51 Commits

Author SHA1 Message Date
Rodolfo Alonso Hernandez
8c6710326e Fix installation with OVN backend and compilation
This patch fixes several issues related to the installation with
OVN backend with the OVS/OVN compilation enabled.

The OVS/OVN local directories prefix, when both services are compiled,
is now "/usr/local".

The "ovn_agent._run_process" function is calling "ovs-appctl" to
configure the logging settings of several services. Instead of
using the service name, the ctl socket file is used instead. That
is more robust and does not fail in systems with previous
installations.

Closes-Bug: #1960514

Change-Id: I69de5333393957593db6e05495f0c3c758efefdf
2022-02-09 21:22:46 +00:00
Slawek Kaplonski
4185358837 Install OVS from source when it was configured like that
Function _neutron_ovs_base_install_agent_packages always tried to
install openvswitch from packages and start it using systemd units.
That was failing when ovs was expected to be installed from source.
This patch fixes that.

Change-Id: Iae8625dd800d30061ea3dbed9eb0dfbe16f21572
2021-12-08 14:09:49 +00:00
Hongbin Lu
55f172961a Revert "Revert "remove external_network_bridge option""
This reverts commit e3e9ea299601665a295e31a98e90dd9587165850.

Change-Id: I23e1b98bd2839b79226b55700ee404a8fda83f83
2019-02-27 14:57:22 +00:00
Adam Spiers
bbb6b0c240 Fix version comparison for SUSE Linux Enterprise 12
The version comparison introduced in
I5152f2585c3d4d18853988d6290039d6b1713b99 was broken, because it tried
to use bash's -lt operator for floating point comparison, but bash
only supports integer arithmetic.

So instead use devstack's vercmp() function.

Change-Id: I8aac71c5bb6c2e82479d62831ea0672ba6a9a534
2019-01-25 01:05:58 +00:00
Derek Higgins
e3e9ea2996 Revert "remove external_network_bridge option"
This reverts commit faaf96bfb15c5f4c45a72b149dc6fe1e1f907a71.

Ironic jobs were still using this option, it needs to be
switched to an alternative first.

Change-Id: I1683d7cfa81f5fe2497cc7045e87f8b20fed4968
2018-11-09 15:45:46 +00:00
Hongbin Lu
faaf96bfb1 remove external_network_bridge option
The external_network_bridge option is deprecated/legacy and being
removed from neutron (see I07474713206c218710544ad98c08caaa37dbf53a).
This patch removes the external_network_bridge option iniset from
devstack scripts.

Change-Id: I4d9641cc9bb83719c9af1edabb89a63c4c2b1d96
2018-09-26 14:49:07 +00:00
Jakub Libosvar
a99ab7002c neutron: Use openvswitch firewall driver by default
openvswitch firewall has been in Neutron tree since Newton and has gone
through lots of improvements since including simple upgrade path from
the iptables hybrid driver.

We have a tempest job running in Neutron tree with openvswitch firewall
that's been voting and stable for a while. For neutron_tempest_plugin,
we have had the openvswitch firewall in use since the beginning.

This patch proposes openvswitch firewall driver to become a default
driver for openvswitch agent deployments.

Change-Id: If26d0180e459210511f25f1faa83dd8ccea25ff4
2018-05-14 16:16:08 +02:00
Dirk Mueller
486057f339 Start OVS as root on Tumblweed to workaround bsc#1085971
There is currently a OVS 2.9.0 update in Tumbleweed that
fails to start as it is having a race with systemd on creating
the home directory. Workaround is to run it as root for now.

Change-Id: Ief610c6473834b02a1d644d8f50d11138a48e6e6
2018-04-11 21:31:53 +02:00
Jenkins
073c225257 Merge "Skips enabling kernel bridge firewall in container" 2017-03-03 16:20:20 +00:00
Denis Buliga
0bf75a471e Skips enabling kernel bridge firewall in container
Calling enable_kernel_bridge_firewall inside a
container, devstack will crash because it tries to
load a kernel module by calling 'sudo modprobe' on
net.bridge.

