diff --git a/0001-Create-executable-for-removing-patch-ports.patch b/0001-Create-executable-for-removing-patch-ports.patch new file mode 100644 index 0000000..47f23fd --- /dev/null +++ b/0001-Create-executable-for-removing-patch-ports.patch @@ -0,0 +1,198 @@ +From 9238592fcb2238bfd34d9c0b414573cb6f3d9582 Mon Sep 17 00:00:00 2001 +From: Jakub Libosvar +Date: Thu, 12 Oct 2017 15:19:31 +0000 +Subject: [PATCH] Create executable for removing patch ports + +Nodes using provider bridges for internal traffic like amqp can cause an +ARP storm when at least two nodes were shutdown ungracefully and are +brought up at once. It's caused by having patch-ports between provider +bridges and integration bridge, hence the integration bridge passes ARP +broadcast packets from one provider bridge to another. + +This patch introduces a cleanup script that scans Neutron config and +removes patch ports from integration bridge and bridges defined in +bridge_mappings option. Such script can be executed when node is booted. + +Resolves: rhbz#1490281 +Closes-bug: #1720766 + +Change-Id: I774cefac2951343a30f882791abf12598bc99603 +--- + neutron/cmd/destroy_patch_ports.py | 77 ++++++++++++++++++++ + .../functional/cmd/test_destroy_patch_ports.py | 83 ++++++++++++++++++++++ + 2 files changed, 160 insertions(+) + create mode 100644 neutron/cmd/destroy_patch_ports.py + create mode 100644 neutron/tests/functional/cmd/test_destroy_patch_ports.py + +diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py +new file mode 100644 +index 0000000..d6fb4b3 +--- /dev/null ++++ b/neutron/cmd/destroy_patch_ports.py +@@ -0,0 +1,77 @@ ++# Copyright 2017 Red Hat, Inc. ++# All Rights Reserved. ++# ++# Licensed under the Apache License, Version 2.0 (the "License"); you may ++# not use this file except in compliance with the License. You may obtain ++# a copy of the License at ++# ++# http://www.apache.org/licenses/LICENSE-2.0 ++# ++# Unless required by applicable law or agreed to in writing, software ++# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT ++# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the ++# License for the specific language governing permissions and limitations ++# under the License. ++ ++import sys ++ ++from neutron_lib.utils import helpers ++from oslo_config import cfg ++from oslo_log import log as logging ++ ++from neutron.agent.common import ovs_lib ++from neutron.common import config as common_config ++from neutron.conf.plugins.ml2.drivers import ovs_conf ++from neutron.plugins.common import utils as p_utils ++from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants ++ ++LOG = logging.getLogger(__name__) ++ ++ ++def get_patch_port_names(bridge_name): ++ int_if_name = p_utils.get_interface_name( ++ bridge_name, prefix=constants.PEER_INTEGRATION_PREFIX) ++ phys_if_name = p_utils.get_interface_name( ++ bridge_name, prefix=constants.PEER_PHYSICAL_PREFIX) ++ ++ return int_if_name, phys_if_name ++ ++ ++class PatchPortCleaner(object): ++ def __init__(self, config): ++ mappings = helpers.parse_mappings(config.OVS.bridge_mappings) ++ self.bridges = [ovs_lib.OVSBridge(bridge) ++ for bridge in mappings.values()] ++ self.int_br = ovs_lib.OVSBridge(config.OVS.integration_bridge) ++ ++ def destroy_patch_ports(self): ++ if not self.int_br.bridge_exists(self.int_br.br_name): ++ # integration bridge hasn't been created by agent yet, nothing to ++ # clean ++ return ++ for bridge in self.bridges: ++ try: ++ self._remove_patch_ports_from_int_br(bridge) ++ except Exception as e: ++ LOG.error("Failed to remove patch port from bridge %s: %s", ++ bridge.br_name, e) ++ ++ def _remove_patch_ports_from_int_br(self, bridge): ++ int_if_name, phys_if_name = get_patch_port_names( ++ bridge.br_name) ++ int_type = self.int_br.db_get_val( ++ "Interface", int_if_name, "type", log_errors=False) ++ if int_type == 'patch': ++ self.int_br.delete_port(int_if_name) ++ bridge.delete_port(phys_if_name) ++ ++ ++def main(): ++ common_config.init(sys.argv[1:]) ++ ovs_conf.register_ovs_agent_opts() ++ port_cleaner = PatchPortCleaner(cfg.CONF) ++ port_cleaner.destroy_patch_ports() ++ ++ ++if __name__ == "__main__": ++ main() +diff --git a/neutron/tests/functional/cmd/test_destroy_patch_ports.py b/neutron/tests/functional/cmd/test_destroy_patch_ports.py +new file mode 100644 +index 0000000..9c92edf +--- /dev/null ++++ b/neutron/tests/functional/cmd/test_destroy_patch_ports.py +@@ -0,0 +1,83 @@ ++# Copyright 2017 Red Hat, Inc. ++# All Rights Reserved. ++# ++# Licensed under the Apache License, Version 2.0 (the "License"); you may ++# not use this file except in compliance with the License. You may obtain ++# a copy of the License at ++# ++# http://www.apache.org/licenses/LICENSE-2.0 ++# ++# Unless required by applicable law or agreed to in writing, software ++# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT ++# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the ++# License for the specific language governing permissions and limitations ++# under the License. ++ ++from neutron_lib import constants as n_const ++from oslo_config import cfg ++ ++from neutron.cmd import destroy_patch_ports ++from neutron.common import utils ++from neutron.conf.plugins.ml2.drivers import ovs_conf ++from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants ++from neutron.tests.common import net_helpers ++from neutron.tests.functional import base ++ ++ ++class TestDestroyPatchPorts(base.BaseSudoTestCase): ++ def setUp(self): ++ super(TestDestroyPatchPorts, self).setUp() ++ self.int_br = self.useFixture(net_helpers.OVSBridgeFixture()).bridge ++ bridge_mappings = {} ++ self.bridges = [] ++ for network in ('foo', 'bar'): ++ bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge ++ self._create_patch_ports_to_int_br(bridge) ++ self.bridges.append(bridge) ++ bridge_mappings[network] = bridge.br_name ++ self.config = self._create_config_file(bridge_mappings) ++ ++ def _create_config_file(self, bridge_mappings): ++ config = cfg.ConfigOpts() ++ ovs_conf.register_ovs_agent_opts(config) ++ config.set_override('integration_bridge', self.int_br.br_name, "OVS") ++ config.set_override( ++ 'bridge_mappings', ++ ','.join(["%s:%s" % (net, br) ++ for net, br in bridge_mappings.items()]), ++ "OVS") ++ ++ return config ++ ++ def _create_patch_ports_to_int_br(self, bridge): ++ int_if_name, phys_if_name = destroy_patch_ports.get_patch_port_names( ++ bridge.br_name) ++ self.int_br.add_patch_port( ++ int_if_name, constants.NONEXISTENT_PEER) ++ bridge.add_patch_port( ++ phys_if_name, constants.NONEXISTENT_PEER) ++ self.int_br.set_db_attribute( ++ 'Interface', int_if_name, 'options', {'peer': phys_if_name}) ++ bridge.set_db_attribute( ++ 'Interface', phys_if_name, 'options', {'peer': int_if_name}) ++ ++ def _has_patch_ports(self, bridge): ++ int_if_name, phys_if_name = destroy_patch_ports.get_patch_port_names( ++ bridge.br_name) ++ return (bridge.port_exists(phys_if_name) and ++ self.int_br.port_exists(int_if_name)) ++ ++ def test_destroy_patch_ports(self): ++ self.assertTrue(all(self._has_patch_ports(bridge) ++ for bridge in self.bridges)) ++ cleaner = destroy_patch_ports.PatchPortCleaner(self.config) ++ cleaner.destroy_patch_ports() ++ self.assertFalse(any(self._has_patch_ports(bridge) ++ for bridge in self.bridges)) ++ ++ def test_destroy_patch_ports_no_int_br(self): ++ name = utils.get_rand_name( ++ max_length=n_const.DEVICE_NAME_MAX_LEN) ++ self.config.set_override('integration_bridge', name, "OVS") ++ cleaner = destroy_patch_ports.PatchPortCleaner(self.config) ++ cleaner.destroy_patch_ports() diff --git a/0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch b/0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch new file mode 100644 index 0000000..6b4ef68 --- /dev/null +++ b/0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch @@ -0,0 +1,81 @@ +From 20e704e066c5b6beed78828e662f8562a6db1e63 Mon Sep 17 00:00:00 2001 +From: Jakub Libosvar +Date: Fri, 10 Nov 2017 16:12:10 +0000 +Subject: [PATCH] Destroy patch ports only if canary flow is not present + +Because of containers management do not have any dependency system, +we need to call destroy-patch-ports command before +neutron-openvswitch-agent process is started in the container. This +patch adds functionality to avoid destroying the patch ports in case +canary flow is present on the integration bridge. This is to avoid cases +where container is stopped and started, which would cause a data plane +disruption due to removing patch ports when it's not necessary. Patch +ports are needed to be removed only in cases where node was ungracefully +taken down. + +Change-Id: I5ef0f54741abce40bedd0c958befc9cb39cd21c4 +Resolves: rhbz/1511988 +--- + neutron/cmd/destroy_patch_ports.py | 12 +++++++++--- + neutron/tests/functional/cmd/test_destroy_patch_ports.py | 12 +++++++++++- + 2 files changed, 20 insertions(+), 4 deletions(-) + +diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py +index d6fb4b3..8c3ea98 100644 +--- a/neutron/cmd/destroy_patch_ports.py ++++ b/neutron/cmd/destroy_patch_ports.py +@@ -45,9 +45,10 @@ class PatchPortCleaner(object): + self.int_br = ovs_lib.OVSBridge(config.OVS.integration_bridge) + + def destroy_patch_ports(self): +- if not self.int_br.bridge_exists(self.int_br.br_name): +- # integration bridge hasn't been created by agent yet, nothing to +- # clean ++ if (not self.int_br.bridge_exists(self.int_br.br_name) or ++ self.flows_configured()): ++ # integration bridge hasn't been created by agent yet or it's been ++ # already configured by the agent + return + for bridge in self.bridges: + try: +@@ -65,6 +66,11 @@ class PatchPortCleaner(object): + self.int_br.delete_port(int_if_name) + bridge.delete_port(phys_if_name) + ++ def flows_configured(self): ++ """Return True if the integration bridge has flows already configured. ++ """ ++ return bool(self.int_br.dump_flows_for(table=constants.CANARY_TABLE)) ++ + + def main(): + common_config.init(sys.argv[1:]) +diff --git a/neutron/tests/functional/cmd/test_destroy_patch_ports.py b/neutron/tests/functional/cmd/test_destroy_patch_ports.py +index 9c92edf..b53f1b8 100644 +--- a/neutron/tests/functional/cmd/test_destroy_patch_ports.py ++++ b/neutron/tests/functional/cmd/test_destroy_patch_ports.py +@@ -67,9 +67,12 @@ class TestDestroyPatchPorts(base.BaseSudoTestCase): + return (bridge.port_exists(phys_if_name) and + self.int_br.port_exists(int_if_name)) + +- def test_destroy_patch_ports(self): ++ def _assert_has_all_ports(self): + self.assertTrue(all(self._has_patch_ports(bridge) + for bridge in self.bridges)) ++ ++ def test_destroy_patch_ports(self): ++ self._assert_has_all_ports() + cleaner = destroy_patch_ports.PatchPortCleaner(self.config) + cleaner.destroy_patch_ports() + self.assertFalse(any(self._has_patch_ports(bridge) +@@ -81,3 +84,10 @@ class TestDestroyPatchPorts(base.BaseSudoTestCase): + self.config.set_override('integration_bridge', name, "OVS") + cleaner = destroy_patch_ports.PatchPortCleaner(self.config) + cleaner.destroy_patch_ports() ++ ++ def test_destroy_patch_ports_canary_flow_on_int_br(self): ++ self.int_br.add_flow(table=constants.CANARY_TABLE, actions="drop") ++ self._assert_has_all_ports() ++ cleaner = destroy_patch_ports.PatchPortCleaner(self.config) ++ cleaner.destroy_patch_ports() ++ self._assert_has_all_ports() diff --git a/0003-use-plugin-utils-from-neutron-lib.patch b/0003-use-plugin-utils-from-neutron-lib.patch new file mode 100644 index 0000000..3dc0cd5 --- /dev/null +++ b/0003-use-plugin-utils-from-neutron-lib.patch @@ -0,0 +1,36 @@ +From 91ebd644ed9811cc822d773914590d5b4659bed4 Mon Sep 17 00:00:00 2001 +From: yatin +Date: Tue, 17 Jul 2018 10:17:44 +0530 +Subject: [PATCH] use plugin utils from neutron-lib + +Upstream switched to neutron_lib usage in +https://review.openstack.org/#/c/565284/. + +Change-Id: I88672f7ddd05ab277281772787666206f45e45ca +--- + neutron/cmd/destroy_patch_ports.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py +index 8c3ea98c1..76d9ebff8 100644 +--- a/neutron/cmd/destroy_patch_ports.py ++++ b/neutron/cmd/destroy_patch_ports.py +@@ -15,6 +15,7 @@ + + import sys + ++from neutron_lib.plugins import utils as p_utils + from neutron_lib.utils import helpers + from oslo_config import cfg + from oslo_log import log as logging +@@ -22,7 +23,6 @@ from oslo_log import log as logging + from neutron.agent.common import ovs_lib + from neutron.common import config as common_config + from neutron.conf.plugins.ml2.drivers import ovs_conf +-from neutron.plugins.common import utils as p_utils + from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants + + LOG = logging.getLogger(__name__) +-- +2.17.1 + diff --git a/0004-Adjust-logging-for-removing-patch-ports.patch b/0004-Adjust-logging-for-removing-patch-ports.patch new file mode 100644 index 0000000..fe02b54 --- /dev/null +++ b/0004-Adjust-logging-for-removing-patch-ports.patch @@ -0,0 +1,34 @@ +--- a/neutron/cmd/destroy_patch_ports.py ++++ b/neutron/cmd/destroy_patch_ports.py +@@ -39,6 +39,7 @@ + + class PatchPortCleaner(object): + def __init__(self, config): ++ LOG.debug("Get OVS bridge mappings") + mappings = helpers.parse_mappings(config.OVS.bridge_mappings) + self.bridges = [ovs_lib.OVSBridge(bridge) + for bridge in mappings.values()] +@@ -52,6 +53,7 @@ + return + for bridge in self.bridges: + try: ++ LOG.debug("Remove patch port from bridge %s", bridge.br_name) + self._remove_patch_ports_from_int_br(bridge) + except Exception as e: + LOG.error("Failed to remove patch port from bridge %s: %s", +@@ -69,12 +71,15 @@ + def flows_configured(self): + """Return True if the integration bridge has flows already configured. + """ ++ LOG.debug("Get configured flows for integration bridge %s", ++ self.int_br.br_name) + return bool(self.int_br.dump_flows_for(table=constants.CANARY_TABLE)) + + + def main(): + common_config.init(sys.argv[1:]) + ovs_conf.register_ovs_agent_opts() ++ common_config.setup_logging() + port_cleaner = PatchPortCleaner(cfg.CONF) + port_cleaner.destroy_patch_ports() + diff --git a/conf.README b/conf.README new file mode 100644 index 0000000..ee87997 --- /dev/null +++ b/conf.README @@ -0,0 +1,9 @@ +This directory can be used to configure Neutron services with custom +user-defined configuration files. To use the facility, just drop a file (or a +symlink) that has .conf file name extension into an appropriate directory to +make a service read it during initialization. 'common' directory is read by all +Neutron services. + +Note that user-defined configuration files override any configuration values +defined in other files read by services. Service specific configuration +directories beat common one. diff --git a/neutron-17.0.0.tar.gz b/neutron-17.0.0.tar.gz new file mode 100644 index 0000000..20d012a Binary files /dev/null and b/neutron-17.0.0.tar.gz differ diff --git a/neutron-17.0.0.tar.gz.asc b/neutron-17.0.0.tar.gz.asc new file mode 100644 index 0000000..82bd240 --- /dev/null +++ b/neutron-17.0.0.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEEvCbTqNBmXIf3vt8qwSuOc7MPL8gFAl+G0l4ACgkQwSuOc7MP +L8jEJAwAlTz1nvUXE+8eYzkQbtQoVSohnLCVm7IDaVaSmPwSVROTn922rXnr+lJ3 +ZT973r2yeLuWKcwJgHkiCyEetnl6nEu5jpCetEmhefPb8T+czZmPC3Ex5NrMp6Om +jkWi6uPYzLxM1xIpFfpJv2zxIpdvYT2UKIg77wCmS9HRapk+Br7+KOIqmiZCD46s +W4dX3BGL9pyghykBf8zd4zsZx+yQzyo+DsnF9KzbyE3m+iFySdmUcg0sfDOcft/4 ++gutZPPoyHlQLCzlsQ6WnkEKyyaJUFOLv1+zQ5ZWKWkv1K8buSnswXImXgS78Fs7 +KT6Z16fQ1IrJKTtGLenr2qvSx7Kg2DPa/x+DX8aiBzJekaO1SR/FOPURylp3g+JH +x0ckdF1lafH6gIe1cI4NQWV7r51wLnhWUGEofRuUuycpnLZlxaLXjQKsDrJHpIYX +WFIKvIKwZ/2vGnJGZweDWAyHVx3phb69ag3OK2Tm18uqY9rSPVKJNWdblR0Vuk9X +BPw3NY/Z +=LJ57 +-----END PGP SIGNATURE----- diff --git a/neutron-destroy-patch-ports.service b/neutron-destroy-patch-ports.service new file mode 100644 index 0000000..130601e --- /dev/null +++ b/neutron-destroy-patch-ports.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron Destroy Patch Ports +After=syslog.target network.target openvswitch.service +Before=neutron-openvswitch-agent.service + +[Service] +Type=oneshot +User=neutron +ExecStart=/usr/bin/python -m neutron.cmd.destroy_patch_ports --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-openvswitch-agent +PrivateTmp=false +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/neutron-dhcp-agent.service b/neutron-dhcp-agent.service new file mode 100644 index 0000000..a407f56 --- /dev/null +++ b/neutron-dhcp-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron DHCP Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-dhcp-agent --log-file /var/log/neutron/dhcp-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-dist.conf b/neutron-dist.conf new file mode 100644 index 0000000..0637f10 --- /dev/null +++ b/neutron-dist.conf @@ -0,0 +1,10 @@ +[DEFAULT] +verbose = True +lock_path = $state_path/lock +allow_overlapping_ips = True +use_stderr = False +api_paste_config = /usr/share/neutron/api-paste.ini + +[agent] +root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf +root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf diff --git a/neutron-enable-bridge-firewall.sh b/neutron-enable-bridge-firewall.sh new file mode 100755 index 0000000..ae7a141 --- /dev/null +++ b/neutron-enable-bridge-firewall.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +# This script is triggered on every ovs/linuxbridge agent start. Its intent is +# to make sure the firewall for bridged traffic is enabled before we start an +# agent that may atttempt to set firewall rules on a bridge (a common thing for +# linuxbridge and ovs/hybrid backend setup). + +# before enabling the firewall, load the relevant module +/usr/sbin/modprobe bridge + +# on newer kernels (3.18+), sysctl knobs are split into a separate module; +# attempt to load it, but don't fail if it's missing (f.e. when running against +# an older kernel version) +/usr/sbin/modprobe br_netfilter 2>> /dev/null || : + +# now enable the firewall in case it's disabled (f.e. rhel 7.2 and earlier) +for proto in ip ip6; do + /usr/sbin/sysctl -w net.bridge.bridge-nf-call-${proto}tables=1 +done diff --git a/neutron-l2-agent-sysctl.conf b/neutron-l2-agent-sysctl.conf new file mode 100644 index 0000000..6692625 --- /dev/null +++ b/neutron-l2-agent-sysctl.conf @@ -0,0 +1,2 @@ +net.bridge.bridge-nf-call-ip6tables = 1 +net.bridge.bridge-nf-call-iptables = 1 diff --git a/neutron-l2-agent.modules b/neutron-l2-agent.modules new file mode 100755 index 0000000..3e64115 --- /dev/null +++ b/neutron-l2-agent.modules @@ -0,0 +1,4 @@ +#!/bin/sh +/sbin/modprobe -b bridge >/dev/null 2>&1 +/sbin/modprobe -b br_netfilter >/dev/null 2>&1 +exit 0 diff --git a/neutron-l3-agent.service b/neutron-l3-agent.service new file mode 100644 index 0000000..469d3ce --- /dev/null +++ b/neutron-l3-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron Layer 3 Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent --log-file /var/log/neutron/l3-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-linuxbridge-agent.service b/neutron-linuxbridge-agent.service new file mode 100644 index 0000000..bbd73f3 --- /dev/null +++ b/neutron-linuxbridge-agent.service @@ -0,0 +1,16 @@ +[Unit] +Description=OpenStack Neutron Linux Bridge Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +PermissionsStartOnly=true +ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh +ExecStart=/usr/bin/neutron-linuxbridge-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-linuxbridge-agent --log-file /var/log/neutron/linuxbridge-agent.log +PrivateTmp=true +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-linuxbridge-cleanup.service b/neutron-linuxbridge-cleanup.service new file mode 100644 index 0000000..579d901 --- /dev/null +++ b/neutron-linuxbridge-cleanup.