packages/openstack-neutron
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 18.1.0

Browse Source
This commit is contained in:
liksh 2021-07-23 15:51:09 +08:00
parent 0ded9ec372
commit 994edfa387
8 changed files with 177 additions and 425 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

198
0001-Create-executable-for-removing-patch-ports.patch
View File

@ -1,198 +0,0 @@
From 9238592fcb2238bfd34d9c0b414573cb6f3d9582 Mon Sep 17 00:00:00 2001
From: Jakub Libosvar <libosvar@redhat.com>
Date: Thu, 12 Oct 2017 15:19:31 +0000
Subject: [PATCH] Create executable for removing patch ports
Nodes using provider bridges for internal traffic like amqp can cause an
ARP storm when at least two nodes were shutdown ungracefully and are
brought up at once. It's caused by having patch-ports between provider
bridges and integration bridge, hence the integration bridge passes ARP
broadcast packets from one provider bridge to another.
This patch introduces a cleanup script that scans Neutron config and
removes patch ports from integration bridge and bridges defined in
bridge_mappings option. Such script can be executed when node is booted.
Resolves: rhbz#1490281
Closes-bug: #1720766
Change-Id: I774cefac2951343a30f882791abf12598bc99603
---
neutron/cmd/destroy_patch_ports.py | 77 ++++++++++++++++++++
.../functional/cmd/test_destroy_patch_ports.py | 83 ++++++++++++++++++++++
2 files changed, 160 insertions(+)
create mode 100644 neutron/cmd/destroy_patch_ports.py
create mode 100644 neutron/tests/functional/cmd/test_destroy_patch_ports.py
diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py
new file mode 100644
index 0000000..d6fb4b3
--- /dev/null
+++ b/neutron/cmd/destroy_patch_ports.py
@@ -0,0 +1,77 @@
+# Copyright 2017 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import sys
+
+from neutron_lib.utils import helpers
+from oslo_config import cfg
+from oslo_log import log as logging
+
+from neutron.agent.common import ovs_lib
+from neutron.common import config as common_config
+from neutron.conf.plugins.ml2.drivers import ovs_conf
+from neutron.plugins.common import utils as p_utils
+from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants
+
+LOG = logging.getLogger(__name__)
+
+
+def get_patch_port_names(bridge_name):
+ int_if_name = p_utils.get_interface_name(
+ bridge_name, prefix=constants.PEER_INTEGRATION_PREFIX)
+ phys_if_name = p_utils.get_interface_name(
+ bridge_name, prefix=constants.PEER_PHYSICAL_PREFIX)
+
+ return int_if_name, phys_if_name
+
+
+class PatchPortCleaner(object):
+ def __init__(self, config):
+ mappings = helpers.parse_mappings(config.OVS.bridge_mappings)
+ self.bridges = [ovs_lib.OVSBridge(bridge)
+ for bridge in mappings.values()]
+ self.int_br = ovs_lib.OVSBridge(config.OVS.integration_bridge)
+
+ def destroy_patch_ports(self):
+ if not self.int_br.bridge_exists(self.int_br.br_name):
+ # integration bridge hasn't been created by agent yet, nothing to
+ # clean
+ return
+ for bridge in self.bridges:
+ try:
+ self._remove_patch_ports_from_int_br(bridge)
+ except Exception as e:
+ LOG.error("Failed to remove patch port from bridge %s: %s",
+ bridge.br_name, e)
+
+ def _remove_patch_ports_from_int_br(self, bridge):
+ int_if_name, phys_if_name = get_patch_port_names(
+ bridge.br_name)
+ int_type = self.int_br.db_get_val(
+ "Interface", int_if_name, "type", log_errors=False)
+ if int_type == 'patch':
+ self.int_br.delete_port(int_if_name)
+ bridge.delete_port(phys_if_name)
+
+
+def main():
+ common_config.init(sys.argv[1:])
+ ovs_conf.register_ovs_agent_opts()
+ port_cleaner = PatchPortCleaner(cfg.CONF)
+ port_cleaner.destroy_patch_ports()
+
+
+if __name__ == "__main__":
+ main()
diff --git a/neutron/tests/functional/cmd/test_destroy_patch_ports.py b/neutron/tests/functional/cmd/test_destroy_patch_ports.py
new file mode 100644
index 0000000..9c92edf
--- /dev/null
+++ b/neutron/tests/functional/cmd/test_destroy_patch_ports.py
@@ -0,0 +1,83 @@
+# Copyright 2017 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from neutron_lib import constants as n_const
+from oslo_config import cfg
+
+from neutron.cmd import destroy_patch_ports
+from neutron.common import utils
+from neutron.conf.plugins.ml2.drivers import ovs_conf
+from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants
+from neutron.tests.common import net_helpers
+from neutron.tests.functional import base
+
+
+class TestDestroyPatchPorts(base.BaseSudoTestCase):
+ def setUp(self):
+ super(TestDestroyPatchPorts, self).setUp()
+ self.int_br = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
+ bridge_mappings = {}
+ self.bridges = []
+ for network in ('foo', 'bar'):
+ bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
+ self._create_patch_ports_to_int_br(bridge)
+ self.bridges.append(bridge)
+ bridge_mappings[network] = bridge.br_name
+ self.config = self._create_config_file(bridge_mappings)
+
+ def _create_config_file(self, bridge_mappings):
+ config = cfg.ConfigOpts()
+ ovs_conf.register_ovs_agent_opts(config)
+ config.set_override('integration_bridge', self.int_br.br_name, "OVS")
+ config.set_override(
+ 'bridge_mappings',
+ ','.join(["%s:%s" % (net, br)
+ for net, br in bridge_mappings.items()]),
+ "OVS")
+
+ return config
+
+ def _create_patch_ports_to_int_br(self, bridge):
+ int_if_name, phys_if_name = destroy_patch_ports.get_patch_port_names(
+ bridge.br_name)
+ self.int_br.add_patch_port(
+ int_if_name, constants.NONEXISTENT_PEER)
+ bridge.add_patch_port(
+ phys_if_name, constants.NONEXISTENT_PEER)
+ self.int_br.set_db_attribute(
+ 'Interface', int_if_name, 'options', {'peer': phys_if_name})
+ bridge.set_db_attribute(
+ 'Interface', phys_if_name, 'options', {'peer': int_if_name})
+
+ def _has_patch_ports(self, bridge):
+ int_if_name, phys_if_name = destroy_patch_ports.get_patch_port_names(
+ bridge.br_name)
+ return (bridge.port_exists(phys_if_name) and
+ self.int_br.port_exists(int_if_name))
+
+ def test_destroy_patch_ports(self):
+ self.assertTrue(all(self._has_patch_ports(bridge)
+ for bridge in self.bridges))
+ cleaner = destroy_patch_ports.PatchPortCleaner(self.config)
+ cleaner.destroy_patch_ports()
+ self.assertFalse(any(self._has_patch_ports(bridge)
+ for bridge in self.bridges))
+
+ def test_destroy_patch_ports_no_int_br(self):
+ name = utils.get_rand_name(
+ max_length=n_const.DEVICE_NAME_MAX_LEN)
+ self.config.set_override('integration_bridge', name, "OVS")
+ cleaner = destroy_patch_ports.PatchPortCleaner(self.config)
+ cleaner.destroy_patch_ports()

