Commit Graph

1612 Commits

Author SHA1 Message Date
Miguel Lavalle 8ff8203fd7 Enable HA for OVN router flavors
In this change, we add the ability to create high availability
user defined router flavors under the ML2/OVN L3 service
plugin.

Closes-Bug: #2020823

Change-Id: I0d26f672d6239d840d3cf817a2553a06ef00a854
2024-03-26 20:07:52 -05:00
Miguel Lavalle 9d729bda20 Check unspecified flavor in user defined driver
In order to decide whether to process a router related
request, the user defined router flavor OVN driver needs to
check the flavor_id specified in the request. This change adds
the code to test the case when the API passed the flavor_id as
unspecified.

Change-Id: I4d7d9d5582b97246cad63ef7f5511b159d6c6791
Closes-Bug: #2059051
2024-03-25 17:30:01 -05:00
Rodolfo Alonso Hernandez 0fd654f592 [OVN] Use the LSP update event to update the LRP
Now the "Logical_Router_Port" is updated when a "Logical_Switch_Port"
event is received. When the event is received, it is first checked that
the "Logical_Switch_Port" belongs to a router; if that check is
possitive, the router port update method is called.

Closes-Bug: #2056558
Change-Id: I13b4c804ea6a9f8a89d3796c1cec88ffa1de6ded
2024-03-10 04:39:40 +00:00
Rodolfo Alonso Hernandez b8953b543a [OVN] Enable "ha" API flag for OVN routers
The "ha" API flag is now enabled for the OVN routers. Because of the
current implementation, this flag must be always "True". When a new
router is created, this flag is always set. If an OVN router is
explicitly created or updated with "--no-ha" (ha=False), the server
will raise an InvalidInput exception.

Depends-On: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/911081

Closes-Bug: #2020823
Change-Id: I60ff33680dd5397a226a9051d51bfb0701f862b5
2024-03-06 18:42:29 +00:00
Rodolfo Alonso Hernandez 06d48cb980 ``OvnDriver`` and ``DvrHaDriver`` to use "distributed_support" variable
``OvnDriver`` and ``DvrHaDriver`` classes were using an incorrect
variable name to define the DVR support, that should be
"distributed_support" instead of "dvr_support".

Closes-Bug: #2056199
Change-Id: Id2ee080dde8cd094995e94564f2877a89e9cc5aa
2024-03-05 02:34:30 +00:00
Rodolfo Alonso Hernandez b5aecfeff8 [OVN] Make mandatory the router name in the LRP.external_ids
The router name will be always defined in the "Logical_Router_Port"
external_ids field.

Related-Bug: #2052821
Change-Id: Ia2f70363963dca9f035eff8d1ff0c399dc8b9239
2024-03-04 08:10:48 +00:00
Frode Nordahl 86f51a4136
Explicitly set __tablename__ for Trunk
Without this change pylint fails with:

    neutron/objects/trunk.py:75:15: W0143: Comparing against a callable, did you omit the parenthesis? (comparison-with-callable)

Trivial-Fix
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Change-Id: I97f1dde896be114b81732ff74ab86a4a5be250e4
2024-02-29 11:02:31 +01:00
Frode Nordahl 0bae4b70b6
[ovn] Make scheduling of unhosted gateways aware of current transaction
At present, whenever multiple additions/updates are made to LRPs
with gateway_chassis, each update is put in separate transactions
in an attempt to ensure the scheduler operates on updated
information for each iteration.

This is problematic because we don't have the luxury of creating
separate transactions for updates in all parts of the code base,
and it is also not very efficient.

The OVSDBapp library wraps the OVS Python IDL and provides
different semantics. Most notably the OVSDBapp represents a
Transaction as a list of command objects with `run_idl` methods
for execution at some point in the future. The main loop and the
command objects are not aware of changes made in the current
transaction until it is committed.

Fortunately, as an ovsdbapp transaction is committed, the
underlying OVS Python IDL is kept up to date during the course of
the transaction [0][1][2].

Move implementation of scheduling of unhosted gateways into an
ovsdbapp command, using a plugin reference to the Neutron
OVNClient class for any calls into the Neutron code, allowing
scheduling decisions to be made on up to date data as the
transaction is applied.

