The "ha" API flag is now enabled for the OVN routers. Because of the
current implementation, this flag must be always "True". When a new
router is created, this flag is always set. If an OVN router is
explicitly created or updated with "--no-ha" (ha=False), the server
will raise an InvalidInput exception.
Depends-On: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/911081
Closes-Bug: #2020823
Change-Id: I60ff33680dd5397a226a9051d51bfb0701f862b5
``OvnDriver`` and ``DvrHaDriver`` classes were using an incorrect
variable name to define the DVR support, that should be
"distributed_support" instead of "dvr_support".
Closes-Bug: #2056199
Change-Id: Id2ee080dde8cd094995e94564f2877a89e9cc5aa
Support is added to the OVN L3 service plugin for the router
flavors and service type framework
Partial-Bug: #2020823
Change-Id: If40d7b39e7b59a39ff7622bd823dbdb14bfc69d2
This patch implements the new network HA boolean field API extension.
This field is an input only parameter for POST operations (creation).
By default is "False". When enabled, the Neutron server will create
a ``ha_router_networks`` register in the same transaction of the
network creation.
If by any circumstance (a race condition, for example), another
``ha_router_networks`` exists in the same project, a
``DBDuplicateEntry`` exception will be raised and the transaction
will be rolled back.
Partial-Bug: #2016198
Change-Id: Ie42c13ecbe4abcad9229b71f6942e393fd0f2e4e
Running with a stricter .pylintrc generates a lot of
C0330 warnings (hanging/continued indentation). Fix
the ones in neutron/services.
Trivialfix
Change-Id: Ie9779b257981bc80e69639cdaa4d7dfd0ffa5809
if we list floating ip and want to operate a port forwarding, we cannot
call the update 'port forwarding' api, because we don't know the port
forwarding id.
this patch adds the port forwarding returned contents: 'id' and
'internal_port_id' when list floatingip.
Closes-bug: #1971646
Depends-On: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/840584
Change-Id: Ie1d9169cd07547491144776311d77d49b483d5ae
This patch switches over to callback payloads for ROUTER
BEFORE_CREATE, PRECOMMIT_CREATE, BEFORE_UPDATE and
PRECOMMIT_DELETE events.
Change-Id: I4a52c773d3f753c918df0986f1d261083156651c
In python3 dict.values() doesn't return list but instead dict_values,
it must be converted to list to "enjoy" list operations like insert.
Add unit tests to be sure.
Closes-Bug: #1923423
Change-Id: Ie270ac2ee65c02bdb099d11af7f1d2fb62ad0f61
The extension in neutron-lib was released in 1.29.0 so it is time to
use the extension from neutron-lib.
Change-Id: Id2bd872646feede7179affe8c7d124b4530afc9d
Related-Bug: #1811166
I avoided changing the pre-existing extraroute implementation to
also avoid any breakage of legacy behavior. Alternatively we can
refactor the extraroute code to better fit both APIs:
* the old: updates to the 'routes' attribute and
* the new: actions 'add_extraroutes' / 'remove_extraroutes'.
Change-Id: Ia78e0e02de4a42a056e3ff654d8b6976a4e52616
Closes-Bug: #1826396 (rfe)
Depends-On: https://review.opendev.org/679259
Related-Change: https://review.opendev.org/655680 (spec)
Removed E125 (continuation line does not distinguish itself
from next logical line) from the ignore list and fixed all
the indentation issues. Didn't think it was going to be
close to 100 files when I started.
Change-Id: I0a6f5efec4b7d8d3632dd9dbb43e0ab58af9dff3
This patch switches the code over to the payload style of callbacks [1]
for ROUTER_CONTROLLER events. In addition it updates the unit tests to
also use payloads for ROUTER_CONTROLLER based events.
NeutronLibImpact
[1] https://docs.openstack.org/neutron-lib/latest/contributor/callbacks.html
Change-Id: Ib32070c1e3e89f3bb8ce8206654ea6c4cfa2a50c
Enforce that a user updates the admin state of a router before modifying
the distributed state. The API currently allows setting admin state to
false concurrently with changing the distributed state.
This is fine for a transition of centralized->distributed, but the
distributed->centralized transition could leave other nodes configured
as distributed until an audit is performed.
Commit adds shim api extension which should be replaced by neutron-lib
shim extension once https://review.openstack.org/#/c/634509/ is merged.
New method 'is_admin_state_down_necessary' checks that shim extension
is loaded.
