We are thrilled to announce the release of: neutron 11.0.6: OpenStack Networking This release is part of the pike stable release series. Download the package from: https://tarballs.openstack.org/neutron/ For more details, please see below. 11.0.6 ^^^^^^ New Features * A new config option "bridge_mac_table_size" has been added for Neutron OVS agent. This value will be set on every Open vSwitch bridge managed by the openvswitch-neutron-agent in "other_config :mac-table-size" column in ovsdb. Default value for this new option is set to 50000 and it should be enough for most systems. More details about this option can be found in Open vSwitch documentation (http://www.openvswitch.org/support/dist-docs/ovs- vswitchd.conf.db.5.html) For more information see bug 1775797 (https://bugs.launchpad.net/neutron/+bug/1775797). Changes in neutron 11.0.5..11.0.6 --------------------------------- bdbcf56 DVR: Avoid address scope rules for dvr_no_external agents 6b701e6 Don't uninstall flow tables in setup_dvr_flows_on_integ_br 3eaaf07 [Functional] Increase test_timeout for db migration tests 44ed7e5 Fix dvr ha router gateway goes wrong host 020d745 Revert "DVR: Inter Tenant Traffic between networks not possible with shared net" 9481da1 DVR-HA: Configure extra routes on router namespace in dvr_snat node eb7bb07 Revert "DVR: Add error handling for get_network_info_for_id rpc call" f26eed6 [Functional] Increase test_timeout for db migration tests c78b80b Fix bash cmd used in scenario trunk tests 8b57a6d Fix corner case in failure assigning MAC to SR-IOV NIC 5a91c6d Don't skip DVR port while neutron-openvswitch-agent is restared. 77152ee DVR: Fix mac format for backward compatibility with vsctl api 58aaff6 Do not install centralized FIP if HA port is down 04b7f80 Parse dhcp leases file in a more robust way c5f3bc2 import zuul job settings from project-config 5843387 ovsdb monitor: do not die on ovsdb-client stderr output 8804486 Revert "DVR: Fix allowed_address_pair IP, ARP table update by neutron agent" 9189ade [OVS] Shut down the port on changing the admin-state to false dbd6dbb tests: Add decorator to mark unstable tests 1ba5e69 l2 pop: check for more than 1 first active port on a node 6a8a1f8 Add iptables metadata marking rule on router init 64a9d41 Trivial: avoid KeyError while processing ports f41287b Wait until all router ports are DOWN before migration 5be3950 Remove fdb entries for ha router interfaces when going DOWN cefafe3 get_subnet_for_dvr returns SNAT mac instead of distributed gateway in subnet_info 9cb7643 DVR: Add IPv6 csnat port address correctly c49cc2c Reduce qos rpc times on the ovs-agent side 27519e8 Use older keepalived version in functional tests e44b431 Make dvr router port creation retriable 6aada38 Retry dhcp_release on failures ac6ae10 Refactor DVR HA migarations DB operations 988ecea Disallow router interface out of subnet IP range f591c89 Skip MTU check during deletion of Networks be7267a Fix fwaas v1 configuration doc ed4a70c Add list of all working DSCP marks 00998f6 Reduce IP address collision during port creating e5584db [Fullstack] HA L3 agent restart only standby agents ee1ae8b Set trusted port only once in iptables firewall driver 45ae2e4 Fix UT BridgeLibTest when IPv6 is disabled a7c9352 DVR: Self recover from the loss of 'fg' ports in FIP Namespace 3cfa987 DVR: FIP gateway port is tagged as DEAD port by OVS with external-bridge e6c6351 Dropping radvd process privileges 5522da6 [Fullstack] Change time waiting for async ping results a6ee16d This patch changes the CT zone allocation range e123bd7 Iptables firewall driver adds forward rules for trusted ports 073b44b [Scenario tests] Try longer SSH timeout for ubuntu image 44b159a [OVS] Add mac-table-size to be set on each ovs bridge 74a8a70 Enable dns_domain_ports extension in tempest config eb7ee4d Don't set administratively disabled ports as ACTIVE a4f9135 Windows: fix exec calls b22a9d5 Fix race condition with enabling SG on many ports at once a423322 Use rally 0.12.1 release for stable/pike branch. 