[release-announce] neutron 20.3.0 (yoga)
no-reply at openstack.org
no-reply at openstack.org
Tue Mar 14 09:41:56 UTC 2023
We are satisfied to announce the release of:
neutron 20.3.0: OpenStack Networking
This release is part of the yoga stable release series.
The source is available from:
https://opendev.org/openstack/neutron
Download the package from:
https://tarballs.openstack.org/neutron/
Please report issues through:
https://bugs.launchpad.net/neutron/+bugs
For more details, please see below.
20.3.0
^^^^^^
New Features
************
* Address scope is now added to all OVN LSP port registers in the
northbound. Northd then writes the address scope from the northbound
to the southbound so it can be used there by the ovn-bgp-agent.
* After the port is considered as provisioned, the Nova port binding
update could have not been received, leaving the port as not bound.
Now the port provisioning method has an active wait that will retry
several times, waiting for the port binding update. If received, the
port status will be set as active if the admin state flag is set.
* Core OVN now can set the destination host on the logical switch
port during a live migration. That allows to prepare the destination
host earlier, achieving a quicker live migration and a lower
downtime during the switch between hosts. Neutron includes this
information in the port options.
* A new script to remove the duplicated port bindings was added.
This script will list all "ml2_port_bindings" records in the
database, finding those ones with the same port ID. Then the script
removes those ones with status=INACTIVE. This script is useful to
remove those leftovers that remain in the database after a failed
live migration. It is important to remark that this script should
not be executed during any live migration process.
* Add "use_random_fully" setting to allow an operator to disable the
iptables random-fully property on an iptable rules.
Known Issues
************
* Until the OVN bug
(https://bugzilla.redhat.com/show_bug.cgi?id=2162756) is fixed,
setting the "reside-on-redirect-chassis" to true for the logical
router port associated to vlan provider network is needed. This
workaround makes the traffic centrallized, but not tunneled, through
the node with the gateway port, thus avoiding MTU issues.
* If the "use_random_fully" setting is disabled, it will prevent
random fully from being used and if there're 2 guests in different
networks using the same source_ip and source_port and they try to
reach the same dest_ip and dest_port, packets might be dropped in
the kernel do to the racy tuple generation . Disabling this
setting should only be done if source_port is really important such
as in network firewall ACLs and that the source_ip are never
repeating within the platform.
Upgrade Notes
*************
* The default value for the "metadata_workers" configuration option
has changed to 0 for the ML2/OVN driver. Since [OVN] Allow to
execute "MetadataProxyHandler" in a local thread
(https://review.opendev.org/c/openstack/neutron/+/861649), the OVN
metadata proxy handler can be spawned in the same process of the OVN
metadata agent, in a local thread. That reduces the number of OVN SB
database connections to one.
Bug Fixes
*********
* [bug 2003455 (https://bugs.launchpad.net/neutron/+bug/2003455)] It
is added an extra checking to ensure the "reside-on-redirect-
chassis" is set to true for the logical router port associated to
vlan provider network despite having the
"ovn_distributed_floating_ip" enabled or not. This is needed as
there is an OVN bug
(https://bugzilla.redhat.com/show_bug.cgi?id=2162756) making it not
work as expected. Until that is fixed, we need these workaround that
makes the traffic centrallized, but not tunneled, through the node
with the gateway port, thus avoiding MTU issues.
* Normalise OVN agent heartbeat timestamp format to match other
agent types. This fixes parsing of "GET /v2.0/agents" for some
clients, such as gophercloud.
* Fixes an issue in the ML2/OVN driver where the network segment tag
was not being updated in the OVN Northbound database. For more
information, see bug 1944708
(https://bugs.launchpad.net/neutron/+bug/1944708).