Set extension as standard by adding to _supported_extension_aliases in
neutron/services/l3_router/l3_router_plugin.py
Closes-Bug: #1811166
Co-Authored-By: Allain Legacy <allain.legacy@windriver.com>
Co-Authored-By: Enyinna Ochulor <enyinna.ochulor@intel.com>
Change-Id: Ie624aeb3f3aeb4db176d2ca0b22020208d4b408a
Signed-off-by: Matt Welch <matt.welch@intel.com>
The functionality within neutron.db.common_db_mixin is available via
neutron-lib APIs. This patch removes common_db_mixin and updates any
uses of it to use neutron-lib instead.
Depends-On: https://review.openstack.org/#/c/636159/
NeutronLibImpact
Change-Id: I2388f90b37abb09408809dda8c21da551bcd94bb
Today a number of classes define their supported_extension_aliases
using static strings rather than API definition ALIASes. This patch
switches them to use the ALIAS where applicable.
Change-Id: I716270c68a9fcd850c3c26de31bc13ea16def23d
Today a number of classes define their _supported_extension_aliases
using static strings rather than API definition ALIASes. This patch
switches them to use the ALIAS where applicable.
Change-Id: Id3be9ff7d84811c05793811306a13262fd3c0787
The neutron.common.rpc module has been in neutron-lib for awhile now and
neutron is shimmed to use neutron-lib already.
This patch removes neutron.common.rpc and switches the code over to use
neutron-lib's implementation where needed.
NeutronLibImpact
Change-Id: I733f07a8c4a2af071b3467bd710290eee11a4f4c
The _resource_extend module is already rehomed into neutron-lib and is
shimmed in neutron. This patch removes the module as no active
consumers are using it.
NeutronLibImpact
Change-Id: I1550075fa5fa2aa2f1a88ee7189d311a1fe78391
Some L3 ports can directly modify the IP address now,
but there are some types of device_owner, for instance
network:router_centralized_snat, should not allow to
change the IP address, otherwise it will increase L3
agent code complexity.
Since router public gateway port is related to the
external network, and this port can be used for some
service, like VPN. So after this patch we will only
allow the gateway port to update the IP address
directly, aka device_owner network:router_gateway.
The following l3 router ports will not be allowed to
directly update the IP address:
network:ha_router_replicated_interface
network:router_centralized_snat
network:router_ha_interface
network:router_interface
network:router_interface_distributed
Remove one unit test case since it will not occur in
neutron.
Change-Id: I2890a71abc82cb781b601afb879bdcca10e39257
Closes-Bug: #1796824
This patch enables to bind a QoS policy to the router gateway,
then in L3 agent side SNAT traffic for the VMs without floating
IPs can be limited under the policy bandwidth rules. This is
suit for all kinds of L3 routers: DVR, DVR with SNAT HA, L3 HA
and Legacy.
API update router gateway json:
{
router": {
"external_gateway_info": {
...
"qos_policy_id": "policy-uuid"
}
}
}
Depends-On: https://review.openstack.org/#/c/567497/
Partially-Implements blueprint: router-gateway-ip-qos
Closes-Bug: #1757044
Related-Bug: #1596611
Change-Id: I26e22bce7edd1f93b2ac0048b61b14f858938537
Add support for listing floating ip pools (subnets).
A new API resource ``floatingip-pools`` is introduced.
This API endpoint can return a list floating ip pools
which are essentially mappings between network UUIDs and
subnet CIDRs. Users can use this API to find out the pool
to create the floating IPs.
Related patches:
* neutron-lib: https://review.openstack.org/#/c/556674/
* tempest-plugin: https://review.openstack.org/#/c/562038/
APIImpact add floatingip pools api
Change-Id: Iaa995630645042520df67d95271e14f11ffcff8c
Partial-Bug: #1653932
The linter sees the trailing comma after the function call as building
a tuple without wrapping it in parens. That doesn't seem to be the
intent (it looks like a typo), so remove the comma.
Change-Id: Ie3e051c43d68d09716fc0a4506ed111908730280
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Enforce validation on filter parameters on list requests.
If an API request contains an unknown or unsupported parameter,
the server will return a 400 response instead of silently ignoring
the invalid input.
In resource attributes map, all filter parameters are annotated by
the ``is_filter`` keyword. Attributes with is_filter set to True
are candidates for validation.
Enabling filter validation requires support from core plugin and
all service plugins so each plugin need to indicate if it supports
the validation by setting ``__filter_validation_support`` to True.
If this field is not set, the default is False and validation is
turned off. Right now, the ML2 plugin and all the in-tree service
plugin support filter validation. Out-of-tree plugins will have
filter validation disabled by default.
An API extension is introduced to allow API users to discover this
new API behavior. This feature can be disabled by cloud operators
if they choose to do that. If it is disabled, the extension won't
be presented.
