[release-announce] neutron 15.1.0 (train)
no-reply at openstack.org
no-reply at openstack.org
Wed May 27 10:42:24 UTC 2020
We are thrilled to announce the release of:
neutron 15.1.0: OpenStack Networking
This release is part of the train stable release series.
The source is available from:
https://opendev.org/openstack/neutron
Download the package from:
https://tarballs.openstack.org/neutron/
Please report issues through:
https://bugs.launchpad.net/neutron/+bugs
For more details, please see below.
15.1.0
^^^^^^
New Features
************
* Adds support for configuring a list of IPv6 addresses for a dhcp-
host entry in the dnsmasq DHCP agent driver. For a port with
multiple IPv6 fixed-ips in the same subnet a single dhcp-host entry
including all the addresses are written to the dnsmasq dhcp-
hostsfile.
Reserving multiple addresses for a host eases problems related to
network and chain-booting where each step in the boot process
requests an address using different DUID/IAID combinations. With a
single address, only one gets the "static" address and the boot
process will fail on the following steps. By reserving enough
addresses for all the stages of the boot process this problem is
resolved. (See bug: #1861032
(https://bugs.launchpad.net/neutron/+bug/1861032))
Note: This requires dnsmasq version 2.81 or later. Some
distributions may backport this feauture to earlier dnsmasq
version as part of the packaging, check the distributions
releasenotes.Since the new configuration format is invalid in
previous versions of dnsmasq this feauture is *disabled* by
default. To *enable* the feature set the option
"dnsmasq_enable_addr6_list" in DHCP agent configuration to "True".
Upgrade Notes
*************
* SR-IOV agent code no longer supports old kernels (<3.13) for
MacVtap ports. This change is not expected to affect existing
deployments since most OS distributions already have the relevant
kernel patches. In addition, latest major release of all Supported
distributions already have a newer kernel.
Deprecation Notes
*****************
* Abstract method "plug_new" from the
neutron.agent.linux.interface.LinuxInterfaceDriver class now accepts
an optional parameter "link_up". Usage of this method, which takes
from 5 to 9 positional arguments, without "link_up" is now
deprecated and will not be possible starting in the W release.
Third-party drivers which inherit from this base class should update
the implementation of their "plug_new" method.
Security Issues
***************
* A change was made to the metadata proxy to not allow a user to
override header values, it will now always insert the correct
information and remove unnecessary fields before sending requests to
the metadata agent. For more information, see bug 1865036
(https://bugs.launchpad.net/neutron/+bug/1865036).
Bug Fixes
*********
* Fixed an issue where the client on a dual-stack (IPv4 + IPv6)
network failed to get configuration from the dnsmasq DHCP server.
See bug: 1876094 (https://launchpad.net/bugs/1876094).
* Fixed an issue where IP allocation for IPv6 stateless subnets
would allocate on invalid subnets when segments are used. Auto-
addressing now filters on segment ids when allocating IP addresses.
See bugs: #1864225
(https://bugs.launchpad.net/neutron/+bug/1864225), #1864333
(https://bugs.launchpad.net/neutron/+bug/1864333), #1865138
(https://bugs.launchpad.net/neutron/+bug/1865138).
* Fixes an issue that the OVS firewall driver does not configure
security group rules using remote group properly when a
corresponding remote group has no port on a local hypervisor. For
more information see bugs: 1862703
(https://bugs.launchpad.net/neutron/+bug/1862703) and 1854131.
