[release-announce] neutron 22.0.1 (antelope)
no-reply at openstack.org
no-reply at openstack.org
Thu Jun 8 14:39:38 UTC 2023
We are pleased to announce the release of:
neutron 22.0.1: OpenStack Networking
This release is part of the antelope release series.
The source is available from:
https://opendev.org/openstack/neutron
Download the package from:
https://tarballs.openstack.org/neutron/
Please report issues through:
https://bugs.launchpad.net/neutron/+bugs
For more details, please see below.
22.0.1
^^^^^^
Known Issues
************
* The high availability of metadata service on isolated networks is
limited or non-existent. IPv4 metadata is redundant when the DHCP
agent managing it is redundant, but recovery is tied to the renewal
of the DHCP lease, making most recoveries very slow. IPv6 metadata
is not redundant at all as the IPv6 metadata address can only be
configured in a single place at a time as it is link-local. Multiple
agents trying to configure it will generate an IPv6 duplicate
address detection failure.
Administrators may observe the IPv6 metadata address in "dadfailed"
state in the DHCP namespace for this reason, which is only an
indication it is not highly available. Until a redesign is made to
the isolated metadata service there is not a better deployment
option. See bug 1953165
(https://bugs.launchpad.net/neutron/+bug/1953165) for information.
* The *redirect-type=bridged* option is only used if all the tenant
networks connected to the router are of type VLAN or FLAT. In this
case their traffic will be distributed. However, if there is a mix
of VLAN/FLAT and geneve networks connected to the same router, the
redirect-type option is not set, and therefore the traffic for the
VLAN/FLAT networks will also be centralized but not tunneled.
Bug Fixes
*********
* 1986003 (https://bugs.launchpad.net/neutron/+bug/1986003) Fixed an
issue with concurrent requests to activate the same port binding
where one of the requests returned a 500 Internal Server Error. With
the fix one request will return successfully and the other will
return a 409 Conflict (Binding already active). This fixes errors in
nova live-migrations where those concurrent requests might be sent.
Nova handles the 409/Conflict response gracefully.
* Fix an issue in the OVN driver where network metadata could become
unavailable if the metadata port was ever deleted, even if
accidental. To re-create the port, a user can now disable, then
enable, DHCP for one of the subnets associated with the network
using the Neutron API. This will try and create the port, similar to
what happens in the DHCP agent for ML2/OVS. For more information,
see bug 2015377
(https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2015377).
* [bug 2003455 (https://bugs.launchpad.net/neutron/+bug/2003455)] As
part of a previous commit
(https://review.opendev.org/c/openstack/neutron/+/875644) the
*redirect-type=bridged* option was set in all the router gateway
ports (cr-lrp ovn ports). However this was breaking the N/S traffic
for geneve tenant networks connected to the provider networks
through those routers with the redirect-type option enabled. To fix
this we ensure that the redirect-type option is only set if all the
networks connected to the router are of VLAN or FLAT type, otherwise
we fall back to the default option. This also means that if there is
a mix of VLAN and geneve tenant networks connected to the same
router, the VLAN traffic will be centralized (but not tunneled). If
the traffic for the VLAN/FLAT needs to be distributed, then it
should use a different router.
