neutron 14.0.2 (stein)

1 Jul 2019

We are delighted to announce the release of:

neutron 14.0.2: OpenStack Networking

This release is part of the stein stable release series.

The source is available from:

    https://opendev.org/openstack/neutron

Download the package from:

    https://tarballs.openstack.org/neutron/

Please report issues through:

    https://bugs.launchpad.net/neutron/+bugs

For more details, please see below.

14.0.2
^^^^^^


New Features
************

* Added support for custom scripts used to kill external processes
  managed by neutron agents, such as "dnsmasq" or "keepalived". Such
  custom scripts, if defined, will be used instead default "kill"
  command to kill such external processes.


Upgrade Notes
*************

* The first address in an IPv6 network is now a valid, usable IP for
  routers. It had previously been reserved, but now can be assigned to
  a router so that an IPv6 address ending in "::" could be a valid
  default route.


Bug Fixes
*********

* Previously a network's "dns_domain" attribute was ignored by the
  DHCP agent.  With this release, OpenStack deployments using
  Neutron's DHCP agent will be able to specify a per network
  "dns_domain" and have instances configure that domain in their dns
  resolver configuration files (Linux's /etc/resolv.conf) to allow for
  local partial DNS lookups. The per-network "dns_domain" value will
  override the DHCP agent's default "dns_domain" configuration value.
  Note that it's also possible to update a network's "dns_domain", and
  that new value will be propogated to new instances or when instances
  renew their DHCP lease. However, existing leases will live on with
  the old "dns_domain" value.


Other Notes
***********

* In order to improve heavy load ovs agent restart success rate,
  instead a retry or fullsync, the native driver "of_connect_timeout"
  and "of_request_timeout" are now set to 300s. The value does not
  have side effect for the regular pressure ovs agent.

* A new option "[ovs] of_inactivity_probe" has been added to allow
  changing the inactivity probe interval when using the OVS ML2 agent
  with the native OpenFlow driver. Operators can increase this if they
  are experiencing OpenFlow timeouts. The default value is 10 seconds.

Changes in neutron 14.0.1..14.0.2
---------------------------------

e3330b10a9 Release notes for dns_domain behavioural changes
fc8861d9ef Join on explcit relationship paths
4cd7ba7fde DVR: on new port only send router update on port's host
fb2a4c90a1 Revert "Pass network's dns_domain to dnsmasq conf"
ea3aafcad7 Updating bgp driver to match what neutron-dynamic-routing supports
e6cab0f414 rbac: Catch correct exception for duplicated entry
05804a325e Optimize the code that fixes the race condition of DHCP agent.
a48f157db5 SRIOV agent: wait VFs initialization on embedded switch create
aa7893bc1b Reset MAC on unbinding direct-physical port
64fb6dd3e2 Switch to new engine facade for Route objects
702d4b3214 Add kill hooks for external processes
cb172b4c20 improve dvr port update under large scale deployment
a7c9cc870e [DVR] Block ARP to dvr router's port instead of subnet's gateway
690e1824a0 Use list instead of six.viewkeys to avoid py2 to py3 problems
62e0bee820 Support multiple external networks in L3 agent
dc80a2c4e6 Wait to ipv6 accept_ra be really changed by L3 agent
acd081c298 Show all SG rules belong to SG in group's details
5339544a0d [Functional tests] Test keepalived in namespaces
6e661ecd2d Make OVS controller inactivity_probe configurable
89e9c45e86 [DHCP] Don't resync network if same port is alredy in cache
fe4fc33f1c Add update_id for ResourceUpdate
49af575eff Allow first address in an IPv6 subnet as valid unicast
45135364f9 Remove rootwrap configuration from neutron-keepalived-state-change
eded5d2d6a Packets getting lost during SNAT with too many connections
fef6b12bfe Ensure dvr ha router gateway port binding host
68cb1239d2 Async notify neutron-server for HA states
db2d3895d1 Use six.viewkeys instead of dict.keys to avoid py2 to py3 problems
9fc95ca512 Change curl to osc for listing resource provider inventories
5c821a3fcf Keep HA ports info for HA router during entire lifecycle
70e3790210 List ha router count should not include dvr local router
aba4b16ca6 Add RHEL8 platform-python to the L3 rootwrap filters
3b8f7a0179 Don't count ports with inactive bindings as serviceable dvr ports
5d0c27e836 Give some HA router case specific resources
3ed45a4584 Fix handling of network:shared field in policy module
83231738ea Fix creating policy rules from subattributes.
06a91226e8 Fix bandit and sphinx requirements for stable/stein
fd88d5c1aa Move subnet postcommit out of transaction for bulk create
fe09b40d57 Get ports query: extract limit and use it only at the end.
72077c79da Not process port forwarding if no snat functionality
dde99aa719 Revert iptables TCP checksum-fill code
78555ee346 Check master/backup router status in DVR functional tests
4e43ce5414 Set HA failover bridges veth pair devices UP
c9f98e63e3 OpenDev Migration Patch
dc3a314674 Avoid fullstack QoS tests to handle other test ports
ee682138b9 DVR: Correctly change MTU in fip namespace
2aa200bdb9 Choose random value for HA routes' vr_id
d7764064d0 Change default local ovs connection timeout


