subject:"\[openstack\-dev\] \[Neutron\] for help\!"

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-02 Thread Sean M. Collins

Was perusing the documentation again this morning and there is another
thing I found - you can call join() with the aliased=True flag to get
similar results.

Check out the "Constructing Aliases Anonymously" section.

http://docs.sqlalchemy.org/en/latest/orm/query.html
-- 
Sean M. Collins

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-01 Thread Venkata Anil


Thanks Sean. I will check that.

Meanwhile I tried this and it is working

port1 = orm.aliased(models_v2.Port, name="port1")
port2 = orm.aliased(models_v2.Port, name="port2")
router_intf_qry = 
context.session.query(RouterPort.router_id).join((port1, 
port1.id==RouterPort.port_id), (port2, 
port2.device_id==RouterPort.router_id)).filter(port1.network_id==int_net_id, 
port2.network_id==ext_net_id).distinct()


   for router in router_intf_qry:
router_id =router.router_id

Thanks
Anil Venkata

On 12/01/2015 06:35 PM, Sean M. Collins wrote:

Consult the API:

http://docs.sqlalchemy.org/en/latest/orm/query.html#sqlalchemy.orm.query.Query.join

In fact, there is already one join happening a couple lines above your
change:

https://github.com/openstack/neutron/blob/stable/liberty/neutron/db/l3_db.py#L800

Most likely, you will also need to use the aliased() function - since
there are some examples that are similar to what you are trying to do -
check out the "Joins to a Target with an ON Clause" section in the first
link.

http://docs.sqlalchemy.org/en/latest/orm/query.html#sqlalchemy.orm.aliased




__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-01 Thread Sean M. Collins

On Tue, Dec 01, 2015 at 10:22:41AM EST, Venkata Anil wrote:
> Thanks Sean. I will check that.
> 
> Meanwhile I tried this and it is working
> 
> port1 = orm.aliased(models_v2.Port, name="port1")
> port2 = orm.aliased(models_v2.Port, name="port2")
> router_intf_qry =
> context.session.query(RouterPort.router_id).join((port1,
> port1.id==RouterPort.port_id), (port2,
> port2.device_id==RouterPort.router_id)).filter(port1.network_id==int_net_id,
> port2.network_id==ext_net_id).distinct()
> 
>for router in router_intf_qry:
> router_id =router.router_id
> 

That looks pretty close. My only suggestion would be to try and see if
you can just alias it once, instead of twice. Basically see if it is
possible to replace all the port1 references with "models_v2.Port"

-- 
Sean M. Collins

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-01 Thread Venkata Anil




On 12/01/2015 09:06 PM, Sean M. Collins wrote:

On Tue, Dec 01, 2015 at 10:22:41AM EST, Venkata Anil wrote:

Thanks Sean. I will check that.

Meanwhile I tried this and it is working

 port1 = orm.aliased(models_v2.Port, name="port1")
 port2 = orm.aliased(models_v2.Port, name="port2")
 router_intf_qry =
context.session.query(RouterPort.router_id).join((port1,
port1.id==RouterPort.port_id), (port2,
port2.device_id==RouterPort.router_id)).filter(port1.network_id==int_net_id,
port2.network_id==ext_net_id).distinct()

for router in router_intf_qry:
 router_id =router.router_id


That looks pretty close. My only suggestion would be to try and see if
you can just alias it once, instead of twice. Basically see if it is
possible to replace all the port1 references with "models_v2.Port"


Thanks Sean. Sure, I will try that suggestion.



__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-01 Thread Venkata Anil


Hi All

I have the below sql query which - "lists routers connected to given 
internal and external networks"


select DISTINCT routerports.router_id from routerports inner join ports 
as ports1 on (ports1.id=routerports.port_id and 
ports1.network_id=internal_network_id) inner join ports as ports2 on 
(ports2.device_id=routerports.router_id and 
ports2.network_id=external_network_id);


In the above query I am joining port table to routerport table twice.

Can someone help me in translating that to SQLAlchemy query?
This is required for the change 
https://review.openstack.org/#/c/220135/2/neutron/db/l3_db.py

(see review comments)

Thanks
Anil Venkata



__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

2015-12-01 Thread Sean M. Collins

Consult the API:

http://docs.sqlalchemy.org/en/latest/orm/query.html#sqlalchemy.orm.query.Query.join

In fact, there is already one join happening a couple lines above your
change:

https://github.com/openstack/neutron/blob/stable/liberty/neutron/db/l3_db.py#L800

Most likely, you will also need to use the aliased() function - since
there are some examples that are similar to what you are trying to do -
check out the "Joins to a Target with an ON Clause" section in the first
link.

http://docs.sqlalchemy.org/en/latest/orm/query.html#sqlalchemy.orm.aliased

-- 
Sean M. Collins

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [neutron] Please help review this RFE

2015-09-17 Thread Li Ma

Hi Neutron folks,

I'd like to introduce a pure python-driven network configuration
library to Neutron. A discussion just started in the RFE ticket [1].
I'd like to get feedback on this proposal.

[1]: https://bugs.launchpad.net/neutron/+bug/1492714

Take a look and let me know your thoughts.
-- 

Li Ma (Nick)
Email: skywalker.n...@gmail.com

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [neutron][lbaas] Help on single create call

2015-07-30 Thread Brandon Logan

One of the features we were hoping to get into Liberty for neutron-lbaas v2 was 
a single create call.  This call would be one that would accept an entire 
configuration tree of loadbalancer, listeners, pools, members, and health 
montiors in the API and create all of it (and also rolling back correctly when 
soemthing fails).


I'm not going to be having a lot of time to get this done, even though it is 
something I've wanted.  I just wouldn't be able to get to it until some time 
after the Liberty feature freeze.  I'm emailing this out to get some feelers if 
someone in the community would be willing to give this an attempt.  I'd 
definitely help out on it and collaboratively brainstorm when necessary.


Let me know.


Thanks,
Brandon
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [Neutron] AGAIN HELP CONFIRM OR DISCUSS:create a port when network contain ipv4 subnets and ipv6 subnets, allocate ipv6 address to the port.

2015-07-22 Thread zhaobo

Hi ,
Could anyone please check the bug below? I had received message from some kind
people, but I didn't get the answer which i want.
The key point is why the created port with specify ipv4 subnet as fixed-ip get
an ipv6 addr when there are some ipv6 slaac/dhcpstateful subnets.
And I know the slaac subnet will automatic allocate an ipv6 addr. Users may be
confused about this behavior.
https://bugs.launchpad.net/neutron/+bug/1467791

This bug description:
When the created network contains one ipv4 subnet and an ipv6 subnet which
turned on slaac or stateless.
When I create a port use cmd like:
neutron port-create --fixed-ip subnet_id=$[ipv4_subnet_id] $[network_id/name]
The specified fixed-ip is ipv4_subnet, but the returned port contained the ipv6
subnet.