81
0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch
View File

@ -1,81 +0,0 @@
From 20e704e066c5b6beed78828e662f8562a6db1e63 Mon Sep 17 00:00:00 2001
From: Jakub Libosvar <libosvar@redhat.com>
Date: Fri, 10 Nov 2017 16:12:10 +0000
Subject: [PATCH] Destroy patch ports only if canary flow is not present
Because of containers management do not have any dependency system,
we need to call destroy-patch-ports command before
neutron-openvswitch-agent process is started in the container. This
patch adds functionality to avoid destroying the patch ports in case
canary flow is present on the integration bridge. This is to avoid cases
where container is stopped and started, which would cause a data plane
disruption due to removing patch ports when it's not necessary. Patch
ports are needed to be removed only in cases where node was ungracefully
taken down.
Change-Id: I5ef0f54741abce40bedd0c958befc9cb39cd21c4
Resolves: rhbz/1511988
---
neutron/cmd/destroy_patch_ports.py | 12 +++++++++---
neutron/tests/functional/cmd/test_destroy_patch_ports.py | 12 +++++++++++-
2 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py
index d6fb4b3..8c3ea98 100644
--- a/neutron/cmd/destroy_patch_ports.py
+++ b/neutron/cmd/destroy_patch_ports.py
@@ -45,9 +45,10 @@ class PatchPortCleaner(object):
self.int_br = ovs_lib.OVSBridge(config.OVS.integration_bridge)
def destroy_patch_ports(self):
- if not self.int_br.bridge_exists(self.int_br.br_name):
- # integration bridge hasn't been created by agent yet, nothing to
- # clean
+ if (not self.int_br.bridge_exists(self.int_br.br_name) or
+ self.flows_configured()):
+ # integration bridge hasn't been created by agent yet or it's been
+ # already configured by the agent
return
for bridge in self.bridges:
try:
@@ -65,6 +66,11 @@ class PatchPortCleaner(object):
self.int_br.delete_port(int_if_name)
bridge.delete_port(phys_if_name)
+ def flows_configured(self):
+ """Return True if the integration bridge has flows already configured.
+ """
+ return bool(self.int_br.dump_flows_for(table=constants.CANARY_TABLE))
+
def main():
common_config.init(sys.argv[1:])
diff --git a/neutron/tests/functional/cmd/test_destroy_patch_ports.py b/neutron/tests/functional/cmd/test_destroy_patch_ports.py
index 9c92edf..b53f1b8 100644
--- a/neutron/tests/functional/cmd/test_destroy_patch_ports.py
+++ b/neutron/tests/functional/cmd/test_destroy_patch_ports.py
@@ -67,9 +67,12 @@ class TestDestroyPatchPorts(base.BaseSudoTestCase):
return (bridge.port_exists(phys_if_name) and
self.int_br.port_exists(int_if_name))
- def test_destroy_patch_ports(self):
+ def _assert_has_all_ports(self):
self.assertTrue(all(self._has_patch_ports(bridge)
for bridge in self.bridges))
+
+ def test_destroy_patch_ports(self):
+ self._assert_has_all_ports()
cleaner = destroy_patch_ports.PatchPortCleaner(self.config)
cleaner.destroy_patch_ports()
self.assertFalse(any(self._has_patch_ports(bridge)
@@ -81,3 +84,10 @@ class TestDestroyPatchPorts(base.BaseSudoTestCase):
self.config.set_override('integration_bridge', name, "OVS")
cleaner = destroy_patch_ports.PatchPortCleaner(self.config)
cleaner.destroy_patch_ports()
+
+ def test_destroy_patch_ports_canary_flow_on_int_br(self):
+ self.int_br.add_flow(table=constants.CANARY_TABLE, actions="drop")
+ self._assert_has_all_ports()
+ cleaner = destroy_patch_ports.PatchPortCleaner(self.config)
+ cleaner.destroy_patch_ports()
+ self._assert_has_all_ports()