0: https://github.com/openvswitch/ovs/blob/e3ba0be48ca4/python/ovs/db/idl.py#L1316
1: https://github.com/openvswitch/ovs/blob/e3ba0be48ca4/python/ovs/db/idl.py#L1400
2: https://github.com/openvswitch/ovs/blob/e3ba0be48ca4/python/ovs/db/idl.py#L2083

Partial-Bug: #2002687
Co-Authored-By: Terry Wilson <twilson@redhat.com>
Co-Authored-By: Brian Haley <haleyb.dev@gmail.com>
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Change-Id: I83bcf7fe838c0d6b0617c43439643e8443b2bdae
2024-02-27 11:06:01 +01:00
Zuul bdc8f87c22 Merge "Log warning about port forwardings that won't work properly" 2024-02-12 13:09:57 +00:00
Zuul 15a4402c89 Merge "Update hacking version" 2024-02-12 13:09:52 +00:00
Slawek Kaplonski a355d2a0d5 Log warning about port forwardings that won't work properly
This is follow up patch to [1] in which was added warning about
incompatible configuration of the vlan/flat networks allowed as tenant
networks, distributed routing and port forwardings.

In this new patch similar warning is logged every time when port
forwarding is created using router which have actually connected vlan or
flat networks as "internal networks" (external gateway network is fine)
and when distributed routing is enabled in the Neutron config.

This patch additionally adds "neutron:is_ext_gw" flag to the
Logical_Router_Port's external_ids. With that it's easier to check if
network is used as gateway network (no checks needed) or not (checks are
perfomed and warning may be logged).

[1] https://review.opendev.org/c/openstack/neutron/+/892542

Related-Bug: #2028846
Change-Id: I101128bdb421ec83df5cdcb0d486cbafbbca2ce5
2024-02-09 16:45:45 +01:00
Brian Haley 542c2ff463 Update hacking version
Update hacking to a more recent version, along with
flake8-import-order.

Remove N347 (import mock library) check as that is the
default with later hacking versions.

Update the builtins override of '_' to be the neutron.i18n
version due to the code triggering a false positive. This
is done in a couple of other projects as well.

Fix a number of new warnings it found.

Added some ignore directives for new whitespace issues
found in the test tree, can fix later.

TrivialFix

Change-Id: I5923255af86cf1fa11ab8e3b03bb9efac7dd7b58
2024-02-08 10:34:10 -05:00
Slawek Kaplonski ce53fb55ad [OVN] Warn about invalid OVN and FIP PF config during start of Neutron
In case when port_forwarding service plugin is enabled and vlan or flat
network (provider network types) is configured as one of the
tenant_network_types in the ML2 config there is an issue with
centralized and distributed traffic.
FIP port forwarding in ovn backend are implemented as OVN Load balancers
thus are always centralized but if "enable_distributed_floating_ip" is
set to True, FIPs are distributed. And in such case it won't work as
expected as either it tries to send FIP PF's traffic as distributed when
"reside-on-redirect-chassis" for LRP is set to "false" or
tries to centralized everything (even FIP which should be distributed)
when "reside-on-redirect-chassis" is set to "true".

It's not really easy to avoid that issue from the code so this patch
adds warning in the upgrade checks and also log warning about it during
start of the neutron server process to at least warn cloud admin that
such potential issue may happen in the cloud.

Related-Bug: #2028846
Change-Id: I398f3f676c59dc794cf03320fa45efc7b22fc003
2024-02-06 14:46:48 +00:00
Zuul 2072bb4269 Merge "[ovn] AZs distribution in L3 port scheduler" 2024-01-29 21:23:25 +00:00
Yann Morice a29ea3724e [ovn] AZs distribution in L3 port scheduler
Update l3 ovn schedulers (chance, leastloaded) to ensure that LRP gateways are distributed over chassis in the different eligible AZs.

Previous version already ensure that LRP gateways were scheduled over chassis in eligible AZs. But, depending on the deployment characteristics, all these chassis could be in the same AZ. In some use-cases, it could be needed to have LRP gateways in different AZs to be resilient on failures.

This patch re-order the list of eligible chassis to add a priority on selecting chassis in different AZs.

This should provide a solution for users who need to have their router gateways scheduled on chassis from different AZs.