Change-Id: Id4718c065d5a8c507d49f38e19c2796a64221aa4
Closes-Bug: #1662194
2017-02-27 10:31:58 +02:00
Ihar Hrachyshka
952ecb6fec Don't set external_network_bridge by default
Since the empty value is the default for the option, and when explcitly
set in config file, it triggers a deprecation warning for the option,
avoid setting it unless we actually need to override the new default
value.

Change-Id: If423114d7a52da29b97d1fb473a955d9d69a1a3e
2017-02-10 06:39:04 +00:00
Ihar Hrachyshka
47bcf4fbcb Removed neutron_plugin_configure_debug_command functions
Those are not called by devstack anymore. This cleanup also gets rid of
code that attempts to set external_network_bridge to an empty value,
which triggers a deprecation warning for the option since it's going to
be removed in a next Neutron release.

Change-Id: I5adcbab877b4e8742522de81b1a85acfc33160d7
2017-02-10 06:39:04 +00:00
Dirk Mueller
30b58bfa27 Update openvswitch restart for suse
Starting with SLE12 SP2 and with openSUSE Leap the distro-shipped
openvswitch is the normal systemd openvswitch.service service file
and no longer the older openvswitch-switch Sysv5 init script. Add
a special case for that.

Change-Id: I5152f2585c3d4d18853988d6290039d6b1713b99
2016-12-09 01:00:42 +01:00
Gary Kotton
2a5981402f Provide configuration file to ovs-cleanup utility
There may be cases when the configuration of the OVS is different
from the default one. This enables one to make use of the neutron
configuration file to contain all of the OVS settings.

Change-Id: I728cf8cdc653667c076b07b39c13c1278281c01b
Closes-bug: #1645691
2016-11-29 03:48:34 -08:00
Brian Haley
30ab23cd9b Fix stevedore warning with neutron firewall_driver
The initial start of the neutron OVS agent always prints
a warning:

 WARNING stevedore.named [] Could not load
 neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

There's an alias for that in setup.cfg called
iptables_hybrid that would avoid it.

Change-Id: I3f5bf782f4f27dc123e462e494741a8a941641ec
2016-11-02 17:05:48 -04:00
Ihar Hrachyshka
b3a210f643 Enable bridge firewalling if iptables are used
With the plan [1] to stop enabling it by Neutron iptables firewall
driver itself, deployment tools should catch up and enable the firewall
themselves.

This is needed for distributions that decided to disable the kernel
firewall by default (upstream kernel has it enabled). This is also
needed for distributions that ship newer kernels but don't load the
br_netfilter module before starting nova-network or Neutron iptables
firewall driver. In the latter case, firewall may not work, depending on
the order of operations executed by the driver.

To isolate devstack setups from the difference in distribution
kernel configuration and version, the following steps are done:

- we load bridge kernel module, and br_netfilter if present, to get
  access to sysctl knobs controlling the firewall;
- once knobs are available, we unconditionally set them to 1, to make
  sure the firewall is in effect.

More details at:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf

[1] I9137ea017624ac92a05f73863b77f9ee4681bbe7

Change-Id: Id6bfd9595f0772a63d1096ef83ebbb6cd630fafd
Related-Bug: #1622914
2016-09-29 04:26:56 +00:00
Sean M. Collins
75a6454097 neutron: Wait until ovs-vswitchd creates the bridge
Seeing a race condition where lib/neutron code tries to
set the MTU on br-ex before it exists.

Thanks to some good grepping by sdague, it appears that the difference
between lib/neutron and lib/neutron-legacy is that the initial bridge
being created is br-int while in lib/neutron the initial bridge
created is br-ex, which means there must be some kind of warm-up that
occurs between the first bridge that is created by ovs-vswitchd and the
second, and the second one created is much faster.

So instead, let's just wait for the bridge to be created successfully.

Change-Id: I271dc8b6ae5487c80d2a22153b3fc45fb247707f
2016-08-02 12:55:54 +00:00
Ihar Hrachyshka
7b5c7dce53 Introduce PUBLIC_BRIDGE_MTU variable to set br-ex MTU
This variable can be used to accommodate for underlying infrastructure
that does not provide full 1500-sized traffic, or maybe instead gives
access to Jumbo frames.