If user just want a port with ipv4 , why returned port had allocated an ipv6
address.
And I know this is an design behavior from
http://specs.openstack.org/openstack/neutron-specs/specs/kilo/multiple-ipv6-prefixes.html#proposed-change
But we are still confused about this operation.

And when we create floatingip and the external network just contained an ipv6
slaac subnet, the port will contained the ipv6 addr . Are there some issues ?

Thank you anyone could help for confirm this issue , and wish you return the
message asap.

ZhaoBo

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] AGAIN HELP CONFIRM OR DISCUSS:create a port when network contain ipv4 subnets and ipv6 subnets, allocate ipv6 address to the port.

2015-07-22 Thread Sridhar Gaddam

Hello ZhaoBo,

The short summary of the BP [1] is that when a network contains an IPv6
SLAAC/dhcpv6-stateless subnet, we use RADVD daemon to advertise the
prefix. RADVD deamon periodically advertises the prefix info which is a
multicast message received by all the hosts/VMs on the network. When
an ipv6-capable host/VM receives this Router Advertisement message, it
would generate and configure an EUI-64 IPv6 address (derived via the
prefix and interface MAC address) to its interface.

I understand your concern saying that you only specified an IPv4 address
for the port but you got IPv6 address as well.

This is because..
1. You have IPv6 subnets as part of the same network
2. The nature in which SLAAC works and is implemented in Neutron.

Basically, even if Neutron does not include the IPv6 address in the port
information, the VM port would be having the IPv6 address configured on
its interface. Since the port would anyway have the IPv6 address,
Neutron includes the IPv6 addresses (i.e., SLAAC/DHCPv6-Stateless) for
the user to be aware of the list of addresses on the port.

Please note that this behavior is only for IPv6 subnets configured with
SLAAC/DHCPv6-Stateless and not for DHCPv6 Stateful subnets.

Regarding the floating-ip behavior, the issue is recently fixed with the
following patch - https://review.openstack.org/#/c/198908/
[1]
http://specs.openstack.org/openstack/neutron-specs/specs/kilo/multiple-ipv6-prefixes.html#proposed-change

Regards,
--Sridhar.

On 07/22/2015 04:35 PM, zhaobo wrote:

Hi ,
Could anyone please check the bug below? I had received message from
some kind people, but I didn't get the answer which i want.
The key point is why the created port with specify ipv4 subnet as
fixed-ip get an ipv6 addr when there are some ipv6 slaac/dhcpstateful
subnets.
And I know the slaac subnet will automatic allocate an ipv6 addr.
Users may be confused about this behavior.

https://bugs.launchpad.net/neutron/+bug/1467791

This bug description:
When the created network contains one ipv4 subnet and an ipv6 subnet
which turned on slaac or stateless.

When I create a port use cmd like:
neutron port-create --fixed-ip subnet_id=$[ipv4_subnet_id]
$[network_id/name]
The specified fixed-ip is ipv4_subnet, but the returned port contained
the ipv6 subnet.

If user just want a port with ipv4 , why returned port had allocated
an ipv6 address.
And I know this is an design behavior from
http://specs.openstack.org/openstack/neutron-specs/specs/kilo/multiple-ipv6-prefixes.html#proposed-change

But we are still confused about this operation.

And when we create floatingip and the external network just contained
an ipv6 slaac subnet, the port will contained the ipv6 addr . Are
there some issues ?

Thank you anyone could help for confirm this issue , and wish you
return the message asap.

ZhaoBo

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

2015-01-05 Thread Anita Kuno

On 01/02/2015 08:43 AM, Paul Michali (pcm) wrote:
 To summarize what I’m trying to do with option (A)…
 
 I want to test VPN in DevStack by setting up two private networks, two 
 routers, and a shared public network. The VMs created in the private networks 
 should be able to access the public network, but not the other private 
 network (e.g. VM on private-A subnet can ping public interface of router2 on 
 private-B subnet)
 
   |
 VM-a
 
 
 Do I need to create the second router and private network using a different 
 tenant?
 Do I need to setup security group rules to allow the access desired?
 What local.conf settings do I need for this setup (beyond what I have below)?
 
 I’ve been trying so many different combinations (using both single and two 
 devstack setups, trying provider net, using single/multiple tenants) and have 
 been getting a variety of different results, from unexpected ping results, to 
 VMs stuck in power state PAUSED, that I’m lost as to how to set this up. I 
 think I’m hung up on the security group rules and how to setup the bridges.
 
 What I’d like to do, is just focus on this option (A) - using a single 
 devstack with multiple routers, and see if that works. If not, I can focus on 
 option (B), using two devstacks/hosts.
 
 Since I’m pretty much out of ideas on how to fix this for now, I’m going to 
 try to see if I can get on a bare metal setup, which has worked in the past.
 
 Any ideas? I’d like to verify VPNaaS reference implementation with the new 
 repo changes. Been spending some time over the holiday vacation playing with 
 this, with no joy. :(
 
 
 PCM (Paul Michali)
 
 MAIL …..…. p...@cisco.commailto:p...@cisco.com
 IRC ……..… pc_m (irc.freenode.comhttp://irc.freenode.com)
 TW ………... @pmichali
 GPG Key … 4525ECC253E31A83
 Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83

Hi Paul:

It might be worth your while to add an agenda item to the infra meeting
agenda https://wiki.openstack.org/wiki/Meetings/InfraTeamMeeting

It might help you get a sense of what is necessary to fill the gaps
either in tech or knowledge.

Thanks,
Anita.
 
 
 
 
 On Dec 31, 2014, at 2:35 PM, Paul Michali (pcm) 
 p...@cisco.commailto:p...@cisco.com wrote:
 
 Just more data…
 
 I keep consistently seeing that on private subnet, the VM can only access 
 router (as expected), but on privateB subnet, the VM can access the private 
 I/F of router1 on private subnet. From the router’s namespace, I cannot ping 
 the local VM (why not?). Oddly, I can ping router1’s private IP from router2 
 namespace!
 
 I tried these commands to create security group rules (are they wrong?):
 
 # There are two default groups created by DevStack
 group=`neutron security-group-list | grep default | cut -f 2 -d' ' | head -1`
 neutron security-group-rule-create --protocol ICMP $group
 neutron security-group-rule-create --protocol tcp --port-range-min 22 
 --port-range-max 22 $group
 group=`neutron security-group-list | grep default | cut -f 2 -d' ' | tail -1`
 neutron security-group-rule-create --protocol ICMP $group
 neutron security-group-rule-create --protocol tcp --port-range-min 22 
 --port-range-max 22 $group
 
 The only change that happens, when I do these commands, is that the VM in 
 privateB subnet can now ping the VM from private subnet, but not vice versa. 
 From router1 namespace, it can then access local VMs. From router2 namespace 
 it can access local VMs and VMs in private subnet (all access).
 
 It seems like I have some issue with security groups, and I need to square 
 that away, before I can test VPN out.
 
