Stein Series Release Notes¶
Enforce policy for ‘qos_policy_id’ attribute of port, network and fip so only authorized users can set/unset it. For more info see bug LP#1957175.
NetworkSegmentRangeOverlapsexception to prevent overlapping network segment ranges on creation.
Adds API definition for
rbac-security-groupsextension, which allows sharing security groups between tenants via the network RBAC mechanism.
Adds new L3 exception
Adds definition of
interconnectionAPI extension for neutron-interconnection project.
subnetpool-prefix-opsAPI definition to neutron-lib. This extension introduces API’s that provide explicit support for removing prefixes from a subnet pool and adding subnets to a subnet pool.
neutron.common.constantsare now available in
neutron_lib.constantswith the exception of
EXT_PARENT_RESOURCE_MAPPINGthat is now available in
neutron_lib.tests._toolsmodule is now public and named
sqlalchemytypesmodule is now available in
The trunk service constants are now available in
neutron_lib.services.trunk.constants, but now have the constant name prefixed with
neutron_lib.worker.BaseWorkerwill now set the process title on process start, if it is a new process. By default, the name will be “neutron-server”, and the description will be the name of the worker class, followed by the original process title. Both fields are customizable via the
BaseWorker.start(), and the change can be disabled via the
set_proctitleargument to the
neutron.confwill have a setting for disabling this functionality for all in-tree workers, but by default, all out of tree plugin workers will set their name at fork time. Available settings are ‘on’ (described above, and the default), ‘off’ (same as today), or ‘brief’, which settings the process name to just name and description. ‘brief’ is probably most useful/simple for deployers, but ‘on’ is the default in order to prevent as many script related breakages as possible.
Adds traffic control related constants:
ingress, used in Neutron
Qdisc ID: for
ingresstype, because this one is specific only for ingress traffic.
Qdisc parents: for
Any plugin which forks worker processes from neutron-server will have its proctitle set to “neutron-server” plus a classname in ps output. Any tool used for monitoring/maintenance that watches the process table should be modified to only look for the string
neutron-server. On the plus side, it will now be possible to distinguish which process belongs to which plugin, based on the new naming. Note that the original process string is still in the proctitle, so as long as the scripting is not looking for a perfect string match, it should continue to work.
Base class for upgrade checks used in checks in
neutron-status upgrade checktool is now available in
neutron_lib.utils.upgrade_checksand can be reused by other projects.
neutron_lib.plugins.constants.NETWORK_SEGMENT_RANGEconstant so that it can be used elsewhere related to the
For technical reasons the
floatingip-autodelete-internalextension no longer requires the
neutron_lib.policywas added. It contains constants:
RULE_ADMIN_OR_PARENT_OWNER. It contains also helper functions
policy_or. Those constants and functions can be used in policy modules in Neutron related projects.
neutron_lib.dbis now removed from db profiling projects so database calls done from this module will not be tracked in osprofiler results. All db calls which are tracked by osprofiler are comming from Neutron and this avoids having each call logged twice in osprofiler report.
New shim API extension:
New exception classes:
TRUNK_PLUGINconstants are now available in
neutron_lib.callbacks.resourcesfor defining Trunk related callback resources.
Maximum rpc timeout is now configurable by
rpc_response_max_timeoutfrom Neutron config instead of being calculated as
10 * rpc_response_timeoutvalue.
agent-resources-syncedextension introduces a new agent attribute named
resources_syncedthat tracks the success of the resource view synchronization to Placement.
Extend the ML2 type driver abstract methods
filtersthat is used as search criteria for the segment allocation support when network-segment-range extension is loaded.
The oslo.db wrap_db_retry function now supports randomized time jitter in its retry algorithm. Add support for that feature, if the installed version of oslo.db supports it.
neutron_lib.api.definitions.network_segment_range.NETWORK_SEGMENT_RANGE_TYPE_LISTconstant was moved to
neutron_lib.constantsand renamed to
NETWORK_SEGMENT_RANGE_TYPESso that it can be used elsewhere.
This change removes the
ONBOARD_SUBNETS_SPECSattribute extension from the subnet onboard extension descriptor. This has been deemed to be an unnecessary attribute extension during implementation and has been removed. Because subnet onboard is not yet a completed Neutron feature, the API definition is being updated to reflect this.
Adds new traffic control exceptions
A new function named
validate_route_cidrwas introduced which is used to validate if
host_routesis a network address of a destination subnet or an IP address of a destination.
Add API definition for the new
The following exceptions from
neutron.common.exceptionshave been rehomed into neutron-lib;
The private ORM event listener functions from
neutron.db.apiare now in
neutron_lib.db.apiand are automatically loaded when importing any neutron-lib module.
smart-nicVNIC type for Smart NIC ports.
neutron_lib.plugins.utils. This function checks if a port, depending on the VNIC type, can be bound to a virtual bridge.
neutron_lib.db.model_query. This method allow callers to fetch specific column from a database model. Add keyword parameter
query_with_hooks. The default value of this parameter is None. Callers can set this parameter to query specific column.
neutron.objects.baseis now available in
cidrattributes of a Subnet with IPv6 addresses are now converted to IPv6 canonical format to address. bug 1531103
Directly updating some L3-related port IP addresses does not have any effect on the L3 agent side. As a consequence, these L3-related ports should not allow changing of their IP address. A new shim extension has been added called
l3-port-ip-change-not-allowedto prevent such IP address change. For more information please see bug 1796824.
qos-rules-aliasAPI extension wrongly attempted to re-define
minimum_bandwidth_rulesas first level API resources, leading to conflicts in the QoS API. We now define
alias_minimum_bandwidth_rulesthat will enable users to perform
DELETEoperations on the corresponding QoS rules without having to specify the associated policy ID.
