Queens Series Release Notes


New Features

  • Added new parameters of_connect_timeout and of_request_timeout in the neutron::agents::ml2::ovs class.

  • Added new parameter neutron::agents::ml2::ovs::of_inactivity_probe.

  • Added new parameter neutron::agents::ml2::ovs::ovsdb_timeout.

  • Add support for configuring security group permitted_ethertypes on the Neutron OVS agent.

  • Add neutron::server::placement class to manage placement related options

  • Add new configuration parameter explicitly_egress_direct for ML2 OVS agent When set to True, the accepted egress unicast traffic will not use action NORMAL. The accepted egress packets will be taken care of in the final egress tables direct output flows for unicast traffic so that operators can set customized integration bridge name in l3 agent configuration. This can be enabled on some nodes to prevent flooding on integration bridge.

Upgrade Notes

  • Switched the default value of the metadata_workers configuration option for the OVN metadata agents to 2 (from $::os_workers). While the OVS metadata agents runs on the controllers/gateway nodes (and defaults to $::os_workers) the OVN metadata agents are distributed and runs on the compute nodes instead so, there’s no point in running dozen of them on each compute. Also, by reducing the number of workers we also reduce the burden on the OVSDB that the OVN metadata agent connects to making OVN more scalable.


New Features

  • New class neutron::agents::bgp_dragent that installs and manages the neutron-dynamic-routing and neutron-bgp-dragent packages. When you are using this feature you must enable the ‘bgp’ service plugin by passing it in neutron::service_plugins.

  • Added logic to support IPv6 deployment on underlay network with ODL. The logic is implemented such that both TLS and IPv6 can be enabled or either of them or none.

  • Added vlan_transparent boolean parameter that if set to true allows plugins that support transparent VLANs to use it.

  • Adds ‘neutron::agents::ml2::ovs::tunnel_csum’ Set or un-set the tunnel header checksum on outgoing IP packet carrying GRE/VXLAN tunnel in ovs agent.

  • Added support for networking-ansible’s mac parameter

  • Added support for networking-ansible’s manage_vlans parameter

  • Added support for networking-ansible ML2 plugin.

  • Add openstack-db tag to Exec that run db-sync.

  • Provides the option to define a set of DNS servers which will be configured in the ‘ovn’ section of etc/neutron/plugins/ml2_conf.ini. These DNS servers will be used as DNS forwarders for the VMs if a neutron subnet is not defined with ‘dns_nameservers’ option.

Bug Fixes

  • Fixes missing “flat” network type in the allowed network types for OpenDaylight OVS.


New Features

  • Added a new parameter ‘neutron::notifications::endpoint_type’ for specifying the endpoint type when getting a nova endpoint from the keystone catalog.

  • Adds ‘neutron::agents::ml2::ovs::enable_security_group’ to permit disabling security groups on the Neutron OVS agent.

  • Adds the ability to configure SSL OVSDB connection for Neutron DHCP Agent.

  • Adds support for baremetal. Installation and configuration of networking-baremetal ironic-neutron-agent ml2 agent.

  • Additional support for baremetal. Added support for installation of networking-baremetal neutron ML2 mechanism driver.

  • Optionally users can set device_driver value in lbaas_agent.ini to $::os_service_default

Deprecation Notes

  • Deprecates using neutron::plugins::ml2::opendaylight::ovsdb_connection. The configuration is now moved to neutron::agents::dhcp::ovsdb_connection.

Bug Fixes

  • Fixes an issue with using TLS and specifying ovsdb_server_iface and the odl_ovsdb_iface parameters with the plugins::ovs::opendaylight class.


New Features

  • Non-IP traffic is allowed in L2 and L3 Domains. The default_allow_non_ip setting determines if non-ip traffic is allowed in Nuage specific L2 and L3 domains.

  • Add new configuration parameters for the Cisco UCSM ML2 driver

    The following new configuration parameters are now being supported by the UCSM ML2 driver. * ucsm_https_verify * sp_template_list * vnic_template_list

  • Enables using TLS in Open vSwitch (OVS) with OpenDaylight. OVS is configured to with certificates and private key to use in enabling a secure connection to OpenDaylight via OVSDB.

  • Adds the use_journal option for configuring oslo.log. This will enable passing the logs to journald.

Deprecation Notes

  • Nexus: Configuration clean-up

    This changeset deprecates old configurations not used in the code and others to be aged out mostly due to code improvements such as implementation of the Nexusu RESTAPI driver. The RESTAPI driver replaces use of the ncclient driver. The ncclient driver will be removed along with any tuning configuration that goes with it.


New Features

  • Add the Neutron configuration parameter “max_allowed_address_pair” to Puppet so that more than the default 10 address pairs per port can be used.

  • Adds ovs_integration_bridge config option in neutron.conf and adds ovs_veth_use config option in lbaas_agent.ini

  • Add ‘dnsmasq_local_resolv’ option support to Enables the dnsmasq service to provide name resolution for instances via DNS resolvers on the host running the DHCP agent.

  • A new systemd service neutron-destroy-patch-ports was introduced on RHEL based systems. The service is executed only on boot and its purpose is to clean up patch ports between the Neutron integration bridge and other configured provider bridges.

  • Expose use_json logging parameter, which enables JSON formatted logging.

  • Adds ability to configure metadata agent in networking-ovn.

Upgrade Notes

  • Debug logging is no longer overridden and disabled by default on the L2 gateway, metering, L3 and metadata agents allowing the service default to take affect. Deployments requiring these services to have debug logging disabled independent of other related configuration may need to explictly set this parameters. Affected parameters are ‘neutron::agents::l2gw::debug’, ‘neutron:agents::l3::debug’, ‘neutron::agents::metadata::debug’ and ‘neutron::agents::l2gw::debug’.

Deprecation Notes

  • The neutron-vpnaas project has removed the agent service in https://review.openstack.org/517263 . Thus, the “enabled” and “manage_service” parameters of class neutron::agents:vpnaas have been deprecated in Queens.

  • The option neutron::quota::quota_health_monitor now has no effect

Bug Fixes

  • The L2 gateway, metering, L3 and metadata agents now use the service default for the debug logging unless otherwise explicitly set. This allows a common configuration for enabling debug logging instead of explicitly enabling in each service.

  • The option neutron::quota::quota_health_monitor was incorrect it should be neutron::quota::quota_healthmonitor and has been renamed as such.


New Features

  • Adds capability for configuring the Cisco VTS neutron ml2 plugin mechanism driver.

  • Adds ability to set loadbalancer quota

  • Adds ability to configure OpenDayight features which will override the default behavior of negotiating features with ODL.

  • Adds ability to configure networking-sfc neutron extension.

  • neutron auth provider has been switch to use keystone API v3.

  • Add parameter to apacher_wsgi to allow overwrite and/or add additional wsgi process options.

Deprecation Notes

  • neutron::agents::l3::send_arp_for_ha is deprecated in Ocata, and will be removed in Pike

  • neutron::server::qos_notification_drivers is deprecated in Ocata, and will be removed in a future release

  • revocation_cache_time option is now deprecated for removal, the parameter has no effect.

Bug Fixes

  • Fixes vhostuser port prefix to be the correct value of ‘vhu’.