Newton Series Release Notes


New Features

  • Non-IP traffic is allowed in L2 and L3 Domains. The default_allow_non_ip setting determines if non-ip traffic is allowed in Nuage specific L2 and L3 domains.

  • Add new configuration parameters for the Cisco UCSM ML2 driver

    The following new configuration parameters are now being supported by the UCSM ML2 driver. * ucsm_https_verify * sp_template_list * vnic_template_list

  • Optionally users can set device_driver value in lbaas_agent.ini to $::os_service_default

Deprecation Notes

  • Nexus: Configuration clean-up

    This changeset deprecates old configurations not used in the code and others to be aged out mostly due to code improvements such as implementation of the Nexusu RESTAPI driver. The RESTAPI driver replaces use of the ncclient driver. The ncclient driver will be removed along with any tuning configuration that goes with it.


New Features

  • Adds ovs_integration_bridge config option in neutron.conf and adds ovs_veth_use config option in lbaas_agent.ini

  • Additional support for Nuage is added in neutron, as a result of which Nuage can be plugged into neutron as ML2 mechanism driver. This feature is in addition to the option of usign Nuage as the core plugin. This change adds neutron::plugins::ml2::nuage

  • Added nuage configuration file under neutron-server configuration directory so that neutron-server can pick up the configuration file on startup. This change creates nuage_plugin.conf symlink under the folder /etc/neutron/conf.d/neutron-server.


New Features

  • Add minimize_polling parameter to ovs ml2 agent class.

  • Add type and provider to mange rootwrap.conf file mainly to manipulate XenServer connection parameters.

  • Adds the enable_new_agents config option to the neutron server

  • Passes parameter to keystone authtoken define to manage python-memcache package install.


New Features

  • The enable_headers_parsing option was added to the server manifest. This enables the http_proxy_to_wsgi middleware to process SSL-related headers.

Upgrade Notes

  • Opendaylight OVS provider_mappings argument now accepts an array type.

Bug Fixes

  • Neutron modified the way that Agents connect to OVSDB server to configure OVS tap ports, etc by using the OVSDB server URI rather than the ovs-vsctl client. In ODL deployments, OVSDB server is never configured to listen on a port and therefore Neutron Agent configuration fails. This fixes that problem by configuring multiple managers, including a local listener by default on a non-standard port for OVSDB server. This way Neutron Agents are able to talk to OVSDB while OVS is also still connected to ODL.

  • The package name for nuage neutron plugin changed due to decomposition of vendor plugins from neutron package to per-vendor packages.


New Features

  • Add overlay_ip_version options support to ml2 plugin settings.

  • Add oslo.messaging rabbit_transient_queues_ttl parameter support.

  • Configure keystonemiddleware in a consistent way using modern parameters

  • Add certificates configuration options for lbaas service.

  • Midonet v5.x plugin doesn’t rely anymore on a custom DHCP agent, also it only uses a subproject for db sync instead of the old method of overriding the neutron-db-sync completelly.

Deprecation Notes

  • neutron::server::keystone_auth_type is deprecated, use neutron::keystone::authtoken::auth_type instead

  • neutron::server::auth_uri is deprecated, use neutron::keystone::authtoken::auth_uri instead

  • neutron::server::auth_url is deprecated, use neutron::keystone::authtoken::auth_url instead

  • neutron::server::username is deprecated, use neutron::keystone::authtoken::username instead

  • neutron::server::password is deprecated, use neutron::keystone::authtoken::password instead

  • neutron::server::project_domain_id is deprecated, use neutron::keystone::authtoken::project_domain_name instead

  • neutron::server::project_domain_name is deprecated, use neutron::keystone::authtoken::project_domain_name instead

  • neutron::server::project_name is deprecated, use neutron::keystone::authtoken::project_name instead

  • neutron::server::user_domain_id is deprecated, use neutron::keystone::authtoken::user_domain_name instead

  • neutron::server::user_domain_name is deprecated, use neutron::keystone::authtoken::user_domain_name instead

  • neutron::server::region_name is deprecated, use neutron::keystone::authtoken::region_name instead

  • The allow_sorting and allow_pagination configuration options are deprecated and will be removed in a future release.

