Synchronise master with upstream#285
Merged
Merged
Conversation
Make sure that the consistent program name is always set,so that
the same config sub-directory ( /etc/{project}/{prog}.conf.d ) is used
after migration to WSGI server + entry point.
Closes-Bug: #2098514
Change-Id: I71361ebbc5c76bd92e0b181704f22cf2f4df5241
Signed-off-by: Takashi Kajinami <kajinamit@oss.nttdata.com>
Binding levels form a FILO (first-in, last-out) stack: level 0 is the outermost level (closest to the network fabric, bound first) and level N is the innermost level (closest to the compute host, bound last). Teardown must therefore proceed from innermost to outermost so that each layer is removed before the one beneath it is torn down. Previously _call_on_drivers iterated self.ordered_mech_drivers in the same forward order for both binding and deletion, meaning the outermost driver was notified of the delete before the innermost driver had a chance to clean up. Add a reverse= parameter to _call_on_drivers and pass reverse=True from delete_port_precommit and delete_port_postcommit so that all mechanism drivers are still notified (preserving the existing notification contract) but in the correct teardown order. Document the FILO stack semantics on PortBindingLevel, the top/bottom segment properties in PortContext, and add unit tests to lock in the reversed call order for delete operations. Closes-Bug: 2153163 Assisted-by: Claude Sonnet 4.6 Change-Id: Ifc67b1963931a9bd721a91e82ae0c7ab0babc8de Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Now that we do not allow VLAN networks, it leaves us with a single flat network for now. The vlan network can be replaced in the future with evpn-vxlan so the admin can have a provider network using the spine-n-leaf fabric. Assisted-By: Claude Opus 4.6 Change-Id: Ib360dec982aff53e9e6abdab197de354899274d8 Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
Verify the port-forwarding floating IP id matches the child floating IP id so we satisfy the policy requirements for GET and PUT operations. Closes-bug: #2150121 Change-Id: Ie68e57da6222965e79d015a5568190d8bc29b9e8 Signed-off-by: Brian Haley <haleyb.dev@gmail.com> Assisted-by: Claude Sonnet 4.6
The _is_vlan_project_network method in DNSExtensionDriverML2 was only checking the static network_vlan_ranges configuration from ml2_conf.ini, ignoring the dynamic ranges provided by the network-segment-range service plugin. This caused a KeyError when creating subnets or VMs on VLAN networks with segment ranges managed via the API. This fix updates the method to use VlanTypeDriver.get_network_segment_ranges(), which properly handles both static configuration and DB-based dynamic ranges when the network-segment-range plugin is enabled. Closes-Bug: #2140291 Signed-off-by: Kyuyeong Lee <kyu0.lee@samsung.com> Change-Id: I8f3a2b1c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a
This reverts commit 9e1457f. Reason for revert: https://bugs.launchpad.net/neutron/+bug/2154192 Closes-bug: #2154192 Change-Id: If58542e5367da4a8a3001361b4752ee7b319074f Signed-off-by: Eduardo Olivares <eolivare@redhat.com>
The ``OVNL3RouterPlugin`` registers OVN OVSDB monitor events during ``_post_fork_initialize``. That callback is also invoked from neutron-periodic-workers and other non-API processes, where the OVN IDL connections are not initialized. Checking OVN readiness before filtering by worker type raised ``MechanismDriverOVNNotReady`` and blocked worker startup. Return early when the trigger is not a Neutron API ``WorkerService``, and only then validate OVN readiness and register monitor events. Related-Bug: #2154192 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I9e43fdb06ce7868e5fa699657d8da9a4aa4d02fb
Introduce ``log_worker_lifecycle`` in ``neutron.common.utils`` to log when worker start, wait, stop, and reset methods are called and finished. Apply it to ``PeriodicWorker``, ``RpcWorker``, ``AllServicesNeutronWorker`` and ``BGPWorker``, so operators can trace child process behavior at DEBUG level. Related-Bug: #2154192 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: Iaac0993da9ecf0d1b587bb8c01e3683a0994b7c2
Introduce Private VLAN (PVLAN) support as a Neutron service plugin. This adds the ability to configure PVLAN semantics (promiscuous, isolated, community) on ports belonging to PVLAN-enabled networks. The implementation includes: 1. DB models and alembic migration for networkpvlan and portpvlan tables 2. Service plugin with callback-based hooks on network/port PRECOMMIT_CREATE and PRECOMMIT_UPDATE events, with proper error handling. 3. API extension exposing pvlan, pvlan_type and pvlan_community attributes on networks and ports. 4. OVN driver skeleton for backend integration. Ports on PVLAN-enabled networks default to promiscuous type. Ports on non-PVLAN networks have no pvlan_type set (None). Ports that are not community type cannot have a community name, and ports that are community type must have a community name. Unit and functional tests have been created with the assistance of claude-4.6-opus-high. OVN Driver logic development pending, will be sent on a separate patch for better reviewing. Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/975931 Blueprint: https://specs.openstack.org/openstack/neutron-specs/specs/2026.1/pvlan-semantics-for-provider-networks.html Related-Bug: #2138746 Change-Id: I86845cb30313cd143493acd54254fe496d2db380 Signed-off-by: Elvira Garcia <egarciar@redhat.com>
Document the OVN BGP service plugin and agent extension, including why VLAN provider networks are rejected in favor of flat networks on routed spine-and-leaf fabrics. Assisted-By: Claude Opus 4.6 Change-Id: If98163e69bc24451db8bd5d154ec866ccccb8a8e Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