* Neutron can record full connection using log-related feature
introduced in OVN 21.12. For more info see *bug
LP#<https://bugs.launchpad.net/neutron/+bug/2003706>*
Other Notes
***********
* The OVN migration performs validation by default. This validation
means an instance is spawned and is tested by simple ping after the
migration is finished. Also it tries to create new workload post
migration. This is useful for very simple scenarios when migration
is tested but is not really useful in production since likely the
production envrionments already have running workloads. It makes
more sense to require the validation explicitly rather than
implicitly run it as the migration is mostly intended for
production. The VALIDATE_MIGRATION now defaults to False and needs
to be changed to True if validation upon request.
* Since OVN 20.06, the "Chassis" register configuration is stored in
the "other_config" field and replicated into "external_ids". This
replication is stopped in OVN 22.09. The ML2/OVN plugin tries to
retrieve the "Chassis" configuration from the "other_config" field
first; if this field does not exist (in OVN versions before 20.06),
the plugin will use "external_ids" field instead. Neutron will be
compatible with the different OVN versions (with and without
"other_config" field).
Changes in neutron 20.2.0..20.3.0
---------------------------------
b1da5a11e3 Reintroduce agent bridge resync test
f5815bcca5 Make retrieval of port mac column safe
334f7733f5 [OVN] Ensure traffic for provider vlan networks is not tunneled
1f9f77e4a2 Prevent router_ha_interface port from being removed via API
61ff4a1cc1 Apply Ironic's server-ip-address as TFTP next-server
1d611f4a7e Normalise format of OVN agent heartbeat timestamp
9ee1cae86a Add missing osprofiler options
71a47b6b89 Format correctly (dialect=mac_unix_expanded) the MAC addresses
6f0da8a5be ovn migration: Turn validations off by default
b221325593 Enable qos extension_driver in ovn_db_sync
9df4a7e398 Do not ignore attributes in bulk port create
ff9d2fc33b [OVN] Bump the port revision number in trunk driver
86e2aa859d [OVN] Add missing LSP device_owner info in trunk driver
7dcf8be112 Improve scheduling L3/DHCP agents, missing lower binding indexes
aaafcbef33 Fix deprecation warnings in pkg_resources
54501e7a24 Fullstack: Wait placement process fixtrue to really stop
8e6c18916e Filter subnets by "enable_dhcp" flag using the correct type
a70cfffef3 [OVN] Allow logging all traffic related to an ACL
6ef9d235d2 Use common wait_until_ha_router_has_state method everywhere
5cb3428d77 Never raise an exception in notify()
254d3d0e5c [Trunk] Update the trunk status with the parent status
b0081ea6db Increase fullstack job's timeout
1d9ce04068 Improve agent provision performance for large networks
2a2fda29c9 [OVN][FT] Also update nb_cfg along with nb_cfg_timestamp
97e86e51ae Allow multiple IPv6 ports on router from same network ml2/ovs+dvr
2bf242a375 [OVN] Fix availability zones changes check
0e18664513 Limit tox version to <4
2acac47647 [Fullstack] Wait 10 seconds to ensure that MAC address is configured
0d3fe4f7a2 Fix handling the restart of ovn-controllers
2ed8fa5037 Fix bulk create without mac
52f47c0945 Add address scope to the OVN LSP port registers
821970b716 [stable-only] Load config options importing ``common_config``
951e2c74ae Check if port exists in ``update_port_virtual_type`` method
7672b0e76a Dont raise RouterInterfaceNotFound on overlap check router ports
aeed2f44a2 Set bigger swap in the functional and fullstack jobs
4eba379801 Fix behaviour of enable/disable in OVN network log
0e427ecc49 Fix duplicated routes exceptions
8a4c62d094 Since OVN 20.06, config is stored in "Chassis.other_config"
0d0e6cd47b ovn: Use ovsdb-client to create neutron_pg_drop
44ec1f1503 Avoid register config options on imports
e62c81a570 ovn: first tear down old metadata namespaces, then deploy new
de89581ace Mark functional L3ha tests as unstable
32fde52371 OVN: Add support for DHCP option "domain-search" for IPv4
3874a1ed9a Always create a "router_extra_attributes" register per router
2032397cf8 Check subnet overlapping after add router interface
9a8301796b [stable-only] Add "tempest-integrated-networking" job to experimental
2649d05dca Update the Ethernet card information
1d34760ae5 Allow shared net to be added on router
b7daf9b199 Update documentation link for openSUSE index.