Change-Id: I38a80bac18673a30842a7b997d0669fed5aff976
Related-Bug: #1603268
2016-07-17 00:14:43 +02:00
Yi Zhao
2ae8b09b61 Fix quoting in vercmp check for kernel version
I352362cf59e492fa9f7725190f0243f2436ac347 switched this to vercmp, but
using single-quote (') will mean that the kernel version isn't
actually expanded for the comparision.

I guess, like the original change, the fact it isn't working is
hidden.  Trusty seems to have 3.13 ... I can't imagine we support
anything before this ... so I'd also be happy if someone with some OVS
knowledge wants to just delete it.

(This change was originally an alternative to
I352362cf59e492fa9f7725190f0243f2436ac347 but got the quoting right)

Change-Id: I9fa514885c20b1135fb0680cf61fc04628fbecbe
Closes-Bug: #1580850
2016-06-10 10:50:32 +10:00
Brian Haley
09604349f8 Change ovs_base neutron plugin to use vercmp
This plugin was using a deprecated function, vercmp_numbers(),
that wasn't actually working properly because the call to
'deprecated' at the beginning was causing garbage to be
returned to the caller.  For example, this was always in
stack.sh.log when using OVS:

.../lib/neutron_plugins/ovs_base: line 57: [: too many arguments

Update to use vercmp() like all other users in devstack, and
remove all the old code.

Change-Id: I352362cf59e492fa9f7725190f0243f2436ac347
2016-06-02 10:33:54 -04:00
Jenkins
ddeaaf2044 Merge "Enable some serivce when on boot" 2016-01-07 01:38:08 +00:00
Zhang Jinnan
4d8c03a377 Enable some serivce when on boot
Solve the devstack ./rejoin-stack.sh when is reboot-safe in RHEL 7.
Enable mysql, postgresql, rabbitmq-server, openvswitch service when on boot.

Change-Id: I3ce9fc58ccc76092ad08314de1c3c9339ebfb3b5
Related-Bug: #1486833
2016-01-06 16:40:11 +00:00
Ian Wienand
523f488036 Namespace XTRACE commands
I noticed this when debugging some grenade issues failures.

An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.

We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.

When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).

The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.

The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.

Some files had already discovered this.  In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste.  This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.

Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
2015-11-27 15:36:04 +11:00
Ian Wienand
ada886dd43 Don't mix declaration and set of locals
Ia0957b47187c3dcadd46154b17022c4213781112 proposes to have bashate
find instances of setting a local value.  The issue is that "local"
always returns 0, thus hiding any failure in the commands running to
set the variable.

This is an automated replacement of such instances

Depends-On: I676c805e8f0401f75cc5367eee83b3d880cdef81
Change-Id: I9c8912a8fd596535589b207d7fc553b9d951d3fe
2015-10-07 17:03:32 +11:00
Aaron Rosen
bd5e6b1659 Remove unnecessary execute permissions
These files have acquired execute permissions that
are not strictly necessary because they are being 
sourced, and not intended to be run separately.

Restore to 644

Change-Id: I0b8654123416a07521502b61610ca45c94494a07
2015-10-01 21:01:35 +00:00
Michal Ptacek
c1605550d9 Propagate OVS_DATAPATH_TYPE to ml2_conf.ini
If OVS_DATAPATH_TYPE is configured it should be visible in ML2 config

Changing OVS_DATAPATH_TYPE default value to 'system' from ''