Changes in neutron 15.0.2..15.1.0
---------------------------------
9c242a0329 Allow usage of legacy 3rd-party interface drivers
8b22d2b6b4 Add Rocky milestone tag for alembic migration revisions
965be1b00b Report L3 extensions enabled in the L3 agent's config
00dca13b66 Use dhcp-host tag support when supported
528a9ce0a0 Use effective MAC address for macvtap assigned VFs
fa3e1c629f SR-IOV: macvtap assigned vf check using sysfs
ebae3602e7 Cap pycodestyle to be < 2.6.0
25efa34a8a Router synch shouldn't return unrelated routers
c19b9d8ad6 Adding LOG statements to debug 1838449
9cae1e4660 Monkey patch original current_thread _active
b019821abd Use dict .get() to avoid a KeyError in the segment plugin
4ef96cafa3 Replace ctype.CDLL by ctypes.PyDLL in linux.ip_lib
c945e5ccba Workaround in NetworkSegmentRange OVO until "project_id" migration
afd6b2f5ae Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs
f900561550 Set a default IP route metric in ip_lib.list_ip_routes
56cf98d52e Filter subnet by segment ID or None
f2d234e459 [L3 HA] Add "no_track" option to VIPs in keepalived config
a57feaf936 Load the glibc library only once for Pyroute2
b1811dc1bb Increase log information when a RootHelperProcess fails
222beb3a8d Default (shared) network segment range is not mandatory
f23fa9af8b Improve port retrieval when validating auto address
476bb78067 "keepalived_state_change" needs to use threading to send arping
026790adf9 Add rootwrap filter rule for radvd-kill script
478e20a61f Replace "ip monitor" command with Pyroute2 implementation
d3905264b7 Filter by owner SGs when retrieving the SG rules
62cbdfbaa2 Check tc_lib.add_tc_policy_class input parameters
c368674874 Ensure netlink.nla_slot tuple key is a string
7ce6a5c740 Fix return correct cache when reusing port
92f1521353 Increase waiting time for network rescheduling
1bf64726fa Prioritize port create and update ready messages
8657983c6d Use threads insted of greethreads in IP monitor
fe62f4db26 Do not link up HA router gateway in backup node
c09f191419 Neutron ovs agent: Removing SmartNIC OVS representor port on instance tear down and resync
d71d5e1f8d Add trunk subports to be one of dvr serviced device owners
92b2d9c25a Wait before deleting trunk bridges for DPDK vhu
a8e526bb0f Revert "Switch to use cast method in dhcp_ready_on_ports method"
22df469504 [OvS] Handle re_added multi ports
141bbe5e2f [DVR] Don't populate unbound ports in router's ARP cache
b38dc02d74 Use rally-openstack 1.7.0 for stable/train
4991325054 ovsdb monitor: handle modified ports
26ddb076b8 Reno only - Make stateless allocation segment aware
259049e25e Deny delete last slaac subnet with allocation on segment
c4264b7ded subnet create - segment aware auto-addr allocation
16687e39b6 Filter subnets on fixed_ips segment
842d6318c9 Register DNSMASQ_OPTS in functional sanity tests
03e88cd72a DHCPv6 - Use addr6_list in dnsmasq
bbe401aaf9 Fix queries to retrieve allocations with network_segment_range
651eb12bec Improve VLAN allocations synchronization
8166b1be44 Add "project_id" filter when changing the network segmentation ID
bcc4f98a3d Remove extra header fields in proxied metadata requests
a025723e8a Ensure that default SG exists during list of SG rules API call
a56f11222a Do not initialize snat-ns twice
13f2e1344a Re-use existing ProcessLauncher from wsgi in RPC workers
fb06c497a6 Check SG members instead of ports to skip flow update
bc0ab0fcd7 ovs agent: signal to plugin if tunnel refresh needed
e894904a7d dhcp-agent: equalize port create_low/update/delete priority
Diffstat (except docs and test files)
-------------------------------------
.zuul.yaml | 3 +-
etc/neutron/rootwrap.d/l3.filters | 1 +
neutron/agent/common/ovsdb_monitor.py | 16 +-
neutron/agent/dhcp/agent.py | 44 ++-
neutron/agent/l3/agent.py | 3 +-
neutron/agent/l3/dvr_edge_ha_router.py | 8 +-
neutron/agent/l3/dvr_edge_router.py | 10 +-
neutron/agent/l3/ha.py | 9 +
neutron/agent/l3/ha_router.py | 46 +++-
neutron/agent/l3/keepalived_state_change.py | 93 ++++---
neutron/agent/l3/router_info.py | 20 +-
neutron/agent/linux/dhcp.py | 151 +++++++---
neutron/agent/linux/interface.py | 51 +++-
neutron/agent/linux/ip_lib.py | 58 ++--