Closes-Bug: #2030741
Change-Id: I72973abbb8b0f9cc5848fd3b4f6463c38c6595f8
2024-01-26 15:22:34 +01:00
Bence Romsics 27601f8eea Set trunk parent port as access port in ovs to avoid loop
A non-vlan-transparent trunk parent port (tpt) should only forward
untagged frames. Earlier it was configured to forward anything (trunk
mode in ovs). This patch changes the trunk mode to access mode and
sets the trunk parent's tag explicitly to 0.

Change-Id: I4bcfe53fe87d7c9218dd0db9d7224bb323709a21
Closes-Bug: #2048785
2024-01-24 14:42:13 +01:00
Brian Haley 3ef02cc2fb Consume code from neutron-lib
All of these exceptions and constants have been in
neutron-lib for a while, start using them.

While looking for other things to consume found an old
neutron-lib TODO that did not apply anymore, so removed.

TrivialFix

Change-Id: I9431075a50ba05be872db422125e6af6266ccb99
2024-01-19 17:18:57 -05:00
Zuul 5ce17647c6 Merge "Router flavors and service type for OVN" 2024-01-17 20:27:17 +00:00
Miguel Lavalle 49366ecada Router flavors and service type for OVN
Support is added to the OVN L3 service plugin for the router
flavors and service type framework

Partial-Bug: #2020823
Change-Id: If40d7b39e7b59a39ff7622bd823dbdb14bfc69d2
2024-01-17 09:33:07 -06:00
Felix Huettner 3d5d82a197 ovn-l3: reschedule lower priorities
if a gateway chassis is removed we previously only plugged the hole it
left in the priorities of the lrps. This can lead to bad choice since we
are bound by all other currently used chassis.
By allowing us to also reschedule the lower priorities we get
significantly more freedom in choosing the most appropriate chassis and
prevent overloading an individual one.

As an example from the new testcase:
previously we would have had all prio 2 schedules on chassis3, but with
this change now this distributes better also to chassis4.

Partial-Bug: #2023993
Change-Id: I786ff6c0c4d3403b79819df95f9b1d6ac5e8675f
2024-01-17 12:04:09 +01:00
Zuul d853996d87 Merge "Remove deprecated [designate] admin_* parameters" 2023-11-20 21:24:27 +00:00
Zuul e48b0b8843 Merge "Validate [designate] ipvN_ptr_zone_prefix_size at config layer" 2023-11-07 22:45:59 +00:00
Takashi Kajinami a555a274e6 Validate [designate] ipvN_ptr_zone_prefix_size at config layer
This change re-implements validation of ipvN_ptr_zone_prefix_size at
config definition layer. This brings a few benefits.
 - The validation is executed at an earlier stage
 - The validation can be leveraged by the oslo-config-validator.

Change-Id: Ib72109bcb537b3e44719efb6f33ea46f0d45a1ef
2023-11-05 14:15:29 +09:00
Takashi Kajinami 46c1220b38 Remove deprecated [designate] admin_* parameters
These were deprecated during Xena cycle[1], so can be removed now.

[1] adfd853267

Related-Bug: #1927494
Change-Id: I9fadaa6cfcd66409da47422505c145d9d67f6b8c
2023-11-04 22:47:55 +09:00
Zuul f99da4d15c Merge "get_hosts_mapped_with_segments add filter agt_type" 2023-11-03 17:41:43 +00:00
Harald Jensås 64b5787c32
get_hosts_mapped_with_segments add filter agt_type
Extend the get_hosts_mapped_with_segments method to add
optional filters to include/exclude based on agent type.
Uses a joined query, when both include and exclude
filtering is used togheter the exclude filter is most
significant.

Partial-Bug: #2040172

Change-Id: I2cfd52a2657fad989e24e974fda470ecd960262b
Signed-off-by: Harald Jensås <hjensas@redhat.com>
2023-10-25 16:31:30 +02:00
Rodolfo Alonso Hernandez 1f1824397d [OVN] Populate the "router.distributed" flag in ML2/OVN
In ML2/OVN there is a static common configuration parameter to define
if the routers (more in particular the floating IPs) can be distributed
or centralized:
  [ovn] enable_distributed_floating_ip

This patch writes this value on each new router created. It also
implements a maintenance method to populate this flag when the
Neutron API is restarted and the value changed.

