This package isn't available on some distributions hasn't been
required in Neutron for several years
If679e79fa3242ee1cd8610b5525deca35b41c87e. Remove it.
Change-Id: I7308a885c1d084efe2f0b9f542443d35966140ed
Some distros no longer ship brctl, iproute2 should be used
in its place. The linuxbridge agent plugin script was still
using it, as was worlddump, which generates this warning on
a failure:
Running devstack worlddump.py
/bin/sh: 1: brctl: not found
Conditionalizing worlddump based on whether brctl is installed
to make this go away.
Change-Id: Iafbf4038bab08c261d45d117b12d4629ba32d65e
The bridge-utils package has been deprecated for some time now [1] and
'brctl' does not exist on some more recent distros like Fedora 28.
Replace references to brctl with the proper ip commands.
Calls to "brctl show" are not being replaced with calls to "bridge link"
because the output format is very different and in testing some bridges
were not listed. So the simpler method of consulting /sys/class/net is
used.
In worlddump.py we try running both because failures are handled
gracefully by _dump_cmd(), as well as "ip link show type bridge" for
additional info.
[1] https://lwn.net/Articles/703776/ for example
Change-Id: Ie4c8ad6ce4a09c38023c9e4ec7834c249403145f
Partial-Bug: #1801919
Calling enable_kernel_bridge_firewall inside a
container, devstack will crash because it tries to
load a kernel module by calling 'sudo modprobe' on
net.bridge.
Change-Id: Id4718c065d5a8c507d49f38e19c2796a64221aa4
Closes-Bug: #1662194
Since the empty value is the default for the option, and when explcitly
set in config file, it triggers a deprecation warning for the option,
avoid setting it unless we actually need to override the new default
value.
Change-Id: If423114d7a52da29b97d1fb473a955d9d69a1a3e
Those are not called by devstack anymore. This cleanup also gets rid of
code that attempts to set external_network_bridge to an empty value,
which triggers a deprecation warning for the option since it's going to
be removed in a next Neutron release.
Change-Id: I5adcbab877b4e8742522de81b1a85acfc33160d7
When cleanup devstack with linuxbridge, PUBLIC_BRIDGE should be
DOWN before trying to delete it.
Change-Id: I2d205cbe4d92a03ee5c376a23282d9880dd9a1df
Closes-Bug: #1662543
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail. To avoid the issue, skip the bridge mappings setup unless L3 is
configured. This is done in a backward compatible fashion: if localrc
uses the old q-l3 tags, the is_service_enabled neutron-l3 would not be
able to succeed.
Closes-Bug: #1643562
Change-Id: I292ff0dc080fb84b5f879ba2f00f03eff295b55b
I am seeing red all over the linuxbridge gate.
This reverts commit 7f95baa5706980a0910741693abee73abea98b89.
Change-Id: I179f761f991db4b63c0e3445a9a13e43ffe68992
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail.
Closes-Bug: #1643562
Change-Id: I6f441c6febb5070ad885569d9c798634d0272b6c
With the plan [1] to stop enabling it by Neutron iptables firewall
driver itself, deployment tools should catch up and enable the firewall
themselves.
This is needed for distributions that decided to disable the kernel
firewall by default (upstream kernel has it enabled). This is also
needed for distributions that ship newer kernels but don't load the
br_netfilter module before starting nova-network or Neutron iptables
firewall driver. In the latter case, firewall may not work, depending on
the order of operations executed by the driver.
To isolate devstack setups from the difference in distribution
kernel configuration and version, the following steps are done:
- we load bridge kernel module, and br_netfilter if present, to get
access to sysctl knobs controlling the firewall;
- once knobs are available, we unconditionally set them to 1, to make
sure the firewall is in effect.
More details at:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
[1] I9137ea017624ac92a05f73863b77f9ee4681bbe7
Change-Id: Id6bfd9595f0772a63d1096ef83ebbb6cd630fafd
Related-Bug: #1622914
There is no longer a trace of these options anywhere in the
Neutron codebase. These can be safely removed.
Change-Id: Ibf00e158248e2a20248917c8cfc0011d30da6a82
===Set bridge_mappings for linux bridge===
The external network physnet needs a bridge_mapping to the public
bridge when the L2 agent is responsible for wiring.
===Add PUBLIC_PHYSICAL_NETWORK to flat_networks===
This network must be present in the ML2 flat_networks config if
flat_networks is specified.
===Set ext_gw_interface to PUBLIC_BRIDGE in provider net case===
ext_gw_interface must be a bridge in a bridge_mapping when
Q_USE_PROVIDERNET_FOR_PUBLIC is used.
Closes-Bug: #1605423
Change-Id: I95d63f8dfd21499c599d425678bf5327b599efcc
This variable can be used to accommodate for underlying infrastructure
that does not provide full 1500-sized traffic, or maybe instead gives
access to Jumbo frames.