neutron/agent/linux/ip_monitor.py | 86 ------
neutron/agent/linux/keepalived.py | 22 +-
.../agent/linux/openvswitch_firewall/firewall.py | 2 +-
neutron/agent/linux/tc_lib.py | 50 +++-
neutron/agent/metadata/agent.py | 39 ++-
neutron/agent/metadata/driver.py | 7 +-
.../api/rpc/agentnotifiers/dhcp_rpc_agent_api.py | 4 +-
neutron/api/rpc/handlers/l3_rpc.py | 7 +
neutron/cmd/runtime_checks.py | 11 +
neutron/cmd/sanity/checks.py | 16 ++
neutron/common/_constants.py | 3 +
neutron/common/cache_utils.py | 26 +-
neutron/common/eventlet_utils.py | 6 +
neutron/common/utils.py | 4 +-
neutron/conf/agent/dhcp.py | 3 +
neutron/db/db_base_plugin_v2.py | 18 +-
neutron/db/ipam_backend_mixin.py | 5 +-
neutron/db/ipam_pluggable_backend.py | 23 +-
neutron/db/l3_dvr_db.py | 16 +-
neutron/db/l3_dvrscheduler_db.py | 16 +-
.../rocky/expand/867d39095bf4_port_forwarding.py | 5 +
neutron/db/models/plugins/ml2/geneveallocation.py | 8 +
.../models/plugins/ml2/gre_allocation_endpoints.py | 8 +
neutron/db/models/plugins/ml2/vlanallocation.py | 8 +
neutron/db/models/plugins/ml2/vxlanallocation.py | 8 +
neutron/db/securitygroups_db.py | 13 +
neutron/objects/network_segment_range.py | 97 ++++++-
neutron/objects/plugins/ml2/base.py | 42 +++
neutron/objects/plugins/ml2/flatallocation.py | 4 +-
neutron/objects/plugins/ml2/geneveallocation.py | 9 +-
neutron/objects/plugins/ml2/greallocation.py | 9 +-
neutron/objects/plugins/ml2/vlanallocation.py | 37 ++-
neutron/objects/plugins/ml2/vxlanallocation.py | 9 +-
neutron/objects/ports.py | 7 +
neutron/objects/securitygroup.py | 20 ++
neutron/objects/subnet.py | 45 ++-
neutron/plugins/ml2/drivers/helpers.py | 142 +++-------
.../linuxbridge/agent/linuxbridge_neutron_agent.py | 3 +-
.../drivers/mech_sriov/agent/common/exceptions.py | 6 +-
.../drivers/mech_sriov/agent/eswitch_manager.py | 93 ++++---
.../ml2/drivers/mech_sriov/agent/pci_lib.py | 40 +--
.../drivers/openvswitch/agent/ovs_neutron_agent.py | 126 ++++++---
neutron/plugins/ml2/drivers/type_vlan.py | 53 ++--
neutron/plugins/ml2/managers.py | 4 +-
neutron/privileged/agent/linux/ip_lib.py | 47 +++-
neutron/server/wsgi_eventlet.py | 2 +-
neutron/service.py | 17 +-
neutron/services/segments/exceptions.py | 4 +
neutron/services/segments/plugin.py | 51 +++-
.../drivers/openvswitch/agent/ovsdb_handler.py | 3 +
.../agent/l3/bin/cmd_keepalived_state_change.py | 22 ++
.../agent/l3/test_keepalived_state_change.py | 215 ++++++++-------
.../functional/agent/linux/test_ip_monitor.py | 67 -----
.../openvswitch/agent/test_ovsdb_handler.py | 3 +-
.../linux/openvswitch_firewall/test_firewall.py | 19 +-
.../objects/plugins/ml2/test_geneveallocation.py | 6 +-
.../unit/objects/plugins/ml2/test_greallocation.py | 6 +-
.../objects/plugins/ml2/test_vlanallocation.py | 6 +-
.../objects/plugins/ml2/test_vxlanallocation.py | 6 +-
.../unit/objects/test_network_segment_range.py | 206 ++++++++++++--
.../agent/test_linuxbridge_neutron_agent.py | 3 +-
.../mech_sriov/agent/test_eswitch_manager.py | 159 ++++++-----
.../ml2/drivers/mech_sriov/agent/test_pci_lib.py | 40 +--
.../mech_sriov/agent/test_sriov_nic_agent.py | 18 --
.../openvswitch/agent/test_ovs_neutron_agent.py | 306 ++++++++++++++-------
.../unit/plugins/ml2/drivers/test_type_vlan.py | 18 ++
.../unit/privileged/agent/linux/test_ip_lib.py | 9 +-
neutron/wsgi.py | 6 +
...without-link_up-parameter-27f8310eb1e1910a.yaml | 10 +
...p-host-addr6-list-support-45d104b3f7ce220e.yaml | 25 ++
...k-issue-with-dnsmasq-2.81-c95a46e4f4459bd1.yaml | 6 +
...-allocation-with-segments-b90e99a30d096c9d.yaml | 9 +
...ity-group-no-port-on-host-9177e66d4b16e90c.yaml | 8 +
...roxy-header-vulnerability-60c44eb7c76d560c.yaml | 8 +
...rnel-3.13-removed-support-8bb00902dd607746.yaml | 8 +
test-requirements.txt | 2 +-
119 files changed, 2925 insertions(+), 1152 deletions(-)
Requirements updates
--------------------
diff --git a/test-requirements.txt b/test-requirements.txt
index c8f3f91857..9f87ab69c4 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -10 +10 @@ flake8-import-order==0.12 # LGPLv3
-pycodestyle>=2.0.0 # MIT
+pycodestyle>=2.0.0,<2.6.0 # MIT
More information about the Release-announce
mailing list