Changes in neutron 22.0.0..22.0.1
---------------------------------
e7f85abae6 Start metadata proxy even if IPv6 DAD fails
593939911c Change RBAC relationship loading method to "joined"
d3fb57617d Revert "Delete sg rule which remote is the deleted sg"
97e478dcf5 [ovn] Avoid unwanted ACL_NOT_FOUND error when deleting log objects
edbb0f4aa5 Use explicit inner join for networks in port query
48a000641d Fix not working use_random_fully config option
551ba73aa4 [stable-only][ovn] Fix ovsdbapp db_set command for stable branches
1ef6a605ad docs: Deindent code blocks
812526a279 [S-RBAC] Fix new policies for FIP PFs APIs
c82eee0fd6 [S-RBAC] Get QoS rule types API available for READER role
572cc2d43e [S-RBAC] Fix new policies for get QoS rules APIs
05ff8ce3ee [OVN] Update ovn meter when neutron server reloads
e7ccc75e0a [S-RBAC] Get availability zone API available for READER role
88963bafa5 [S-RBAC] Allow network owners to get ports from that network
a15eece771 Delete sg rule which remote is the deleted sg
ef41cb6073 Avoid retrieving ports if network list is empty
78a24a3a75 OVN: Always try and create a metadata port on subnets
0d3998c742 Replace context decorators with context managers
071255f098 Suppress IPv6 metadata DAD failure and delete address
2d543824a6 [sqlalchemy-20] Add reader context to ``get_ports_on_host_by_subnet``
6efae0b110 Do not check the context object in ``TestMeteringPlugin``
7e8898ec84 [stable/2023.1 only] Drop -master jobs
da7b179933 Ensure redirect-type=bridged not used for geneve networks
4c4a168281 [stable/2023.1 only] Drop branches regex from skip level jobs
1b6fd61e33 Fix concurrent port binding activate
39f8db04a3 Revert "Ensure vlan network traffic is not centralized"
2a90dc754b [OVN] OVN agent should register "Chassis_Private" by default
f822742af0 [OVN] Explicitly define the fixed IPs for the metadata port
Diffstat (except docs and test files)
-------------------------------------
...g-bgp-floating-ip-over-l2-segmented-network.rst | 420 +++++++------
.../internals/ovn/ovn_network_logging.rst | 114 ++--
.../contributor/internals/ovn/port_forwarding.rst | 110 ++--
.../contributor/testing/ci_scenario_jobs.rst | 15 -
neutron/agent/linux/dhcp.py | 3 +-
neutron/agent/linux/ip_lib.py | 8 +-
neutron/agent/linux/iptables_manager.py | 7 +-
neutron/agent/metadata/driver.py | 41 +-
neutron/agent/ovn/agent/ovn_neutron_agent.py | 2 +-
neutron/common/_constants.py | 3 +
neutron/conf/agent/database/agentschedulers_db.py | 4 +-
neutron/conf/policies/availability_zone.py | 6 +-
neutron/conf/policies/base.py | 14 +
.../conf/policies/floatingip_port_forwarding.py | 16 +-
neutron/conf/policies/port.py | 1 +
neutron/conf/policies/qos.py | 22 +-
neutron/db/db_base_plugin_v2.py | 11 +-
neutron/db/dvr_mac_db.py | 1 +
neutron/db/models/address_group.py | 2 +-
neutron/db/models/address_scope.py | 2 +-
neutron/db/models/securitygroup.py | 2 +-
neutron/db/models_v2.py | 6 +-
neutron/db/qos/models.py | 2 +-
neutron/objects/db/api.py | 18 +-
.../ml2/drivers/ovn/mech_driver/ovsdb/commands.py | 34 ++
.../drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py | 8 +
.../drivers/ovn/mech_driver/ovsdb/maintenance.py | 91 ++-
.../drivers/ovn/mech_driver/ovsdb/ovn_client.py | 195 ++++--
.../drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py | 2 +-
neutron/plugins/ml2/plugin.py | 8 +
neutron/services/logapi/drivers/ovn/driver.py | 54 +-
neutron/services/qos/qos_plugin.py | 4 +-
.../ovn/mech_driver/ovsdb/test_maintenance.py | 40 ++
.../ovn/mech_driver/ovsdb/test_ovn_client.py | 68 +++
.../drivers/ovn/mech_driver/test_mech_driver.py | 44 +-
.../unit/agent/linux/test_iptables_manager.py | 34 ++
.../unit/conf/policies/test_availability_zone.py | 6 -
.../policies/test_floatingip_port_forwarding.py | 347 ++++++-----
.../ovn/mech_driver/ovsdb/test_maintenance.py | 68 ++-
.../ovn/mech_driver/ovsdb/test_ovn_client.py | 61 ++
.../drivers/ovn/mech_driver/test_mech_driver.py | 65 +-
.../services/logapi/drivers/ovn/test_driver.py | 75 +--
.../unit/services/metering/test_metering_plugin.py | 24 +-
.../notes/bug-1953165-6e848ea2c0398f56.yaml | 16 +
.../notes/bug-1986003-9bf5ca04f9304336.yaml | 10 +
.../notes/bug-2003455-dff0d0f00b5a18e2.yaml | 9 -
...vn-recreate-metadata-port-76e2c0e651267aa0.yaml | 11 +
.../notes/redirect-type-f29e89ca97357fe9.yaml | 24 +
zuul.d/base.yaml | 70 ---
zuul.d/grenade.yaml | 6 -
zuul.d/job-templates.yaml | 27 -
zuul.d/tempest-multinode.yaml | 53 --
zuul.d/tempest-singlenode.yaml | 225 -------
73 files changed, 2285 insertions(+), 1798 deletions(-)
More information about the Release-announce
mailing list