 Am I creating the security group rules correctly?
 My goal is that the private nets can access the public net, but not each 
 other (until VPN connection is established).
 
 Lastly, in this latest try, I set OVS_PHYSICAL_BRIDGE=br-ex. In earlier runs 
 w/o that, there were QVO interfaces, but no QVB or QBR interfaces at all. It 
 didn’t seem to change connectivity, however.
 
 Ideas?
 
 PCM (Paul Michali)
 
 MAIL …..…. p...@cisco.commailto:p...@cisco.com
 IRC ……..… pc_m (irc.freenode.comhttp://irc.freenode.com/)
 TW ………... @pmichali
 GPG Key … 4525ECC253E31A83
 Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
 
 
 
 
 On Dec 31, 2014, at 10:33 AM, Paul Michali (pcm) 
 p...@cisco.commailto:p...@cisco.com wrote:
 
 I’ve been playing a bit with trying to get VPNaaS working post-repo split, 
 and haven’t been successful. I’m trying it a few ways with DevStack, and I’m 
 not sure whether I have a config error, setup issue, or there is something 
 due to the split.
 
 In the past (and it’s been a few months since I verified VPN operation), I 
 used two bare metal machines and an external switch connecting them. With a 
 DevStack cloud running on each. That configuration is currently setup for a 
 vendor VPN solution, so I wanted to try different methods to test the 
 reference VPN implementation. I’ve got two ideas to do this:
 
 A) Run DevStack and create two routers with

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

2015-01-02 Thread Paul Michali (pcm)

To summarize what I’m trying to do with option (A)…

I want to test VPN in DevStack by setting up two private networks, two routers, 
and a shared public network. The VMs created in the private networks should be 
able to access the public network, but not the other private network (e.g. VM 
on private-A subnet can ping public interface of router2 on private-B subnet)

  |
VM-a


Do I need to create the second router and private network using a different 
tenant?
Do I need to setup security group rules to allow the access desired?
What local.conf settings do I need for this setup (beyond what I have below)?

I’ve been trying so many different combinations (using both single and two 
devstack setups, trying provider net, using single/multiple tenants) and have 
been getting a variety of different results, from unexpected ping results, to 
VMs stuck in power state PAUSED, that I’m lost as to how to set this up. I 
think I’m hung up on the security group rules and how to setup the bridges.

What I’d like to do, is just focus on this option (A) - using a single devstack 
with multiple routers, and see if that works. If not, I can focus on option 
(B), using two devstacks/hosts.

Since I’m pretty much out of ideas on how to fix this for now, I’m going to try 
to see if I can get on a bare metal setup, which has worked in the past.

Any ideas? I’d like to verify VPNaaS reference implementation with the new repo 
changes. Been spending some time over the holiday vacation playing with this, 
with no joy. :(


PCM (Paul Michali)

MAIL …..…. p...@cisco.commailto:p...@cisco.com
IRC ……..… pc_m (irc.freenode.comhttp://irc.freenode.com)
TW ………... @pmichali
GPG Key … 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83




On Dec 31, 2014, at 2:35 PM, Paul Michali (pcm) 
p...@cisco.commailto:p...@cisco.com wrote:

Just more data…

I keep consistently seeing that on private subnet, the VM can only access 
router (as expected), but on privateB subnet, the VM can access the private I/F 
of router1 on private subnet. From the router’s namespace, I cannot ping the 
local VM (why not?). Oddly, I can ping router1’s private IP from router2 
namespace!

I tried these commands to create security group rules (are they wrong?):

# There are two default groups created by DevStack
group=`neutron security-group-list | grep default | cut -f 2 -d' ' | head -1`
neutron security-group-rule-create --protocol ICMP $group
neutron security-group-rule-create --protocol tcp --port-range-min 22 
--port-range-max 22 $group
group=`neutron security-group-list | grep default | cut -f 2 -d' ' | tail -1`
neutron security-group-rule-create --protocol ICMP $group
neutron security-group-rule-create --protocol tcp --port-range-min 22 
--port-range-max 22 $group

The only change that happens, when I do these commands, is that the VM in 
privateB subnet can now ping the VM from private subnet, but not vice versa. 
From router1 namespace, it can then access local VMs. From router2 namespace it 
can access local VMs and VMs in private subnet (all access).

It seems like I have some issue with security groups, and I need to square that 
away, before I can test VPN out.

Am I creating the security group rules correctly?
My goal is that the private nets can access the public net, but not each other 
(until VPN connection is established).

Lastly, in this latest try, I set OVS_PHYSICAL_BRIDGE=br-ex. In earlier runs 
w/o that, there were QVO interfaces, but no QVB or QBR interfaces at all. It 
didn’t seem to change connectivity, however.

Ideas?

PCM (Paul Michali)

MAIL …..…. p...@cisco.commailto:p...@cisco.com
IRC ……..… pc_m (irc.freenode.comhttp://irc.freenode.com/)
TW ………... @pmichali
GPG Key … 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83




On Dec 31, 2014, at 10:33 AM, Paul Michali (pcm) 
p...@cisco.commailto:p...@cisco.com wrote:

I’ve been playing a bit with trying to get VPNaaS working post-repo split, and 
haven’t been successful. I’m trying it a few ways with DevStack, and I’m not 
sure whether I have a config error, setup issue, or there is something due to 
the split.

In the past (and it’s been a few months since I verified VPN operation), I used 
two bare metal machines and an external switch connecting them. With a DevStack 
cloud running on each. That configuration is currently setup for a vendor VPN 
solution, so I wanted to try different methods to test the reference VPN 
implementation. I’ve got two ideas to do this:

A) Run DevStack and create two routers with a shared “public” network, and two 
private networks, setting up a VPN connection between the private nets.
B) Run two DevStack instances (on two VMs) and try to setup a provider network 
between them.

I’m starting with A (though I did try B quickly, but it didn’t work), and I 
spun up the stack, added a second router (all under the same tenant), created 
another private network, and booted a Cirros VM in each private

[openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

2014-12-31 Thread Paul Michali (pcm)

I’ve been playing a bit with trying to get VPNaaS working post-repo split, and 
haven’t been successful. I’m trying it a few ways with DevStack, and I’m not 
sure whether I have a config error, setup issue, or there is something due to 
the split.

In the past (and it’s been a few months since I verified VPN operation), I used 
two bare metal machines and an external switch connecting them. With a DevStack 
cloud running on each. That configuration is currently setup for a vendor VPN 
solution, so I wanted to try different methods to test the reference VPN 
implementation. I’ve got two ideas to do this:

A) Run DevStack and create two routers with a shared “public” network, and two 
private networks, setting up a VPN connection between the private nets.
B) Run two DevStack instances (on two VMs) and try to setup a provider network 
between them.

I’m starting with A (though I did try B quickly, but it didn’t work), and I 
spun up the stack, added a second router (all under the same tenant), created 
another private network, and booted a Cirros VM in each private net.