5e96713 Add/rm centralized fips for DVR+HA from standby node 18a2f9b Fix DVR scheduling checks wrong profile for host cb0afda Handle AgentNotFoundByTypeHost exception properly cdcc704 [OVS] Fix for cleaning after skipped_devices 0adc910 Fix Port OVO filtering based on security groups e8a9cc1 [Fullstack] Add block test until IPs will be really configured 28e5996 [Fullstack] Wait for SG to be applied by L2 agent ba9fd19 Disable IPv6 forwarding by default on HA routers 0dfc7ef test_security_groups: Randomize SG names a06e6b2 Fix meter-label-rule creation 29e0c76 Refresh router objects after port binding cf14d20 DVR: Restarting l3 agent loses centralized fip ip on qg-interface e36c6b6 DVR: Add error handling for get_network_info_for_id rpc call 6956821 DVR: Inter Tenant Traffic between networks not possible with shared net Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 155 +++++- neutron/agent/common/ovs_lib.py | 5 + neutron/agent/l2/extensions/qos.py | 3 +- neutron/agent/l3/dvr.py | 4 +- neutron/agent/l3/dvr_edge_ha_router.py | 18 +- neutron/agent/l3/dvr_fip_ns.py | 10 +- neutron/agent/l3/dvr_local_router.py | 68 ++- neutron/agent/l3/ha_router.py | 7 +- neutron/agent/l3/namespaces.py | 5 +- neutron/agent/l3/router_info.py | 18 +- neutron/agent/linux/dhcp.py | 93 +++- neutron/agent/linux/ip_conntrack.py | 9 +- neutron/agent/linux/ip_lib.py | 7 + neutron/agent/linux/iptables_comments.py | 1 + neutron/agent/linux/iptables_firewall.py | 38 +- neutron/agent/linux/ovsdb_monitor.py | 2 +- neutron/agent/linux/ra.py | 11 +- neutron/agent/metadata/driver.py | 12 - neutron/agent/resource_cache.py | 2 +- neutron/agent/securitygroups_rpc.py | 16 +- neutron/agent/windows/utils.py | 39 +- neutron/agent/windows/winutils.py | 606 --------------------- neutron/api/rpc/handlers/l3_rpc.py | 12 +- neutron/common/eventlet_utils.py | 8 +- neutron/conf/agent/ovs_conf.py | 7 + neutron/db/l3_agentschedulers_db.py | 8 +- neutron/db/l3_db.py | 56 +- neutron/db/l3_dvr_db.py | 84 +-- neutron/db/l3_dvrscheduler_db.py | 9 +- neutron/db/l3_hamode_db.py | 58 +- neutron/ipam/drivers/neutrondb_ipam/driver.py | 5 +- neutron/objects/ports.py | 22 + neutron/plugins/ml2/drivers/l2pop/mech_driver.py | 40 +- .../drivers/mech_sriov/agent/sriov_nic_agent.py | 5 +- .../openvswitch/agent/ovs_dvr_neutron_agent.py | 29 +- .../drivers/openvswitch/agent/ovs_neutron_agent.py | 8 +- neutron/plugins/ml2/plugin.py | 7 +- neutron/plugins/ml2/rpc.py | 20 +- neutron/privileged/agent/linux/ip_lib.py | 3 +- .../metering/drivers/iptables/iptables_driver.py | 4 +- .../l3_router/test_l3_dvr_router_plugin.py | 12 +- .../unit/agent/l3/test_l3_agent_extension_api.py | 6 +- .../unit/agent/linux/test_iptables_firewall.py | 113 +++- .../plugins/ml2/drivers/l2pop/test_mech_driver.py | 149 +++++ .../mech_sriov/agent/test_sriov_nic_agent.py | 29 + .../openvswitch/agent/test_ovs_neutron_agent.py | 78 ++- .../unit/scheduler/test_l3_agent_scheduler.py | 51 +- .../services/metering/drivers/test_iptables.py | 38 +- ...-table-size-config-option-d255d5208650f34b.yaml | 14 + tools/configure_for_func_testing.sh | 6 + 92 files changed, 2814 insertions(+), 1103 deletions(-)