36
0003-use-plugin-utils-from-neutron-lib.patch
View File

@ -1,36 +0,0 @@
From 91ebd644ed9811cc822d773914590d5b4659bed4 Mon Sep 17 00:00:00 2001
From: yatin <ykarel@redhat.com>
Date: Tue, 17 Jul 2018 10:17:44 +0530
Subject: [PATCH] use plugin utils from neutron-lib
Upstream switched to neutron_lib usage in
https://review.openstack.org/#/c/565284/.
Change-Id: I88672f7ddd05ab277281772787666206f45e45ca
---
neutron/cmd/destroy_patch_ports.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/neutron/cmd/destroy_patch_ports.py b/neutron/cmd/destroy_patch_ports.py
index 8c3ea98c1..76d9ebff8 100644
--- a/neutron/cmd/destroy_patch_ports.py
+++ b/neutron/cmd/destroy_patch_ports.py
@@ -15,6 +15,7 @@
import sys
+from neutron_lib.plugins import utils as p_utils
from neutron_lib.utils import helpers
from oslo_config import cfg
from oslo_log import log as logging
@@ -22,7 +23,6 @@ from oslo_log import log as logging
from neutron.agent.common import ovs_lib
from neutron.common import config as common_config
from neutron.conf.plugins.ml2.drivers import ovs_conf
-from neutron.plugins.common import utils as p_utils
from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants
LOG = logging.getLogger(__name__)
--
2.17.1

34
0004-Adjust-logging-for-removing-patch-ports.patch
View File

@ -1,34 +0,0 @@
--- a/neutron/cmd/destroy_patch_ports.py
+++ b/neutron/cmd/destroy_patch_ports.py
@@ -39,6 +39,7 @@
class PatchPortCleaner(object):
def __init__(self, config):
+ LOG.debug("Get OVS bridge mappings")
mappings = helpers.parse_mappings(config.OVS.bridge_mappings)
self.bridges = [ovs_lib.OVSBridge(bridge)
for bridge in mappings.values()]
@@ -52,6 +53,7 @@
return
for bridge in self.bridges:
try:
+ LOG.debug("Remove patch port from bridge %s", bridge.br_name)
self._remove_patch_ports_from_int_br(bridge)
except Exception as e:
LOG.error("Failed to remove patch port from bridge %s: %s",
@@ -69,12 +71,15 @@
def flows_configured(self):
"""Return True if the integration bridge has flows already configured.
"""
+ LOG.debug("Get configured flows for integration bridge %s",
+ self.int_br.br_name)
return bool(self.int_br.dump_flows_for(table=constants.CANARY_TABLE))
def main():
common_config.init(sys.argv[1:])
ovs_conf.register_ovs_agent_opts()
+ common_config.setup_logging()
port_cleaner = PatchPortCleaner(cfg.CONF)
port_cleaner.destroy_patch_ports()

BIN
neutron-17.0.0.tar.gz
View File

Binary file not shown.