Closes-Bug: #2022058
Change-Id: Ib109b09fde4db8738c1d0b3e394c201492d210c6
2023-10-16 08:04:31 +00:00
Jakub Libosvar 3e6387edb8 ovn-trunk: Refactor event handling
The event registers check what type of event has happened and publish it
to the right subscriber based on it. Previously, the subscriber checked
again what type of event that is. That lead to the code double-checking
same variable. This patch removes the double-check and registers publish
the event to the correct subscriber right away.

Change-Id: Icdce95b5baffe02dbfa9320939efbfa46cb6757c
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2023-09-28 17:11:38 -04:00
Zuul 5ba8519428 Merge "Revert "[OVN][Trunk] Add port binding info on subport when parent is bound"" 2023-09-28 07:55:28 +00:00
Rodolfo Alonso 1b034f8d62 Revert "[OVN][Trunk] Add port binding info on subport when parent is bound"
This reverts commit 955e621167.

Reason for revert: the port binding handling done in this patch is
incorrect and leads to issues during the cold migration process with
trunk ports in ML2/OVN.

Change-Id: Ifc2d37e2042fad43dd838821953defd99a5f8665
Closes-Bug: #2033887
2023-09-20 08:54:50 +00:00
Elvira García 67bd591c5b Use safer methods to get security groups on security group logging
There is a chance on real environment that a port group doesn't have any
correspondent security group (and there are maintenance tasks that will
remove them). This patch avoids a DriverError from Neutron in case we
are in an environment with a port group that was mistakenly left over
due to any reason. Instead, a Warning log will be raised.

Related-bug: #2032929
Change-Id: I42208557c8522d6fbc29df8a3c7d0367cace31e4
2023-09-18 13:51:50 +02:00
Zuul ea2449b593 Merge "Revert "[OVN][Trunk] Set the subports correct host during live migration"" 2023-09-05 16:50:29 +00:00
Rodolfo Alonso 34e441e06c Revert "[OVN][Trunk] Set the subports correct host during live migration"
This reverts commit 7ed79c1f78.

Reason for revert: the port binding handling done in this patch is
incorrect and leads to issues during the cold migration process with
trunk ports in ML2/OVN.

Change-Id: I642c3eb1771463db73248a8c50c0db6f7467a6d5
Partial-Bug: #2033887
2023-09-05 10:50:35 +00:00
Elvira García a3a113aedb [OVN] Fix rate and burst for stateless security groups
Right now, as per kernel limitation, the burst limit is not correctly
enforcing the rate and burst when using the ovn "log-related" option and
stateless security groups. We log exactly double the burst. Creating a
new meter that limits the rate and burst to half of the expected ones is
a workaround that solves the issue.

Closes-bug: #2032929

Signed-off-by: Elvira García <egarciar@redhat.com>
Change-Id: Ib0047d38c58bcebb23c8887e7934987ff8c8a432
2023-08-31 15:10:20 +02:00
Zuul f91429100b Merge "Use the new network HA parameter" 2023-08-29 03:34:52 +00:00
Rodolfo Alonso Hernandez 4109ee9bb4 Use the new network HA parameter
This patch implements the new network HA boolean field API extension.
This field is an input only parameter for POST operations (creation).
By default is "False". When enabled, the Neutron server will create
a ``ha_router_networks`` register in the same transaction of the
network creation.

If by any circumstance (a race condition, for example), another
``ha_router_networks`` exists in the same project, a
``DBDuplicateEntry`` exception will be raised and the transaction
will be rolled back.

Partial-Bug: #2016198
Change-Id: Ie42c13ecbe4abcad9229b71f6942e393fd0f2e4e
2023-08-25 08:43:37 +00:00
Rodolfo Alonso Hernandez 7ed79c1f78 [OVN][Trunk] Set the subports correct host during live migration
During the trunk migration, the parent port multiple port binding
will contain the destination host. Because this update is done
before the migration is done (in other words, the parent port
still has two port binding registers), the method setting the
binding profile of the subport will use the destination host
in advance. At the end of the live migration, the subports
host will point to the correct hostname.

