This reverts commit e92193d246c8ea30d42a064297bb7a1955c62a98.
With pecan 1.4.0 aodh and ceilometer has issues, so for now better to
revert this change.
Closes-Bug: #1894864
Change-Id: I32b667b9fcc8bd6909d58c8fb60797f961ab9b44
With older versions, lower-constraints job fails on Focal as seen in DNM
patch https://review.opendev.org/#/c/738163/
Change-Id: I05e0f3a3ad0abc02f97a89d63af9f58d5fa00549
Closes-Bug: #1894857
In the spec we said:
"""
When the metadata proxy processes a request, it gathers the L2 addresses
of a VM, and the source interface, and passes it to the metadata service.
The Metadata service, instead of using the VM IP, uses the "VM MAC" and
"Gateway MAC" to identify the instance.
"""
But since we switched from the home-grown metadata-ns-proxy to haproxy
we no longer control some of the headers included, like X-Forwarded-For.
haproxy allows us to turn X-Forwarded-For on or off, but it cannot
give us an X-Forwarded-For-MAC header.
Instead it seems we have to rely on the source address being the IPv6
link local address generated from the NIC's MAC address as specified
in RFC 4291:
https://tools.ietf.org/html/rfc4291#section-2.5.6https://tools.ietf.org/html/rfc4291#appendix-A
Note that means you cannot use IPv6 Privacy Extensions:
https://tools.ietf.org/html/rfc4941
Change-Id: Ife592fcfc69e26f61ec1f45c06821cb025cc7cf2
Closes-Bug: #1460177
As seen in focal testing failure [1], lower constraints fail on
some packages (fixing one, another may appear). This bumps a series of
packages after local testing to pass on Focal.
Also sync requirements on these new versions
[1] https://review.opendev.org/#/c/734304/
Change-Id: I3abf86d90ed5cb1c4434746860b53c676eecbfd3
There's a fix in pecan 1.4 to handle accept headers that have
extra parameters included.
Closes-Bug: #1829042
Change-Id: Id7d78d77da8dfd1620936e437d862c1d60e8eb25
This new version contains [1]. The aim of this patch is to remove
any eventlet patch in the root daemon, trying to avoid the recurrent
evenlet timeout we detect in the CI jobs (mainly functional and
fullstack ones).
[1]https://review.opendev.org/#/c/740970/
Change-Id: Ide2081e8de032752c3aae940ed7d2a8380dd4b3d
Since [1], it's possible to specify the shared library to be used
when creating a Pyroute2 namespace context.
As commented in [2], "privsep" library makes use of eventlet to
implement multitasking. If the method executed returns the GIL,
nothing guarantees that the "eventlet" executor will return it
again to this task. This could lead to timeouts during the
execution of those methods.
From https://docs.python.org/3.6/library/ctypes.html#ctypes.PyDLL:
"Instances of this class behave like CDLL instances, except that
the Python GIL is not released during the function call, and
after the function execution the Python error flag is checked."
[1]https://github.com/svinota/pyroute2/issues/702
[2]https://review.opendev.org/#/c/717017/
Change-Id: I6c9f9adba8b4433cc96704bb69dd4e0d4b154ebd
Related-Bug: #1870352
When creating the OVS manager, define the command timeout
(CONF.OVS.ovsdb_timeout) and inactivity probe time
(CONF.OVS.of_inactivity_probe)
NOTE: CONF.OVS.of_inactivity_probe is defined in seconds but the
parameter should be passed to ovs-vsctl in milliseconds [1].
[1]http://www.openvswitch.org/support/dist-docs/ovs-vswitchd.conf.db.5.txt
Depends-On: https://review.opendev.org/#/c/720785
Change-Id: I8ed1fc85c2f78710bf6589ba3deca518471339b8
Closes-Bug: #1868686
Version 2.4.0 of neutron-lib has the DHCP port numbers
correct, so start using them.
Also updated other code in linux/dhcp.py to use the
constants as well, instead of re-defining them.
Closes-bug: #1882588
Change-Id: I5dc1d8e7bcc94efd1fab68d980d60e3130d5e5bc
There were a couple of versions of oslo.log that were
not backwards-compatible. Now that a fixed version was
released, bump lower-constraints to require it and
remove the temporary workaround.
