[release-announce] neutron 15.0.2 (train)

no-reply at openstack.org no-reply at openstack.org
Tue Feb 18 11:32:59 UTC 2020


We are satisfied to announce the release of:

neutron 15.0.2: OpenStack Networking

This release is part of the train stable release series.

The source is available from:

    https://opendev.org/openstack/neutron

Download the package from:

    https://tarballs.openstack.org/neutron/

Please report issues through:

    https://bugs.launchpad.net/neutron/+bugs

For more details, please see below.

15.0.2
^^^^^^


Upgrade Notes
*************

* For users affected by bug 1853840
  (https://launchpad.net/bugs/1853840) the hypervisor name now can be
  set per physical network device in config option
  "resource_provider_hypervisors" which is located in the "[ovs]" ini-
  section for "ovs-agent" and "[sriov_nic]" ini-section for "sriov-
  agent". Hypervisor names default to "socket.gethostname()" which
  works out of the box with "libvirt" even when the "DEFAULT.host"
  config option is set to a non-default value.


Bug Fixes
*********

* Bug https://bugs.launchpad.net/neutron/+bug/1732067 described a
  flooding issue on the neutron-ovs-agent integration bridge. And bug
  https://bugs.launchpad.net/neutron/+bug/1841622 proposed a solution
  for it. The accepted egress packets will be taken care in the final
  egress tables (61 when openflow firewall is not enabled, table 94
  otherwise) with direct output flows for unicast traffic with a
  minimum influence on the existing cloud networking. A new config
  option "explicitly_egress_direct", with default value False, was
  added for the aim of distinguishing clouds which are running the
  network node mixed with compute services, upstream neutron CI should
  be an example. In such situation, this "explicitly_egress_direct"
  should be set to False, because there are numerous cases from HA
  routers which can not be covered, particularly when you have
  centralized floating IPs running in such mixed hosts. Otherwise, set
  "explicitly_egress_direct" to True to avoid the flooding. One more
  note is if your network nodes are for networing services only, we
  recommand you disable all the security_group to get a higher
  performance.

* Neutron now locates the root resource provider of the resource
  provider tree it creates by using the hypervisor name instead of the
  hostname. These are different in rare cases only. The hypervisor
  name can be set per physical network device in config option
  "resource_provider_hypervisors" which is located in the "[ovs]" ini-
  section for "ovs-agent" and "[sriov_nic]" ini-section for "sriov-
  agent". Hypervisor names default to "socket.gethostname()" which
  works out of the box with "libvirt" even when the "DEFAULT.host"
  config option is set to a non-default value. We believe this change
  fixes bug 1853840 (https://launchpad.net/bugs/1853840).

* Owners of security groups now see all security group rules which
  belong to the security group, even if the rule was created by the
  admin user. Fixes bug 1824248
  (https://bugs.launchpad.net/neutron/+bug/1824248).


Other Notes
***********

* When the "enable_distributed_routing" (DVR) configuration option
  is set to "True" and tunneling is enabled, the "arp_responder"
  option will be forced to "True" since it is now required in order
  for ARP to work properly. For more information, see bug 1774459
  (https://bugs.launchpad.net/neutron/+bug/1774459).

Changes in neutron 15.0.1..15.0.2
---------------------------------

503bbdab87 [OVS] Handle added/removed ports in the same polling iteration
3ddba37ccc Unnecessary routers should not be created
9db46c5794 Reset timeout exception in DietTestCase when retrying
1e59a9f6db Remove sleep command when retrieving OVS dp
967d3dea91 Check "security_group_rule" quota during security group creation
9e8bdef93c Randomize BaseFullStackTestCase._find_available_ips
c36f1fc292 Remove one of iptables_hybrid jobs
a618a26bf4 Ensure driver error preventing trunk port deletion is logged
79ea54b21d Allow to kill keepalived state change monitor process
6c1cf88667 Add accepted egress direct flow
135e37ea52 Fix bug number in release note
8ec0c2d865 Add retries to update trunk port
f5354f5343 [L3] Switch order of processing added and removed router ports
dc8c1deeee Force arp_responder to True when DVR and tunneling enabled
8680863ae9 Check mtu on network update
9a6766470e Locate RP-tree parent by hypervisor name
124680084c Use "via" in gateway dictionary in Linux Bridge agent
a1237df19e don't clear skb mark when ovs is hw-offload enabled
6d9aae2ab3 Cap hacking in test-requirements.txt
d1c4ba5810 Use constraints for docs tox target
a6b55d760b List SG rules which belongs to tenant's SG