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Neutron Linux Bridge Cleanup Utility +After=syslog.target network.target +Before=neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-l3-agent.service openstack-nova-compute.service + +[Service] +Type=oneshot +User=neutron +ExecStart=/usr/bin/neutron-linuxbridge-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-linuxbridge-cleanup --log-file /var/log/neutron/linuxbridge-cleanup.log +ExecStop=/usr/bin/neutron-linuxbridge-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-linuxbridge-cleanup --log-file /var/log/neutron/linuxbridge-cleanup.log +PrivateTmp=true +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/neutron-macvtap-agent.service b/neutron-macvtap-agent.service new file mode 100644 index 0000000..ba7e401 --- /dev/null +++ b/neutron-macvtap-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron macvtap L2 agent +After=syslog.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-macvtap-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-macvtap-agent --log-file /var/log/neutron/macvtap-agent.log +PrivateTmp=true +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-metadata-agent.service b/neutron-metadata-agent.service new file mode 100644 index 0000000..62a3106 --- /dev/null +++ b/neutron-metadata-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron Metadata Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-metadata-agent --log-file /var/log/neutron/metadata-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-metering-agent.service b/neutron-metering-agent.service new file mode 100644 index 0000000..618b341 --- /dev/null +++ b/neutron-metering-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron Metering Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-metering-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-metering-agent --log-file /var/log/neutron/metering-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-netns-cleanup.service b/neutron-netns-cleanup.service new file mode 100644 index 0000000..7a730e4 --- /dev/null +++ b/neutron-netns-cleanup.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Neutron Netns Cleanup Utility +After=syslog.target network.target openvswitch.service +Before=neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-l3-agent.service openstack-nova-compute.service + +[Service] +Type=oneshot +User=neutron +ExecStart=/usr/bin/neutron-netns-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-netns-cleanup --log-file /var/log/neutron/netns-cleanup.log +ExecStop=/usr/bin/neutron-netns-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-netns-cleanup --log-file /var/log/neutron/netns-cleanup.log --force +PrivateTmp=false +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/neutron-openvswitch-agent.service b/neutron-openvswitch-agent.service new file mode 100644 index 0000000..25b10c2 --- /dev/null +++ b/neutron-openvswitch-agent.service @@ -0,0 +1,18 @@ +[Unit] +Description=OpenStack Neutron Open vSwitch Agent +After=syslog.target network.target network.service openvswitch.service +PartOf=network.service +Requires=openvswitch.service + +[Service] +Type=simple +User=neutron +PermissionsStartOnly=true +ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh +ExecStart=/usr/bin/neutron-openvswitch-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-openvswitch-agent --log-file /var/log/neutron/openvswitch-agent.log +PrivateTmp=true +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-ovn-metadata-agent.service b/neutron-ovn-metadata-agent.service new file mode 100644 index 0000000..5190755 --- /dev/null +++ b/neutron-ovn-metadata-agent.service @@ -0,0 +1,18 @@ +[Unit] +Description=OpenStack Neutron OVN Metadata Agent +After=syslog.target network.target openvswitch.service +Requires=openvswitch.service + +[Service] +Type=simple +User=neutron +PermissionsStartOnly=true +ExecStart=/usr/bin/neutron-ovn-metadata-agent --config-file /etc/neutron/neutron_ovn_metadata_agent.ini --config-dir /etc/neutron/conf.d/neutron-ovn-metadata-agent --log-file /var/log/neutron/neutron-ovn-metadata-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target +# (TODO) - Backwards compatibility in systemd service +Alias=networking-ovn-metadata-agent diff --git a/neutron-ovs-cleanup.service b/neutron-ovs-cleanup.service new file mode 100644 index 0000000..82bfa1a --- /dev/null +++ b/neutron-ovs-cleanup.service @@ -0,0 +1,16 @@ +[Unit] +Description=OpenStack Neutron Open vSwitch Cleanup Utility +After=syslog.target network.target openvswitch.service +Before=neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-l3-agent.service openstack-nova-compute.service + +[Service] +Type=oneshot +User=neutron +ExecStart=/usr/bin/neutron-ovs-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-ovs-cleanup --log-file /var/log/neutron/ovs-cleanup.log +ExecStop=/usr/bin/neutron-ovs-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-ovs-cleanup --log-file /var/log/neutron/ovs-cleanup.log +PrivateTmp=true +RemainAfterExit=yes +TimeoutSec=0 + +[Install] +WantedBy=multi-user.target diff --git a/neutron-rpc-server.service b/neutron-rpc-server.service new file mode 100644 index 0000000..6aca432 --- /dev/null +++ b/neutron-rpc-server.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Neutron (RPC only) Server +After=syslog.target network.target + +[Service] +Type=notify +User=neutron +ExecStart=/usr/bin/neutron-rpc-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-rpc-server --log-file /var/log/neutron/rpc-server.log +PrivateTmp=true +NotifyAccess=all +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-server.service b/neutron-server.service new file mode 100644 index 0000000..e68024c --- /dev/null +++ b/neutron-server.service @@ -0,0 +1,16 @@ +[Unit] +Description=OpenStack Neutron Server +After=syslog.target network.target + +[Service] +Type=notify +User=neutron +ExecStart=/usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-server --log-file /var/log/neutron/server.log +PrivateTmp=true +NotifyAccess=all +KillMode=process +Restart=on-failure +TimeoutStartSec=0 + +[Install] +WantedBy=multi-user.target diff --git a/neutron-sriov-nic-agent.service b/neutron-sriov-nic-agent.service new file mode 100644 index 0000000..8233cbf --- /dev/null +++ b/neutron-sriov-nic-agent.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Neutron SR-IOV NIC Agent +After=syslog.target network.