Several default port policies that require network ownership incorrectly included PROJECT_MANAGER. That rule checks the port project_id, not network ownership, so any project manager could perform those actions on shared/RBAC networks where they do not own the network. Remove PROJECT_MANAGER from the affected create/update port policies and rely on NET_OWNER_MEMBER or ADMIN_OR_NET_OWNER_MEMBER instead. Project managers who own the network remain authorized through the default Keystone role implication chain (manager implies member). Closes-Bug: #2152115 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I4e258d28cdf72adcc13fc9d03749256c65881c45
Clarify that Scope Types refers to the required Keystone token scope, not resource ownership, and list the default Neutron policy roles. Closes-Bug: #2152226 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I83fed364c4a070ce9786faf6f7aff1756db47179
The neutron-periodic-workers service should run ML2 plugin periodic workers (inheriting from ``NeutronBaseWorker``). There are some of them that can be wrapped inside a ``AllServicesNeutronWorker`` in order to reduce memory use. All the workers with ``worker_process_count=0`` will be spawned in a single process, all together. This patch introduces ``_prepare_periodic_workers()`` to classify the plugin workers before starting them: - Skip ``MaintenanceWorker`` and ``AllServicesNeutronWorker`` entirely. - Wrap other workers with ``worker_process_count=0`` in a single ``AllServicesNeutronWorker``. - Start workers with worker_process_count>0 in their own processes. This patch is also updating the ``BGPWorker.worker_process_count=1``, in order to execute it in an isolated process. Closes-Bug: #2154192 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: Ia9d319fbbf8047e756da555db3f52a3f9a704392
This reverts commit 9bc3699. Reason for revert: neutron-lib 4.0.0 is released. This patch is manually bumping the required version in Neutron and reverting the testing workaround. Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I833f72a7938b38d21a2d00fe0d50d968719122dd
The ``_is_tunnel_project_network`` method in ``DNSExtensionDriverML2`` was only checking the static tunnel ranges from ml2_conf.ini, ignoring the dynamic ranges provided by the ``network-segment-range service`` plugin. When segment ranges are managed via the API, external DNS eligibility for tenant tunnel networks could be wrong. Update the method to use the ML2 tunnel type driver's ``get_network_segment_ranges()``, which handles both static configuration and DB-based ranges when the network-segment-range plugin is enabled. Closes-Bug: #2154266 Related-Bug: #2140291 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I5d96efa626d18b7589cf2563fdac3a8d399a69a8
The patch adds constants for OVN options, OVN resource naming and for the agent interfaces namings. Related-Bug: #2144617 Change-Id: I953db159b9c179adc4b070eec3b0cf0b6a61e6e9 Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
Fix broken rendering caused by RST syntax issues: - admin/ovn/features.rst: extra colon in :doc:: directive - admin/config-wsgi.rst: misplaced underscore in hyperlink - eventlet_deprecation/index.rst: invalid ":: code" block syntax - install/ovs-ovn-requirements.rst: typo "openswitch" -> "openvswitch" Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I664972e9a6f94ea261f4e70cb36b2b461e47c395
The LRP that connects per-chasssis router to the main BGP router should never learn routes because all the learned routes need to come from the fabric. Closes-Bug: #2154459 Change-Id: I7cadbdb738bf95374661798047b25bd9ef1fe640 Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
``_get_router_gw_ports()`` already returns full port dicts via ``get_ports()``. The subsequent per-port ``get_port(gw_port['id'])`` call was re-fetching the same data from SQL, adding one unnecessary DB round-trip per gateway port. Use the gw_port object returned by ``_get_router_gw_ports()`` directly, passing it to ``_create_lrouter_port()`` and returning it in ``added_ports``. Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: Ife117206d59d4db7e9d7f099442db155b6a3de0f
Fix typos: - config-wsgi.rst: "number fo" -> "number of" - eventlet_deprecation/index.rst: "mult process" -> "multiprocess", "multiprocess process" -> "multiprocess", "taks" -> "tasks" - contributor/testing/fullstack.rst: "distibution" -> "distribution" Update outdated URLs to use HTTPS and current domains: - Replace review.openstack.org with review.opendev.org - Replace developer.openstack.org with docs.openstack.org - Replace http://opendev.org with https://opendev.org - Replace http://specs.openstack.org with https://specs.openstack.org - Replace http://lists.openstack.org with https://lists.openstack.org - Replace http://www.openvswitch.org with https://www.openvswitch.org Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I7b98fc707e715a4b1cab896b8bc6c3b32b1b8a61
The DHCP section incorrectly stated that the native OVN implementation "does not yet support DNS features". This has been wrong since OVN 2.8 introduced its built-in DNS table, which is already documented in the DNS section of the same file and actively used by the ML2/OVN driver (dns_records sync, port DNS management in ovn_client.py). Replace the stale caveat with a pointer to the DNS section. Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: Iaaa12807a2a533007a6871ad2831033adf667d18
Neutron emits oslo.messaging notifications for API CRUD operations and several special events, but only configuration guidance existed in the old archived admin guide. Add an operator guide and a reference catalog describing event types, payload formats, and configuration options. Closes-Bug: #2026286 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: I96d174fe3fd8e126329e60b8887b688c5440f53d
Document the API, RPC, periodic, and OVN maintenance processes that run on controller nodes, including their executables, roles, and configuration options. Closes-Bug: #2119962 Assisted-By: Claude Composer 2.5 Signed-off-by: Rodolfo Alonso Hernandez <ralonsoh@redhat.com> Change-Id: Ia18d7d3067951e6e826ae415e542d623fcb6c9c3
github-actions
Bot
added
automated
mnasiadka
approved these changes
Jun 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains a snapshot of master from upstream master.