Stein Series Release Notes


Bug Fixes

  • Enforce policy for ‘qos_policy_id’ attribute of port, network and fip so only authorized users can set/unset it. For more info see bug LP#1957175.


New Features

  • Add NetworkSegmentRangeOverlaps exception to prevent overlapping network segment ranges on creation.

  • Adds API definition for rbac-security-groups extension, which allows sharing security groups between tenants via the network RBAC mechanism.

  • Adds new L3 exception RouterNotFoundInRouterFactory in neutron_lib.exceptions.l3.

  • Adds definition of interconnection API extension for neutron-interconnection project.

  • Adds subnetpool-prefix-ops API definition to neutron-lib. This extension introduces API’s that provide explicit support for removing prefixes from a subnet pool and adding subnets to a subnet pool.

  • The remaining neutron.common.constants are now available in neutron_lib.constants with the exception of EXT_PARENT_RESOURCE_MAPPING that is now available in

  • The neutron_lib.tests._tools module is now public and named tools.

  • The sqlalchemytypes module is now available in neutron_lib.db.

  • The trunk service constants are now available in, but now have the constant name prefixed with TRUNK_.

  • neutron_lib.worker.BaseWorker will now set the process title on process start, if it is a new process. By default, the name will be “neutron-server”, and the description will be the name of the worker class, followed by the original process title. Both fields are customizable via the name and desc arguments to BaseWorker.start(), and the change can be disabled via the set_proctitle argument to the __init__ function. neutron.conf will have a setting for disabling this functionality for all in-tree workers, but by default, all out of tree plugin workers will set their name at fork time. Available settings are ‘on’ (described above, and the default), ‘off’ (same as today), or ‘brief’, which settings the process name to just name and description. ‘brief’ is probably most useful/simple for deployers, but ‘on’ is the default in order to prevent as many script related breakages as possible.

  • Adds traffic control related constants:

    • Qdisc types: htb, tbf and ingress, used in Neutron tc_lib

    • Qdisc ID: for ingress type, because this one is specific only for ingress traffic.

    • Qdisc parents: for root and ingress types.

Upgrade Notes

  • Any plugin which forks worker processes from neutron-server will have its proctitle set to “neutron-server” plus a classname in ps output. Any tool used for monitoring/maintenance that watches the process table should be modified to only look for the string neutron-server. On the plus side, it will now be possible to distinguish which process belongs to which plugin, based on the new naming. Note that the original process string is still in the proctitle, so as long as the scripting is not looking for a perfect string match, it should continue to work.

Other Notes

  • Base class for upgrade checks used in checks in neutron-status upgrade check tool is now available in neutron_lib.utils.upgrade_checks and can be reused by other projects.

  • Add the neutron_lib.plugins.constants.NETWORK_SEGMENT_RANGE constant so that it can be used elsewhere related to the network_segment_range service plugin.

  • For technical reasons the floatingip-autodelete-internal extension no longer requires the router extension.

  • New module neutron_lib.policy was added. It contains constants: RULE_ADMIN_OR_OWNER, RULE_ADMIN_ONLY, RULE_ANY, RULE_ADVSVC, RULE_ADMIN_OR_NET_OWNER, RULE_ADMIN_OR_NET_OWNER_OR_ADVSVC and RULE_ADMIN_OR_PARENT_OWNER. It contains also helper functions policy_and and policy_or. Those constants and functions can be used in policy modules in Neutron related projects.

  • Module neutron_lib.db is now removed from db profiling projects so database calls done from this module will not be tracked in osprofiler results. All db calls which are tracked by osprofiler are comming from Neutron and this avoids having each call logged twice in osprofiler report.


New Features

  • New shim API extension: floatingip-autodelete-internal.

  • New exception classes: UnknownResourceProvider and AmbiguousResponsibilityForResourceProvider.

  • The SUBPORTS, TRUNK and TRUNK_PLUGIN constants are now available in neutron_lib.callbacks.resources for defining Trunk related callback resources.


New Features

  • Maximum rpc timeout is now configurable by rpc_response_max_timeout from Neutron config instead of being calculated as 10 * rpc_response_timeout value.

