Merge pull request #86 from stackhpc/upstream/2023.1-2023-11-15

Synchronise 2023.1 with upstream

Author: markgoddard

neutron/agent/linux/dhcp.py

@@ -1209,6 +1209,14 @@ def _output_opts_file(self):
         file_utils.replace_file(name, '\n'.join(options))
         return name
 
+    def _get_ovn_metadata_port_ip(self, subnet):
+        m_ports = [port for port in self.network.ports if
+                   self._is_ovn_metadata_port(port, self.network.id)]
+        if m_ports:
+            for fixed_ip in m_ports[0].fixed_ips:
+                if fixed_ip.subnet_id == subnet.id:
+                    return fixed_ip.ip_address
+
     def _generate_opts_per_subnet(self):
         options = []
         subnets_without_nameservers = set()
@@ -1262,23 +1270,33 @@ def _generate_opts_per_subnet(self):
                 else:
                     host_routes.append("%s,%s" % (hr.destination, hr.nexthop))
 
-            # Add host routes for isolated network segments
-
-            if ((self.conf.force_metadata or
-                 (isolated_subnets[subnet.id] and
-                  self.conf.enable_isolated_metadata)) and
-                    subnet.ip_version == 4):
-                subnet_dhcp_ip = subnet_to_interface_ip.get(subnet.id)
-                if subnet_dhcp_ip:
+            # Determine metadata port route
+            if subnet.ip_version == constants.IP_VERSION_4:
+                metadata_route_ip = None
+                # NOTE: OVN metadata port IP is used in a case when the DHCP
+                # agent is deployed in the ML2/OVN enviroment where the native
+                # ovn-controller dhcp is disabled. The ovn metadata route
+                # takes precedence over native force_metadata and
+                # enable_isolated_metadata routes settings.
+                ovn_metadata_port_ip = self._get_ovn_metadata_port_ip(subnet)
+                if ovn_metadata_port_ip:
+                    metadata_route_ip = ovn_metadata_port_ip
+
+                elif (self.conf.force_metadata or
+                      (isolated_subnets[subnet.id] and
+                       self.conf.enable_isolated_metadata)):
+                    subnet_dhcp_ip = subnet_to_interface_ip.get(subnet.id)
+                    if subnet_dhcp_ip:
+                        metadata_route_ip = subnet_dhcp_ip
+
+                if not isolated_subnets[subnet.id] and gateway:
+                    metadata_route_ip = gateway
+
+                if metadata_route_ip:
                     host_routes.append(
-                        '%s,%s' % (constants.METADATA_CIDR, subnet_dhcp_ip)
+                        '%s,%s' % (constants.METADATA_CIDR, metadata_route_ip)
                     )
-            elif not isolated_subnets[subnet.id] and gateway:
-                host_routes.append(
-                    '%s,%s' % (constants.METADATA_CIDR, gateway)
-                )
 
-            if subnet.ip_version == 4:
                 for s in self._get_all_subnets(self.network):
                     sub_segment_id = getattr(s, 'segment_id', None)
                     if (s.ip_version == 4 and
@@ -1443,13 +1461,21 @@ def has_metadata_subnet(subnets):
             return True
         return False
 
+    @staticmethod
+    def _is_ovn_metadata_port(port, network_id):
+        return (port.device_id == 'ovnmeta-' + network_id and
+                port.device_owner == constants.DEVICE_OWNER_DISTRIBUTED)
+
     @classmethod
     def should_enable_metadata(cls, conf, network):
         """Determine whether the metadata proxy is needed for a network
 
-        This method returns True for truly isolated networks (ie: not attached
-        to a router) when enable_isolated_metadata is True, or for all the
-        networks when the force_metadata flags is True.
+        If the given network contains a ovn metadata port then this method
+        assumes that the ovn metadata service is in use and this metadata
+        service is not required, method returns False. For other cases this
+        method returns True for truly isolated networks (ie: not attached to a
+        router) when enable_isolated_metadata is True, or for all the networks
+        when the force_metadata flags is True.
 
