We are delighted to announce the release of: neutron 18.6.0: OpenStack Networking This release is part of the wallaby stable release series. The source is available from: https://opendev.org/openstack/neutron Download the package from: https://tarballs.openstack.org/neutron/ Please report issues through: https://bugs.launchpad.net/neutron/+bugs For more details, please see below. 18.6.0 ^^^^^^ New Features ************ * After the port is considered as provisioned, the Nova port binding update could have not been received, leaving the port as not bound. Now the port provisioning method has an active wait that will retry several times, waiting for the port binding update. If received, the port status will be set as active if the admin state flag is set. * A new script to remove the duplicated port bindings was added. This script will list all "ml2_port_bindings" records in the database, finding those ones with the same port ID. Then the script removes those ones with status=INACTIVE. This script is useful to remove those leftovers that remain in the database after a failed live migration. It is important to remark that this script should not be executed during any live migration process. * Add "use_random_fully" setting to allow an operator to disable the iptables random-fully property on an iptable rules. Known Issues ************ * If the "use_random_fully" setting is disabled, it will prevent random fully from being used and if there're 2 guests in different networks using the same source_ip and source_port and they try to reach the same dest_ip and dest_port, packets might be dropped in the kernel do to the racy tuple generation . Disabling this setting should only be done if source_port is really important such as in network firewall ACLs and that the source_ip are never repeating within the platform. Upgrade Notes ************* * The default value for the "metadata_workers" configuration option has changed to 0 for the ML2/OVN driver. Since [OVN] Allow to execute "MetadataProxyHandler" in a local thread (https://review.opendev.org/c/openstack/neutron/+/861649), the OVN metadata proxy handler can be spawned in the same process of the OVN metadata agent, in a local thread. That reduces the number of OVN SB database connections to one. Bug Fixes ********* * Support for the extensions "dns_domain_ports" and "subnet_dns_publish_fixed_ip" belonging to the DNS integration is now properly announced by the OVN driver. See bug 1947127 (https://bugs.launchpad.net/neutron/+bug/1947127) * Fixes an issue in the ML2/OVN driver where the network segment tag was not being updated in the OVN Northbound database. For more information, see bug 1944708 (https://bugs.launchpad.net/neutron/+bug/1944708). Changes in neutron 18.5.0..18.6.0 --------------------------------- 93e7091a13 [OVN] Set the default OVN metadata worker number to 0 1b2c6c1272 update the nova host aggregates links 9d826bc77a Disable in-band management for bridges before setting up controllers 049435eeab [OVN] Avoid deadlock when cleaning hash ring nodes 473af223fd [L3HA] Don't update HA router's ports if router isn't active on agents 1197d8e735 Allow to pass EUI64 IP address as fixed ip for the port 80d1e81049 Fix ipam_pluggable_backend unit tests module 6b7fbf9495 Execute "IpMonitorTestCase" tests always inside a namespace a8261f8fb3 Split Hash Ring probing from the maintenance task 14190a612f [OVN] Allow to execute ``MetadataProxyHandler`` in a local thread b96886b9ea [stable-only] Add writer DB context to "add_provisioning_component" 8b1ec76321 Script to remove duplicated port bindings 9c99dfa089 fix: Fix url of Floodlight 00efb17f00 Use "OVNMechDriver" instance in "TestOvn[Nb|Sb]IdlNotifyHandler" 1c0c03eaac Handle several dhcp agents for metadata over ipv6 733ef4f2d8 Do not allow a tenant to create a default SG for another one 4b6a8a2157 [OVN] Rate limit the "Disallow caching" log from hash ring c35aed1b30 Migration revert plan 1f4dc75963 Fix indentation issue in wait_for_change override 4c76a53494 Fix list of DNS extensions supported by OVN 059d14a4a6 Revert "[OVN] Set NB/SB "connection" inactivity