ec234e64cd Port provisioning should retry only for VM ports
56841381ef [OVN] Set the default OVN metadata worker number to 0
8eaea0ac1f update the nova host aggregates links
0889dda990 Disable in-band management for bridges before setting up controllers
dd7fc47684 [OVN] Avoid deadlock when cleaning hash ring nodes
3867f3c872 [L3HA] Don't update HA router's ports if router isn't active on agents
de561baf79 Execute "IpMonitorTestCase" tests always inside a namespace
89eb9e4071 Split Hash Ring probing from the maintenance task
c8409a33d9 [OVN] Allow to execute ``MetadataProxyHandler`` in a local thread
bf1e9e417c Allow to pass EUI64 IP address as fixed ip for the port
4c842e8eb4 Fix ipam_pluggable_backend unit tests module
d2f3499c74 Accept a port deletion with missing port binding information
9db730764c [stable-only] Add writer DB context to "add_provisioning_component"
3d307ef8f8 Script to remove duplicated port bindings
e2aa1330c6 fix: Fix url of Floodlight
5ccd08647d Migration revert plan
f15a0b66a9 Use "OVNMechDriver" instance in "TestOvn[Nb|Sb]IdlNotifyHandler"
ec9eabf8dd Handle several dhcp agents for metadata over ipv6
7721c6982b [OVN] Rate limit the "Disallow caching" log from hash ring
fd7fb0e9d8 Do not allow a tenant to create a default SG for another one
15150ed9c7 Fix indentation issue in wait_for_change override
f2ec37385d Revert "[OVN] Set NB/SB "connection" inactivity probe"
e60184b483 Retry connections to Nova
2d2d650a20 Add an active wait during the port provisioning event
3d036d59fe [ovn] Specify port type if it's a router port when updating
edc26807dd Bump revision number of objects when description is changed
fa77abbc15 Allow operator to disable usage of random-fully
0cccea36ff [OVN] Remove ACLs with remote SG during deletion of SG
1fda7ab887 Check the Chassis_Private nb_cfg_timestamp with current value
602c1025cd [OVN] Remove session check in ``update_network_postcommit``
de9e632e14 ovn: Don't fail db sync if new IP allocation fails for metadata
601b01f82b [OVN] Try to bind ports only to the ovn-controller agents
722301d93e Mellanox_eth.img url expires, remove the mellanox_eth.img node
c11103a9f1 [OVN] Fix updating network segmentation ID
ef3729e5a2 remove unused updated_at parameter for AgentCache.update
4303039e50 [ovn]neutron agent show real heartbeat_timestamp
4c93b29471 Clean up db residual record from dvr port
08a2268624 [ovn]Change LogicalSwitchPortUpdateUpEvent old conditions
363f0a972e Add workaround for eventlet.greendns bug
c6eaa8276e Port update will trigger less notifications to the DHCP agents
ca96555e81 Implement specific tracked resource count method per quota driver
81809eac06 Test: mock out _check_netfilter_for_bridges in unit tests
16ca8df84d Add release note for OVN "requested-chassis" feature
df4f010754 ovn: use requested-chassis list format for live migration
7cf7ae0565 Partially revert "Do not link up HA router gateway in backup node"
