@ovhcloud.com>
Raise an error when deleting/changing the fixed IP
which is linked to a floating IP.
Closes-Bug: #1999209
Change-Id: I83a5b6c30d54435426f75f4cd1f80bf41822eec5
This patch adds DB model, OVO class and DB migration script for
SG rules template used for every new SG created.
It also implements Create/Get/Delete actions for that new resource and
adds API policies for those APIs
Related-Bug: #1983053
Change-Id: Ib3cde1710edd400b972f493b13666d0679a7753c
This patch improves the ``PortBindingUpdateVirtualPortsEvent``
match filter. These are the new conditions:
* Event delete: that happens when the port binding has been deleted
because the port is no longer bound or the port has been
deleted. That will remove the Neutron port host name.
NOTE: in case the Neutron port has been deleted, the method
``Ml2Plugin.update_virtual_port_host`` won't update (create) a new
PortBinding object.
* If the new register has virtual_parents but not the old one, that
means the ovn-controller has received traffic with the VIP from
this port. The port host ID must be set.
* If the virtual parents have changed, the port host ID must be
updated.
* If the virtual parents have been removed, the port host ID must
be removed too.
Newer versions of OVN [1] are handling the virtual port binding in
a different way. When the virtual parents are added or removed,
the related "Port_Binding" register is deleted and the created
again. This is why this new version includes the event "DELETE"
on the match method; when the register is deleted, the event
class considers that the port is no longer bound to a host and
removes the host name for the Neutron port.
[1]https://review.opendev.org/c/openstack/neutron/+/880890/
Change-Id: I34caf7d0212ccb4bd7259c4414e7c3994bd8da4d
When we use the ovn driver, the security group is implemented
by the ACL of ovn. There is no need to send rpc messages.
Closes-Bug: #2007327
Change-Id: I4b486c910ed298633ac6f60fd93f695c6c3bfef2
Fix an issue with concurrent requests to activate a port binding.
If there are two activate requests in parallel, one might set the
binding on the new host to active and the other request may
not find the previously INACTIVE row anymore in
_commit_port_binding and initializing the driver_context.PortContext
crashed.
Closes-Bug: #1986003
Change-Id: I047e33062bc38f36848e0149c6e670cb5828c8e3
This new method retrieves the config option "rpc_workers" from the
configuration. If this option is not loaded, the method registers
the ``neutron.conf.service.SERVICE_OPTS`` options before reading
the knob again.
Closes-Bug: #2004656
Related-Bug: #1889737
Change-Id: I1f99cb32f33cc91141136cb4e3fbd33715530c59
rpc_workers can be set < 1 with 'ovn' backend when no
other agent is running apart from ovn agents to
consume these rpc notifications.
Add and apply disable_notifications decorator on
methods which do rpc cast calls to agents, the
decorator makes the caller method execute only
when rpc_workers >=1. This patch not changing
default behavior and utilizes the rpc_workers config option
to enable rpc notification on resources updates only when
rpc_workers >= 1.
Also set rpc_workers=0 in ovn jobs to cover this scenario.
Closes-Bug: #1889737
Closes-Bug: #1992352
Change-Id: I700fe2cd422bc1eb8b5144ec116e7f0a60238419
Bulk port create without mac address fails as when Neutron calls
oslo_utils.netutils.get_ipv6_addr_by_EUI64, as the mac field of the port
is an ATTR_NOT_SPECIFIED Sentinel() object.
With some reshuffling of the code to fill the mac field this can be
fixed.
Closes-Bug: #1995732
Related-Bug: #1954763
Change-Id: Id594003681f4755d8fd1af3b98e281c3109420f6
MechanismDriverContext has an attribute _plugin_context, which carries
the current context with it. This is used by many ml2 drivers, as it is
the only way for them to get the current context. We now make this a
public API by adding a property to MechanismDriverContext that returns
_plugin_context as a read-only attribute.
Change-Id: If9b05655286f42081cf26c90c563429ca2e63244
Running with a stricter .pylintrc generates a lot of
C0330 warnings (hanging/continued indentation). Fix
the ones in neutron/plugins.
Trivialfix
Change-Id: Id9138652f5f07ef12fa682e182fe210019e8f975
The port provisioning method ``Ml2Plugin._port_provisioned`` creates
an active wait to provision a port if the port is unbound since [1].
But this active wait should consider only VM ports in the case of
live migration, as described in the LP bug [2]. This wait should
not consider auxiliary Neutron ports or baremetal ports (we don't
live-migrate then).
[1]https://review.opendev.org/c/openstack/neutron/+/855257
[2]https://bugs.launchpad.net/neutron/+bug/1988199
Closes-Bug: #1991092
Change-Id: Ic8891e2deef4bb5e72cf7d7f37b043e936adbc00
If the database "port" child register "ml2_port_bindings" has been
manually deleted from the database, now is possible to delete the
Neutron Port resource (that implies the "port" database register and
all other child registers)
Before this patch, the port deletion CLI command succeeded (no exception
was raised) but the Port resource was not deleted.
Closes-Bug: #1988323
Change-Id: I02de276d0cd8e4ae27355d4aee5f48e92634f318
In ML2/OVN, during a live-migration process, it could
happend that the port provisioning event is received before
the port binding has been updated. That means the port has
been created in the destination host and the event received
(this event will remove any pending provisioning block). But
the Nova port binding request has not arrived yet, updating
the port binding registers. Because the port is considered
"not bound" (yet), the port provisioning doesn't set the port
status to ACTIVE.