Diffstat (except docs and test files)
-------------------------------------

.zuul.yaml                                         |   7 -
.../contributor/testing/ci_scenario_jobs.rst       |   5 -
etc/neutron/rootwrap.d/l3.filters                  |  16 +-
neutron/agent/common/ovs_lib.py                    |  14 +-
neutron/agent/common/placement_report.py           |  61 +++---
neutron/agent/common/utils.py                      |  24 +++
neutron/agent/l3/router_info.py                    |  20 +-
neutron/agent/linux/ip_lib.py                      |   2 +-
.../agent/linux/openvswitch_firewall/firewall.py   | 136 +++++++++++++-
neutron/agent/securitygroups_rpc.py                |   4 +
.../plugins/ml2/drivers/mech_sriov/agent_common.py |   9 +
neutron/conf/plugins/ml2/drivers/ovs_conf.py       |  21 ++-
neutron/conf/policies/security_group.py            |  16 +-
neutron/db/l3_dvrscheduler_db.py                   |  10 +-
neutron/db/securitygroups_db.py                    |  24 ++-
.../linuxbridge/agent/linuxbridge_neutron_agent.py |   4 +-
.../drivers/mech_sriov/agent/sriov_nic_agent.py    |  13 +-
.../drivers/openvswitch/agent/common/constants.py  |   2 +
.../openvswitch/agent/openflow/native/br_int.py    |  10 +-
.../openvswitch/agent/openflow/native/ofswitch.py  |   5 +-
.../openvswitch/agent/ovs_dvr_neutron_agent.py     |  56 +++---
.../drivers/openvswitch/agent/ovs_neutron_agent.py | 208 +++++++++++++++++----
neutron/plugins/ml2/plugin.py                      |   3 +-
neutron/policy.py                                  |   3 +-
neutron/services/placement_report/plugin.py        |  34 +++-
neutron/services/trunk/plugin.py                   |  16 +-
neutron/services/trunk/rpc/server.py               |  44 +++--
.../unit/agent/common/test_placement_report.py     |  54 +++++-
.../linux/openvswitch_firewall/test_firewall.py    |  60 +++++-
.../agent/test_linuxbridge_neutron_agent.py        |   2 +-
.../mech_sriov/agent/test_sriov_nic_agent.py       |  14 +-
.../agent/openflow/native/test_br_int.py           |  28 ++-
.../openvswitch/agent/test_ovs_neutron_agent.py    | 161 +++++++++-------
.../drivers/openvswitch/agent/test_ovs_tunnel.py   |   9 +-
.../unit/scheduler/test_l3_agent_scheduler.py      |   5 +
.../unit/services/placement_report/test_plugin.py  |  33 +++-
.../accepted_egress_direct-cc23873e213c6919.yaml   |  20 ++
...rp-responder-true-for-dvr-5aabbfa51945dd5a.yaml |   8 +
...parent-by-hypervisor-name-3244ed87dc57f950.yaml |  23 +++
...-for-security-group-owner-6635dd3e4c6ab5ee.yaml |   6 +
test-requirements.txt                              |   2 +-
tox.ini                                            |   5 +-
55 files changed, 1092 insertions(+), 301 deletions(-)


Requirements updates
--------------------

diff --git a/test-requirements.txt b/test-requirements.txt
index 3aaac91e36..c8f3f91857 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -4 +4 @@
-hacking>=1.1.0 # Apache-2.0
+hacking>=1.1.0,<1.2.0 # Apache-2.0






More information about the Release-announce mailing list