Before even trying VPN, I checked pings. From the first private net VM 
(10.1.0.4), I could ping on the pubic net, including the public IP of the 
second private net’s public interface for its router. I cannot ping the VM from 
the host. That seems all expected to me.

What seems wrong is the other VM (this is on the post stack net I created). 
Like the other VM, I can ping public net IPs. However, I can also ping the 
private net address of the first network’s router (10.1.0.1)! Shouldn’t that 
have failed (at least that was what I was expecting)? I can’t ping the VM on 
that side though. Another curiosity is that the VM got the second IP on the 
subnet (10.2.0.2), unlike the other private net, where DHCP and a compute probe 
got the 2nd and 3rd IPs. There is DHCP enabled on this private network.

When I tried VPN, both connections show as DOWN, and all I see are phase 1 
ident packets. I cannot ping from VM to VM. I don’t see any logging for the 
OpenSwan processes, so not to sure how to debug. Maybe I can try some ipsec 
show command?

I’m not too sure what is wrong with this setup.

For a comparison, I decided to do the same thing, using stable/juno. So, I 
fired up a VM and cloned DevStack with stable/juno and stacked. This time, 
things are even worse! When I try to boot a VM, and then check the status, the 
VM is in PAUSED power state. I can’t seem to unpause (nor do I know why it is 
in this state). Verified this with both Cirros 3.3, 3.2, and Ubuntu cloud 
images:

+--++
| Property | Value  
|
+--++
| OS-DCF:diskConfig| MANUAL 
|
| OS-EXT-AZ:availability_zone  | nova   
|
| OS-EXT-SRV-ATTR:host | juno   
|
| OS-EXT-SRV-ATTR:hypervisor_hostname  | juno   
|
| OS-EXT-SRV-ATTR:instance_name| instance-0001  
|
| OS-EXT-STS:power_state   | 3  
|
| OS-EXT-STS:task_state| -  
|
| OS-EXT-STS:vm_state  | active 
|
| OS-SRV-USG:launched_at   | 2014-12-31T15:15:33.00 
|
| OS-SRV-USG:terminated_at | -  
|
| accessIPv4   |
|
| accessIPv6   |
|
| config_drive |
|
| created  | 2014-12-31T15:15:24Z   
|
| flavor   | m1.tiny (1)
|
| hostId   | 
5b0c48250ccc0ac3fca8a821e29e4b154ec0b101f9cc0a0b27071a3f   |
| id   | ec5c8d70-ae80-4cc3-a5bb-b68019170dd6   
|
| image| cirros-0.3.3-x86_64-uec 
(797e4dee-8c03-497f-8dac-a44b9351dfa3) |
| key_name | -  
|
| metadata | {}

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

2014-12-31 Thread Paul Michali (pcm)

Just more data…

I keep consistently seeing that on private subnet, the VM can only access 
router (as expected), but on privateB subnet, the VM can access the private I/F 
of router1 on private subnet. From the router’s namespace, I cannot ping the 
local VM (why not?). Oddly, I can ping router1’s private IP from router2 
namespace!

I tried these commands to create security group rules (are they wrong?):

# There are two default groups created by DevStack
group=`neutron security-group-list | grep default | cut -f 2 -d' ' | head -1`
neutron security-group-rule-create --protocol ICMP $group
neutron security-group-rule-create --protocol tcp --port-range-min 22 
--port-range-max 22 $group
group=`neutron security-group-list | grep default | cut -f 2 -d' ' | tail -1`
neutron security-group-rule-create --protocol ICMP $group
neutron security-group-rule-create --protocol tcp --port-range-min 22 
--port-range-max 22 $group

The only change that happens, when I do these commands, is that the VM in 
privateB subnet can now ping the VM from private subnet, but not vice versa. 
From router1 namespace, it can then access local VMs. From router2 namespace it 
can access local VMs and VMs in private subnet (all access).

It seems like I have some issue with security groups, and I need to square that 
away, before I can test VPN out.

Am I creating the security group rules correctly?
My goal is that the private nets can access the public net, but not each other 
(until VPN connection is established).

Lastly, in this latest try, I set OVS_PHYSICAL_BRIDGE=br-ex. In earlier runs 
w/o that, there were QVO interfaces, but no QVB or QBR interfaces at all. It 
didn’t seem to change connectivity, however.

Ideas?

PCM (Paul Michali)

MAIL …..…. p...@cisco.com
IRC ……..… pc_m (irc.freenode.com)
TW ………... @pmichali
GPG Key … 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83




On Dec 31, 2014, at 10:33 AM, Paul Michali (pcm) p...@cisco.com wrote:

 I’ve been playing a bit with trying to get VPNaaS working post-repo split, 
 and haven’t been successful. I’m trying it a few ways with DevStack, and I’m 
 not sure whether I have a config error, setup issue, or there is something 
 due to the split.
 
 In the past (and it’s been a few months since I verified VPN operation), I 
 used two bare metal machines and an external switch connecting them. With a 
 DevStack cloud running on each. That configuration is currently setup for a 
 vendor VPN solution, so I wanted to try different methods to test the 
 reference VPN implementation. I’ve got two ideas to do this:
 
 A) Run DevStack and create two routers with a shared “public” network, and 
 two private networks, setting up a VPN connection between the private nets.
 B) Run two DevStack instances (on two VMs) and try to setup a provider 
 network between them.
 
 I’m starting with A (though I did try B quickly, but it didn’t work), and I 
 spun up the stack, added a second router (all under the same tenant), created 
 another private network, and booted a Cirros VM in each private net.
 
 Before even trying VPN, I checked pings. From the first private net VM 
 (10.1.0.4), I could ping on the pubic net, including the public IP of the 
 second private net’s public interface for its router. I cannot ping the VM 
 from the host. That seems all expected to me.
 
 What seems wrong is the other VM (this is on the post stack net I created). 
 Like the other VM, I can ping public net IPs. However, I can also ping the 
 private net address of the first network’s router (10.1.0.1)! Shouldn’t that 
 have failed (at least that was what I was expecting)? I can’t ping the VM on 
 that side though. Another curiosity is that the VM got the second IP on the 
 subnet (10.2.0.2), unlike the other private net, where DHCP and a compute 
 probe got the 2nd and 3rd IPs. There is DHCP enabled on this private network.
 
 When I tried VPN, both connections show as DOWN, and all I see are phase 1 
 ident packets. I cannot ping from VM to VM. I don’t see any logging for the 
 OpenSwan processes, so not to sure how to debug. Maybe I can try some ipsec 
 show command?
 
 I’m not too sure what is wrong with this setup.
 
 For a comparison, I decided to do the same thing, using stable/juno. So, I 
 fired up a VM and cloned DevStack with stable/juno and stacked. This time, 
 things are even worse! When I try to boot a VM, and then check the status, 
 the VM is in PAUSED power state. I can’t seem to unpause (nor do I know why 
 it is in this state). Verified this with both Cirros 3.3, 3.2, and Ubuntu 
 cloud images:
 
 +--++
 | Property | Value
   |
 +--++
 | OS-DCF:diskConfig| MANUAL

Re: [openstack-dev] [Neutron] for help!