14
neutron-17.0.0.tar.gz.asc
View File

@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEvCbTqNBmXIf3vt8qwSuOc7MPL8gFAl+G0l4ACgkQwSuOc7MP
L8jEJAwAlTz1nvUXE+8eYzkQbtQoVSohnLCVm7IDaVaSmPwSVROTn922rXnr+lJ3
ZT973r2yeLuWKcwJgHkiCyEetnl6nEu5jpCetEmhefPb8T+czZmPC3Ex5NrMp6Om
jkWi6uPYzLxM1xIpFfpJv2zxIpdvYT2UKIg77wCmS9HRapk+Br7+KOIqmiZCD46s
W4dX3BGL9pyghykBf8zd4zsZx+yQzyo+DsnF9KzbyE3m+iFySdmUcg0sfDOcft/4
+gutZPPoyHlQLCzlsQ6WnkEKyyaJUFOLv1+zQ5ZWKWkv1K8buSnswXImXgS78Fs7
KT6Z16fQ1IrJKTtGLenr2qvSx7Kg2DPa/x+DX8aiBzJekaO1SR/FOPURylp3g+JH
x0ckdF1lafH6gIe1cI4NQWV7r51wLnhWUGEofRuUuycpnLZlxaLXjQKsDrJHpIYX
WFIKvIKwZ/2vGnJGZweDWAyHVx3phb69ag3OK2Tm18uqY9rSPVKJNWdblR0Vuk9X
BPw3NY/Z
=LJ57
-----END PGP SIGNATURE-----

BIN
openstack-neutron-17.0.0-1.el8.src.rpm → neutron-18.1.0.tar.gz
View File

Binary file not shown.