Diffstat (except docs and test files)
-------------------------------------
.../contributor/internals/live_migration.rst | 21 ++
etc/oslo-config-generator/neutron.conf | 1 +
neutron/agent/common/async_process.py | 4 +
neutron/agent/common/ovs_lib.py | 19 +-
neutron/agent/common/utils.py | 54 +++-
neutron/agent/dhcp/agent.py | 2 +-
neutron/agent/l3/dvr_edge_ha_router.py | 4 +-
neutron/agent/l3/ha.py | 9 -
neutron/agent/l3/ha_router.py | 32 +-
neutron/agent/l3/router_info.py | 20 +-
neutron/agent/linux/interface.py | 34 +-
neutron/agent/linux/iptables_manager.py | 4 +
neutron/agent/linux/keepalived.py | 5 +
neutron/agent/ovn/metadata/agent.py | 241 ++++++++------
neutron/agent/ovn/metadata/ovsdb.py | 11 +-
neutron/agent/ovn/metadata/server.py | 14 +-
neutron/agent/ovn/metadata_agent.py | 2 +
.../api/rpc/agentnotifiers/dhcp_rpc_agent_api.py | 27 +-
neutron/api/rpc/handlers/l3_rpc.py | 17 +-
neutron/cmd/ovn/neutron_ovn_db_sync_util.py | 4 +
neutron/cmd/remove_duplicated_port_bindings.py | 70 +++++
neutron/common/_constants.py | 3 +
neutron/common/config.py | 3 +
neutron/common/ovn/constants.py | 9 +-
neutron/common/ovn/hash_ring_manager.py | 15 +-
neutron/common/ovn/utils.py | 160 ++++++++--
neutron/conf/agent/common.py | 3 +
neutron/conf/common.py | 13 +
neutron/conf/plugins/ml2/drivers/ovn/ovn_conf.py | 6 +-
neutron/db/availability_zone/router.py | 3 +-
neutron/db/ipam_pluggable_backend.py | 14 +-
neutron/db/l3_agentschedulers_db.py | 4 +-
neutron/db/l3_attrs_db.py | 18 +-
neutron/db/l3_db.py | 150 ++++++---
neutron/db/l3_dvr_db.py | 7 +-
neutron/db/l3_dvrscheduler_db.py | 15 +-
neutron/db/l3_hamode_db.py | 10 +-
neutron/db/models/l3agent.py | 8 +-
neutron/db/network_dhcp_agent_binding/models.py | 9 +-
neutron/db/provisioning_blocks.py | 1 +
neutron/db/quota/driver.py | 11 +-
neutron/db/quota/driver_nolock.py | 4 +
neutron/db/securitygroups_db.py | 4 +
neutron/extensions/quotasv2.py | 4 +-
neutron/notifiers/nova.py | 12 +
neutron/objects/l3agent.py | 3 +-
neutron/objects/ports.py | 8 +
neutron/objects/router.py | 12 +
neutron/plugins/ml2/db.py | 18 ++
.../agent/openflow/native/ovs_bridge.py | 34 +-
.../plugins/ml2/drivers/ovn/agent/neutron_agent.py | 76 ++---
.../ml2/drivers/ovn/mech_driver/mech_driver.py | 194 +++++-------
.../ml2/drivers/ovn/mech_driver/ovsdb/api.py | 13 +-
.../ml2/drivers/ovn/mech_driver/ovsdb/commands.py | 9 +-
.../ovn/mech_driver/ovsdb/extensions/placement.py | 3 +-
.../drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py | 21 +-
.../drivers/ovn/mech_driver/ovsdb/maintenance.py | 79 ++++-
.../drivers/ovn/mech_driver/ovsdb/ovn_client.py | 151 ++++++---
.../drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py | 11 +-
.../drivers/ovn/mech_driver/ovsdb/ovsdb_monitor.py | 174 ++++-------
neutron/plugins/ml2/plugin.py | 243 +++++++++------
neutron/quota/resource.py | 4 +-
neutron/scheduler/base_scheduler.py | 46 ++-
neutron/scheduler/dhcp_agent_scheduler.py | 6 +-