2014-09-30 Thread Fawad Khaliq

Hi Chengyong,

I remember there is a blueprint[1] by Edgar Magana which talks about
similar use cases but that still marked for discussion whether this belongs
to Neutron or Heat.

[1] https://blueprints.launchpad.net/neutron/+spec/network-topologies-api

Fawad Khaliq

On Tue, Sep 30, 2014 at 2:26 PM, Linchengyong linchengy...@huawei.com
wrote:

  Dear all,

 Could anyone help me?  I have some questions to trouble .

 1. Can the neutron create complex virtual network topology? Such as,
 any two routers' interconnection between each other.

 2. If can't, Does the neutron team have any plan to support the
 complex virtual network topology?

 3. As we can't create the complex virtual network topology with the
 GUI, we are wondering whether the neutron has already supported the feature
 to create complex virtual network topology, but just constrained by the GUI?



 Thanks very much.



 Best Regards,

 Chengyong Lin



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] for help!

2014-09-30 Thread Salvatore Orlando

On 30 September 2014 10:26, Linchengyong linchengy...@huawei.com wrote:

  Dear all,

 Could anyone help me?  I have some questions to trouble .

 1. Can the neutron create complex virtual network topology? Such as,
 any two routers' interconnection between each other.


Only if you bridge them with a network - direct connections are not
possible at the moment.
Something like:
 169.254.169.1   169.254.169.2
  R1 --- BRIDGE --- R2
   |
 |
   INT_NET_1 INT_NET_2

Also neutron routers do not support at the moment dynamic routing
protocols, so you'll have to manage static routes (eg. INT_NET_1's cidr on
R2 via 169.254.169.1)

  2. If can't, Does the neutron team have any plan to support the
 complex virtual network topology?

Neutron has plans for everything and the exact opposite! If you think it
should support more complex topologies - whatever that might mean - feel
free to share your ideas.

  3. As we can't create the complex virtual network topology with the
 GUI, we are wondering whether the neutron has already supported the feature
 to create complex virtual network topology, but just constrained by the GUI?

I reckon Horizon pretty much allows for controlling most of neutron API
features. I'm not sure about static routes however.




 Thanks very much.



 Best Regards,

 Chengyong Lin



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

2014-05-23 Thread Edgar Magana Perdomo (eperdomo)

Chen,

Let me know if I can help on anything!
I see that Gary and Rosella already sent you good pointers to get involve in 
Neutron development but I am happy to help if needed.

Edgar

From: Rossella Sblendido rsblend...@suse.commailto:rsblend...@suse.com
Reply-To: OpenStack Development Mailing List (not for usage questions) 
openstack-dev@lists.openstack.orgmailto:openstack-dev@lists.openstack.org
Date: Thursday, May 22, 2014 at 2:29 AM
To: OpenStack Development Mailing List (not for usage questions) 
openstack-dev@lists.openstack.orgmailto:openstack-dev@lists.openstack.org
Subject: Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

Hello chen,

You are already doing great, using irc and the mailing list is a good start.

Let me give you some links that can help you ramping up:

Neutron development:
https://wiki.openstack.org/wiki/NeutronDevelopment

If you wanna contribute fixing some bug I suggest you have a look at the low 
hanging fruits:
https://wiki.openstack.org/wiki/NeutronStarterBugs

We are using Gerrit, read here how to set it up:
https://wiki.openstack.org/wiki/Gerrit_Workflow

If you are more interested into documentation please follow this guide:
https://wiki.openstack.org/wiki/Documentation/HowTo
I am not an expert here, maybe you should contact Edgar Magana, irc: emagana

Feel free to contact me on irc, my nick is rossella-s

thanks for your interest in Neutron!

Rossella

On 05/22/2014 10:56 AM, Li, Chen wrote:
Hi list,

I have using Openstack/Neutron for a while.
And now I hope I can do some contributions too.
But neutron is too complicated, I don’t know where to start.

In IRC, iwamoto suggested me to work with developer doc team.
That sounds like a good idea.
But I still doesn’t know what/where I should start with.
Can someone help me ?

Or just told me anything you think I can work on ?

Thanks.
-chen

I used to working on CentOS, installing neutron directly using command “yum 
install neutron-xxx”.
Now, I have already download neutron code, and run successfully run unittest.







___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.orgmailto:OpenStack-dev@lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [Neutron] Need help to start contribute to Neutron

2014-05-22 Thread Li, Chen

Hi list,

I have using Openstack/Neutron for a while.
And now I hope I can do some contributions too.
But neutron is too complicated, I don't know where to start.

In IRC, iwamoto suggested me to work with developer doc team.
That sounds like a good idea.
But I still doesn't know what/where I should start with.
Can someone help me ?

Or just told me anything you think I can work on ?

Thanks.
-chen

I used to working on CentOS, installing neutron directly using command yum 
install neutron-xxx.
Now, I have already download neutron code, and run successfully run unittest.




___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

2014-05-22 Thread Rossella Sblendido

Hello chen,

You are already doing great, using irc and the mailing list is a good start.

Let me give you some links that can help you ramping up:

Neutron development:
https://wiki.openstack.org/wiki/NeutronDevelopment

If you wanna contribute fixing some bug I suggest you have a look at the
low hanging fruits:
https://wiki.openstack.org/wiki/NeutronStarterBugs

We are using Gerrit, read here how to set it up:
https://wiki.openstack.org/wiki/Gerrit_Workflow

If you are more interested into documentation please follow this guide:
https://wiki.openstack.org/wiki/Documentation/HowTo
I am not an expert here, maybe you should contact Edgar Magana, irc: emagana

Feel free to contact me on irc, my nick is rossella-s

thanks for your interest in Neutron!

Rossella

On 05/22/2014 10:56 AM, Li, Chen wrote:

 Hi list,

  

 I have using Openstack/Neutron for a while.

 And now I hope I can do some contributions too.

 But neutron is too complicated, I don't know where to start.

  

 In IRC, iwamoto suggested me to work with developer doc team.

 That sounds like a good idea.

 But I still doesn't know what/where I should start with.

 Can someone help me ?

  

 Or just told me anything you think I can work on ?

  

 Thanks.

 -chen

  

 I used to working on CentOS, installing neutron directly using command
 yum install neutron-xxx.

 Now, I have already download neutron code, and run successfully run
 unittest.