239
openstack-neutron.spec
View File

@ -7,14 +7,25 @@ for pid in $(ps -f --ppid 1 | awk '/.*neutron-rootwrap-daemon/ { print $2 }'); d
done \
%nil
Name: openstack-neutron
Version: 17.0.0
%global common_desc \
Neutron is a virtual network service for Openstack. Just like \
OpenStack Nova provides an API to dynamically request and configure \
virtual servers, Neutron provides an API to dynamically request and \
configure virtual networks. These networks connect "interfaces" from \
other OpenStack services (e.g., virtual NICs from Nova VMs). The \
Neutron API supports extensions to provide advanced network \
capabilities (e.g., QoS, ACLs, network monitoring, etc.)
Name: openstack-%{service}
Version: 18.1.0
Release: 1
Epoch: 1
Summary: OpenStack Networking Service
License: Apache-2.0
URL: http://launchpad.net/neutron/
Source0: https://tarballs.openstack.org/neutron/neutron-%{upstream_version}.tar.gz
License: ASL 2.0
URL: http://launchpad.net/%{service}/
Source0: https://tarballs.openstack.org/%{service}/%{service}-%{upstream_version}.tar.gz
Source1: %{service}.logrotate
Source2: %{service}-sudoers
Source10: neutron-server.service
@ -35,18 +46,17 @@ Source31: conf.README
Source32: neutron-linuxbridge-cleanup.service
Source33: neutron-enable-bridge-firewall.sh
Source34: neutron-l2-agent-sysctl.conf
# We use the legacy service to load modules because it allows to gracefully
# ignore a missing kernel module (f.e. br_netfilter on earlier kernels). It's
# essentially because .modules files are shell scripts.
Source35: neutron-l2-agent.modules
Source36: neutron-destroy-patch-ports.service
Source37: neutron-ovn-metadata-agent.service
Patch0001: 0001-Create-executable-for-removing-patch-ports.patch
Patch0002: 0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch
Patch0003: 0003-use-plugin-utils-from-neutron-lib.patch
Patch0004: 0004-Adjust-logging-for-removing-patch-ports.patch
# Required for tarball sources verification
BuildArch: noarch
BuildRequires: git
BuildRequires: git-core
BuildRequires: openstack-macros
BuildRequires: python3-devel
BuildRequires: python3-babel
@ -54,7 +64,6 @@ BuildRequires: python3-keystoneauth1 >= 3.14.0
BuildRequires: python3-keystonemiddleware
BuildRequires: python3-neutron-lib
BuildRequires: python3-novaclient
BuildRequires: python3-os-xenapi
BuildRequires: python3-oslo-cache
BuildRequires: python3-oslo-concurrency
BuildRequires: python3-oslo-config
@ -76,26 +85,53 @@ BuildRequires: python3-pecan >= 1.3.2
BuildRequires: python3-tenacity >= 4.4.0
BuildRequires: python3-os-vif
BuildRequires: systemd
BuildRequires: python3-pip
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
# dnsmasq is not a hard requirement, but is currently the only option
# when neutron-dhcp-agent is deployed.
Requires: dnsmasq >= 2.76
Requires: dnsmasq-utils >= 2.76
# radvd is not a hard requirement, but is currently the only option
# for IPv6 deployments.
Requires: radvd
# dibbler is not a hard requirement, but is currently the default option
# for IPv6 prefix delegation.
Requires: dibbler-client
# conntrack is not a hard requirement, but is currently used by L3 agent
# to immediately drop connections after a floating IP is disassociated
Requires: conntrack-tools
# keepalived is not a hard requirement, but is currently used by DVR L3
# agent
Requires: keepalived
# haproxy implements metadata proxy process
Requires: haproxy >= 1.5.0
# Those are not hard requirements, ipset is used by ipset-cleanup in the subpackage,
# iptables is used by the l3-agent which currently is not in a separate package,
# iputils provides tools like arping which are used by l3-agent and iproute-tc
# (or iproute in case of CentOS 7 and RHEL 7), provides tc binary which is
# used by e.g. l3-agent and openvswitch-agent when QoS extension is enabled
# in agent's config.
Requires: ipset
Requires: iptables
Requires: iputils
Requires: iproute-tc
%{?systemd_ordering}
%description
OpenStack Networking (Neutron)
%{common_desc}
%package -n python3-%{service}
Summary: Neutron Python libraries
@ -103,69 +139,72 @@ Summary: Neutron Python libraries
Requires: python3-alembic >= 0.9.6
Requires: python3-debtcollector >= 1.19.0
Requires: python3-designateclient >= 2.7.0
Requires: python3-eventlet >= 0.21.0
Requires: python3-eventlet >= 0.22.1
Requires: python3-greenlet >= 0.4.10
Requires: python3-futurist >= 1.10.0
Requires: python3-futurist >= 1.2.0
Requires: python3-jinja2 >= 2.10
Requires: python3-keystoneauth1 >= 3.14.0
Requires: python3-keystonemiddleware >= 4.17.0
Requires: python3-keystonemiddleware >= 5.1.0
Requires: python3-netaddr >= 0.7.18
Requires: python3-neutronclient >= 6.7.0
Requires: python3-neutron-lib >= 2.6.0
Requires: python3-neutron-lib >= 2.9.0
Requires: python3-novaclient >= 9.1.0
Requires: python3-os-vif >= 1.15.1
Requires: python3-os-xenapi >= 0.3.1
Requires: python3-oslo-cache >= 1.26.0
Requires: python3-oslo-concurrency >= 3.26.0
Requires: python3-oslo-config
Requires: python3-oslo-context >= 2.20.0
Requires: python3-oslo-config >= 8.0.0
Requires: python3-oslo-context >= 2.22.0
Requires: python3-oslo-db >= 4.44.0
Requires: python3-oslo-i18n >= 3.20.0
Requires: python3-oslo-log >= 4.2.1
Requires: python3-oslo-log >= 4.3.0