  • The agent-resources-synced extension introduces a new agent attribute named resources_synced that tracks the success of the resource view synchronization to Placement.

  • Extend the ML2 type driver abstract methods reserve_provider_segment and allocate_tenant_segment with filters that is used as search criteria for the segment allocation support when network-segment-range extension is loaded.

Bug Fixes

  • The oslo.db wrap_db_retry function now supports randomized time jitter in its retry algorithm. Add support for that feature, if the installed version of oslo.db supports it.

Other Notes

  • The neutron_lib.api.definitions.network_segment_range.NETWORK_SEGMENT_RANGE_TYPE_LIST constant was moved to neutron_lib.constants and renamed to NETWORK_SEGMENT_RANGE_TYPES so that it can be used elsewhere.

  • This change removes the ONBOARD_SUBNETS_SPECS attribute extension from the subnet onboard extension descriptor. This has been deemed to be an unnecessary attribute extension during implementation and has been removed. Because subnet onboard is not yet a completed Neutron feature, the API definition is being updated to reflect this.


New Features

  • Adds new traffic control exceptions TcLibQdiscNeededArguments and TcLibQdiscTypeError in neutron-lib.exceptions.qos.

  • A new function named validate_route_cidr was introduced which is used to validate if destination of routes and destination of host_routes is a network address of a destination subnet or an IP address of a destination.

  • Add API definition for the new network-segment-range extension.

  • The following exceptions from neutron.common.exceptions have been rehomed into neutron-lib; PortBindingAlreadyActive, PortBindingAlreadyExists, PortBindingError, ProcessExecutionError, RouterQosBindingNotFound, RouterQosBindingError.

  • The private ORM event listener functions from neutron.db.api are now in neutron_lib.db.api and are automatically loaded when importing any neutron-lib module.

  • Add smart-nic VNIC type for Smart NIC ports.


New Features

  • Add can_port_be_bound_to_virtual_bridge function in neutron_lib.plugins.utils. This function checks if a port, depending on the VNIC type, can be bound to a virtual bridge.

  • Add method get_values in neutron_lib.db.model_query. This method allow callers to fetch specific column from a database model. Add keyword parameter field to method query_with_hooks. The default value of this parameter is None. Callers can set this parameter to query specific column.

  • The get_updatable_fields function from neutron.objects.base is now available in neutron_lib.object.utils.

Bug Fixes

  • The gateway , allocation_pools and cidr attributes of a Subnet with IPv6 addresses are now converted to IPv6 canonical format to address. bug 1531103

  • Directly updating some L3-related port IP addresses does not have any effect on the L3 agent side. As a consequence, these L3-related ports should not allow changing of their IP address. A new shim extension has been added called l3-port-ip-change-not-allowed to prevent such IP address change. For more information please see bug 1796824.

  • The qos-rules-alias API extension wrongly attempted to re-define bandwidth_limit_rules, dscp_marking_rules and minimum_bandwidth_rules as first level API resources, leading to conflicts in the QoS API. We now define alias_bandwidth_limit_rules, alias_dscp_marking_rules and alias_minimum_bandwidth_rules that will enable users to perform GET, PUT and DELETE operations on the corresponding QoS rules without having to specify the associated policy ID.

Other Notes

  • The Placement client previously swallowed a few exceptions (but logged a warning when doing this). In order to let the user of the client choose to handle or ignore the error condition the client no longer does this. Also to avoid losing error information we catch and re-throw HTTP 4xx exceptions with better messages.



This release adds support for custom filtering in versioned object.

New Features

  • The qos-rules-alias API extension is introduced to enable users to perform GET, PUT and DELETE operations on bandwidth_limit_rules, dscp_marking_rules and minimum_bandwidth_rules as though they are first level resources. In other words, the user will not have to specify the QoS policy ID.

  • The neutron.db._resource_extend is now available as neutron_lib.db.resource_extend along with a new DBResourceExtendFixture that allows tests to modify the map of registered resource functions.

  • A class called FilterObj is introduced. This is the base class from which the custom filter class should inherit. This release also implements two filter class: NotIn and NotEqual. The class StringMatchingFilterObj is now a subclass of FilterObj.