Change-Id: I38a80bac18673a30842a7b997d0669fed5aff976
Related-Bug: #1603268
Background for this work can be read on the mailing list:
http://lists.openstack.org/pipermail/openstack-dev/2016-May/094063.html
Usage of the new Neutron is by setting the following in
ENABLED_SERVICES:
* neutron-api
* neutron-l3
* neutron-agent
* neutron-dhcp
* neutron-metadata-agent
For now, the new neutron library supports just the ML2 plugin, with the
Open vSwitch and Linux Bridge agents supported. All other Neutron
plugins should be creating their own DevStack plugin if they wish for
DevStack to support them. Many of them already do.
Other notable changes compared to neutron-legacy:
* Rely on the Neutron defaults, and force Neutron to make
sane defaults instead of all kinds of knobs in DevStack.
* Default to rootwrap daemon support
* Use the security group driver by default
* interface_driver can now use NEUTRON_AGENT (linuxbridge, openvswitch), since
they are entrypoints in neutron's setup.cfg
* Use NEUTRON_AGENT variable to determine which agent to run
Works with NEUTRON_AGENT set to either "linuxbridge" or "openvswitch"
Default is openvswitch for the time being.
* Set ML2 configuration for VXLAN support
* Remove Xen hypervisor stuff - it should be a plugin
* Move L3 crud into separate service file:
There's a lot of L3 configuration that was in the main neutron file, but
a lot of it is self contained and can be moved into its own file.
The new l3 service file will contain all the previous L3 plumbing and
configuration that the OpenStack Gate expects, while also eventually
moving the whole l3 network creation step into a single hook that can be
overridden by plugins.
* Introduce a check for a function "neutron_plugin_create_initial_networks" which
will become the mechanism through which different topologies, and
networking plugins can create and wire the initial networks that are
created during a stack.sh run.
The new lib/neutron is considered experimental, and followup patches
will build upon this one. Existing users of lib/neutron-legacy should
remain unharmed.
Co-Authored-By: Hirofumi Ichihara <ichihara.hirofumi@lab.ntt.co.jp>
Co-Authored-By: Dean Troyer <dtroyer@gmail.com>
Change-Id: I31b6362c6d9992f425f2dedbbeff2568390a93da
I noticed this when debugging some grenade issues failures.
An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.
We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.
When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).
The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.
The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.
Some files had already discovered this. In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste. This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.
Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
interface_driver configuration was updated to use stevedore aliases.
This patch is to change devstack scripts to now use the aliases
instead of the previous class imports.
Closes-Bug: #1504536
Change-Id: Ic56bfcc1f9da05a999e6fd328e4dd6617e9470ff
These files have acquired execute permissions that
are not strictly necessary because they are being
sourced, and not intended to be run separately.
Restore to 644
Change-Id: I0b8654123416a07521502b61610ca45c94494a07
When I deploy linuxbridge-agent and enable tunneling,
the configuration of neutron isn't right. It lacks
the whole section [vxlan] to be properly configured.
Change-Id: Ib3bfe0f3445f466f4dbb36f7f0cb0d940114e7f6
Closes-Bug: #1481126
These have been emitting deprecated warnings for over a full release cycle:
Q_AGENT_EXTRA_AGENT_OPTS, Q_AGENT_EXTRA_SRV_OPTS, CINDER_MULTI_LVM_BACKEND
Change-Id: I3aa5cabd6ce3a0072cba08bbca1ad23d4a831219
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.
Change-Id: Id238748417ffab53e02d59413dba66f61e724383
This patch partially reverts commit
15130cd5fd1688b8984d78136b97bb8de7c32b64.
This commit was desupporting ovs and linuxbridge plugins.
But the ML2 plugin can be deployed with the linuxbridge agent.
The current patch restores the linuxbridge agent configuration
file.
Closes-Bug: #1393429
Change-Id: If824185b22e22a1de6498f1f0f2742a279235675
These plugins were removed in Juno.
Note: this doesn't affect the corresponding ML2 mechanism drivers.
Partial-Bug: #1323729
Change-Id: Ia8da1e20a03fef5657ba1584bf83ddd224b5d5f2
Q_AGENT_EXTRA_AGENT_OPTS is deprecated now and stack.sh displays
the warning that it will be removed early in "K" cycle.
Neutron ML2 devstack uses Q_AGENT_EXTRA_AGENT_OPTS to pass tunnel
configurations to Neutron plugin agents.
This commit removes the usage of Q_AGENT_EXTRA_AGENT_OPTS and
configures these config options directly.
Change-Id: I7fc1613ff78c0a8b1e80cc041b06f5d4680c34f2
Closes-Bug: #1354670
The files changed in this commit had incorrect bash syntax in that they were
assigning variables (=) instead of checking if they were equal (==). The
incorrect checks were preventing the configuration of VLANs with the Neutron
ML2 plugin.
Change-Id: I4b54bb5c69cc836c22900bd7a966197e9c616076
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check. Add a note to HACKING.rst
Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938