         This method also returns True when enable_metadata_network is True,
         and the network passed as a parameter has a subnet in the link-local
@@ -1458,6 +1484,10 @@ def should_enable_metadata(cls, conf, network):
         providing access to the metadata service via logical routers built
         with 3rd party backends.
         """
+        for port in network.ports:
+            if cls._is_ovn_metadata_port(port, network.id):
+                return False
+
         all_subnets = cls._get_all_subnets(network)
         dhcp_subnets = [s for s in all_subnets if s.enable_dhcp]
         if not dhcp_subnets:

neutron/tests/fullstack/test_agent_bandwidth_report.py

@@ -188,7 +188,7 @@ class TestPlacementBandwidthReport(base.BaseFullStackTestCase):
     scenarios = [
         (constants.AGENT_TYPE_OVS,
          {'l2_agent_type': constants.AGENT_TYPE_OVS,
-          'mech_drivers': 'openvswitch,linuxbridge',
+          'mech_drivers': 'openvswitch',
           'placement_port': '8080'}),
         (constants.AGENT_TYPE_NIC_SWITCH,
          {'l2_agent_type': constants.AGENT_TYPE_NIC_SWITCH,

neutron/tests/fullstack/test_connectivity.py

@@ -20,7 +20,6 @@
 import testscenarios
 
 from neutron.common import utils as common_utils
-from neutron.tests import base as tests_base
 from neutron.tests.common import net_helpers
 from neutron.tests.fullstack import base
 from neutron.tests.fullstack.resources import config
@@ -150,22 +149,6 @@ def test_controller_timeout_does_not_break_connectivity_sigkill(self):
             signal.SIGKILL)
 
 
-class TestLinuxBridgeConnectivitySameNetwork(BaseConnectivitySameNetworkTest):
-
-    l2_agent_type = constants.AGENT_TYPE_LINUXBRIDGE
-    scenarios = [
-        ('VXLAN', {'network_type': 'vxlan',
-                   'l2_pop': False}),
-        ('VLANs', {'network_type': 'vlan',
-                   'l2_pop': False}),
-        ('VXLAN and l2pop', {'network_type': 'vxlan',
-                             'l2_pop': True})
-    ]
-
-    def test_connectivity(self):
-        self._test_connectivity()
-
-
 class _TestUninterruptedConnectivityOnL2AgentRestart(
         BaseConnectivitySameNetworkTest):
 
@@ -210,20 +193,3 @@ class TestUninterruptedConnectivityOnL2AgentRestartOvs(
 
     def test_l2_agent_restart(self, agent_restart_timeout=20):
         self._test_l2_agent_restart(agent_restart_timeout)
-
-
-class TestUninterruptedConnectivityOnL2AgentRestartLB(
-        _TestUninterruptedConnectivityOnL2AgentRestart):
-
-    scenario = [('LB',
-                 {'l2_agent_type': constants.AGENT_TYPE_LINUXBRIDGE})]
-
-    scenarios = (
-        testscenarios.multiply_scenarios(
-            scenario,
-            _TestUninterruptedConnectivityOnL2AgentRestart.network_scenarios)
-    )
-
-    @tests_base.unstable_test("bug 1928764")
-    def test_l2_agent_restart(self, agent_restart_timeout=20):
-        self._test_l2_agent_restart(agent_restart_timeout)

neutron/tests/fullstack/test_dhcp_agent.py

@@ -33,8 +33,6 @@ class BaseDhcpAgentTest(base.BaseFullStackTestCase):
     scenarios = [
         (constants.AGENT_TYPE_OVS,
          {'l2_agent_type': constants.AGENT_TYPE_OVS}),
-        (constants.AGENT_TYPE_LINUXBRIDGE,
-         {'l2_agent_type': constants.AGENT_TYPE_LINUXBRIDGE})
     ]
     boot_vm_for_test = True
     dhcp_scheduler_class = None