Closes-Bug: 1499029
Change-Id: I88e7d2554e8a1d6dcfea71fc1fb8e9fb2491d8b7
2015-09-24 17:45:08 +01:00
Hirofumi Ichihara
7ab3e39bc4 Add cleanup for br-tun with OVS
Change-Id: I5c4d28844f40eaad622ef7590c54e0e6647c85e3
Closes-Bug: #1471390
2015-07-04 23:11:52 +09:00
Hirofumi Ichihara
d48d672a8d Add tunnel_bridge configuration for openvswitch agent
Change-Id: I0235aa05cf86b3ed9d9620dda3f16b69ced077e3
2015-07-04 22:58:44 +09:00
Jenkins
ba9f43e3cc Merge "Set datapath to $OVS_DATAPATH_TYPE for bridges" 2015-06-16 19:44:32 +00:00
Sean M. Collins
64d5ecf3bf Define PUBLIC_BRIDGE in the main Neutron lib
This way, it can be used by both OVS and Linux Bridge

Change-Id: Iea5a8bb720d327b69f64791a23d414d4cde2e3ea
Closes-Bug: #1460758
2015-06-01 14:13:41 -04:00
Waldemar Znoinski
d4c89289f9 Set datapath to $OVS_DATAPATH_TYPE for bridges
This change extends devstack to configure the br-ex,
br-<phy> and Xenserver's br-$GUEST_INTERFACE_DEFAULT
datapaths when OVS_DATAPATH_TYPE is set.

Change-Id: I71e590de86e7526e8423140463752d6b3ad14214
Closes-Bug: #1416444
2015-05-07 19:01:40 +01:00
armando-migliaccio
c2dc95add6 Avoid flushing br-ex during stacking
This operation seems vestigial, as it was added to the code when stack.sh
did not have a robust cleanup procedure. These days, unstack.sh does destroy
all bridges, therefore during subsequent stack.sh runs (or even initially, from
a clean environment), the flush operation has become superfluous.

Its removal has also been deemeded necessary to enable certain multi-node
cloud deployments, like the one available in OpenStack infra [1].

[1] https://review.openstack.org/#/c/158525/

Change-Id: I6b4e5b82958e6d29dd450f1c4c9513f6a9e5053a
2015-04-09 23:00:20 -07:00
Zhenzan Zhou
9a704486a9 Fix wrong grep regular expression for tap ports
The regular expression used in neutron_ovs_base_cleanup omit
prefix in ovs tap ports, so wrong names are returned and used.
E.g. tap devices created for ironic in devstack are brbm-tap1
and ovs-tap1.

Change-Id: I034be6362b3d09c5296ecc413828a056712c3bd2
2015-01-29 08:12:31 +00:00
Sean Dague
e263c82e48 add shebang lines to all lib files
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.

Change-Id: Id238748417ffab53e02d59413dba66f61e724383
2014-12-10 11:28:05 -05:00
YAMAMOTO Takashi
98a0ad4472 ovs_base: Fix debug-agent config for Q_USE_PROVIDERNET_FOR_PUBLIC=True
Set up external_network_bridge correctly for the case
of Q_USE_PROVIDERNET_FOR_PUBLIC=True.

This is an oversight in commit 6a633fd024347aade777ecd6545fa3efde5a959c.

Closes-Bug: #1394826
Change-Id: I33f0fe15bafb7071d8a09899d636471f49031606
2014-11-21 11:27:53 +09:00
YAMAMOTO Takashi
0f18c23de8 ofagent: Support physical_interface_mappings
Also, add a knob to create a veth pair instead of a bridge
to provide host connectivity for l3-agent.  (Q_USE_PUBLIC_VETH)

Related: blueprint ofagent-physical-interface-mappings
Change-Id: I4c2538f0fd3fb05bfdb69e7e4c3a8462af42ba10
2014-10-17 01:18:40 +00:00
Sean M. Collins
d738a9ecf7 Ubuntu: Start openvswitch-switch service after install
Change-Id: I73a7cec67d0f0782de1598c4ebb1815726e38199
Closes-Bug: #1362782
2014-08-28 15:54:40 -04:00
YAMAMOTO Takashi
6a633fd024 Allow to use flat providernet for public network
The support of ancillary bridges (aka br-ex) is planned to be
dropped for ofagent.  This commit prepares the deprecation by
providing devstack support for an alternative way to connect
public network.