The Placement client previously swallowed a few exceptions (but logged a warning when doing this). In order to let the user of the client choose to handle or ignore the error condition the client no longer does this. Also to avoid losing error information we catch and re-throw HTTP 4xx exceptions with better messages.
This release adds support for custom filtering in versioned object.
qos-rules-aliasAPI extension is introduced to enable users to perform
minimum_bandwidth_rulesas though they are first level resources. In other words, the user will not have to specify the QoS policy ID.
neutron.db._resource_extendis now available as
neutron_lib.db.resource_extendalong with a new
DBResourceExtendFixturethat allows tests to modify the map of registered resource functions.
A class called
FilterObjis introduced. This is the base class from which the custom filter class should inherit. This release also implements two filter class:
NotEqual. The class
StringMatchingFilterObjis now a subclass of
Bug 1796854 is fixed by validating if advsvc context is used.
Neutron API should not allow user to set zero for floating IP port forwarding internal or external port number. Directly modify the floating-ip-port-forwarding extension to change external_port and internal_port minimum value to 1. Then API and port forwarding object will make consistent for these attributes.
Change API to enforce policy rules for subnet entities with specified segment_ids, to fix a broken implementation of that policy enforcement. Bug: 1784259
project-default-networksextension is now available and adds a new attribute
networkresource. This attribute will be used to indicate if a network is a project default network.
Add new extension qos-gateway-ip which extends the router_gw_info with new attribute qos_policy_id.
neutron_lib.utils.net.random_mac_generator(basemac). It allows you to get a mac address string Python generator from the same kind of basemac that
neutron_lib.utils.net.get_random_mac(basemac)expects. If there are a lot of macs to get, this will speed the process up significantly over generating single macs and testing for collisions.
New methods available in Placement client:
New constants module for Placement:
neutron-lib now has a new module:
neutron_lib.placement.utils. This module contains logic that is to be shared between in-tree Neutron components and possibly out-of-tree Neutron agents that want to support features involving the Placement service (for example guaranteed minimum bandwidth).
policy-in-code support in neutron-lib is added. The default policies for ‘context_is_admin’ and ‘context_is_advsvc’ are now implemented as embeded policies. (Note that the main policy-in-code support will be implemented in the main neutron codebase.)
The new extension
resource_requestattribute to port responses. This attribute enables Neutron to communicate to Nova resources needed by the port, such as physnet, VNIC type and bandwidth. If the port requested by Nova boot has the
resource_requestattribute, then the Nova Scheduler will try to allocate the VM in a host that can satisfy those requirements.
qos_minimum_bandwidth_rulewith ingress direction for placement based enforcement.
New MechanismDriver API class property:
resource_provider_uuid5_namespace. Mechanism drivers wanting to support resource provider information reporting to Placement (eg. reporting resource providers to guarantee some minimum bandwidth allocated on them later) must set this class property to a UUID object unique to that mechanism driver. It will be used as a UUID v5 namespace in generating UUIDs for resource providers. The default implementation sets it to
None, meaning that the mechanism driver does not support resource provider information reporting to Placement. Unaffected drivers need not be changed.
New MechanismDriver API method:
responsible_for_ports_allocation. Mechanism drivers wanting to support resource allocations for ports in Placement (eg. wanting to guarantee some minimum bandwidth allocated on the resource provider in the port’s
binding:profile.allocation) must implement this method. The default implementation reports not being responsible for any resource providers, therefore unaffected drivers need not be changed.
Increase the DB retry interval and max retry times for the
neutron_lib.db.apito 0.5 seconds and 20 times, respectively. For those actions which have a higher chance for DBDeadlock, users should have a higher success rate due to the larger random range and retry times. For more information see bug 1777968
Add two fields
NeutronDbObjectDuplicateEntry. These two fields are populated from the corresponding db exception.
PlacementAPIClient'smax supported microversion to
1.20, as from that microversion placement API returns json body for POST /resource_providers.
PlacementAPIClientclass is moved from
neutron_lib.placement.clientin order to consolidate all Placement related logic under sub-package
resource_provider_generationparameters of the following methods of
PlacementAPIClientare now optional:
update_resource_provider_traits. You may call the methods without this parameter or pass
Nonewith the meaning to ignore resource provider generations. That is the client will (in quick succession) get the object and update it supplying the same generation.
PlacementAPIClientnow return the parsed body of the respective responses. Since these methods returned
Nonepreviously this is unlikely to break anything. On the other hand callers of these methods now have a chance to simplify their code.
This release removes the
descriptionfrom the segment extension’s attribute map as well as adds the
standard-attr-descriptionas required dependency and
standard-attr-segmentas an optional dependency.