probe" b5e9148cc7 Retry connections to Nova 8e9ef2d653 Add an active wait during the port provisioning event 62862df103 [ovn] Specify port type if it's a router port when updating 336bb4d3fc Allow operator to disable usage of random-fully d0592d06e8 Bump revision number of objects when description is changed fe645cefe6 [OVN] Remove ACLs with remote SG during deletion of SG a6432b3943 ovn: Don't fail db sync if new IP allocation fails for metadata 012151c6ea Mellanox_eth.img url expires, remove the mellanox_eth.img node 529b5f9f28 [OVN] Fix updating network segmentation ID 6dc54d23c7 Clean up db residual record from dvr port 2e2f1d6cd4 [ovn]Change LogicalSwitchPortUpdateUpEvent old conditions b9fb76e57f Add workaround for eventlet.greendns bug 301c4cdbed Port update will trigger less notifications to the DHCP agents 868427c104 Test: mock out _check_netfilter_for_bridges in unit tests b183e12fdc functional: Add debug messages around OVN services 74b1ec280e [ovn][metadata] Remove metadata readiness mechanism 80d408cd96 ovn: Wait for northd in functional tests Diffstat (except docs and test files) ------------------------------------- .../contributor/internals/live_migration.rst | 21 +++ .../contributor/internals/ovn/metadata_api.rst | 28 +-- neutron/agent/common/ovs_lib.py | 19 ++- neutron/agent/common/utils.py | 54 ++++-- neutron/agent/dhcp/agent.py | 2 +- neutron/agent/linux/iptables_manager.py | 4 + neutron/agent/ovn/metadata/agent.py | 42 +---- neutron/agent/ovn/metadata/server.py | 14 +- .../api/rpc/agentnotifiers/dhcp_rpc_agent_api.py | 27 ++- neutron/api/rpc/handlers/l3_rpc.py | 17 +- neutron/cmd/remove_duplicated_port_bindings.py | 71 ++++++++ neutron/common/config.py | 3 + neutron/common/ovn/constants.py | 1 + neutron/common/ovn/extensions.py | 4 + neutron/common/ovn/hash_ring_manager.py | 15 +- neutron/common/ovn/utils.py | 20 --- neutron/conf/agent/common.py | 3 + neutron/conf/common.py | 13 ++ neutron/db/ipam_pluggable_backend.py | 14 +- neutron/db/l3_dvrscheduler_db.py | 10 +- neutron/db/provisioning_blocks.py | 1 + neutron/db/securitygroups_db.py | 4 + neutron/notifiers/nova.py | 12 ++ neutron/objects/ports.py | 9 + neutron/plugins/ml2/db.py | 18 ++ .../agent/openflow/native/ovs_bridge.py | 34 ++-- .../ml2/drivers/ovn/mech_driver/mech_driver.py | 151 ++++++----------- .../drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py | 27 +-- .../drivers/ovn/mech_driver/ovsdb/ovn_client.py | 16 ++ .../drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py | 9 +- .../drivers/ovn/mech_driver/ovsdb/ovsdb_monitor.py | 3 +- neutron/plugins/ml2/plugin.py | 97 +++++++---- neutron/services/revisions/revision_plugin.py | 33 +++- .../agent/ovn/metadata/test_metadata_agent.py | 17 +- .../drivers/ovn/mech_driver/ovsdb/test_impl_idl.py | 7 - .../drivers/ovn/mech_driver/test_mech_driver.py | 188 +++++++++++++++------ .../linux/openvswitch_firewall/test_iptables.py | 16 +- .../rpc/agentnotifiers/test_dhcp_rpc_agent_api.py | 40 ++++- .../unit/common/ovn/test_hash_ring_manager.py | 11 +- .../agent/openflow/native/ovs_bridge_test_base.py | 7 +- .../openvswitch/agent/test_ovs_neutron_agent.py | 5 +- .../ovn/mech_driver/ovsdb/test_impl_idl_ovn.py | 48 ------ .../ovn/mech_driver/ovsdb/test_ovsdb_monitor.py | 80 +++++---- .../drivers/ovn/mech_driver/test_mech_driver.py | 88 +++++----- .../services/revisions/test_revision_plugin.py | 16 ++ ...d-port-provisioning-retry-8edf16a258b164a0.yaml | 8 + .../fix-ovn-dns-extensions-d94ec25d20714b20.yaml | 6 + .../ovn-metadata-workers-fa8a2019f34bd572.yaml | 9 + .../notes/ovn-update-vlan-id-749d8f17999243f5.yaml | 7 + ...-duplicated-port-bindings-83b58060f3adb403.yaml | 10 ++ .../notes/use_random_fully-527b20bc524c308a.yaml | 15 ++ setup.cfg | 1 + .../tripleo_environment/ovn_migration.sh | 35 +++- .../playbooks/ovn-migration.yml | 17 ++ .../tripleo_environment/playbooks/revert.yml | 4 + .../roles/recovery-backup/defaults/main.yml | 12 ++ .../playbooks/roles/recovery-backup/tasks/main.yml | 68 ++++++++ .../playbooks/roles/revert/tasks/main.yml | 29 ++++ tox.ini | 1 + 79 files changed, 1348 insertions(+), 734 deletions(-)