neutron/tests/fullstack/test_port_shut_down.py

@@ -37,8 +37,6 @@ class PortShutDownTest(base.BaseFullStackTestCase):
     num_hosts = 1
 
     scenarios = [
-        (constants.AGENT_TYPE_LINUXBRIDGE,
-         {'l2_agent_type': constants.AGENT_TYPE_LINUXBRIDGE}),
         (constants.AGENT_TYPE_OVS,
          {'l2_agent_type': constants.AGENT_TYPE_OVS})
     ]

neutron/tests/fullstack/test_ports_rebind.py

@@ -32,10 +32,6 @@ class TestPortsRebind(base.BaseFullStackTestCase):
         ('Open vSwitch Agent', {
             'l2_agent_type': constants.AGENT_TYPE_OVS,
             'l2_mechdriver_name': 'openvswitch',
-        }),
-        ('Linux Bridge Agent', {
-            'l2_agent_type': constants.AGENT_TYPE_LINUXBRIDGE,
-            'l2_mechdriver_name': 'linuxbridge',
         })]
 
     def setUp(self):
@@ -170,9 +166,6 @@ def test_vm_port_rebound_when_L2_agent_revived(self):
         5. Router's port created in p.3 should be now bound properly
         """
 
-        if self.l2_agent_type == constants.AGENT_TYPE_LINUXBRIDGE:
-            self.skipTest("Bug 1798085")
-
         gw_port = self.safe_client.client.list_ports(
             device_id=self.router['id'],
             device_owner=constants.DEVICE_OWNER_ROUTER_GW)['ports'][0]

neutron/tests/fullstack/test_qos.py

@@ -20,7 +20,6 @@
 from neutronclient.common import exceptions
 from oslo_utils import uuidutils
 
-from neutron.agent.linux import tc_lib
 from neutron.common import utils
 from neutron.tests.common.agents import l2_extensions
 from neutron.tests.fullstack import base
@@ -30,11 +29,6 @@
 from neutron.tests.unit import testlib_api
 
 from neutron.agent.common import ovs_lib
-from neutron.conf.plugins.ml2.drivers import linuxbridge as \
-    linuxbridge_agent_config
-from neutron.plugins.ml2.drivers.linuxbridge.agent import \
-    linuxbridge_neutron_agent as linuxbridge_agent
-from neutron.services.qos.drivers.linuxbridge import driver as lb_drv
 from neutron.services.qos.drivers.openvswitch import driver as ovs_drv
 
 
@@ -404,46 +398,6 @@ def test_bw_limit_qos_port_removed(self):
         self.assertIsNone(qos_queues)
 
 
-class TestBwLimitQoSLinuxbridge(_TestBwLimitQoS, base.BaseFullStackTestCase):
-    l2_agent_type = constants.AGENT_TYPE_LINUXBRIDGE
-    scenarios = [
-        ('egress', {'direction': constants.EGRESS_DIRECTION}),
-        ('ingress', {'direction': constants.INGRESS_DIRECTION}),
-    ]
-
-    @staticmethod
-    def _get_expected_burst_value(limit, direction):
-        # For egress bandwidth limit this value should be calculated as
-        # bandwidth_limit * qos_consts.DEFAULT_BURST_RATE
-        if direction == constants.EGRESS_DIRECTION:
-            return TestBwLimitQoSLinuxbridge._get_expected_egress_burst_value(
-                limit)
-        else:
-            return TestBwLimitQoSLinuxbridge._get_expected_ingress_burst_value(
-                limit)
-
-    @staticmethod
-    def _get_expected_ingress_burst_value(limit):
-        return int(
-            float(limit) /
-            float(linuxbridge_agent_config.DEFAULT_KERNEL_HZ_VALUE))
-
-    def _wait_for_bw_rule_applied(self, vm, limit, burst, direction):
-        port_name = linuxbridge_agent.LinuxBridgeManager.get_tap_device_name(
-            vm.neutron_port['id'])
-        tc = tc_lib.TcCommand(
-            port_name,
-            linuxbridge_agent_config.DEFAULT_KERNEL_HZ_VALUE,
-            namespace=vm.host.host_namespace
-        )
-        if direction == constants.EGRESS_DIRECTION:
-            utils.wait_until_true(
-                lambda: tc.get_filters_bw_limits() == (limit, burst))
-        elif direction == constants.INGRESS_DIRECTION:
-            utils.wait_until_true(
-                lambda: tc.get_tbf_bw_limits() == (limit, burst))
-
-
 class _TestDscpMarkingQoS(BaseQoSRuleTestCase):
 