Bug Fixes

  • Parameters of type dict must be at the end of the shell command to not cause conflict with the network name. Neutron cli picks up the network name as the first parameter without “–” prefix, thus tresting type=dict as the network name instead of the real network name because it comes before. By providing the special dictionary type commands after the network name the behaviour of the cli is bypassed and neutron takes the network name and proceeds interpreting parameters with special format ( not in the form of –<param>=<value> )


New Features

  • Add ‘binding_host_id’ and ‘binding_profile’ support to neutron_port custom type.

  • Add the ability to specify the a name string for the router_id in neutron_l3_agent_config using the transform_to argument.

  • Support configuration when DPDK is enabled with OVS.

  • Configured Noop firewall driver for SR-IOV agent config. SR-IOV agent only work with NoopFirewallDriver when Security Groups are enabled.

  • Added a provider to configure VFs for SR-IOV interface

Upgrade Notes

  • Switch-on lbaasv2 by default instead of lbaasv2 to follow what upstream Neutron is doing in and also switch default device_driver to be neutron_lbaas.drivers.haproxy.namespace_driver.HaproxyNSDriver

  • Previously OVN plugin for Neutron used to be a core plugin. With the recent changes in networking-ovn project, OVN is plugged in to neutron as an ml2 mechanism driver.

Deprecation Notes

  • The advertise_mtu option is deprecated, has no effect and will be removed in Ocata.

  • min_l3_agents_per_router is deprecated, has no effect and will be removed for the Ocata release.

  • quota_items is deprecated, has no effect and will be removed after Newton cycle.

  • enable_v1 and enable_v2 are deprecated in neutron::agents::lbaas.

  • LBaaS v1 deployment is not supported anymore.

  • The option enable_tunneling has been deprecated as it is no longer used. In order to enable tunneling, tunnel_types should be set to the desired type. If tunnel_types is not set, tunneling will be disabled.

  • neutron::plugins::ovn is deprecated as it was managing OVN as a core-plugin. This is deprecated in favor of its ml2 equivalent neutron::plugins::ml2::ovn

  • Remove outdated auth options completely (admin_*)

  • Remove ‘router_id’ configuration option from the l3_agent.ini file.



Add hooks for external install & svc management.

New Features

  • Added geneve config options in type_drivers.

  • Added max_header_size parameter to ml2 plugin for use in geneve configuration.

  • Add user_domain_name and project_domain_name parameters.

  • This adds defined anchor points for external modules to hook into the software install, config and service dependency chain. This allows external modules to manage software installation (virtualenv, containers, etc) and service management (pacemaker) without needing rely on resources that may change or be renamed.

Bug Fixes

  • The keystone auth class has been updated to provide a default service_name to allow a user to specify a custom auth_name that may not contain the name of the service.

  • Adds the ability to manage the memcached servers for keystone_authtoken in neutron::server


New Features

  • Add ‘dnsmasq_dns_servers’ option support to dhcp agent settings.

  • Add logging class to manage olso.log related options init class can still be used for managing the limited number of options Add option _manage_logging_ for init class to make it possible to evaluate logging class separately from init class in one catalog

  • Add oslo.messaging transport_url parameter via puppet-oslo resource

  • Add oslo.messaging notitications related options

  • Add support for oslo_messaging_amqp backend via puppet-oslo resource

  • Added neutron::plugins::ml2::arista class to manage the arista ml2 driver.

  • Added neutron::plugins::ml2::arista::l3_arista class to manage the arista ml2 l3 plugin.

  • Add api_paste type/provider.

  • service_providers are configured through neutron::server class.

  • Added octavia lbaas v2 services class.

  • Added haproxy lbaas v2 services class.

  • Added option to use either v1 or v2 agent in neutron agents lbaas.

  • Add ensure_*aas_package booleans for ::neutron::server. In case of installation of neutron API service on standalone node while having enabled FWaaS, VPNaaS or LBaaS as service plugins one has to install their packages otherwise the neutron service will fail to start.

  • Provide support for VPNaaS service_provider.

  • Add LBaaS v2 support.

  • Support the LibreSwan driver for VPNaaS on Red Hat platforms.

  • Update Cisco ML2 Nexus parameters.

  • Update PLUMgrid packages & parameters.

  • Update Nuage orchestration.

  • Add support for Midonet ML2 driver.

  • Add support for OpenDaylight driver.

  • Add support for Bigswitch ML2 driver.

  • Notify Linuxbridge agent when RabbitMQ parameters change.

  • Add SSL parameters to communicate with Nova.

