Since [1] (in oslo.db>9.1.0), the ``Session.autocommit`` member
is removed and should not be considered. This patch removes this
dependency while keeping backwards compatibility. This code will
be removed in future releases.
Due to the neutron-lib dependency, this patch bumps the needed
library version to 3.1.0.
[1]https://review.opendev.org/c/openstack/oslo.db/+/804775
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/851193
Closes-Bug: #1982818
Change-Id: Ibfcf9d5f6cd805f2d64fcd88049e2b43fedc3497
After the monitor_cond_since/update3 support patch in ovs
(46d44cf3be0), directly setting table.condition is broken. This
isn't something that was every truly supported. Prior to that
patch, using Idl.cond_change() before a connection was made
did not work, but after that patch it does.
This patch uses the old behavior when the OVS library does not
have the ConditionState object, and uses cond_change() otherwise.
Related-Bug: #1965819
Change-Id: I0503037b803a3c99fb7988bc20394c111ac456db
pyroute 0.6.6 introduced a new exception NetlinkDumpInterrupted which
is raised when NLM_F_DUMP_INTR is set in the flags during dump of
devices.
The suggestion from pyroute developers is to retry in case of this
exception (see [1]).
[1]: https://github.com/svinota/pyroute2/issues/874#issuecomment-1063139555
Closes-Bug: #1962608
Change-Id: Ie195ad596fd148708fc30946bde964d52444afee
Fullstack test cases need this release [1] of python-neutronclient.
Update the cliff version because:
python-neutronclient 7.8.0 depends on cliff>=3.4.0
cliff==3.4.0 requires stevedore>=2.0.1
python-neutronclient 7.8.0 depends on osc-lib>=1.12.0
[1] https://review.opendev.org/c/openstack/releases/+/828442
Partially-Implements: bp/packet-rate-limit
Related-Bug: #1938966
Related-Bug: #1912460
Change-Id: Ibc1fbb90bf22128cd783c8d8598fb3c49591eae2
Traditionally it has been the CMSs, in OpenStacks case Nova's,
responsibility to create Virtual Interfaces (VIFs) as part of
instance life cycle, and subsequently manage plug/unplug operations
on the Open vSwitch integration bridge.
With the advent of SmartNIC DPUs which are connected to multiple
distinct CPUs we can have a topology where the instance runs on one
host and Open vSwitch and OVN runs on a different host, the
SmartNIC DPU control plane CPU.
One of the main use cases for having this topology is security
where we treat the hypervisor host as untrusted and prohibit
direct communication between the hypervisor host and the SmartNIC
DPU control plane host. In addition to that control facilities
such as switchdev devices are only visible from the SmartNIC DPU
control plane CPUs.
Adds support for binding ports of type VNIC_REMOTE_MANAGED by
looking up chassis based on serial number that Nova provides in
the binding_profile.
Information required by the OVN controller to successfully look up
and plug representor port is provided as options on the LSP as
defined by the representor plug provider documentation [0][1].
0: https://docs.ovn.org/en/stable/topics/vif-plug-providers/vif-plug-providers.html
1: https://github.com/ovn-org/ovn-vif/blob/main/Documentation/topics/vif-plug-providers/vif-plug-representor.rst
Partial-Bug: #1932154
Depends-On: I496db96ea40da3bee5b81bcee1edc79e1f46b541
Depends-On: I83a128a260acdd8bf78fede566af6881b8b82a9c
Change-Id: Icc6c2d0f7f8f5cc94997db6244175a8e8884789f
The tool "neutron-ovn-db-sync-util" now syncs the Neutron QoS policies
with the OVN NB database. The tools reads the port and the floaiting IP
QoS policies and creates the corresponding OVN QoS rules.
The ovsdbapp library is bumped to version 1.15.0. This version updates
the "QoSAddCommand" to allow register updates. If the OVN NB QoS
register to be created is present in the DB and all parameters match,
no transaction is commited to the DB.
Depends-On: https://review.opendev.org/c/openstack/ovsdbapp/+/822138
Closes-Bug: #1947334
Change-Id: Ib597b62017b56b41009dd4d7359e169f424272b0
Security folks considered tracebacks in API responses unwanted.
Some additional lower constraints had to be bumped for the
lower-constraints job to pass.
Change-Id: Ibaefbb9935020318ed670774b0205f3bcffef4ad
Closes-Bug: #1951429
Depends-On: https://review.opendev.org/c/openstack/oslo.service/+/818548
When ovn/dns_servers consist of IPv6 dns nameservers,
it was getting added to IPv4 dhcp options also, and due to
this an invalid nameserver(last 4 octets of an IPv6 address)
is set in the instances.