Depends-On: Ic3ab5b3ffdc378d570678b9c967cb42b0c7a8a9b
Depends-On: I4397df1c35463a8b532afdc9c5d28b37224a37b4
Depends-On: I3f2e6e861adaeef81a1a5819a57b28f5c6281d80
Depends-On: I1189bc9a50308df5c7e18c329f3a1262c90b9e12
Depends-On: I057cd917628c77dd20c0ff7747936c3fec7b4844
Depends-On: I0b24a304cc3466a2c05426cdbb6f9d99f1797edd
Change-Id: I21bf8a752813802822fd9966dda6ab3b6c4abfdc
Partial-Bug: #1749820
The transition of a router from distributed to centralized may
mistakenley get its 'ha' attribute updated at the same time. The
side-effect is that the router may become HA enabled unexpectedly.
This patch fixed the mismatched attribute in _update_router_provider
method which addressed the issue cited above.
Closes-Bug: #1780094
Change-Id: Ib00de137692979229d1b7ba033ecff04e9cc9db0
This incorporates flake8 2.6.x and pycodestyle will be used
instead of older pep8. This ensures future python3 compatibility
and a bit better code styling.
Change-Id: Ia7c7c5a44727f615a151e1e68dd94c7ed42f974f
All the operations related to router associations (add/del)
were executed under transactions, there was a case
'get_provider_for_router' doing add_resource_association
out of db transaction, luckily due to autocommit there were no
issues but this patch adds the missing transaction.
Closes-Bug: #1778118
Change-Id: Iaec9a40614c7e6ce1120e9fa7ef3a4fdb4d59963
After the addition of a new resource and related events with [1],
this patch adds the necessary notifications for l3 flavor,
resource(ROUTER_CONTROLLER) and events(PRECOMMIT_ADD_ASSOCIATION and
PRECOMMIT_DELETE_ASSOCIATIONS) so that l3 flavor driver can subscribe to
them when flavor is changed.
Apply callback priority to ensure that the ordering of callback the
following.
- l3_*_db callbacks to extend l3 extended attributes
This callbacks need to be called first so that rest callbacks can
see those extended attributes.
- l3 driver controller callbacks
- l3 flavor driver callbacks
extra routes/l3_gwmode/l3_hamode need care because they are
updated via update_router but within different db transaction.
[1] I1e72ee843851004d26410a90da4030ab3b024741
Closes-Bug: #1745633
Co-Authored-By: Manjeet Singh Bhatia<manjeet.s.bhatia@intel.com>
Change-Id: If20b11f0587f1ed30db72d97c15b20d4c6e87543
Depends-On: https://review.openstack.org/#/c/541766/
In case of service_provider, selection according to service type is
necessary. Currently there was no filtering logic, so if there are two
or more service plugins using service_provider, there is a duplicate
service_provider.
New argument 'svc_type' is added to ProviderConfiguration so that only
the service_provider matching the service type is shown.
From caller side of ProviderConfiguration, one should specify
'svc_type' since ProviderConfiguration class have new 'svc_type'
argument to find service provider. Although netron code base using
ProviderConfiguration changed, existed code out of newtron tree should
be also modified following the change becuase if not, there would be
duplicated entries problem currently appeared. But there is no
difference without 'svc_type' argument because matching is effective
only when the argument is specified.
A new test case added in test_get_service_providers() in
neutron/tests/unit/extensions/test_servicetype.py which does not
have any filter options. Without this patch, this test case would be
failed having duplicated results.
Change-Id: I6ad9897dd174b45c7f2315699d25d38d4c060abc
Closes-Bug: #1763627
The neutron.common.rpc.create_connection function is just a reference to
the Connection class constructor. This patch removes create_connection
and replaces all uses with Connection instead.
NeutronLibImpact
Change-Id: I2f4b24ba732be47fc9911be1e24406fb1ffe821e
This patch switches callbacks over to the payload object style events
[1] for PRECOMMIT_UPDATE based notifications. To do so a DBEventPayload
object is used with the publish() method to pass along the related data.
In addition a few UTs are updated to work with the changes. Finally
a few shims are put into place to allow PRECOMMIT_UPDATE based events to
use payloads while still supporting the existing kwarg style events.
NeutronLibImpact
[1] https://docs.openstack.org/neutron-lib/latest/contributor/callbacks.html#event-payloads
Change-Id: Ie6d27df01cd7b87894efc80946d41eb1ebe25bef
The neutron.common.topics module was rehomed into neutron-lib with
commit Ie88b84949cbd55a4e7ad06341aab77b286cdc485
This patch consumes it by removing the rehomed module from neutron
and using the module from neutron-lib instead.