     number_of_hosts = 2
@@ -540,15 +494,6 @@ def _wait_for_dscp_marking_rule_applied(self, vm, dscp_mark):
             vm.bridge, vm.port.name, dscp_mark)
 
 
-class TestDscpMarkingQoSLinuxbridge(_TestDscpMarkingQoS,
-                                    base.BaseFullStackTestCase):
-    l2_agent_type = constants.AGENT_TYPE_LINUXBRIDGE
-
-    def _wait_for_dscp_marking_rule_applied(self, vm, dscp_mark):
-        l2_extensions.wait_until_dscp_marking_rule_applied_linuxbridge(
-            vm.host.host_namespace, vm.port.name, dscp_mark)
-
-
 class _TestPacketRateLimitQoS(BaseQoSRuleTestCase):
 
     number_of_hosts = 1
@@ -644,9 +589,6 @@ class TestQoSWithL2Population(base.BaseFullStackTestCase):
         (constants.AGENT_TYPE_OVS,
          {'mech_drivers': 'openvswitch',
           'supported_rules': ovs_drv.SUPPORTED_RULES}),
-        (constants.AGENT_TYPE_LINUXBRIDGE,
-         {'mech_drivers': 'linuxbridge',
-          'supported_rules': lb_drv.SUPPORTED_RULES})
     ]
 
     def setUp(self):

neutron/tests/fullstack/test_securitygroup.py

@@ -94,9 +94,6 @@ class TestSecurityGroupsSameNetwork(BaseSecurityGroupsSameNetworkTest):
 
     network_type = 'vxlan'
     scenarios = [
-        # TODO(njohnston): Re-add the linuxbridge scenario once it is stable
-        # The iptables_hybrid driver lacks isolation between agents and
-        # because of that using only one host is enough
         ('ovs-hybrid', {
             'firewall_driver': 'iptables_hybrid',
             'l2_agent_type': constants.AGENT_TYPE_OVS,

neutron/tests/fullstack/test_segmentation_id.py

@@ -11,7 +11,6 @@
 #    under the License.
 
 from neutron_lib import constants
-from neutronclient.common import exceptions
 from oslo_utils import uuidutils
 
 from neutron.tests.common.agents import l2_extensions
@@ -72,8 +71,7 @@ class TestSegmentationId(BaseSegmentationIdTest):
 
     scenarios = [
         ('Open vSwitch Agent', {'l2_agent_type': constants.AGENT_TYPE_OVS}),
-        ('Linux Bridge Agent', {
-            'l2_agent_type': constants.AGENT_TYPE_LINUXBRIDGE})]
+    ]
     num_hosts = 1
 
     def test_change_segmentation_id_no_ports_in_network(self):
@@ -103,13 +101,7 @@ def test_change_segmentation_id_with_bound_ports_in_network(self):
         self.safe_client.create_port(self.project_id, network['id'],
                                      self.environment.hosts[0].hostname)
 
-        if self.l2_agent_type == constants.AGENT_TYPE_LINUXBRIDGE:
-            # Linuxbridge agent don't support update of segmentation_id for
-            # the network so this should raise an exception
-            self.assertRaises(exceptions.BadRequest,
-                              self._update_segmentation_id, network)
-        else:
-            self._update_segmentation_id(network)
+        self._update_segmentation_id(network)
 
 
 class TestSegmentationIdConnectivity(BaseSegmentationIdTest):