Requires: python3-oslo-messaging >= 7.0.0
Requires: python3-oslo-middleware >= 3.31.0
Requires: python3-oslo-policy >= 1.30.0
Requires: python3-oslo-policy >= 3.6.2
Requires: python3-oslo-privsep >= 2.3.0
Requires: python3-oslo-reports >= 1.18.0
Requires: python3-oslo-rootwrap >= 5.8.0
Requires: python3-oslo-serialization >= 2.25.0
Requires: python3-oslo-service >= 1.24.0
Requires: python3-oslo-upgradecheck >= 0.1.0
Requires: python3-oslo-utils >= 4.4.0
Requires: python3-oslo-service >= 1.31.0
Requires: python3-oslo-upgradecheck >= 1.3.0
Requires: python3-oslo-utils >= 4.5.0
Requires: python3-oslo-versionedobjects >= 1.35.1
Requires: python3-osprofiler >= 2.3.0
Requires: python3-ovsdbapp
Requires: python3-ovsdbapp >= 1.7.0
Requires: python3-pecan >= 1.3.2
Requires: python3-pbr >= 4.0.0
Requires: python3-psutil >= 3.2.2
Requires: python3-psutil >= 5.3.0
Requires: python3-pyroute2 >= 0.5.13
Requires: python3-requests >= 2.14.2
Requires: python3-requests >= 2.18.0
Requires: python3-tenacity >= 6.0.0
Requires: python3-routes >= 2.3.1
Requires: python3-os-ken >= 0.3.1
Requires: python3-os-ken >= 0.3.0
Requires: python3-sqlalchemy >= 1.2.0
Requires: python3-stevedore >= 1.20.0
Requires: python3-tooz >= 1.58.0
Requires: python3-webob >= 1.8.2
Requires: python3-openstacksdk >= 0.31.2
Requires: python3-pyOpenSSL >= 17.1.0
Requires: python3-packaging >= 20.4
Requires: python3-httplib2 >= 0.9.1
Requires: python3-netifaces >= 0.10.4
Requires: python3-paste
Requires: python3-paste >= 2.0.2
Requires: python3-paste-deploy >= 1.5.0
Requires: python3-decorator >= 3.4.0
Provides: python3-networking-ovn = %{epoch}:%{version}-%{release}
Provides: python3-networking-ovn = %{version}-%{release}
%description -n python3-%{service}
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron Python library.
%package -n python3-%{service}-tests
Summary: Neutron tests
%{?python_provide:%python_provide python3-%{service}-tests}
Requires: python3-%{service} = %{epoch}:%{version}-%{release}
Requires: python3-%{service} = %{version}-%{release}
Requires: python3-ddt >= 1.0.1
Requires: python3-fixtures >= 3.0.0
Requires: python3-mock >= 2.0
@ -178,24 +217,34 @@ Requires: python3-oslotest >= 1.10.0
Requires: python3-os-testr >= 0.7.0
Requires: python3-PyMySQL >= 0.6.2
Requires: python3-tempest >= 12.1.0
Requires: python3-webtest >= 2.0
# pstree is used during functional testing to ensure our internal
# libraries managing processes work correctly.
Requires: psmisc
# nfs-utils is needed because it creates user with uid 65534 which
# is required by neutron functional tests.
Requires: nfs-utils
%description -n python3-%{service}-tests
OpenStack Networking (Neutron)
%{common_desc}
This package contains Neutron test files.
%package common
Summary: Neutron common files
Requires(pre): shadow-utils
Requires: python3-%{service} = %{epoch}:%{version}-%{release}
Requires: python3-%{service} = %{version}-%{release}
Requires: sudo
%description common
OpenStack Networking (Neutron)
%{common_desc}
This package contains Neutron common files.
@ -205,33 +254,44 @@ Requires: ebtables
Requires: ipset
Requires: iproute
Requires: iptables
# kmod is needed to get access to /usr/sbin/modprobe needed by
# neutron-enable-bridge-firewall.sh triggered by the service unit file
Requires: kmod
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
%description linuxbridge
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron agent that implements virtual
networks using VLAN or VXLAN using Linuxbridge technology.
%package macvtap-agent
Summary: Neutron macvtap agent
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
%description macvtap-agent
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron agent that implements
macvtap attachments for libvirt qemu/kvm instances.
%package ml2
Summary: Neutron ML2 plugin
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
# needed for brocade and cisco drivers
#(TODO) ncclient is not in reuirement projects so it should be requirement in neutron
# plugin packages, not in main neutron. Remove this lines completely if everythin keeps
# working.
#Requires: python3-ncclient
%description ml2
OpenStack Networking (Neutron)
%{common_desc}
This package contains a Neutron plugin that allows the use of drivers
to support separately extensible sets of network types and the mechanisms
for accessing those types.
@ -239,16 +299,21 @@ for accessing those types.
%package openvswitch
Summary: Neutron openvswitch plugin
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
# We require openvswitch when using vsctl to access ovsdb;
# but if we use native access, then we just need python bindings.
# since we don't know what users actually use, we depend on both.
Requires: ipset
Requires: iptables
Requires: openvswitch
Requires: python3-openvswitch >= 2.8.0
Requires: python3-openvswitch >= 2.10.0
# kmod is needed to get access to /usr/sbin/modprobe needed by
# neutron-enable-bridge-firewall.sh triggered by the service unit file
Requires: kmod
%description openvswitch
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron plugin that implements virtual
networks using Open vSwitch.
@ -257,33 +322,36 @@ networks using Open vSwitch.