Change-Id: If38105ceaa48a0520ae8243982b736d0bc99ec3a
Related-bug: #1871840
Versions of oslo.log >= 4.1.2 require a second argument when
initializing the OSJournalHandler class. While I've started
a review to fix that regression [0], bump oslo.log to a later
version that requires this new flag and pass it to fix the
gate.
Also had to blacklist the OVN tempest IPv6 hotplug test
since it is failing too much to pass the check jobs.
[0] https://review.opendev.org/732457
Change-Id: Ic9bbb43aa832ad6cc45d57328b40afe4468ddfca
Related-bug: #1871840
Related-bug: #1881558
In hacking 2.0 or later, local-check-factory was removed as it is not
compatible with flake8 3.x and it is advised to use flake8's local
plugins [1]. neutron-lib provided a factory to register common hacking
rules, but it no longer works with hacking 2, so we need to define rules
defined in neutron-lib as flake8 local check plugin [2] explicitly.
This needs to be done in each neutron related project, so it is the
downside of the migration to hacking 2.x (I explored a way to continue
to use the factory but failed to find a good way to achieve this) but
I believe it is good to migrate the newer libraries.
* flake8ext decorator in neutron/hacking/checks.py is also replaced with
hacking.core.flake8ext to avoid the copy-and-paste code.
* neutron-lib dependency is updated as neutron-lib 2.3 added hacking 3 support.
* Python modules related to coding style checks (listed in blacklist.txt in
openstack/requirements repo) are dropped from lower-constraints.txt
as they are not actually used in tests (other than pep8).
* HackingDocTestCase is now converted into normal test cases.
HackingDocTestCase depends on the internal of hacking and pycodestyle
so it looks better to use normal style of writing tests.
[1] https://docs.openstack.org/releasenotes/hacking/unreleased.html#relnotes-2-0-0
[2] https://flake8.pycqa.org/en/3.7.0/user/configuration.html#using-local-plugins
Change-Id: I92cf50a84bb587a0649a7cffee15cce4ce37d086
Currently, we are overriding 'install_command' to use 'pip'. This is
considered poor behavior and 'python -m pip' should be used instead:
https://snarky.ca/why-you-should-use-python-m-pip/
It turns out that this is the the default value provided by tox:
https://tox.readthedocs.io/en/latest/config.html#conf-install_command
So we can remove the line and simply use the default value.
This change showed we needed a newer version of debtcollector in lower
constraints, aliging with the version required by os-vif. This change
showed we needed also a newer version of cffi and keystoneauth1 in lower
constraints. Update also the requirements file for debtcollector and
keystoneauth1.
Change-Id: I5e190c3db8bed0a264b911cdf425aa4c9b51f768
Contains fixes for functional tests needed after the networking-ovn has
moved to Neutron and OVN splitting from the OVS repository upstream.
Depends-On: https://review.opendev.org/#/c/704176/
Change-Id: If3d6a04bf47f7e308530a3e1abb20ebfc184451f
Related-Blueprint: neutron-ovn-merge
In OVN we can configure connection to NBDB and SBDB to be under
SSL. We forgot to add this requirement during move.
There is a TestPortBindingOverSsl functional test case that
is failing because of this missing requirement.
Related-Blueprint: neutron-ovn-merge
Change-Id: I664f721e9b7edbf3358749e3d31e8e1632123b05
Since it's no longer supported past Train, lets stop
running the tests.
Updated docs and made some pep8 code tweaks as well.
Change-Id: I1c171ab906a3b4c66558163ad26947ebf710a276
This patch removes the dependency from ironicclient for the ironic
event notifiers in favor of openstacksdk.
Also, increasing minimum required versions for mock and
openstacksdk.
Change-Id: Ib76e19d29f0ae3db6d181578b638da699181f60d
Bump neutron-lib to 1.29.1 [1] in requirements and lower-constraints.
[1] https://review.opendev.org/680619
Change-Id: I95ed02087e7cd6cc757f9a1578a1e4590458a714
Bump neutron-lib to 1.29.0 [1] in requirements and lower-constraints.