  • Neutron_subnet will now be able to update.

  • Add support for modern authentification to providers.

  • Add ‘distributed’ parameter for neutron_router.

  • Add ‘ha’ parameter for neutron_router.

  • Add IPv6 options to Neutron_subnet type.

  • On providers, correctly parse csv even with extra output.

  • Add ‘desc’ parameter for Neutron_router_interface.

  • Added the configuration options to configure neutron availability zones for server and agents.

  • Providers updated to being able to configure router/network with availability zone.

  • Add support for OVN driver.

  • Support of PyMySQL driver for MySQL backend.

  • Add parameters for Neutron QoS support.

  • Added additional kombu options which are supported by puppet-oslo module Removed unneeded validation checks (covered by puppet-oslo)

  • Release notes are no longer maintained by hand, we now use the reno tool to manage them.

  • Configure oslo related options (database, logging, messaging, policy) using puppet-oslo module. oslo.messaging related default values were changed to $::os_service_default

Known Issues

  • VPNaaS service_provider was being configured in a file not being loaded up by neutron server. It has been consolidated with lbaas service configuration into neutron.conf.

Deprecation Notes

  • _verbose_ option is deprecated and will be removed in future

  • [DEFAULT]/network_device_mtu option is deprecated and will be removed in Newton. However, new [ml2]/segment_mtu is deprecated too according to neutron/common/ New [DEFAULT]/global_physnet_mtu should be used.

  • The lbaas v2 agent package ensure in neutron services lbaas has been deprecated, the agent should be installed from neutron agents lbaas.

  • log_facility is Deprecated and will be removed after Newton cycle.

  • Deprecate _delete_namespaces parameters, not used anymore in Neutron.

  • Remove deprecated options dhcp_domain & dhcp_delete_namespaces.

  • Removed deprecated option external_network_bridge.

  • Deprecate API parameters for metadata agent, not needed anymore in Mitaka.

  • Use identity_uri and auth_uri by default and deprecate old auth params.

  • Set v3 auth related options by default.

  • The option prevent_arp_spoofing has been deprecated and will be removed in Ocata release.

  • Deprecated router_id option in l3 agent

  • nova_url parameter is deprecated, will be removed after Newton cycle. The parameter is not used anymore by Neutron.

  • Remove QPID messaging support. Qpid messaging driver is removed from oslo.messaging so we won’t support anymore.

  • Deprecate tenant_name option. project_name should be used instead.

  • verbose option is now deprecated for removal, the parameter has no effect.

Bug Fixes

  • Added python-neutron-lbaas package to be installed with neutron::services::lbaas. this removes a dependency of installing agent on neutron api server to enable the lbaas service.

  • Fixes bug 1560716 so LinuxBridge configuration file path is the correct one for RDO & UCA packaging.

  • If Neutron is installed from Ubuntu packages, neutron-server and openvswitch/linuxbridge agents use separate files to load configuration related to ML2 plugin. So in order to use security groups firewall_driver value should be passed to both configuration files (ml2_conf.ini and openvswitch_agent.ini)

  • Metadata agent config should be applied after package installation.

  • Add normal bug fixes here, or remove this section.

  • The package name for the midonet neutron plugin previously used an older naming syntax from times passed that no longer existed in current repositories. To fix this issue the package name was updated to “python-networking-midonet” which is provided by third repository from Midokura.

  • PLUMgrid neutron plugin assumes the default keystone v2 for a given deployment. The issue is fixed by switching the default config to keystone v3.

  • PLUMgrid neutron plugin isn’t able to specify nova metadata subnet, that is used by PLUMgrid metadata implementation. The issue is fixed by making nova_metadata_subnet configurable.

Other Notes

  • Drop all Qpid support, it was removed from Oslo in Mitaka.

  • Removed deprecated (for at least one cycle) options from agents:

    • use_namespaces option from l3/dhcp/lbaas agent

    • allow_automatic_l3agent_failover from l3 agent

    • network_device_mtu from l3 agent

    • auth_password, auth_tenant, auth_user, auth_url, auth_insecure, auth_region from metadata agent

  • Remove all other references to network_device_mtu

  • Remove deprecated parameters for keystone::auth, including port, public_protocol, public_address, public_port, internal_protocol, internal_address, admin_protocol, admin_address. Use the new parameters public_url, admin_url and internal_url instead.