Related to blueprint ofagent-port-monitor
Change-Id: I6c2ce646070db0ed248665216071499a9b5567ab
2014-08-01 14:26:28 +09:00
Jenkins
9d47135531 Merge "Configure the OVS datapath type with devstack." 2014-07-31 00:14:35 +00:00
James Chapman
c83cc75e61 Configure the OVS datapath type with devstack.
This feature provides the user with a means of easily configuring
the required Openvswitch datapath type. (Netdev, dpdk, etc)

Define the OVS_DATAPATH_TYPE variable in the devstack configuration file
local.conf.

This feature enables Intel(R) DPDK vSwitch and netdev DPDK vhost.

Implements blueprint config-ovs-datapath-type

Change-Id: I5698720960b1ac532c790d3e5735c5cef36d5e3d
2014-07-14 21:40:27 +00:00
Kyle Mestery
86af4a0e5d Don't install openvswitch-datapath-dkms on newer kernels
On kernels >= 3.13 for Ubuntu, there is no need to install the
openvswitch-datapath-dkms package anymore. Consequently we don't need the
dkms package anymore, nor the linux headers.

Update the opendaylight devstack code to correctly check for this and make
the right decision.

While here, also utilize get_packages() and common code where possible.

Change-Id: Idd6a71951f6f77b6e3c4e536e735dfead6a40bc1
Closes-Bug: #1331111
2014-06-25 10:31:44 -04:00
Henry Gessau
c48afe4bc0 Do not install openvswitch-datapath-dkms on Ubuntu 14.04
Change-Id: I8c58d998011427a202c79c45b87b5eca5ceaaa71
Closes-bug: #1331111
2014-06-22 16:10:56 -04:00
Dave Tucker
f60e8c0fbe Wait for OVS to reconfigure when creating PUBLIC_BRIDGE
The '--no-wait' flag will not wait for ovs-vswitchd to reconfigure after
changes have been made to the database. This causes a race condition as
the bridge may or may not be up when 'ip addr flush dev $PUBLIC_BRIDGE' is
called. This commit removes the '--no-wait' flag which is safe as the
openvswitch services are already started earlier in stack.sh

Change-Id: I73ef1b731295d03b0f064c5f786196284c3e39ce
Closes-bug: #1328962
2014-06-12 00:09:06 +01:00
Ralf Haferkamp
ce03d10287 Fix openvswitch package and service names for openSUSE
Change-Id: Iaf173422e4d009bdd7ed7ed79af2269c44039060
2014-04-07 17:02:39 +02:00
Dean Troyer
e3a9160c0d Fix Neutron plugin XTRACE handling
The various Neutron plugin files need to have unique variables for the
xtrace state as they are sometimes nested more than two levels deep
and MY_XTRACE is getting stomped.  This gives each of the neutron_plugin
and neutron_thirdparty include files a unique XTRACE state variable.

I don't think this is a problem with any of the other plugin include
files (yet) so this just handles Neutron for now.

Change-Id: I7c272a48e7974edecaff5f431ff7443dd6622588
2014-03-28 12:40:59 -05:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Aaron Rosen
4540d00ebd All neutron plugins should now use LibvirtGenericVIFDriver
Change-Id: I70015ae55fe6db9c6c4663a8d021fe9cfe2eddcf
2013-10-24 23:01:16 -07:00
Joe Gordon
e095daa732 Make nova use fatal_deprecations=true
We should not be using deprecated config options here, so lets set
fatal_deprecations=True to make sure.

Stop using deprecated LibvirtHybridOVSBridgeDriver

Change-Id: I0a43780270d092a42ede6c0667343f0d02b3aa67
2013-10-22 09:52:27 +01:00
Gary Kotton
503e9ac4cf Set external ID on br-ex
This will enable Neurtron identify that the external bridge is a
Neutron bridge (this is required for bug 1192883)

Change-Id: I8ad1b0b3d93d5068beec2021abf9afbacf8c48ff
2013-07-15 09:44:43 -07:00
Vincent Untz
cf6d809d8d Add openSUSE support for openvswitch
Change-Id: I4665a2719c0050cb5413a8ffcefb977106533d1a
2013-07-09 08:13:30 +02:00