[1] https://review.opendev.org/677314
Change-Id: Ia243c7d64f99ca222ad3b9c583fe4a64b01beb43
While working on improving the osprofiler report in neutron I'm finding
various places where the profiling can be extended by propagating the
profiler info further then before.
This change starts to profile BatchNotifier threads (e.g. various
callbacks to nova) when the code starting the thread was already
profiled (it's not at the moment, but that will be another change).
In this change we use osprofiler.profiler.clean(). Since that has became
part of the public interface of osprofiler in version 2.3.0, we bump
osprofiler version to 2.3.0 both in lower-constraints and requirements.
Change-Id: Ibd08e097b6f8457c50f8ba9e4a63b96e7e3182bc
Partial-Bug: #1833674
Bump up neutron-lib to 1.28.0 [1] in requirements and lower-constraints.
[1] https://review.opendev.org/#/c/668928/
Change-Id: I57efc19d67826698cfafbf03d735c5e8978ca745
For various synchronized scenarios, this decorator
allows flexible lock name with parameters and names
of underlying functions.
For instance:
@synchronized('{f_name}-{resource.id}-{snap[name]}')
def foo(self, resource, snap):
Change-Id: I4bf75be2902cd598a5a5a2c5887d4b4262f3e042
Related-Bug: #1824911
This patch adds an ironic notifier that sends notifications
to ironic endpoint /v1/events. The events are triggered by
port updates and deletions. Only ports with vnic_type
baremetal are honored.
Story: 1304673
Task: 22263
Closes-Bug: #1828367
Implements: blueprint event-notifier-ironic
Authored-By: Vasyl Saienko <vsaienko@mirantis.com>
Co-Authored-By: Harald Jensås <hjensas@redhat.com>
Co-Authored-By: Julia Kreger <juliaashleykreger@gmail.com>
Change-Id: I0bb3187a88a7f20adb8c60e24945db159afb83f1
In case of Smart NIC vNIC type neutron should mimic nova-compute
that plug the port to the ovs bridge.
Extend the Neutron OVS mechanism driver and Neutron OVS Agent to bind
the Neutron port for the baremetal host with Smart NIC. This will allow
the Neutron OVS Agent to configure the pipeline of the OVS running on
the Smart NIC and leverage the pipeline features such as: VXLAN,
Security Groups and ARP Responder.
Story: #2003346
Closes-Bug: #1785608
Change-Id: I6d520d3bac2e9ceb30b5b6197c6eb0f958cc3659
Pyroute2 is modifying the default logger, adding NullHandler to it. If
the logger is not properly configured, like in any service or agent
spawn in Neutron, the only handler will be NullHandler. This prevents
from rendering the message passed, as when StreamHandler is used.
This issue is present only in version 0.5.4 and 0.5.5. Current Pyroute2
master version implements a new logger which removes this problem.
[1]https://github.com/svinota/pyroute2/blob/0.5.5/pyroute2/__init__.py#L78-L79
Change-Id: Ic89d8503e9d1a7f622f0c3a148bf78766b92ed08
Related-Bug: #1811515
Bump up the required and lower constraint for neutron-lib to use the
latest release 1.26.0. Also see https://review.opendev.org/#/c/653887/
Change-Id: I55344c117793ddce91ad95401e1306d6605ee586
In conjunction with the prior fix to only get a subset of fields
when needed, this makes the querying of non-rules SG objects
very very fast.
Before the two fixes, if you have about ten security groups with 2000 rules each:
list all: 14s
list all, just 'id' field: 14s
list one: 0.6s
list one, just 'id' field: 0.6s
With just the previous partial fix:
list all: 14s
list all, just 'id' field: 6s
list one: 0.6s
list one, just 'id' field: 0.2s
Now with this change:
list all: 14s
list all, just 'id' field: 0.04s
list one: 0.6s
list one, just 'id' field: 0.03s
Closes-Bug: #1810563
Change-Id: I15df276ba7dbcb3763ab20b63b26cddf2d594954
We recently exposed the privsep opts for config generator use, so
projects that depend on oslo.privsep should include them in their
sample configs.
Change-Id: Ibaef2e2848855cd8ef987ec58457220911ad7c69