This patch filters IPv4/IPv6 dns nameservers and set
dhcpv4/dhcpv6 options accordingly.
Also when dns_nameservers are not set for IPv6 subnets,
get those from ovn/dns_servers config or system nameservers
just like it's done with the IPv4 subnets. Updated
get_system_dns_resolvers to pick both IPv4/IPv6 valid
ips, this also requires bump of oslo.utils minimum version
to 4.8.0 to use strict option for IPv4[1].
Additionally fix some unit tests which were setting IPv4 dns
nameservers on the IPv6 subnets, this is not allowed with api.
[1] https://github.com/openstack/oslo.utils/commit/3288539
Closes-Bug: #1951816
Change-Id: I9f914e721201072e43a8c6c266ed97ca85fcc13d
The current rootwrap.conf file is outdated and doesn't include some
parameters. This change updates the content to make it consistent with
the latest example file in oslo.rootwrap.
Change-Id: I0b40b0bea4bbcbc78490dbfa3877cdd3a26ac298
After fix for the related bug will be fixed in oslo_policy [1],
InvalidScope exception will be raised for the API requests done with
project scope when "system" scope is required.
This patch changes our API policies unit tests to expect proper
exception to be raised in such cases.
This patch also bumps minimum required oslo.policy version to
3.10.1 which contains fix for the scope enforcement in the
custom rules.
Finally it also re-enables enforcing scope in those UT.
[1] https://review.opendev.org/c/openstack/oslo.policy/+/804980
Related-Bug: #1923503
Change-Id: I4c209fa4f504440a44d21a05f2703259f62519a5
When there is attempt to delete network with ports,
a general error message is displayed that one or more
ports are in use on the network. This patch proposes
to also return the ports which are in use as part of
the message.
Also modify test_delete_network_if_port_exists unit
test to check for port id and network id in Error
message.
Also bump required version of neutron-lib to 2.18.0
as that's needed for custom message in NetworkInUse
Exception.
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/821806
Closes-Bug: #1953716
Change-Id: Ib0b40402746c6a487a226b238907142384608d3c
eventlet before 0.32.0 have issues with
dnspython>=2.0.0, eventlet-0.26.1+[1] have
pinned dnspython for this, so let's use that
version instead for lower-constraints.
This should help with timeouts seen in
openstack-tox-lower-constraints job.
[1] https://github.com/eventlet/eventlet/commit/4236143
Change-Id: I09826681cf61eb0ff6c82421e8e85a2044e95a4a
Remove the QoS constants from Neutron code. QoS constants are now
located in ``neutron_lib.services.qos.constants``.
This patch also reverts [1]. This patch was merged in order to
allow a newer neutron-lib release in "requirements". This test
was failing because the element order of the "VALID_RULE_TYPES"
list was different between Neutron and neutron-lib. That was
modifying the "QosRuleType" OVO hash.
[1]https://review.opendev.org/c/openstack/neutron/+/817940
Closes-Bug: #1950977
Related-Bug: #1922237
Change-Id: I31edea3cc0f4a284a773a35302997ca6069efc95
Reduce the object retrieval to one single field to improve the
collection count.
Bumped neutron-lib to 2.16.0. This version contains [1], needed for
this patch.
[1]https://review.opendev.org/c/openstack/neutron-lib/+/807686
Related-Bug: #1942863
Change-Id: I160e8084e97b23a2bacb49ceb40efbac2d0715be
Since SQLAlchemy 1.4, the method "Inspector.from_engine()" is
deprecated.
Error message:
"The from_engine() method on Inspector is deprecated and will be removed
in a future release. Please use the sqlalchemy.inspect() function on an
Engine or Connection in order to acquire an Inspector. (deprecated
since: 1.4)"
Minimum version of SQLAlchemy required is bumped to 1.4.23.
Change-Id: I6cf5944ccb3a0532cbf123ddc0d7df6b6de80af1
Closes-Bug: #1943155
Neutron's lower-constraint job started to fail and
bump of the following packages seems to solve the issue:
* decorator to 4.1.0
* Mako to 1.0.7
Change-Id: I31d20cc0dc1fc0e745e16718e6c7c8dc896da855
Added pagging and sorting support for the extension
"network_ip_availability".
Closes-Bug: #1940518
Change-Id: Ic520ceb060c4a914d72ef66f58eeaa667382c53b
The os-resource-classes lib is the official source of the standard
placement resource classes. Currently, the neutron-lib contains a copy
of those constants. However, they are already marked as deprecated and
are going to be removed with next major release.
