Neutron could create a port without the IP address when the network doesn't
have a subnet. In this case, neutron will have no L3 knowledgee and we need
remove the L3 filter on it but reserve the L2 filter if there is.
This patch will make L2 agent verify the fixed_ips before converting the
security-group-rules into firewall rules, L3 rules in it will be removed.
And filter like arp-spoofing will be disabled for this port.
Partially Implements: blueprint vm-without-l3-address
Change-Id: I5cd1fdfa13a7e57258be7251768eaa8ba64d486e
Guard against potential down_revision interleave by checking that each
revision has the only revision that corresponds to its location in the
migration tree, and that its parent also has that same single label.
Partially-Implements: blueprint online-schema-migrations
Change-Id: Ia812e8283f4da955610fe043aba3ad0298ede24b
The L3 HA mechanism creates a project network for HA (VRRP) traffic
among routers. The HA project network uses the first (default) network
type in 'tenant_network_types'. Depending on the environment, this
combination may not provide a desirable path for HA traffic. For
example, some operators may prefer to use a specific network for HA
traffic to prevent split-brain issues.
This patch adds configurable options that target the network_type and
the physical_network of the created HA network.
Doc-Impact
Closes-Bug: #1481443
Change-Id: I3527a780179b5982d6e0eb0b8c32d6dafeeab730
Alembic migrations should not change tables which models were moved
out of Neutron. This change add check for this.
Also this change remove clear_override from db_sync in
_TestModelsMigrations which is not needed.
Closes-bug: #1466704
Change-Id: I587cd6fb2baa82fd7e452bb8597136efa5b8084e
This change adds a file needing a python 3 support by
Ie0dc57fbe3ed9b19dac2e958de14387bc4c1a260.
Change-Id: Ice6e8ae618b82ff45398c338c3eee27ed9d5a105
Blueprint: neutron-python3
Sub-projects shall now register their independent alembic migrations
via entrypoints in setup.cfg, and neutron-db-manage will discover them
and run them automatically.
If a service or sub-project is specified explicitly, then
neutron-db-manage will run on only that service or sub-project.
The advanced services project are just special cases of sub-projects.
For example, specifying the CLI option '--service lbaas' is the same
as specifying '--subproject neutron-lbaas'.
Specifying no service or sub-project will cause neutron-db-manage to
run the command on neutron and all installed sub-projects.
Added and consolidated documentation into devref for alembic migrations.
Partial-Bug: #1471333
Partial-Bug: #1470625
Change-Id: I9a06de64ce35675af28adf819de6f22dc832390d
After vendor driver split, the entry point for bigswitch ml2
mechanism_driver is no longer valid. The new entry point is defined in
the networking-bigswitch stackforge repo.
Change-Id: Ie6e19a13e49d9d3e95f8ea2f10181592e9f156e5
Closes-Bug: #1484341
In python 3, a format type 's' of struct.pack() requires a bytes object to an argument.
Change-Id: Ia4640b31c31b5b7454cd1582af46562fb1885726
Blueprint: neutron-python3
Latest developments have revealed that the registry can be misused
under certain circumstances, and that it can be harder to use by
projects that extend Neutron.
This patch improves the devref documentation so that developers know
what to expect.
Change-Id: I565b6a2f2a58bf22eae5b36f03c4fd24ba0774d2
A misnamed function call and execution order issue was causing
update_subnet to fail when a PD enabled subnet received a new CIDR.
This patch fixes the issues, and introduces an rpc api test to
ensure the function works. This includes altering the process_prefix_update
RPC handler to expose the issue to the test.
Change-Id: Id1e781291f711865fd783ed5e0208694097b7024
Closes-Bug: 1482676
The value "sgids" is unnecessary to be used.
Even it is a bit confused to use "sgids",
the code will be easier to understand without it.
Change-Id: I8b881139a71bdc9f3742e7208610eb56081fbbc7
When removing a DVR interface by port, the subnet_id
passed to delete_csnat_router_interface_ports is None,
and so it deletes all the DVR SNAT ports for the
router.
This patch fixes this issue by passing in the right
subnet_id to the delete_csnat_router_interface_ports.
Change-Id: I16735195c6575454876acd0e99ef45f382963566
Closes-Bug: #1443524
Co-Authored-By: Swaminathan Vasudevan <swaminathan.vasudevan@hp.com>
Co-Authored-By: Oleg Bondarev <obondarev@mirantis.com>
if a security group has a rule which allow a remote group access,
but this remote group has no IPv4 and IPv6 members, L2 agent
should not clear the remote group in internal cache of sg_members,
because when above rule is deleted, L2 agent can get the remote group
id from the diff of pre_sg_members-sg_members, then destroy the ipset
set for remote group.
Change-Id: I801b14c9f506c5a07f8875b8f9be1b05d181b842
Closes-bug: #1463331
