Add file to the reno documentation build to show release notes for
stable/2024.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.1.
Sem-Ver: feature
Change-Id: I2f2b4e4eb87d05106561538e8ac9c538e268f8dc
This extension adds a new field to the "subnet" resource:
"router:external". This boolean field, that is False by default,
represents if the subnet belongs to an external network.
Related-Bug: #2051831
Change-Id: I75a9c30f1e8031d40a548df345b02fbe0bc47706
The ``CallbacksManager`` class considers, by default, that the events
starting with "before_" and "precommit_" can raise an Exception
(``CallbackFailure``) in case that the callbacks associated to these
methods exit with an error.
However there are some other events (those started with "after_") that
won't generate an exception in case of error. The error will be logged
but the process will continue.
This new functionality adds the possibility of adding any kind of event
and mark is as "cancellable". The ``CallbacksManager`` instance will check
the errors returned by the callback methods and if any of them is marked
as "cancellable", the manager will raise a ``CallbackFailure`` exception,
terminating the process.
In case of being a Neutron worker, for example, the
``oslo_service.service.Services`` class will restart the process again.
Related-Bug: #2036607
Change-Id: Ie1e7be6d70cca957c1b1b6c15b402e8bc6523865
Add file to the reno documentation build to show release notes for
stable/2023.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.
Sem-Ver: feature
Change-Id: I93d2f0751bb2bf4728a6d361044c1c73b4b4e4b7
This reverts commit a014720912.
Reason for revert: It is not needed to have network in the EXT_PARENT_RESOURCE_MAPPING as we will keep NET_OWNER rules and use
them for subnets and ports API.
Please see [1] for more detailed explanation why it's better to keep NET_OWNER rules for those policies.
[1] https://review.opendev.org/c/openstack/neutron/+/889153
Change-Id: Ia2cd6301e04ac502888ee2b8042ea8c19873a95a
A new event AFTER_STATUS_UPDATE is added, that will be published to
callbacks when a resource's status is updated in the DB. The first use
of this new event is to indicate when the L3 DB layer has updated
floating IPs status.
Change-Id: I1a85d1af7b4f50a5319c64e47c52ccdaa345e362
Partial-Bug: #2020823
As we are moving to the new S-RBAC policies, we want to use "service"
role for all service to service communication. See [1] for details.
This require from Context class property similar to old "is_advsvc" but
with new naming convention and using new policy rule.
This patch adds this new property together with all required policies
and rules.
For now "ContextBase.is_advsvc" property will return True if one of the
advsvc OR service_role will be True to make it working in the same way
with both old and new policies but once we will get rid of the old
policies we should also remove is_advsvc property from the ContextBase
class.
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-2
Change-Id: Ic401db8b4e2745234e61fe2c05afd5b4ab719a03
It's needed so network can be used as ext_parent for e.g. subnets in
the API policy rules.
Related-bug: #2023679
Change-Id: Ib446dffcd60e18b578a4d816ab5881e2fabc3e51
Added a new API extension
``security-groups-rules-belongs-to-default-sg`` that adds a new
read only field ``belongs_to_default_sg`` in the security group
rules. This flag determines if this security group rule belongs
to the project's default security group.
Related-Bug: #2019960
Change-Id: Ibd8f57d82b28f5cdb8874f1ae22cb35adcd8e880
This new network API field, that can be used during the network
creation, will trigger the creation of a ``ha_router_networks``
database register. This register binds the project with the
created network and defines it as the high availability network
of the project, that is unique per project.
The default value is "False".
Related-Bug: #2016198
Change-Id: Id6e434060a7559026f9083904a91213b39361336
API additions for [1].
* Added a new router attribute: external_gateways;
* Added new API definitions for:
PUT add_external_gateways
PUT update_external_gateways
PUT remove_external_gateways
* Added extensions for each of the new router-level attributes:
* enable_default_route_ecmp
* enable_default_route_bfd
* Combined the validation logic for the external_gateway_info type
across extensions (l3_ext_gw_mode, qos_gateway_ip and the new
extension called l3_ext_gw_multihoming).
[1] https://review.opendev.org/c/openstack/neutron-specs/+/870030/
Change-Id: I2618475636b2bb9bfd743a62f5d4859d4f68a547
Related-Bug: #2002687
Add file to the reno documentation build to show release notes for
stable/2023.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.1.
Sem-Ver: feature
Change-Id: Ifef909a10f7bb09c537d2d3df4b6f9f43e6ae272
The port hints extension (``port-hints``) introduces the ``hints``
port attribute. Hints are backend specific pieces of information,
mainly to allow backend specific performance tuning. In itself this
extension defines no particular hint, and therefore no valid values of
the ``hints`` attribute. It just serves as the base for other extensions
introducing concrete hints and signals the presence of the ``hints``
port attribute to the API user. By default policy, use of the ``hints``
attribute is restricted to admininstrative users.
Change-Id: I5cb21b25fcda62eae3743b2f96177dcc1fda4afb
Partially-Implements: #1990842
Related-Change (spec): https://review.opendev.org/c/openstack/neutron-specs/+/862133
The plugin "qos" is added to the "EXT_PARENT_RESOURCE_MAPPING" constant.
The policy engine can now check the QoS rule ownership using the QoS
policy project ID. The QoS rules are resources that do not have an
assigned project ID, it is inherited from the QoS policy. This patch
allows to check a QoS rule ownership using the "ext_parent_policy_id"
field, that stores the QoS policy project ID.
NOTE: once released, this bug fix must include Neutron unit tests
checking, using the rules:
"update_policy_bandwidth_limit_rule": "rule:admin_or_owner"
"update_policy_packet_rate_limit_rule": "rule:admin_or_owner"
"update_policy_dscp_marking_rule": "rule:admin_or_owner"
"update_policy_minimum_bandwidth_rule": "rule:admin_or_owner"
"update_policy_minimum_packet_rate_rule": "rule:admin_or_owner"
Closes-Bug: #1996606
Change-Id: I0531ea2c1bf29aecfab9b491eefef044a4ee49ad
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: I5acbd731a2fc4d3395e8d4b29a014076b6416d68
Added a new DSCP mark value: 44. This new mark value was included
recently in the RFC5865 [1].
[1]https://www.rfc-editor.org/rfc/rfc5865.html
Change-Id: Ieba8835cbb5a71e83791324ed1fcbb983afe19fa
Closes-Bug: #1987378
if we list floating ip and want to operate a port forwarding, we cannot
call the update 'port forwarding' api, because we don't know the port
forwarding id.
The reason for exposing 'internal_port_id' is also to find the
associated port as soon as possible, so as to facilitate users to obtain
vm information and decide whether to update this port forwarding.
this patch adds the port forwarding returned contents: 'id' and
'internal_port_id' when list floatingip.
Partial-bug: #1971646
Change-Id: I34aa6948fccc669fc729d032b540bd1aa0c17ce9