This patch creates an active wait during the port provisioning
event method. If the port binding is still "unbound", the method
retries the port retrieval several times, giving some time to the
port binding request from Nova to arrive.
Closes-Bug: #1988199
Change-Id: I50091c84e67c172c94ce9140f23235421599185c
The ML2/OVN driver wasn't handling updates to the segmentation ID for a
given network. This patch fixes this problem.
This patch extends the _update_segmentation_id() method to check on
drivers which does not inherits from AgentMechanismDriverBase, which
is the case of OVN (which inherits from MechanismDriver). A new method
is now called for those drivers to get a list of supported VIF types,
called get_supported_vif_types().
Closes-Bug: #1944708
Change-Id: Ibe08bfbc2efc55b9d628cdd0605941b7486186b6
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
The method "_handle_segment_change" was handling the network DB object
outside a DB writer context.
Closes-Bug: #1980346
Related-Bug: #1976357
Change-Id: Ic79ad0f8e7fa1d55328e2315d87a3950fdb82258
The port-mac-address-override shim extension proposed in
I54b4c85ffc4856fba7ad5e9e29f77f74815e1275 in neutron-lib has merged
and the neutron-lib has being released. So this patch updates the
API extension and replaces the import with the new neutron_lib api
definitions.
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/831935
Change-Id: Ic332769af532003a9a5b2d2cee38b6210b5aac91
Related-Bug: #1942329
Include original and modified network when notifying mechanism drivers in PRECOMMIT event. PRECOMMIT_CREATE modified network includes new segment, while original does not. Exact opposite for PRECOMMIT_DELETE
Closes-Bug: #1967742
Change-Id: I364fc7981458374ed25eb8837d1ed3afff046b95
Removed unneeded database context in
``_create_port_security_group_binding``. This method is called always
from inside an active database transaction, when the port is udpated
or created.
The retry context only makes sense when a method is called outside
an active database transaction. It doesn't retry the command if the
context passed has an active transaction.
Trivial-Fix
Change-Id: I8f84c1bce0d1ce2538789e3511fd8f7b64fcd41a
Remove security_groups_shared_filtering_lib extension and
use security-groups-shared-filtering from neutron-lib as
it is available since version 2.17.0 [0].
[0] https://review.opendev.org/c/openstack/neutron-lib/+/812617
Change-Id: Ife9b1ae47f5b447898bce0d8b44500f91f6dfbfb
Related-Bug: #1942615
Today Nova updates the mac_address of a direct-physical port to reflect
the MAC address of the physical device the port is bound to. But this
can only be done before the port is bound. However during migration Nova
is not able to update the MAC when the port is bound to a different
physical device on the destination host.
This patch extends port binding logic for direct-physical ports to allow
providing the MAC address of the physical device via the binding profile.
If it is provided then Neutron overwrites the value of the mac_address
field of the port with the value from the active binding profile.
Also when the port is being unbound or the MAC address is removed from
the active binding porfile then neutron resets the mac_address field of
port to a generated MAC to avoid duplicated MAC issues when another port
is being bound to the same physical device.
The shim API extension for this change is being proposed in
I54b4c85ffc4856fba7ad5e9e29f77f74815e1275 in neutron-lib.
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/831935
Closes-Bug: #1942329
Change-Id: Ib0638f5db69cb92daf6932890cb89e83cf84f295
The goal of this patch is to make the Neutron code compliant
with SQLAlchemy 2.0.
All SQL transactions must be executed inside an explicit
writer/reader context. SQLAlchemy no longer will create an
implicit transaction if the session has no active transaction.
A warning message, only available in debug mode, is added. When
an ORM session calls "do_orm_execute", if there is no active
transaction, a warning message with a traceback will be logged
to help to debug the regression introduced.
Related-Bug: #1964575
Change-Id: I3da37fee205b8d67d10673075b9130147d9eab5f
A virtual IP port is a port with an IP address assigned. This IP
address is used as an allowed address pair in a bound port (or ports).
This port is marked as "virtual" and a list of "virtual-parents"
(ports with the VIP assigned as allowed address pair) will be
populated accordingly.
This patch updates the "binding:host_id" of the port when OVN detects
traffic from the corresponding VIP address. OVN updates the VIP port
SB "Port_Binding" register with the chassis ID. The hostname of this
chassis is used to update the port host ID.
The VIP port is always unbound and down; this patch only populates the
host information to provide to the user this information using the
OpenStack CLI, instead of making this search using the OVN CLI.
Closes-Bug: #1961184
Change-Id: I75b04d056ba0df9e34a99673c689a69cdbfa097e
The Nova Notifier can be called simultaneously by several RPC
callbacks from the agents (DHCP, L2), trying to update the provisioning
status of a port. In order to handle each context notifier enable flag,
a thread local variable is used. This will isolate the flag update
if two entities inform at the same time and one RPC callback is attended
during the processing of the other one.
This patch also removes the debug messages added to debug this issue.
Closes-Bug: #1958363
Change-Id: Ie670fba4b3afe427747732d2c3948d92311e960e