  

  

  

  



 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

2014-05-22 Thread Gary Kotton

Hi,
I would suggest the following:

 1.  Look at the bugs and see if there is any low hanging fruit - 
https://bugs.launchpad.net/neutron/+bugs?field.tag=low-hanging-fruit
 2.  Try and add some additional unit tests – pick a section of code that 
interests you and try and see that it has some good code coverage with the unit 
tests
 3.  Go over the blueprints and see if there is something that interests you – 
if so, ask the guys driving it if you can help

Good luck.
Thanks
Gary

From: Li, Chen chen...@intel.commailto:chen...@intel.com
Reply-To: OpenStack Development Mailing List (not for usage questions) 
openstack-dev@lists.openstack.orgmailto:openstack-dev@lists.openstack.org
Date: Thursday, May 22, 2014 11:56 AM
To: OpenStack Development Mailing List (not for usage questions) 
openstack-dev@lists.openstack.orgmailto:openstack-dev@lists.openstack.org
Subject: [openstack-dev] [Neutron] Need help to start contribute to Neutron

Hi list,

I have using Openstack/Neutron for a while.
And now I hope I can do some contributions too.
But neutron is too complicated, I don’t know where to start.

In IRC, iwamoto suggested me to work with developer doc team.
That sounds like a good idea.
But I still doesn’t know what/where I should start with.
Can someone help me ?

Or just told me anything you think I can work on ?

Thanks.
-chen

I used to working on CentOS, installing neutron directly using command “yum 
install neutron-xxx”.
Now, I have already download neutron code, and run successfully run unittest.




___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-04 Thread Paul Michali

,
 self.driver = mock.Mock()
 self.driver.service_type = ipsec_driver.IPSEC
 driver_cls.return_value = self.driver
 + vpnaas_provider = (p_constants.VPN +
 + ':vpnaas:neutron.services.vpn.'
 + 'service_drivers.ipsec.IPsecVPNDriver:default' )
 + cfg.CONF.set_override('service_provider',
 + [vpnaas_provider], 'service_providers')
 super(TestVPNDriverPlugin, self).setUp(
 vpnaas_plugin=VPN_DRIVER_CLASS)
 
 
 
 From: Paul Michali p...@cisco.com
 To: OpenStack Development Mailing List (not for usage questions) 
 openstack-dev@lists.openstack.org
 Sent: Tuesday, March 4, 2014 1:28:48 PM
 Subject: [openstack-dev] Neutron: Need help with tox failure in VPN code
 
 Hi,
 
 I'm stuck and can use some guidance here…please!
 
 I have a change set out for review that used the VPN Service Type Framework ( 
 https://review.openstack.org/74144). Everything worked fine, passed Jenkins, 
 etc.
 
 Found out that the STF won't make it to I-3, so I removed the dependency from 
 my change set and tried to modify the plugin.py file to use some STF logic 
 (like LBaaS uses) to load the desired service driver that is specified as the 
 default. Adjusted the code to no longer use provider info.
 
 Well, in doing so, tox fails, and unfortunately there little info on the 
 failure. This can be seen by running a subset of the tests, where 2 fail:
 
 tox -e py27 -v -- neutron.tests.unit.services.vpn
 
 only the name of a failing test case for one, and a mention of return code 10 
 on another and no other info on the failure reason. I didn't see this on a 
 full tox run in my repo, but Jenkins failed and Akihiro noticed it too, in 
 running the above subset of the suite (thanks!).
 
 
 I've narrow it down a bit, but have no idea why it fails…
 
 One, it seems to be some interaction between test_vpnaas_driver_plugin.py and 
 the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove 
 either one of the service driver tests cases, and it will still fail with the 
 other one (so even the reference code fails).
 
 Two, if I change plugin.py to set self.driver to the reference device driver 
 (as is done in the latest patch set) it works fine with all test cases.
 
 Three, it seems to be a test only issue, because I can run devstack with the 
 login I have in plugin.py, currently commented out in __init__(), and 
 successfully load either the reference or cisco service driver, by changing 
 neutron.conf.
 
 It seems like I'm doing something wrong in the loading of the service driver, 
 or using this implementation, is somehow interacting with the tests.
 
 If anyone has ideas on what is wrong, or a better way to load the service 
 driver, please let me know. I was thinking I could read and parse 
 neutron.conf manually and then load the service driver, but there must be a 
 better way!
 
 Thanks!
 
 PCM (Paul Michali)
 
 MAIL  p...@cisco.com
 IRCpcm_  (irc.freenode.net)
 TW@pmichali
 GPG key4525ECC253E31A83
 Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
 
 
 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-devk=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0Ar=F5etm0B6kVJ9jleIhCvNyA%3D%3D%0Am=J3ghWIVLPZdVsutjofb71dKYtoj4XxhrER%2FD8VzKRX0%3D%0As=09cf53ed99065938661b61453a717d77ba3b1ec069c48e356b358d472d3b526a
 
 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-04 Thread Paul Michali

 ikepolicy and ipsecpolicy update usecase
  def __init__(self):
  super(VPNDriverPlugin, self).__init__()
 -self.ipsec_driver = ipsec_driver.IPsecVPNDriver(self)
 -# Currently, if the following code is used, there are UT failures
 -# self.service_type_manager = st_db.ServiceTypeManager.get_instance()
 -# drivers, default_provider = service_base.load_drivers(
 -# constants.VPN, self)
 -# self.ipsec_driver = drivers[default_provider]
 +# Dynamically load the current service driver
 +drivers, default_provider = service_base.load_drivers(
 +constants.VPN, self)
 +self.ipsec_driver = drivers[default_provider]
  
  def _get_driver_for_vpnservice(self, vpnservice):
  return self.ipsec_driver
 diff --git a/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py 
 b/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py
 index 8c25d7e..9531938 100644
 --- a/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py
 +++ b/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py
 @@ -17,6 +17,7 @@
  import contextlib
  
  import mock
 +from oslo.config import cfg
  
  from neutron.common import constants
  from neutron import context
 @@ -44,6 +45,12 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
  self.driver = mock.Mock()
  self.driver.service_type = ipsec_driver.IPSEC
  driver_cls.return_value = self.driver
 +vpnaas_provider = (p_constants.VPN +
 +   ':vpnaas:neutron.services.vpn.'
 +   'service_drivers.ipsec.IPsecVPNDriver:default')
 +cfg.CONF.set_override('service_provider',
 +  [vpnaas_provider],
 +  'service_providers')
  super(TestVPNDriverPlugin, self).setUp(
  vpnaas_plugin=VPN_DRIVER_CLASS)
 
 
 Any advise?
 