neutron/scheduler/l3_agent_scheduler.py | 5 +-
neutron/services/logapi/drivers/ovn/driver.py | 90 +++++-
neutron/services/revisions/revision_plugin.py | 33 +-
neutron/services/trunk/drivers/ovn/trunk_driver.py | 41 ++-
neutron/services/trunk/plugin.py | 10 +-
.../agent/ovn/metadata/test_metadata_agent.py | 52 +--
.../mech_driver/ovsdb/extensions/test_placement.py | 10 +-
.../drivers/ovn/mech_driver/ovsdb/test_impl_idl.py | 12 +-
.../ovn/mech_driver/ovsdb/test_ovn_db_sync.py | 16 +-
.../ovn/mech_driver/ovsdb/test_ovsdb_monitor.py | 100 +++++-
.../drivers/ovn/mech_driver/test_mech_driver.py | 289 ++++++++++-------
.../services/logapi/drivers/ovn/test_driver.py | 66 ++++
.../functional/services/ovn_l3/test_plugin.py | 11 +-
.../trunk/drivers/ovn/test_trunk_driver.py | 21 +-
.../linux/openvswitch_firewall/test_iptables.py | 16 +-
.../rpc/agentnotifiers/test_dhcp_rpc_agent_api.py | 40 ++-
.../unit/common/ovn/test_hash_ring_manager.py | 11 +-
.../agent/openflow/native/ovs_bridge_test_base.py | 7 +-
.../openvswitch/agent/test_ovs_neutron_agent.py | 5 +-
.../ml2/drivers/ovn/agent/test_neutron_agent.py | 19 +-
.../ovn/mech_driver/ovsdb/extensions/test_qos.py | 2 +
.../drivers/ovn/mech_driver/ovsdb/test_commands.py | 13 +-
.../ovn/mech_driver/ovsdb/test_impl_idl_ovn.py | 2 +-
.../ovn/mech_driver/ovsdb/test_maintenance.py | 85 ++++-
.../ovn/mech_driver/ovsdb/test_ovn_client.py | 2 +
.../ovn/mech_driver/ovsdb/test_ovsdb_monitor.py | 150 +++++----
.../drivers/ovn/mech_driver/test_mech_driver.py | 290 +++++++++++------
.../services/logapi/drivers/ovn/test_driver.py | 5 +-
.../services/revisions/test_revision_plugin.py | 16 +
.../trunk/drivers/ovn/test_trunk_driver.py | 12 +-
playbooks/configure_functional_job.yaml | 4 +-
playbooks/run_functional_job.yaml | 4 +-
...he-OVN-LSP-port-registers-1f45e34815c3896d.yaml | 6 +
...d-port-provisioning-retry-8edf16a258b164a0.yaml | 8 +
.../notes/bug-2003455-b502cc637427560e.yaml | 19 ++
...ange-migration-validation-b030b02c5e1acd3d.yaml | 12 +
...eartbeat-timestamp-format-dcf80badbe267c68.yaml | 6 +
.../ovn-chassis-other-config-7db15b9d10bf7f04.yaml | 10 +
.../ovn-metadata-workers-fa8a2019f34bd572.yaml | 9 +
...ed-chassis-live-migration-7d5d9d68a5d5a86c.yaml | 8 +
.../notes/ovn-update-vlan-id-749d8f17999243f5.yaml | 7 +
...-duplicated-port-bindings-83b58060f3adb403.yaml | 10 +
...l-log-related-traffic-ovn-96b304ab744de13e.yaml | 6 +
.../notes/use_random_fully-527b20bc524c308a.yaml | 15 +
setup.cfg | 1 +
.../tripleo_environment/ovn_migration.sh | 37 ++-
.../playbooks/ovn-migration.yml | 17 +
.../tripleo_environment/playbooks/revert.yml | 4 +
.../roles/recovery-backup/defaults/main.yml | 12 +
.../playbooks/roles/recovery-backup/tasks/main.yml | 68 ++++
.../playbooks/roles/revert/tasks/main.yml | 29 ++
tox.ini | 43 +--
zuul.d/base.yaml | 4 +-
zuul.d/job-templates.yaml | 36 +++
159 files changed, 4260 insertions(+), 1509 deletions(-)
More information about the Release-announce
mailing list