Bug Fixes

  • Bug 1796854 is fixed by validating if advsvc context is used.

  • Neutron API should not allow user to set zero for floating IP port forwarding internal or external port number. Directly modify the floating-ip-port-forwarding extension to change external_port and internal_port minimum value to 1. Then API and port forwarding object will make consistent for these attributes.

  • Change API to enforce policy rules for subnet entities with specified segment_ids, to fix a broken implementation of that policy enforcement. Bug: 1784259


New Features

  • The project-default-networks extension is now available and adds a new attribute project_default into the network resource. This attribute will be used to indicate if a network is a project default network.

  • Add new extension qos-gateway-ip which extends the router_gw_info with new attribute qos_policy_id.

  • Introduced It allows you to get a mac address string Python generator from the same kind of basemac that expects. If there are a lot of macs to get, this will speed the process up significantly over generating single macs and testing for collisions.

  • New methods available in Placement client: update_resource_provider and ensure_resource_provider.

  • New constants module for Placement: neutron_lib.placement.constants.

  • neutron-lib now has a new module: neutron_lib.placement.utils. This module contains logic that is to be shared between in-tree Neutron components and possibly out-of-tree Neutron agents that want to support features involving the Placement service (for example guaranteed minimum bandwidth).

  • policy-in-code support in neutron-lib is added. The default policies for ‘context_is_admin’ and ‘context_is_advsvc’ are now implemented as embeded policies. (Note that the main policy-in-code support will be implemented in the main neutron codebase.)

  • The new extension port-resource-request adds the resource_request attribute to port responses. This attribute enables Neutron to communicate to Nova resources needed by the port, such as physnet, VNIC type and bandwidth. If the port requested by Nova boot has the resource_request attribute, then the Nova Scheduler will try to allocate the VM in a host that can satisfy those requirements.

  • New extension qos-bw-minimum-ingress for extending qos_minimum_bandwidth_rule with ingress direction for placement based enforcement.

  • New MechanismDriver API class property: resource_provider_uuid5_namespace. Mechanism drivers wanting to support resource provider information reporting to Placement (eg. reporting resource providers to guarantee some minimum bandwidth allocated on them later) must set this class property to a UUID object unique to that mechanism driver. It will be used as a UUID v5 namespace in generating UUIDs for resource providers. The default implementation sets it to None, meaning that the mechanism driver does not support resource provider information reporting to Placement. Unaffected drivers need not be changed.

  • New MechanismDriver API method: responsible_for_ports_allocation. Mechanism drivers wanting to support resource allocations for ports in Placement (eg. wanting to guarantee some minimum bandwidth allocated on the resource provider in the port’s binding:profile.allocation) must implement this method. The default implementation reports not being responsible for any resource providers, therefore unaffected drivers need not be changed.

Bug Fixes

  • Increase the DB retry interval and max retry times for the retry_db_errors decorator in neutron_lib.db.api to 0.5 seconds and 20 times, respectively. For those actions which have a higher chance for DBDeadlock, users should have a higher success rate due to the larger random range and retry times. For more information see bug 1777968

Other Notes

  • Add two fields columns and value to exception NeutronDbObjectDuplicateEntry. These two fields are populated from the corresponding db exception.

  • Bump PlacementAPIClient's max supported microversion to 1.20, as from that microversion placement API returns json body for POST /resource_providers.

  • The PlacementAPIClient class is moved from neutron_lib.clients.placement to neutron_lib.placement.client in order to consolidate all Placement related logic under sub-package neutron_lib.placement.

  • The resource_provider_generation parameters of the following methods of PlacementAPIClient are now optional: update_resource_provider_inventories, update_resource_provider_inventory and update_resource_provider_traits. You may call the methods without this parameter or pass None with the meaning to ignore resource provider generations. That is the client will (in quick succession) get the object and update it supplying the same generation.

  • The create_resource_provider and associate_aggregates methods of PlacementAPIClient now return the parsed body of the respective responses. Since these methods returned None previously this is unlikely to break anything. On the other hand callers of these methods now have a chance to simplify their code.

  • This release removes the description from the segment extension’s attribute map as well as adds the standard-attr-description as required dependency and standard-attr-segment as an optional dependency.