 
 PCM (Paul Michali)
 
 MAIL  p...@cisco.com
 IRCpcm_  (irc.freenode.net)
 TW@pmichali
 GPG key4525ECC253E31A83
 Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
 
 On Mar 4, 2014, at 1:31 AM, Bo Lin l...@vmware.com wrote:
 
 I don't know whether i got your point. But try to modify 
 /neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py like the 
 following, the error would be fixed:
 --- a/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py
 +++ b/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py
 @@ -17,6 +17,7 @@
 import contextlib
 
 import mock
 +from oslo.config import cfg
 
 from neutron.common import constants
 from neutron import context
 @@ -44,6 +45,11 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas,
 self.driver = mock.Mock()
 self.driver.service_type = ipsec_driver.IPSEC
 driver_cls.return_value = self.driver
 + vpnaas_provider = (p_constants.VPN +
 + ':vpnaas:neutron.services.vpn.'
 + 'service_drivers.ipsec.IPsecVPNDriver:default' )
 + cfg.CONF.set_override('service_provider',
 + [vpnaas_provider], 'service_providers')
 super(TestVPNDriverPlugin, self).setUp(
 vpnaas_plugin=VPN_DRIVER_CLASS)
 
 
 
 From: Paul Michali p...@cisco.com
 To: OpenStack Development Mailing List (not for usage questions) 
 openstack-dev@lists.openstack.org
 Sent: Tuesday, March 4, 2014 1:28:48 PM
 Subject: [openstack-dev] Neutron: Need help with tox failure in VPN code
 
 Hi,
 
 I'm stuck and can use some guidance here…please!
 
 I have a change set out for review that used the VPN Service Type Framework 
 ( https://review.openstack.org/74144). Everything worked fine, passed 
 Jenkins, etc.
 
 Found out that the STF won't make it to I-3, so I removed the dependency 
 from my change set and tried to modify the plugin.py file to use some STF 
 logic (like LBaaS uses) to load the desired service driver that is specified 
 as the default. Adjusted the code to no longer use provider info.
 
 Well, in doing so, tox fails, and unfortunately there little info on the 
 failure. This can be seen by running a subset of the tests, where 2 fail:
 
 tox -e py27 -v -- neutron.tests.unit.services.vpn
 
 only the name of a failing test case for one, and a mention of return code 
 10 on another and no other info on the failure reason. I didn't see this on 
 a full tox run in my repo, but Jenkins failed and Akihiro noticed it too, in 
 running the above subset of the suite (thanks!).
 
 
 I've narrow it down a bit, but have no idea why it fails…
 
 One, it seems to be some interaction between test_vpnaas_driver_plugin.py 
 and the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove 
 either one of the service driver tests cases, and it will still fail with 
 the other one (so even the reference code fails).
 
 Two, if I change plugin.py to set self.driver to the reference device driver 
 (as is done in the latest patch set) it works fine with all test cases.
 
 Three, it seems to be a test only issue, because I can run devstack

[openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-03 Thread Paul Michali

Hi,

I'm stuck and can use some guidance here…please!

I have a change set out for review that used the VPN Service Type Framework ( 
https://review.openstack.org/74144). Everything worked fine, passed Jenkins, 
etc.

Found out that the STF won't make it to I-3, so I removed the dependency from 
my change set and tried to modify the plugin.py file to use some STF logic 
(like LBaaS uses) to load the desired service driver that is specified as the 
default. Adjusted the code to no longer use provider info.

Well, in doing so, tox fails, and unfortunately there little info on the 
failure. This can be seen by running a subset of the tests, where 2 fail:

tox -e py27 -v -- neutron.tests.unit.services.vpn

only the name of a failing test case for one, and a mention of return code 10 
on another and no other info on the failure reason. I didn't see this on a full 
tox run in my repo, but Jenkins failed and Akihiro noticed it too, in running 
the above subset of the suite (thanks!).


I've narrow it down a bit, but have no idea why it fails…

One, it seems to be some interaction between test_vpnaas_driver_plugin.py and 
the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove either 
one of the service driver tests cases, and it will still fail with the other 
one (so even the reference code fails).

Two, if I change plugin.py to set self.driver to the reference device driver 
(as is done in the latest patch set) it works fine with all test cases.

Three, it seems to be a test only issue, because I can run devstack with the 
login I have in plugin.py, currently commented out in __init__(), and 
successfully load either the reference or cisco service driver, by changing 
neutron.conf.

It seems like I'm doing something wrong in the loading of the service driver, 
or using this implementation, is somehow interacting with the tests.

If anyone has ideas on what is wrong, or a better way to load the service 
driver, please let me know. I was thinking I could read and parse neutron.conf 
manually and then load the service driver, but there must be a better way!

Thanks!

PCM (Paul Michali)

MAIL  p...@cisco.com
IRCpcm_  (irc.freenode.net)
TW@pmichali
GPG key4525ECC253E31A83
Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-03 Thread Nachi Ueno

./run_test.sh or ./run_test.sh -d package_name is working?

2014-03-03 21:28 GMT-08:00 Paul Michali p...@cisco.com:
 Hi,

 I'm stuck and can use some guidance here...please!

 I have a change set out for review that used the VPN Service Type Framework
 ( https://review.openstack.org/74144). Everything worked fine, passed
 Jenkins, etc.

 Found out that the STF won't make it to I-3, so I removed the dependency
 from my change set and tried to modify the plugin.py file to use some STF
 logic (like LBaaS uses) to load the desired service driver that is specified
 as the default. Adjusted the code to no longer use provider info.

 Well, in doing so, tox fails, and unfortunately there little info on the
 failure. This can be seen by running a subset of the tests, where 2 fail:

 tox -e py27 -v -- neutron.tests.unit.services.vpn

 only the name of a failing test case for one, and a mention of return code
 10 on another and no other info on the failure reason. I didn't see this on
 a full tox run in my repo, but Jenkins failed and Akihiro noticed it too, in
 running the above subset of the suite (thanks!).


 I've narrow it down a bit, but have no idea why it fails...

 One, it seems to be some interaction between test_vpnaas_driver_plugin.py
 and the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove
 either one of the service driver tests cases, and it will still fail with
 the other one (so even the reference code fails).

 Two, if I change plugin.py to set self.driver to the reference device driver
 (as is done in the latest patch set) it works fine with all test cases.

 Three, it seems to be a test only issue, because I can run devstack with the
 login I have in plugin.py, currently commented out in __init__(), and
 successfully load either the reference or cisco service driver, by changing
 neutron.conf.

 It seems like I'm doing something wrong in the loading of the service
 driver, or using this implementation, is somehow interacting with the tests.

 If anyone has ideas on what is wrong, or a better way to load the service
 driver, please let me know. I was thinking I could read and parse
 neutron.conf manually and then load the service driver, but there must be a
 better way!

 Thanks!

 PCM (Paul Michali)

 MAIL  p...@cisco.com
 IRCpcm_  (irc.freenode.net)
 TW@pmichali
 GPG key4525ECC253E31A83
 Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83


 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-03 Thread Irena Berezovsky

Hi Paul,
I think the problem for tests failure is SystemExit exception raised by 
service_base.py when fails to load drivers by plugin. It terminates the tests.

BR,
Irena
From: Paul Michali [mailto:p...@cisco.com]
Sent: Tuesday, March 04, 2014 7:34 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] Neutron: Need help with tox failure in VPN code

Hi,

I'm stuck and can use some guidance here...please!