Diffstat (except docs and test files)
-------------------------------------

.gitreview                                         |   2 +-
.zuul.yaml                                         |  34 ++---
etc/neutron/rootwrap.d/dhcp.filters                |   2 +
etc/neutron/rootwrap.d/dibbler.filters             |   4 +
etc/neutron/rootwrap.d/l3.filters                  |  12 ++
etc/rootwrap.conf                                  |   2 +-
neutron/agent/common/ovs_lib.py                    |   7 +
neutron/agent/common/resource_processing_queue.py  |  22 +++
neutron/agent/dhcp/agent.py                        |  12 +-
neutron/agent/l3/agent.py                          |  33 +++--
neutron/agent/l3/dvr_edge_ha_router.py             |   2 +-
neutron/agent/l3/dvr_edge_router.py                |   6 +-
neutron/agent/l3/dvr_fip_ns.py                     |   9 +-
neutron/agent/l3/dvr_local_router.py               |   7 +-
neutron/agent/l3/extensions/port_forwarding.py     |   4 +
neutron/agent/l3/ha.py                             |   3 +
neutron/agent/l3/ha_router.py                      |  25 +++-
neutron/agent/l3/keepalived_state_change.py        |   2 -
neutron/agent/l3/router_info.py                    |  26 ++--
neutron/agent/linux/dhcp.py                        |  29 ++--
neutron/agent/linux/external_process.py            |  10 +-
neutron/agent/linux/iptables_manager.py            |  21 +++
neutron/agent/linux/keepalived.py                  |   3 +
neutron/agent/metadata/driver.py                   |  14 +-
neutron/api/rpc/handlers/dhcp_rpc.py               |  14 +-
neutron/api/rpc/handlers/l3_rpc.py                 |  11 +-
neutron/common/constants.py                        |   4 +
neutron/common/utils.py                            |   7 +
neutron/conf/agent/common.py                       |   9 ++
neutron/conf/plugins/ml2/drivers/ovs_conf.py       |   9 +-
neutron/conf/policies/port.py                      |  31 ++++-
neutron/db/db_base_plugin_v2.py                    |  12 +-
neutron/db/ipam_backend_mixin.py                   |  11 +-
neutron/db/ipam_pluggable_backend.py               |   5 +
neutron/db/l3_agentschedulers_db.py                |  12 +-
neutron/db/l3_dvrscheduler_db.py                   |  38 +++---
neutron/db/l3_hamode_db.py                         |  31 ++++-
neutron/db/rbac_db_mixin.py                        |   4 +-
neutron/db/securitygroups_db.py                    |   4 +-
neutron/ipam/utils.py                              |  25 ++--
neutron/objects/subnet.py                          |   2 +
neutron/pecan_wsgi/hooks/policy_enforcement.py     |   4 +-
.../drivers/mech_sriov/agent/eswitch_manager.py    |  50 ++++++-
.../agent/openflow/native/ovs_bridge.py            |   1 +
.../openvswitch/agent/ovs_dvr_neutron_agent.py     |   7 +-
neutron/plugins/ml2/plugin.py                      |  21 ++-
neutron/policy.py                                  |  54 +++++++-
.../functional/agent/linux/test_keepalived.py      |  20 ++-
.../l3_router/test_l3_dvr_router_plugin.py         |   4 +-
.../agent/l3/extensions/test_port_forwarding.py    |  16 +++
.../unit/agent/linux/test_external_process.py      |  43 ++++++
.../mech_sriov/agent/test_eswitch_manager.py       |  56 ++++++++
.../agent/openflow/native/ovs_bridge_test_base.py  |   9 +-
.../openvswitch/agent/test_ovs_neutron_agent.py    |  21 ++-
.../unit/scheduler/test_l3_agent_scheduler.py      |  15 +-
.../legacy/neutron-grenade-dvr-multinode/run.yaml  |   8 +-
.../legacy/neutron-grenade-multinode/run.yaml      |   8 +-
playbooks/legacy/neutron-grenade/run.yaml          |   8 +-
.../legacy/neutron-tempest-postgres-full/run.yaml  |   6 +-
.../neutron-tempest-with-os-ken-master/run.yaml    |   6 +-
.../add-custom-kill-scripts-af405ba49142d59c.yaml  |   7 +
...change-of-default-timeout-b09d11683526e27d.yaml |   7 +
.../notes/dns_domain-6f0e628aeb3c650c.yaml         |  14 +-
...v6_first_ip_address_valid-cd94b47bdcc642cf.yaml |   6 +
...tivity-probe-configurable-39d669014d961c5c.yaml |   7 +
test-requirements.txt                              |   2 +-
93 files changed, 1330 insertions(+), 514 deletions(-)


Requirements updates
--------------------

diff --git a/test-requirements.txt b/test-requirements.txt
index c1f849f4c5..3aca6003e0 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -6 +6 @@ hacking>=1.1.0 # Apache-2.0
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0

    

no-reply＠openstack.org

tags

participants (1)