NeutronLibImpact
Change-Id: Ia4a4604c259ce862597de80c6deeb3d408bf0e95
Commit I81748aa0e48b1275df3e1ea41b1d36a117d0097d added the l3 extension
API definition to neutron-lib and commit
I2324a3a02789c798248cab41c278a2d9981d24be rehomed the l3 exceptions,
while Ifd79eb1a92853e49bd4ef028e7a7bd89811c6957 shims the l3
exceptions.
This patch consumes the l3 api def by:
- Removing the code from neutron that's now in lib.
- Using lib's version of the code where applicable.
- Tidying up the related unit tests as now that the l3 api def from lib
is used the necessary fixture is already setup in the parent chain when
setting up the unit test class.
NeutronLibImpact
Change-Id: If2e66e06b83e15ee2851ea2bc3b64ad366e675dd
Add qos_policy_id to floating IP, then the user could set/update
the binding QoS policy of a floating IP.
APIImpact: a new parameter qos_policy_id was added to floating IP
related API.
Partial-Bug: #1596611
Partially-Implements blueprint: floating-ip-rate-limit
Change-Id: I4efe9e49d268dffeb3df4de4ea1780152218633b
neutron-lib contains a number of the plugin related constants from
neutron.plugins.common.constants. This patch consumes those constants
from neutron-lib and removes them from neutron. In addition the notion
of the dummy plugin service type is moved strictly into the test
package of neutron since it's not a real service plugin.
NeutronLibImpact
Change-Id: I767c626f3fe6159ab3abd6a7ae3cb9893b79bf66
Since Pike log messages should not be translated.
This patch removes calls to i18n _LC, _LI, _LE, _LW from
logging logic throughout the code. Translators definition
from neutron._i18n is removed as well.
This patch also removes log translation verification from
ignore directive in tox.ini.
Change-Id: If9aa76fcf121c0e61a7c08088006c5873faee56e
The well known service type constants are in
neutron_lib.plugins.constants, but for legacy reasons a few still exist
and are referenced from neutron_lib.constants that we'd like to remove.
This patch switches references over to neutron_lib's plugin constants.
Change-Id: I1861448cec303725b30cef8f42029f467f9e03a3
The callback modules have been available in neutron-lib since commit [1]
and are ready for consumption.
As the callback registry is implemented with a singleton manager
instance, sync complications can arise ensuring all consumers switch to
lib's implementation at the same time. Therefore this consumption has
been broken down:
1) Shim neutron's callbacks using lib's callback system and remove
existing neutron internals related to callbacks (devref, UTs, etc.).
2) Switch all neutron's callback imports over to neutron-lib's.
3) Have all sub-projects using callbacks move their imports over to use
neutron-lib's callbacks implementation.
4) Remove the callback shims in neutron-lib once sub-projects are moved
over to lib's callbacks.
5) Follow-on patches moving our existing uses of callbacks to the new
event payload model provided by neutron-lib.callback.events
This patch implements #2 from above, moving all neutron's callback
imports to use neutron-lib's callbacks.
There are also a few places in the UT code that still patch callbacks,
we can address those in step #4 which may need [2].
NeutronLibImpact
[1] fea8bb64ba7ff52632c2bd3e3298eaedf623ee4f
[2] I9966c90e3f90552b41ed84a68b19f3e540426432
Change-Id: I8dae56f0f5c009bdf3e8ebfa1b360756216ab886
By registering functions directly we cut off the dependency of the
"resource extend" functions on the plugin. This is a step towards
the goal of removing the CommonDbMixin mixin class.
Also, we register all "resource extend" functions at plugin create
(in __new__) instead of in the class definition (which caused the
hooks to be registered on import). This ensures the "resource
extend" functions are only registered for the plugins/mixins that
are actually used.
Note that decorators are used to register "resource extend" methods,
similar to the callback receiver decorators.
Related-Blueprint: neutron-lib
Change-Id: I128cfda773d5f9597df9cd61261fdc05f2a174aa
A lot of clouds using the router service plugin don't configure for DVR,
but the service plugin still loads the extension, and exposes it via
API. Which will break if api consumers (admins with default policy.json)
attempt to create new style routers based on the information passed
through /extensions/ api.
This change introduces a new config option that allows to avoid loading
the extension. For complatibility sake, it requires an opt-in from ops
side to disable it, otherwise the extension is still loaded as before.
This is helpful for automation matters. It may also be useful when
preparing tempest.conf api_extensions=, when you could actually pass the
result of /extensions/ request into tempest and expect the test suite to
pass without yanking dvr off the list for non-dvr setups.
We could go further and try to check if the controller is configured
properly. That is complicated by the fact that f.e. such validation may
require talking to ml2 drivers, or even agents, which is not feasible
during api startup.
Change-Id: I84be9be93862fe71a2d5b5322d7ebd476c784163
Related-Bug: #1450067