%package metering-agent
Summary: Neutron bandwidth metering agent
Requires: iptables
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
%description metering-agent
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron agent responsible for generating bandwidth
utilization notifications.
%package rpc-server
Summary: Neutron (RPC only) Server
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
%description rpc-server
OpenStack Networking (Neutron)
%{common_desc}
This package contains an alternative Neutron server that handles AMQP RPC
workload only.
%package sriov-nic-agent
Summary: Neutron SR-IOV NIC agent
Requires: openstack-%{service}-common = %{epoch}:%{version}-%{release}
Requires: openstack-%{service}-common = %{version}-%{release}
%description sriov-nic-agent
OpenStack Networking (Neutron)
%{common_desc}
This package contains the Neutron agent to support advanced features of
SR-IOV network cards.
@ -291,9 +359,9 @@ SR-IOV network cards.
%package ovn-metadata-agent
Summary: OVN metadata agent
BuildRequires: systemd
Requires: python3-%{service} = %{epoch}:%{version}-%{release}
Requires: openvswitch >= 2.8.0
Provides: python3-networking-ovn-metadata-agent = %{epoch}:%{version}-%{release}
Requires: python3-%{service} = %{version}-%{release}
Requires: openvswitch >= 2.10.0
Provides: python3-networking-ovn-metadata-agent = %{version}-%{release}
%{?systemd_requires}
%description ovn-metadata-agent
@ -305,8 +373,8 @@ can retrieve metadata from OpenStack Nova.
%package ovn-migration-tool
Summary: networking-ovn ML2/OVS to OVN migration tool
Requires: python3-%{service} = %{epoch}:%{version}-%{release}
Provides: python3-networking-ovn-migration-tool = %{epoch}:%{version}-%{release}
Requires: python3-%{service} = %{version}-%{release}
Provides: python3-networking-ovn-migration-tool = %{version}-%{release}
%description ovn-migration-tool
@ -315,21 +383,26 @@ OpenStack to OVN based backend.
%prep
%autosetup -n %{service}-%{upstream_version} -S git
%autosetup -n %{service}-%{upstream_version} -S git
sed -i 's/\/usr\/bin\/python/\/usr\/bin\/python3/' %{SOURCE36}
find %{service} -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} +
# Let's handle dependencies ourseleves
%py_req_cleanup
# Kill egg-info in order to generate new SOURCES.txt
rm -rf neutron.egg-info
%build
export SKIP_PIP_INSTALL=1
%{py3_build}
# Generate i18n files
# (amoralej) we can remove '-D neutron' once https://review.openstack.org/#/c/485070/ is merged
%{__python3} setup.py compile_catalog -d build/lib/%{service}/locale -D neutron
# Generate configuration files
PYTHONPATH=.
for file in `ls etc/oslo-config-generator/*`; do
oslo-config-generator --config-file=$file
@ -342,6 +415,13 @@ do
mv ${filename} ${filedir}/${file}
done
# Loop through values in neutron-dist.conf and make sure that the values
# are substituted into the neutron.conf as comments. Some of these values
# will have been uncommented as a way of upstream setting defaults outside
# of the code. For notification_driver, there are commented examples
# above uncommented settings, so this specifically skips those comments
# and instead comments out the actual settings and substitutes the
# correct default values.
while read name eq value; do
test "$name" && test "$value" || continue
if [ "$name" = "notification_driver" ]; then
@ -354,17 +434,21 @@ done < %{SOURCE30}
%install
%{py3_install}
# Remove unused files
rm -rf %{buildroot}%{python3_sitelib}/bin
rm -rf %{buildroot}%{python3_sitelib}/doc
rm -rf %{buildroot}%{python3_sitelib}/tools
# Move rootwrap files to proper location
install -d -m 755 %{buildroot}%{_datarootdir}/%{service}/rootwrap
mv %{buildroot}/usr/etc/%{service}/rootwrap.d/*.filters %{buildroot}%{_datarootdir}/%{service}/rootwrap
# Move config files to proper location
install -d -m 755 %{buildroot}%{_sysconfdir}/%{service}
mv %{buildroot}/usr/etc/%{service}/* %{buildroot}%{_sysconfdir}/%{service}
mv %{buildroot}%{_sysconfdir}/%{service}/api-paste.ini %{buildroot}%{_datadir}/%{service}/api-paste.ini
# The generated config files are not moved automatically by setup.py
install -d -m 755 %{buildroot}%{_sysconfdir}/%{service}/plugins/ml2
mv etc/%{service}.conf %{buildroot}%{_sysconfdir}/%{service}/%{service}.conf
@ -378,17 +462,24 @@ do
mv etc/%{service}/plugins/ml2/${file}.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/ml2/${file}.ini
done
# (TODO) Backwards compatibility for networking-ovn-metadata-agent.ini
install -d -m 755 %{buildroot}%{_sysconfdir}/neutron/plugins/networking-ovn
ln -s /etc/neutron/neutron_ovn_metadata_agent.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/networking-ovn/networking-ovn-metadata-agent.ini
# (TODO) Backwards compatibility for ovn.ini
ln -s /etc/neutron/ovn.ini %{buildroot}%{_sysconfdir}/%{service}/plugins/networking-ovn/networking-ovn.ini
# (TODO) Backwards compatibility for networking-ovn-metadata-agent executable
ln -s %{_bindir}/neutron-ovn-metadata-agent %{buildroot}%{_bindir}/networking-ovn-metadata-agent
# Install logrotate
install -p -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/openstack-%{service}
# Install sudoers
install -p -D -m 440 %{SOURCE2} %{buildroot}%{_sysconfdir}/sudoers.d/%{service}