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-sriov-nic-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/sriov_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-sriov-nic-agent --log-file /var/log/neutron/sriov-nic-agent.log +PrivateTmp=false +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/neutron-sudoers b/neutron-sudoers new file mode 100644 index 0000000..9273f58 --- /dev/null +++ b/neutron-sudoers @@ -0,0 +1,4 @@ +Defaults:neutron !requiretty + +neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf * +neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf diff --git a/neutron.logrotate b/neutron.logrotate new file mode 100644 index 0000000..fc1c70b --- /dev/null +++ b/neutron.logrotate @@ -0,0 +1,7 @@ +/var/log/neutron/*.log { + rotate 14 + size 10M + missingok + compress + copytruncate +} diff --git a/openstack-neutron-17.0.0-1.el8.src.rpm b/openstack-neutron-17.0.0-1.el8.src.rpm new file mode 100644 index 0000000..9c67417 Binary files /dev/null and b/openstack-neutron-17.0.0-1.el8.src.rpm differ diff --git a/openstack-neutron.spec b/openstack-neutron.spec new file mode 100644 index 0000000..e655d39 --- /dev/null +++ b/openstack-neutron.spec @@ -0,0 +1,741 @@ +%{!?upstream_version: %global upstream_version %{version}%{?milestone}} +%global service neutron + +%define cleanup_orphan_rootwrap_daemons() \ +for pid in $(ps -f --ppid 1 | awk '/.*neutron-rootwrap-daemon/ { print $2 }'); do \ + kill $(ps --ppid $pid -o pid=) \ +done \ +%nil + +Name: openstack-neutron +Version: 17.0.0 +Release: 1 +Epoch: 1 +Summary: OpenStack Networking Service +License: Apache-2.0 +URL: http://launchpad.net/neutron/ +Source0: https://tarballs.openstack.org/neutron/neutron-%{upstream_version}.tar.gz +Source1: %{service}.logrotate +Source2: %{service}-sudoers +Source10: neutron-server.service +Source11: neutron-linuxbridge-agent.service +Source12: neutron-openvswitch-agent.service +Source15: neutron-dhcp-agent.service +Source16: neutron-l3-agent.service +Source17: neutron-metadata-agent.service +Source18: neutron-ovs-cleanup.service +Source19: neutron-macvtap-agent.service +Source20: neutron-metering-agent.service +Source21: neutron-sriov-nic-agent.service +Source22: neutron-netns-cleanup.service +Source29: neutron-rpc-server.service + +Source30: %{service}-dist.conf +Source31: conf.README +Source32: neutron-linuxbridge-cleanup.service +Source33: neutron-enable-bridge-firewall.sh +Source34: neutron-l2-agent-sysctl.conf +Source35: neutron-l2-agent.modules +Source36: neutron-destroy-patch-ports.service +Source37: neutron-ovn-metadata-agent.service + +Patch0001: 0001-Create-executable-for-removing-patch-ports.patch +Patch0002: 0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch +Patch0003: 0003-use-plugin-utils-from-neutron-lib.patch +Patch0004: 0004-Adjust-logging-for-removing-patch-ports.patch + +BuildArch: noarch + +BuildRequires: git +BuildRequires: openstack-macros +BuildRequires: python3-devel +BuildRequires: python3-babel +BuildRequires: python3-keystoneauth1 >= 3.14.0 +BuildRequires: python3-keystonemiddleware +BuildRequires: python3-neutron-lib +BuildRequires: python3-novaclient +BuildRequires: python3-os-xenapi +BuildRequires: python3-oslo-cache +BuildRequires: python3-oslo-concurrency +BuildRequires: python3-oslo-config +BuildRequires: python3-oslo-db +BuildRequires: python3-oslo-log +BuildRequires: python3-oslo-messaging +BuildRequires: python3-oslo-policy +BuildRequires: python3-oslo-privsep +BuildRequires: python3-oslo-rootwrap +BuildRequires: python3-oslo-service +BuildRequires: python3-oslo-upgradecheck +BuildRequires: python3-oslo-versionedobjects +BuildRequires: python3-osprofiler >= 1.3.0 +BuildRequires: python3-ovsdbapp +BuildRequires: python3-pbr >= 4.0.0 +BuildRequires: python3-psutil >= 3.2.2 +BuildRequires: python3-pyroute2 >= 0.5.13 +BuildRequires: python3-pecan >= 1.3.2 +BuildRequires: python3-tenacity >= 4.4.0 +BuildRequires: python3-os-vif +BuildRequires: systemd +BuildRequires: python3-pip + +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} +Requires: dnsmasq >= 2.76 +Requires: dnsmasq-utils >= 2.76 +Requires: radvd +Requires: dibbler-client +Requires: conntrack-tools +Requires: keepalived +Requires: haproxy >= 1.5.0 +Requires: ipset +Requires: iptables +Requires: iputils +Requires: iproute-tc + +%{?systemd_ordering} + + +%description +OpenStack Networking (Neutron) + +%package -n python3-%{service} +Summary: Neutron Python libraries +%{?python_provide:%python_provide python3-%{service}} +Requires: python3-alembic >= 0.9.6 +Requires: python3-debtcollector >= 1.19.0 +Requires: python3-designateclient >= 2.7.0 +Requires: python3-eventlet >= 0.21.0 +Requires: python3-greenlet >= 0.4.10 +Requires: python3-futurist >= 1.10.0 +Requires: python3-jinja2 >= 2.10 +Requires: python3-keystoneauth1 >= 3.14.0 +Requires: python3-keystonemiddleware >= 4.17.0 +Requires: python3-netaddr >= 0.7.18 +Requires: python3-neutronclient >= 6.7.0 +Requires: python3-neutron-lib >= 2.6.0 +Requires: python3-novaclient >= 9.1.0 +Requires: python3-os-vif >= 1.15.1 +Requires: python3-os-xenapi >= 0.3.1 +Requires: python3-oslo-cache >= 1.26.0 +Requires: python3-oslo-concurrency >= 3.26.0 +Requires: python3-oslo-config +Requires: python3-oslo-context >= 2.20.0 +Requires: python3-oslo-db >= 4.44.0 +Requires: python3-oslo-i18n >= 3.20.0 +Requires: python3-oslo-log >= 4.2.1 +Requires: python3-oslo-messaging >= 7.0.0 +Requires: python3-oslo-middleware >= 3.31.0 +Requires: python3-oslo-policy >= 1.30.0 +Requires: python3-oslo-privsep >= 2.3.0 +Requires: python3-oslo-reports >= 1.18.0 +Requires: python3-oslo-rootwrap >= 5.8.0 +Requires: python3-oslo-serialization >= 2.25.0 +Requires: python3-oslo-service >= 1.24.0 +Requires: python3-oslo-upgradecheck >= 0.1.0 +Requires: python3-oslo-utils >= 4.4.0 +Requires: python3-oslo-versionedobjects >= 1.35.1 +Requires: python3-osprofiler >= 2.3.0 +Requires: python3-ovsdbapp +Requires: python3-pecan >= 1.3.2 +Requires: python3-pbr >= 4.0.0 +Requires: python3-psutil >= 3.2.2 +Requires: python3-pyroute2 >= 0.5.13 +Requires: python3-requests >= 2.14.2 +Requires: python3-tenacity >= 6.0.0 +Requires: python3-routes >= 2.3.1 +Requires: python3-os-ken >= 0.3.1 +Requires: python3-sqlalchemy >= 1.2.0 +Requires: python3-stevedore >= 1.20.0 +Requires: python3-tooz >= 1.58.0 +Requires: python3-webob >= 1.8.2 +Requires: python3-openstacksdk >= 0.31.2 +Requires: python3-pyOpenSSL >= 17.1.0 +Requires: python3-httplib2 >= 0.9.1 +Requires: python3-netifaces >= 0.10.4 +Requires: python3-paste +Requires: python3-paste-deploy >= 1.5.0 +Requires: python3-decorator >= 3.4.0 + +Provides: python3-networking-ovn = %{epoch}:%{version}-%{release} + + +%description -n python3-%{service} +OpenStack Networking (Neutron) +This package contains the Neutron Python library. + +%package -n python3-%{service}-tests +Summary: Neutron tests +%{?python_provide:%python_provide python3-%{service}-tests} +Requires: python3-%{service} = %{epoch}:%{version}-%{release} +Requires: python3-ddt >= 1.0.1 +Requires: python3-fixtures >= 3.0.0 +Requires: python3-mock >= 2.0 +Requires: python3-subunit >= 0.0.18 +Requires: python3-testrepository >= 0.0.18 +Requires: python3-testtools >= 1.4.0 +Requires: python3-testresources >= 0.2.4 +Requires: python3-testscenarios >= 0.4 +Requires: python3-oslotest >= 1.10.0 +Requires: python3-os-testr >= 0.7.0 +Requires: python3-PyMySQL >= 0.6.2 +Requires: python3-tempest >= 12.1.0 +Requires: python3-webtest >= 2.0 +Requires: psmisc +Requires: nfs-utils + +%description -n python3-%{service}-tests +OpenStack Networking (Neutron) +This package contains Neutron test files. + + +%package common +Summary: Neutron common files +Requires(pre): shadow-utils +Requires: python3-%{service} = %{epoch}:%{version}-%{release} +Requires: sudo + + +%description common +OpenStack Networking (Neutron) +This package contains Neutron common files. + + +%package linuxbridge +Summary: Neutron Linuxbridge agent +Requires: ebtables +Requires: ipset +Requires: iproute +Requires: iptables +Requires: kmod +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + + +%description linuxbridge +OpenStack Networking (Neutron) +This package contains the Neutron agent that implements virtual +networks using VLAN or VXLAN using Linuxbridge technology. + + +%package macvtap-agent +Summary: Neutron macvtap agent +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + + +%description macvtap-agent +OpenStack Networking (Neutron) +This package contains the Neutron agent that implements +macvtap attachments for libvirt qemu/kvm instances. + + +%package ml2 +Summary: Neutron ML2 plugin +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + +%description ml2 +OpenStack Networking (Neutron) +This package contains a Neutron plugin that allows the use of drivers +to support separately extensible sets of network types and the mechanisms +for accessing those types. + + +%package openvswitch +Summary: Neutron openvswitch plugin +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} +Requires: ipset +Requires: iptables +Requires: openvswitch +Requires: python3-openvswitch >= 2.8.0 +Requires: kmod + + +%description openvswitch +OpenStack Networking (Neutron) + +This package contains the Neutron plugin that implements virtual +networks using Open vSwitch. + + +%package metering-agent +Summary: Neutron bandwidth metering agent +Requires: iptables +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + + +%description metering-agent +OpenStack Networking (Neutron) +This package contains the Neutron agent responsible for generating bandwidth +utilization notifications. + + +%package rpc-server +Summary: Neutron (RPC only) Server +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + + +%description rpc-server +OpenStack Networking (Neutron) +This package contains an alternative Neutron server that handles AMQP RPC +workload only. + + +%package sriov-nic-agent +Summary: Neutron SR-IOV NIC agent +Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release} + + +%description sriov-nic-agent +OpenStack Networking (Neutron) +This package contains the Neutron agent to support advanced features of +SR-IOV network cards. + + +%package ovn-metadata-agent +Summary: OVN metadata agent +BuildRequires: systemd +Requires: python3-%{service} = %{epoch}:%{version}-%{release} +Requires: openvswitch >= 2.8.0 +Provides: python3-networking-ovn-metadata-agent = %{epoch}:%{version}-%{release} +%{?systemd_requires} + +%description ovn-metadata-agent +OVN provides virtual networking for Open vSwitch and is a component of the +Open vSwitch project. + +This package contains the agent that implements the metadata proxy so that VM's +can retrieve metadata from OpenStack Nova. + +%package ovn-migration-tool +Summary: networking-ovn ML2/OVS to OVN migration tool +Requires: python3-%{service} = %{epoch}:%{version}-%{release} +Provides: python3-networking-ovn-migration-tool = %{epoch}:%{version}-%{release} + +%description ovn-migration-tool + +This package provides the necessary tools to update an existing ML2/OVS +OpenStack to OVN based backend. + + +%prep +%autosetup -n %{service}-%{upstream_version} -S git +sed -i 's/\/usr\/bin\/python/\/usr\/bin\/python3/' %{SOURCE36} + +find %{service} -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} + + +%py_req_cleanup + +rm -rf neutron.egg-info + + +%build +export SKIP_PIP_INSTALL=1 +%{py3_build} +%{__python3} setup.py compile_catalog -d build/lib/%{service}/locale -D neutron + +PYTHONPATH=. +for file in `ls etc/oslo-config-generator/*`; do + oslo-config-generator --config-file=$file +done + +find etc -name *.sample | while read filename +do + filedir=$(dirname $filename) + file=$(basename $filename .sample) + mv ${filename} ${filedir}/${file} +done + +while read name eq value; do + test "$name" && test "$value" || continue + if [ "$name" = "notification_driver" ]; then + sed -ri "0,/^$name *=/{s!^$name *=.*!# $name = $value!}" etc/%{service}.conf + else + sed -ri "0,/^(#)? *$name *=/{s!^(#)? *$name *=.*!# $name = $value!}" etc/%{service}.conf + fi +done < %{SOURCE30} + +%install +%{py3_install} + +rm -rf %{buildroot}%{python3_sitelib}/bin +rm -rf %{buildroot}%{python3_sitelib}/doc +rm -rf %{buildroot}%{python3_sitelib}/tools + +install -d -m 755 %{buildroot}%{_datarootdir}/%{service}/rootwrap +mv %{buildroot}/usr/etc/%{service}/rootwrap.d/*.filters %{buildroot}%{_datarootdir}/%{service}/rootwrap + +install -d -m 755 %{buildroot}%{_sysconfdir}/%{service} +mv %{buildroot}/usr/etc/%{service}/* %{buildroot}%{_sysconfdir}/%{service} +mv %{buildroot}%{_sysconfdir}/%{service}/api-paste.ini %{buildroot}%{_datadir}/%{service}/api-paste.ini + +install -d -m 755 %{buildroot}%{_sysconfdir}/%{service}/plugins/ml2 + +mv etc/%{service}.conf %{buildroot}%{_sysconfdir}/%{service}/%{service}.conf +mv etc/neutron/ovn.ini %{buildroot}%{_sysconfdir}/%{service}/ovn.ini +for agent in dhcp l3 metadata metering neutron_ovn_metadata +do + mv etc/${agent}_agent.ini %{buildroot}%{_sysconfdir}/%{service}/${agent}_agent.ini +done +for file in linuxbridge_agent ml2_conf openvswitch_agent sriov_agent +do + mv etc/%{service}/plugins/ml2/${file}.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/ml2/${file}.ini +done + +install -d -m 755 %{buildroot}%{_sysconfdir}/neutron/plugins/networking-ovn +ln -s /etc/neutron/neutron_ovn_metadata_agent.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/networking-ovn/networking-ovn-metadata-agent.ini + +ln -s /etc/neutron/ovn.