I have a change set out for review that used the VPN Service Type Framework ( 
https://review.openstack.org/74144). Everything worked fine, passed Jenkins, 
etc.

Found out that the STF won't make it to I-3, so I removed the dependency from 
my change set and tried to modify the plugin.py file to use some STF logic 
(like LBaaS uses) to load the desired service driver that is specified as the 
default. Adjusted the code to no longer use provider info.

Well, in doing so, tox fails, and unfortunately there little info on the 
failure. This can be seen by running a subset of the tests, where 2 fail:

tox -e py27 -v -- neutron.tests.unit.services.vpn

only the name of a failing test case for one, and a mention of return code 10 
on another and no other info on the failure reason. I didn't see this on a full 
tox run in my repo, but Jenkins failed and Akihiro noticed it too, in running 
the above subset of the suite (thanks!).

I've narrow it down a bit, but have no idea why it fails...

One, it seems to be some interaction between test_vpnaas_driver_plugin.py and 
the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove either 
one of the service driver tests cases, and it will still fail with the other 
one (so even the reference code fails).

Two, if I change plugin.py to set self.driver to the reference device driver 
(as is done in the latest patch set) it works fine with all test cases.

Three, it seems to be a test only issue, because I can run devstack with the 
login I have in plugin.py, currently commented out in __init__(), and 
successfully load either the reference or cisco service driver, by changing 
neutron.conf.

It seems like I'm doing something wrong in the loading of the service driver, 
or using this implementation, is somehow interacting with the tests.

If anyone has ideas on what is wrong, or a better way to load the service 
driver, please let me know. I was thinking I could read and parse neutron.conf 
manually and then load the service driver, but there must be a better way!

Thanks!

PCM (Paul Michali)

MAIL  p...@cisco.commailto:p...@cisco.com
IRCpcm_  (irc.freenode.nethttp://irc.freenode.net)
TW@pmichali
GPG key4525ECC253E31A83
Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

2014-03-03 Thread Bo Lin

I don't know whether i got your point. But try to modify 
/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py like the 
following, the error would be fixed: 
--- a/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py 
+++ b/neutron/tests/unit/services/vpn/test_vpnaas_driver_plugin.py 


@@ -17,6 +17,7 @@ 
import contextlib 

import mock 
+from oslo.config import cfg 

from neutron.common import constants 
from neutron import context 
@@ -44,6 +45,11 @@ class TestVPNDriverPlugin(test_db_vpnaas.TestVpnaas, 
self.driver = mock.Mock() 
self.driver.service_type = ipsec_driver.IPSEC 
driver_cls.return_value = self.driver 
+ vpnaas_provider = (p_constants.VPN + 
+ ':vpnaas:neutron.services.vpn.' 
+ 'service_drivers.ipsec.IPsecVPNDriver:default' ) 
+ cfg.CONF.set_override('service_provider', 
+ [vpnaas_provider], 'service_providers') 
super(TestVPNDriverPlugin, self).setUp( 
vpnaas_plugin=VPN_DRIVER_CLASS) 


- Original Message -

From: Paul Michali p...@cisco.com 
To: OpenStack Development Mailing List (not for usage questions) 
openstack-dev@lists.openstack.org 
Sent: Tuesday, March 4, 2014 1:28:48 PM 
Subject: [openstack-dev] Neutron: Need help with tox failure in VPN code 

Hi, 

I'm stuck and can use some guidance here…please! 

I have a change set out for review that used the VPN Service Type Framework ( 
https://review.openstack.org/74144 ). Everything worked fine, passed Jenkins, 
etc. 

Found out that the STF won't make it to I-3, so I removed the dependency from 
my change set and tried to modify the plugin.py file to use some STF logic 
(like LBaaS uses) to load the desired service driver that is specified as the 
default. Adjusted the code to no longer use provider info. 

Well, in doing so, tox fails, and unfortunately there little info on the 
failure. This can be seen by running a subset of the tests, where 2 fail: 

tox -e py27 -v -- neutron.tests.unit.services.vpn 

only the name of a failing test case for one, and a mention of return code 10 
on another and no other info on the failure reason. I didn't see this on a full 
tox run in my repo, but Jenkins failed and Akihiro noticed it too, in running 
the above subset of the suite (thanks!). 


I've narrow it down a bit, but have no idea why it fails… 

One, it seems to be some interaction between test_vpnaas_driver_plugin.py and 
the two service driver tests (cisco_ipsec.py and ipsec.py). I can remove either 
one of the service driver tests cases, and it will still fail with the other 
one (so even the reference code fails). 

Two, if I change plugin.py to set self.driver to the reference device driver 
(as is done in the latest patch set) it works fine with all test cases. 

Three, it seems to be a test only issue, because I can run devstack with the 
login I have in plugin.py, currently commented out in __init__(), and 
successfully load either the reference or cisco service driver, by changing 
neutron.conf. 

It seems like I'm doing something wrong in the loading of the service driver, 
or using this implementation, is somehow interacting with the tests. 

If anyone has ideas on what is wrong, or a better way to load the service 
driver, please let me know. I was thinking I could read and parse neutron.conf 
manually and then load the service driver, but there must be a better way! 

Thanks! 

PCM (Paul Michali) 

MAIL p...@cisco.com 
IRC pcm_ ( irc.freenode.net ) 
TW @pmichali 
GPG key 4525ECC253E31A83 
Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83 


___ 
OpenStack-dev mailing list 
OpenStack-dev@lists.openstack.org 
https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-devk=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0Ar=F5etm0B6kVJ9jleIhCvNyA%3D%3D%0Am=J3ghWIVLPZdVsutjofb71dKYtoj4XxhrER%2FD8VzKRX0%3D%0As=09cf53ed99065938661b61453a717d77ba3b1ec069c48e356b358d472d3b526a
 

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

[openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

Re: [openstack-dev] [Neutron] need help in translating sql query to sqlalchemy query

[openstack-dev] [neutron] Please help review this RFE

Re: [openstack-dev] [neutron][lbaas] Help on single create call

[openstack-dev] [Neutron] AGAIN HELP CONFIRM OR DISCUSS:create a port when network contain ipv4 subnets and ipv6 subnets, allocate ipv6 address to the port.

Re: [openstack-dev] [Neutron] AGAIN HELP CONFIRM OR DISCUSS:create a port when network contain ipv4 subnets and ipv6 subnets, allocate ipv6 address to the port.

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

[openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

Re: [openstack-dev] [neutron] Need help getting DevStack setup working for VPN testing

Re: [openstack-dev] [Neutron] for help!

Re: [openstack-dev] [Neutron] for help!

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

[openstack-dev] [Neutron] Need help to start contribute to Neutron

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

Re: [openstack-dev] [Neutron] Need help to start contribute to Neutron

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

[openstack-dev] Neutron: Need help with tox failure in VPN code

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

Re: [openstack-dev] Neutron: Need help with tox failure in VPN code

26 matches

Site Navigation

Mail list logo

Footer information