# Install systemd units
install -p -D -m 644 %{SOURCE10} %{buildroot}%{_unitdir}/neutron-server.service
install -p -D -m 644 %{SOURCE11} %{buildroot}%{_unitdir}/neutron-linuxbridge-agent.service
install -p -D -m 644 %{SOURCE12} %{buildroot}%{_unitdir}/neutron-openvswitch-agent.service
@ -405,31 +496,42 @@ install -p -D -m 644 %{SOURCE32} %{buildroot}%{_unitdir}/neutron-linuxbridge-cle
install -p -D -m 644 %{SOURCE36} %{buildroot}%{_unitdir}/neutron-destroy-patch-ports.service
install -p -D -m 644 %{SOURCE37} %{buildroot}%{_unitdir}/neutron-ovn-metadata-agent.service
# (TODO) - Backwards compatibility for systemd unit networking-ovn-metadata-agent
ln -s %{_unitdir}/neutron-ovn-metadata-agent.service %{buildroot}%{_unitdir}/networking-ovn-metadata-agent.service
# Install helper scripts
install -p -D -m 755 %{SOURCE33} %{buildroot}%{_bindir}/neutron-enable-bridge-firewall.sh
# Install sysctl and modprobe config files to enable bridge firewalling
# NOTE(ihrachys) we effectively duplicate same settings for each affected l2
# agent. This can be revisited later.
install -p -D -m 644 %{SOURCE34} %{buildroot}%{_sysctldir}/99-neutron-openvswitch-agent.conf
install -p -D -m 644 %{SOURCE34} %{buildroot}%{_sysctldir}/99-neutron-linuxbridge-agent.conf
install -p -D -m 755 %{SOURCE35} %{buildroot}%{_sysconfdir}/sysconfig/modules/neutron-openvswitch-agent.modules
install -p -D -m 755 %{SOURCE35} %{buildroot}%{_sysconfdir}/sysconfig/modules/neutron-linuxbridge-agent.modules
# Install README file that describes how to configure services with custom configuration files
install -p -D -m 755 %{SOURCE31} %{buildroot}%{_sysconfdir}/%{service}/conf.d/README
# Setup directories
install -d -m 755 %{buildroot}%{_datadir}/%{service}
install -d -m 755 %{buildroot}%{_sharedstatedir}/%{service}
install -d -m 755 %{buildroot}%{_localstatedir}/log/%{service}
install -d -m 755 %{buildroot}%{_localstatedir}/run/%{service}
install -d -m 755 %{buildroot}%{_sysconfdir}/%{service}/kill_scripts
# Install dist conf
install -p -D -m 640 %{SOURCE30} %{buildroot}%{_datadir}/%{service}/%{service}-dist.conf
# Create and populate configuration directory for L3 agent that is not accessible for user modification
mkdir -p %{buildroot}%{_datadir}/%{service}/l3_agent
ln -s %{_sysconfdir}/%{service}/l3_agent.ini %{buildroot}%{_datadir}/%{service}/l3_agent/l3_agent.conf
# Create dist configuration directory for neutron-server (may be filled by advanced services)
mkdir -p %{buildroot}%{_datadir}/%{service}/server
# Create configuration directories for all services that can be populated by users with custom *.conf files
mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/common
for service in server rpc-server ovs-cleanup netns-cleanup linuxbridge-cleanup macvtap-agent; do
mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/%{service}-$service
@ -438,11 +540,13 @@ for service in linuxbridge openvswitch dhcp l3 metadata metering sriov-nic ovn-m
mkdir -p %{buildroot}/%{_sysconfdir}/%{service}/conf.d/%{service}-$service-agent
done
# Install i18n .mo files (.po and .pot are not required)
install -d -m 755 %{buildroot}%{_datadir}
rm -f %{buildroot}%{python3_sitelib}/%{service}/locale/*/LC_*/%{service}*po
rm -f %{buildroot}%{python3_sitelib}/%{service}/locale/*pot
mv %{buildroot}%{python3_sitelib}/%{service}/locale %{buildroot}%{_datadir}/locale
# Find language files
%find_lang %{service} --all-name
%pre common
@ -511,13 +615,20 @@ exit 0
%systemd_post neutron-destroy-patch-ports.service
if [ $1 -ge 2 ]; then
# We're upgrading
# Detect if the neutron-openvswitch-agent is running
ovs_agent_running=0
systemctl status neutron-openvswitch-agent > /dev/null 2>&1 && ovs_agent_running=1 || :
# If agent is running, stop it
[ $ovs_agent_running -eq 1 ] && systemctl stop neutron-openvswitch-agent > /dev/null 2>&1 || :
# Search all orphaned neutron-rootwrap-daemon processes and since all are triggered by sudo,
# get the actual rootwrap-daemon process.
%cleanup_orphan_rootwrap_daemons
# If agent was running, start it back with new code
[ $ovs_agent_running -eq 1 ] && systemctl start neutron-openvswitch-agent > /dev/null 2>&1 || :
fi
@ -624,6 +735,8 @@ fi
%files common -f %{service}.lang
%license LICENSE
%doc README.rst
# though this script is not exactly needed on all nodes but for ovs and
# linuxbridge agents only, it's probably good enough to put it here
%{_bindir}/neutron-enable-bridge-firewall.sh
%{_bindir}/neutron-rootwrap
%{_bindir}/neutron-rootwrap-daemon
@ -646,9 +759,7 @@ fi
%{_datarootdir}/%{service}/rootwrap/debug.filters
%{_datarootdir}/%{service}/rootwrap/dhcp.filters
%{_datarootdir}/%{service}/rootwrap/dibbler.filters
%{_datarootdir}/%{service}/rootwrap/ebtables.filters
%{_datarootdir}/%{service}/rootwrap/ipset-firewall.filters
%{_datarootdir}/%{service}/rootwrap/iptables-firewall.filters
%{_datarootdir}/%{service}/rootwrap/l3.filters
%{_datarootdir}/%{service}/rootwrap/privsep.filters
@ -737,5 +848,9 @@ fi
%{_datadir}/ansible/neutron-ovn-migration/
%changelog
* Fri Jul 23 2021 liksh <liks11@chinaunicom.cn> 1:18.1.0-1
- Update to 18.1.0
* Fri Jan 15 2021 joec88 <joseph.chn1988@gmail.com> 1:17.0.0-1
- openEuler build release