Related-Bug: #1934256
Change-Id: I33ecd6f32410f9b7ab1e87a6640201ea157bc383
This is to make sure stateless-security-groups API extension works
for OVN. (The new ovsdbapp version contains support for
allow-stateless ACL verb.)
Change-Id: I812b7e8669bf1ef7b30a3670612d14bc65a93190
That will avoid problems with eventlet 0.31.0 version, as seen during
the requirements upgrade.
Change-Id: I9a6798a6b0438149af8190dc90c70f79735bb01d
Closes-Bug: #1930195
Since pyroute 0.6.2, this dependency is not needed anymore. The
pyroute version is bumped both in requirements and doc/requirements.
This patch bumps the pyroute2 version to 0.6.4 (newest version
provided in upper-requirements).
Change-Id: I627e902e32fe59c6829c3bc92af19abff4b70f9a
Related-Bug: #1928913
This version fixes the problem reported in LP#1929518 as described
in [1].
[1]acc82bff39
Change-Id: I894eb3524681a3abaca5eeca0aa47028e7f1ff44
Closes-Bug: #1929518
In order to broadly cover the issue described in the referred bug,
this patch sets a default timeout of 2 seconds in the
``ovs_idl.Backend.lookup`` method.
This timeout should cover most of the situations where the IDL local
cache update is delayed. This patch does not change the default
behavior, except it will not fail if the DB cache is synchronized
within 2 seconds.
If we don't pass the notify handler or the backend does not implement
one, in case of not finding the requested register, the method will
raise like before.
ovsdbapp library is bumped to version 1.10.0 to receive the change
that introduces the active wait in ``Backend.lookup`` and adds the
timeout parameter to the method signature.
Change-Id: Ib40eabd6a8e9d59896e0e20383d8061eb4b5c710
Related-Bug: #1922934
Two improvements are implemented in this method:
- Add a query limit number parameter. This parameter is used by
"NeutronDbObject.objects_exist" to limit the number of registers
retrieved to 1.
- Add a query field parameter. This is the name (string) of the
"obj_cls.fields" list. That will reduce the columns to be
retrieved to only one. To check the existence of a DB register,
there is not need to retrieve the full DB model including the back
references.
In case of not passing any value, the first "obj_cls.primary_keys"
value will be used instead.
Closes-Bug: #1925528
Change-Id: I9fd5e306e293102c366d89c01bbe8b13721d59b0
Fixed backref warning for two view only relationship defined in the
ORM, "QosNetworkPolicyBinding.port" and "Tag.standard_attr".
Change-Id: I7fcb1268f4fc637e7f39eae4fcde33f82cb9772c
Closes-Bug: #1925841
Oslo policy moved those parameters to the DeprecatedRule object in [1]
and deprecated it in DocumentedRule object.
To avoid many deprecation warnings e.g. in our tests, this patch moves
"deprecated_since" and "deprecated_reason" parameters to the
DeprecatedRule object.
That change requires also bump of the oslo_policy to the 3.7.0 version
as change [1] isn't available in oslo_policy 3.6.2.
Additionally this patch also changes simple string "Wallaby" to
oslo_log.versionutils constant.
[1] https://review.opendev.org/c/openstack/oslo.policy/+/766628
Change-Id: I3234e04f417171db0d90e3e70661cc69bff8a4b1
Since [1], the physical network VLAN ranges parser populates the
ranges for those entries without a defined range, allowing all
valid VLAN ranges ([1, 4094]).
Some VLAN driver tests, relying on the previous implementation,
considered that the physical network without a defined VLAN
range does not have segments to allocated (those segments
are created on the fly by
"SegmentTypeDriverallocate_fully_specified_segment).
Since [1], all physical network segments are stored in the
"ml2_vlan_allocations" table and set as non allocated.
This patch also reverts [2]. When the physical networks are defined
in "network_vlan_ranges", there is no distinction between tenant
and provided networks; the physical network segments are assigned
by the user. It is possible to create a provider network without
defining the segmentation ID, it will be provided by the Neutron
VLAN driver, if there are free segments for the required physical
network.
[1]https://review.opendev.org/c/openstack/neutron-lib/+/779515
[2]1376df7873c2ac77c256ab2fed928de41a2c1d58
Closes-Bug: #1919280
Related-Bug: #1918274
Related-Bug: #1649750
Change-Id: I191e020ddb97dcf8fb41139d35bfd699e125379b