Related-Bug: #2027605
Change-Id: I2370ea2f96e2e31dbd43bf232a63394388e6945f
2023-08-23 03:19:49 +00:00
Zuul 62bbfad8ff Merge "Fix some new pylint "W" warnings" 2023-08-02 11:03:07 +00:00
Brian Haley 4757b46646 Fix some new pylint "W" warnings
After updating pylint, it started emitting additional "W"
warnings in some cases, fix some of them.

  modified-iterating-list,
  implicit-str-concat,
  global-variable-not-assigned

Trivialfix

Change-Id: I7deb5f1e0aa2852cb033c78dcb4c8bc87e34be1e
2023-08-01 15:40:22 -04:00
Zuul d32c5f8f32 Merge "Fix some new pylint "R" warnings" 2023-07-28 06:58:46 +00:00
Brian Haley 929b383743 Fix some new pylint "R" warnings
After updating pylint, it started emitting additional "R"
warnings in some cases, fix some of them.

  use-a-generator,
  unnecessary-lambda-assignment,
  consider-using-max-builtin,
  consider-using-generator,
  consider-using-in,
  use-list-literal,
  consider-using-from-import

Trivialfix

Change-Id: Ife6565cefcc30b4e8a0df9121c9454cf744225df
2023-07-18 18:06:51 -04:00
Zuul bad15e38e2 Merge "[OVN][L3] Optimize FIP update operation" 2023-07-06 12:28:05 +00:00
Zuul 5b0b0f4774 Merge "[OVN] Prevent Trunk creation/deletion with parent port bound" 2023-07-04 16:01:37 +00:00
Zuul 0dc66a204a Merge "Remove unused method from OVN L3 plugin" 2023-07-03 14:22:23 +00:00
Miguel Lavalle 4a71a7f82f Remove unused method from OVN L3 plugin
Since [0], the method _get_availability_zones_from_router_port in the
OVN L3 plugin is not called from anywhere in the code. A search in
codesearch.openstack.org reveals no invocations to this method. This
patch removes its definition.

[0] https://review.opendev.org/c/openstack/neutron/+/825073

Change-Id: I1113a872aa8f238c523efbb6f948fd50210e8772
2023-06-30 17:15:07 -05:00
Rodolfo Alonso Hernandez 833a6d82cd [OVN] Prevent Trunk creation/deletion with parent port bound
This patch imitates the ML2/OVS Trunk driver behaviour. When the
trunk parent port is bound:
* A new trunk cannot be created using this parent port.
* If the port is assigned as parent port of a trunk, this
  trunk cannot be deleted.

Closes-Bug: #2022059
Change-Id: I8cfa7e67524a42224cbb4b3c3cec3cfa49b795fd
2023-06-30 14:51:27 +00:00
Lucas Alvares Gomes 4a97429e7f [OVN] Improve ovn_l3/plugin.py exception logging
Straight forward patch logging adding a LOG.exception while handling
exceptions for the create/delete/update methods of routers and router
interfaces to improve debuggability.

Change-Id: I9701838a9b5622ff1c527524114efd76e57c5f15
Closes-Bug: #2025246
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
2023-06-28 11:34:06 +01:00
Zuul fe57eebe8b Merge "[qos] _validate_create_network_callback return in no network" 2023-06-27 13:10:31 +00:00
Rodolfo Alonso Hernandez 7b85f9c244 [OVN][L3] Optimize FIP update operation
If the floating IP updates only the QoS policy, the method now
skips the OVN NAT rules update and updates only the QoS policy.
That avoids the OVN NAT rules deletion and creation and the
``FIPAddDeleteEvent`` event that deletes the MAC binding entries
for an active floating IP, causing a disruption.

Closes-Bug: #2025144

Change-Id: Ib9ec45d643c6162c526cd5a02db270094b575e34
2023-06-26 22:09:26 +00:00
Arnau Verdaguer 955e621167 [OVN][Trunk] Add port binding info on subport when parent is bound
The host ID and VIF details are added on the subport when the trunk is
created, if it's created when it's not attached to any VM this fields
will remain empty and be filled on the parent port when it gets bound
to a host, but there's no callback to add this info on the subport.

Closes-Bug: #2018289
Closes-Bug: #2024160
Change-Id: I34bb6f178c314907bdf9f76789777f6736938b67
2023-06-21 15:07:54 +00:00