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/networking-ovn/networking-ovn.ini + +ln -s %{_bindir}/neutron-ovn-metadata-agent %{buildroot}%{_bindir}/networking-ovn-metadata-agent + +install -p -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/openstack-%{service} + +install -p -D -m 440 %{SOURCE2} %{buildroot}%{_sysconfdir}/sudoers.d/%{service} + +install -p -D -m 644 %{SOURCE10} %{buildroot}%{_unitdir}/neutron-server.service +install -p -D -m 644 %{SOURCE11} %{buildroot}%{_unitdir}/neutron-linuxbridge-agent.service +install -p -D -m 644 %{SOURCE12} %{buildroot}%{_unitdir}/neutron-openvswitch-agent.service +install -p -D -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/neutron-dhcp-agent.service +install -p -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/neutron-l3-agent.service +install -p -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/neutron-metadata-agent.service +install -p -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/neutron-ovs-cleanup.service +install -p -D -m 644 %{SOURCE19} %{buildroot}%{_unitdir}/neutron-macvtap-agent.service +install -p -D -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/neutron-metering-agent.service +install -p -D -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/neutron-sriov-nic-agent.service +install -p -D -m 644 %{SOURCE22} %{buildroot}%{_unitdir}/neutron-netns-cleanup.service +install -p -D -m 644 %{SOURCE29} %{buildroot}%{_unitdir}/neutron-rpc-server.service +install -p -D -m 644 %{SOURCE32} %{buildroot}%{_unitdir}/neutron-linuxbridge-cleanup.service +install -p -D -m 644 %{SOURCE36} %{buildroot}%{_unitdir}/neutron-destroy-patch-ports.service +install -p -D -m 644 %{SOURCE37} %{buildroot}%{_unitdir}/neutron-ovn-metadata-agent.service + + +ln -s %{_unitdir}/neutron-ovn-metadata-agent.service %{buildroot}%{_unitdir}/networking-ovn-metadata-agent.service + +install -p -D -m 755 %{SOURCE33} %{buildroot}%{_bindir}/neutron-enable-bridge-firewall.sh + +install -p -D -m 644 %{SOURCE34} %{buildroot}%{_sysctldir}/99-neutron-openvswitch-agent.conf +install -p -D -m 644 %{SOURCE34} %{buildroot}%{_sysctldir}/99-neutron-linuxbridge-agent.conf +install -p -D -m 755 %{SOURCE35} %{buildroot}%{_sysconfdir}/sysconfig/modules/neutron-openvswitch-agent.modules +install -p -D -m 755 %{SOURCE35} %{buildroot}%{_sysconfdir}/sysconfig/modules/neutron-linuxbridge-agent.modules + +install -p -D -m 755 %{SOURCE31} %{buildroot}%{_sysconfdir}/%{service}/conf.d/README + +install -d -m 755 %{buildroot}%{_datadir}/%{service} +install -d -m 755 %{buildroot}%{_sharedstatedir}/%{service} +install -d -m 755 %{buildroot}%{_localstatedir}/log/%{service} +install -d -m 755 %{buildroot}%{_localstatedir}/run/%{service} +install -d -m 755 %{buildroot}%{_sysconfdir}/%{service}/kill_scripts + +install -p -D -m 640 %{SOURCE30} %{buildroot}%{_datadir}/%{service}/%{service}-dist.conf + +mkdir -p %{buildroot}%{_datadir}/%{service}/l3_agent +ln -s %{_sysconfdir}/%{service}/l3_agent.ini %{buildroot}%{_datadir}/%{service}/l3_agent/l3_agent.conf + +mkdir -p %{buildroot}%{_datadir}/%{service}/server + +mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/common +for service in server rpc-server ovs-cleanup netns-cleanup linuxbridge-cleanup macvtap-agent; do + mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/%{service}-$service +done +for service in linuxbridge openvswitch dhcp l3 metadata metering sriov-nic ovn-metadata; do + mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/%{service}-$service-agent +done + +install -d -m 755 %{buildroot}%{_datadir} +rm -f %{buildroot}%{python3_sitelib}/%{service}/locale/*/LC_*/%{service}*po +rm -f %{buildroot}%{python3_sitelib}/%{service}/locale/*pot +mv %{buildroot}%{python3_sitelib}/%{service}/locale %{buildroot}%{_datadir}/locale + +%find_lang %{service} --all-name + +%pre common +getent group %{service} >/dev/null || groupadd -r %{service} +getent passwd %{service} >/dev/null || \ + useradd -r -g %{service} -d %{_sharedstatedir}/%{service} -s /sbin/nologin \ + -c "OpenStack Neutron Daemons" %{service} +exit 0 + + +%post +%systemd_post neutron-dhcp-agent.service +%systemd_post neutron-l3-agent.service +%systemd_post neutron-metadata-agent.service +%systemd_post neutron-server.service +%systemd_post neutron-netns-cleanup.service +%systemd_post neutron-ovs-cleanup.service +%systemd_post neutron-linuxbridge-cleanup.service + + +%preun +%systemd_preun neutron-dhcp-agent.service +%systemd_preun neutron-l3-agent.service +%systemd_preun neutron-metadata-agent.service +%systemd_preun neutron-server.service +%systemd_preun neutron-netns-cleanup.service +%systemd_preun neutron-ovs-cleanup.service +%systemd_preun neutron-linuxbridge-cleanup.service + + +%postun +%systemd_postun_with_restart neutron-dhcp-agent.service +%systemd_postun_with_restart neutron-l3-agent.service +%systemd_postun_with_restart neutron-metadata-agent.service +%systemd_postun_with_restart neutron-server.service +%cleanup_orphan_rootwrap_daemons + + +%post macvtap-agent +%systemd_post neutron-macvtap-agent.service + + +%preun macvtap-agent +%systemd_preun neutron-macvtap-agent.service + + +%postun macvtap-agent +%systemd_postun_with_restart neutron-macvtap-agent.service +%cleanup_orphan_rootwrap_daemons + + +%post linuxbridge +%systemd_post neutron-linuxbridge-agent.service + + +%preun linuxbridge +%systemd_preun neutron-linuxbridge-agent.service + + +%postun linuxbridge +%systemd_postun_with_restart neutron-linuxbridge-agent.service +%cleanup_orphan_rootwrap_daemons + +%post openvswitch +%systemd_post neutron-openvswitch-agent.service +%systemd_post neutron-destroy-patch-ports.service + +if [ $1 -ge 2 ]; then + ovs_agent_running=0 + systemctl status neutron-openvswitch-agent > /dev/null 2>&1 && ovs_agent_running=1 || : + + [ $ovs_agent_running -eq 1 ] && systemctl stop neutron-openvswitch-agent > /dev/null 2>&1 || : + + %cleanup_orphan_rootwrap_daemons + + [ $ovs_agent_running -eq 1 ] && systemctl start neutron-openvswitch-agent > /dev/null 2>&1 || : +fi + + +%preun openvswitch +%systemd_preun neutron-openvswitch-agent.service +%systemd_preun neutron-destroy-patch-ports.service + + +%post metering-agent +%systemd_post neutron-metering-agent.service + + +%preun metering-agent +%systemd_preun neutron-metering-agent.service + + +%postun metering-agent +%systemd_postun_with_restart neutron-metering-agent.service +%cleanup_orphan_rootwrap_daemons + + +%post sriov-nic-agent +%systemd_post neutron-sriov-nic-agent.service + + +%preun sriov-nic-agent +%systemd_preun neutron-sriov-nic-agent.service + + +%postun sriov-nic-agent +%systemd_postun_with_restart neutron-sriov-nic-agent.service +%cleanup_orphan_rootwrap_daemons + + +%post ovn-metadata-agent +%systemd_post neutron-ovn-metadata-agent.service + + +%preun ovn-metadata-agent +%systemd_preun neutron-ovn-metadata-agent.service + + +%postun ovn-metadata-agent +%systemd_postun_with_restart neutron-ovn-metadata-agent.service + + +%files +%license LICENSE +%{_bindir}/neutron-api +%{_bindir}/neutron-db-manage +%{_bindir}/neutron-debug +%{_bindir}/neutron-dhcp-agent +%{_bindir}/neutron-ipset-cleanup +%{_bindir}/neutron-keepalived-state-change +%{_bindir}/neutron-l3-agent +%{_bindir}/neutron-linuxbridge-cleanup +%{_bindir}/neutron-metadata-agent +%{_bindir}/neutron-netns-cleanup +%{_bindir}/neutron-ovs-cleanup +%{_bindir}/neutron-pd-notify +%{_bindir}/neutron-sanity-check +%{_bindir}/neutron-status +%{_bindir}/neutron-server +%{_bindir}/neutron-usage-audit +%{_bindir}/neutron-ovn-metadata-agent +%{_bindir}/networking-ovn-metadata-agent +%{_bindir}/neutron-ovn-db-sync-util +%{_unitdir}/neutron-dhcp-agent.service +%{_unitdir}/neutron-l3-agent.service +%{_unitdir}/neutron-metadata-agent.service +%{_unitdir}/neutron-server.service +%{_unitdir}/neutron-netns-cleanup.service +%{_unitdir}/neutron-ovs-cleanup.service +%{_unitdir}/neutron-linuxbridge-cleanup.service +%attr(-, root, %{service}) %{_datadir}/%{service}/api-paste.ini +%dir %{_datadir}/%{service}/l3_agent +%dir %{_datadir}/%{service}/server +%{_datadir}/%{service}/l3_agent/*.conf +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/dhcp_agent.ini +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/l3_agent.ini +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/metadata_agent.ini +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-dhcp-agent +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-l3-agent +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-metadata-agent +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-server +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-netns-cleanup +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-ovs-cleanup +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-linuxbridge-cleanup +%dir %{_sysconfdir}/%{service}/kill_scripts + + +%files -n python3-%{service}-tests +%license LICENSE +%{python3_sitelib}/%{service}/tests + +%files -n python3-%{service} +%license LICENSE +%{python3_sitelib}/%{service} +%{python3_sitelib}/%{service}-*.egg-info +%exclude %{python3_sitelib}/%{service}/tests + + +%files common -f %{service}.lang +%license LICENSE +%doc README.rst +%{_bindir}/neutron-enable-bridge-firewall.sh +%{_bindir}/neutron-rootwrap +%{_bindir}/neutron-rootwrap-daemon +%dir %{_sysconfdir}/%{service} +%{_sysconfdir}/%{service}/conf.d/README +%dir %{_sysconfdir}/%{service}/conf.d +%dir %{_sysconfdir}/%{service}/conf.d/common +%dir %{_sysconfdir}/%{service}/plugins +%attr(-, root, %{service}) %{_datadir}/%{service}/%{service}-dist.conf +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/%{service}.conf +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/ovn.ini +%{_sysconfdir}/%{service}/plugins/networking-ovn/networking-ovn.ini +%config(noreplace) %{_sysconfdir}/%{service}/rootwrap.conf +%config(noreplace) %{_sysconfdir}/logrotate.d/* +%{_sysconfdir}/sudoers.d/%{service} +%dir %attr(0755, %{service}, %{service}) %{_sharedstatedir}/%{service} +%dir %attr(0750, %{service}, %{service}) %{_localstatedir}/log/%{service} +%dir %{_datarootdir}/%{service} +%dir %{_datarootdir}/%{service}/rootwrap +%{_datarootdir}/%{service}/rootwrap/debug.filters +%{_datarootdir}/%{service}/rootwrap/dhcp.filters +%{_datarootdir}/%{service}/rootwrap/dibbler.filters +%{_datarootdir}/%{service}/rootwrap/ebtables.filters +%{_datarootdir}/%{service}/rootwrap/ipset-firewall.filters +%{_datarootdir}/%{service}/rootwrap/iptables-firewall.filters +%{_datarootdir}/%{service}/rootwrap/l3.filters +%{_datarootdir}/%{service}/rootwrap/privsep.filters + + +%files linuxbridge +%license LICENSE +%{_bindir}/neutron-linuxbridge-agent +%{_unitdir}/neutron-linuxbridge-agent.service +%{_datarootdir}/%{service}/rootwrap/linuxbridge-plugin.filters +%dir %{_sysconfdir}/%{service}/plugins/ml2 +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/plugins/ml2/linuxbridge_agent.ini +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-linuxbridge-agent +%{_sysctldir}/99-neutron-linuxbridge-agent.conf +%{_sysconfdir}/sysconfig/modules/neutron-linuxbridge-agent.modules + + +%files macvtap-agent +%license LICENSE +%{_bindir}/neutron-macvtap-agent +%{_unitdir}/neutron-macvtap-agent.service +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-macvtap-agent + + +%files ml2 +%license LICENSE +%doc %{service}/plugins/ml2/README +%dir %{_sysconfdir}/%{service}/plugins/ml2 +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/plugins/ml2/*.ini +%exclude %{_sysconfdir}/%{service}/plugins/ml2/linuxbridge_agent.ini +%exclude %{_sysconfdir}/%{service}/plugins/ml2/openvswitch_agent.ini + + +%files openvswitch +%license LICENSE +%{_bindir}/neutron-openvswitch-agent +%{_unitdir}/neutron-openvswitch-agent.service +%{_unitdir}/neutron-destroy-patch-ports.service +%{_datarootdir}/%{service}/rootwrap/openvswitch-plugin.filters +%dir %{_sysconfdir}/%{service}/plugins/ml2 +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/plugins/ml2/openvswitch_agent.ini +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-openvswitch-agent +%{_sysctldir}/99-neutron-openvswitch-agent.conf +%{_sysconfdir}/sysconfig/modules/neutron-openvswitch-agent.modules + + +%files metering-agent +%license LICENSE +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/metering_agent.ini +%{_unitdir}/neutron-metering-agent.service +%{_bindir}/neutron-metering-agent +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-metering-agent + + +%files rpc-server +%license LICENSE +%{_bindir}/neutron-rpc-server +%{_unitdir}/neutron-rpc-server.service +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-rpc-server + + +%files sriov-nic-agent +%license LICENSE +%{_unitdir}/neutron-sriov-nic-agent.service +%{_bindir}/neutron-sriov-nic-agent +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/plugins/ml2/sriov_agent.ini +%dir %{_sysconfdir}/%{service}/conf.d/%{service}-sriov-nic-agent + + +%files ovn-metadata-agent +%license LICENSE +%{_bindir}/neutron-ovn-metadata-agent +%{_bindir}/networking-ovn-metadata-agent +%{_unitdir}/neutron-ovn-metadata-agent.service +%{_unitdir}/networking-ovn-metadata-agent.service +%config(noreplace) %attr(0640, root, %{service}) %{_sysconfdir}/%{service}/neutron_ovn_metadata_agent.ini +%dir %{_sysconfdir}/neutron/plugins/networking-ovn +%{_sysconfdir}/neutron/plugins/networking-ovn/networking-ovn-metadata-agent.ini +/etc/neutron/plugins/networking-ovn/networking-ovn.ini +%dir %{_sysconfdir}/neutron/conf.d/neutron-ovn-metadata-agent + + +%files ovn-migration-tool +%license LICENSE +%{_bindir}/neutron-ovn-migration-mtu +%{_bindir}/ovn_migration.sh +%{_datadir}/ansible/neutron-ovn-migration/ + +%changelog +* Fri Jan 15 2021 joec88 1:17.0.0-1 +- openEuler build release