Bug #1448813 “radvd running as neutron user in Kilo, attached ne...” : Bugs : neutron

Revision history for this message

Matt Grant (mattgrant) wrote on 2015-04-27:

#1

Should be chmod 4750 /usr/sbin/radvd!

Kyle Mestery (mestery) on 2015-04-27

tags:	added: kilo-rc-potential
Changed in neutron:
milestone:	none → liberty-1
importance:	Undecided → High

Henry Gessau (gessau) on 2015-04-27

Changed in app-catalog:
status:	New → Confirmed
assignee:	nobody → Henry Gessau (gessau)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-27: Fix proposed to neutron (master)

#2

Fix proposed to branch: master
Review: https://review.openstack.org/177775

Changed in neutron:
assignee:	nobody → Henry Gessau (gessau)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-27: Fix proposed to neutron (stable/kilo)

#3

Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/177789

Revision history for this message

Baodong (Robert) Li (baoli) wrote on 2015-04-27:

#4

It would be helpful to see the full log of neutron l3 agent. Also, what's defined in /etc/neutron/rootwrap.d/l3.filters?

If radvd failed to launch, the gate test should have had it caught.

Revision history for this message

Henry Gessau (gessau) wrote on 2015-04-27:

#5

With neutron the root_filter can be rootwrap or sudo. The bug happens only for the sudo case. The neutron gate tests with rootwrap so this bug was not caught.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-28: Fix merged to neutron (master)

#6

Reviewed: https://review.openstack.org/177775
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=a5e54338770fc074e01fa88dbf909ee1af1b66b2
Submitter: Jenkins
Branch: master

commit a5e54338770fc074e01fa88dbf909ee1af1b66b2
Author: Henry Gessau <email address hidden>
Date: Mon Apr 27 09:59:21 2015 -0400

Run radvd as root

During the refactoring of external process management radvd lost
its root privileges.

Closes-bug: 1448813

Change-Id: I84883fe81684afafac9b024282a03f447c8f825a

Changed in neutron:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-28: Fix merged to neutron (stable/kilo)

#7

Reviewed: https://review.openstack.org/177789
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=7260e0e3fc2ea479e80e0962624aca7fd38a1f60
Submitter: Jenkins
Branch: stable/kilo

commit 7260e0e3fc2ea479e80e0962624aca7fd38a1f60
Author: Henry Gessau <email address hidden>
Date: Mon Apr 27 09:59:21 2015 -0400

Run radvd as root

During the refactoring of external process management radvd lost
its root privileges.

Closes-bug: 1448813

Change-Id: I84883fe81684afafac9b024282a03f447c8f825a
(cherry picked from commit a5e54338770fc074e01fa88dbf909ee1af1b66b2)

Thierry Carrez (ttx) on 2015-04-30

tags:

removed: kilo-rc-potential

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-30: Fix proposed to neutron (master)

#8

Fix proposed to branch: master
Review: https://review.openstack.org/179286

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-05-22: Fix proposed to neutron (neutron-pecan)

#9

Fix proposed to branch: neutron-pecan
Review: https://review.openstack.org/185072

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-06-10: Fix merged to neutron (master)

#10

Download full text (11.7 KiB)

Reviewed: https://review.openstack.org/179286
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=b8a09568b5bde8b71ad00468c27b757c98d9c0da
Submitter: Jenkins
Branch: master

commit 7260e0e3fc2ea479e80e0962624aca7fd38a1f60
Author: Henry Gessau <email address hidden>
Date: Mon Apr 27 09:59:21 2015 -0400

Run radvd as root

During the refactoring of external process management radvd lost
its root privileges.

Closes-bug: 1448813

Change-Id: I84883fe81684afafac9b024282a03f447c8f825a
(cherry picked from commit a5e54338770fc074e01fa88dbf909ee1af1b66b2)

commit d37e566dcadf8a540eb5f84b668847fa192393a1
Author: Kevin Benton <email address hidden>
Date: Fri Apr 24 00:35:31 2015 -0700

Don't resync on DHCP agent setup failure

    There are various cases where the DHCP agent will try to
    create a DHCP port for a network and there will be a failure.
    This has primarily been caused by a lack of available IP addresses
    in the allocation pool. Trying to fix all availability corner cases
    on the server side will be very difficult due to race conditions between
    multiple ports being created, the dhcp_agents_per_network parameter, etc.

    This patch just stops the resync attempt on the agent side if a failure
    is caused by an IP address generation problem. Future updates to the subnet
    will cause another attempt so if the tenant does fix the issue they will
    get DHCP service.

    Change-Id: I0896730126d6dca13fe9284b4d812cfb081b6218
    Closes-Bug: #1447883
    (cherry picked from commit db9ac7e0110a0c2ef1b65213317ee8b7f1053ddc)

commit 38211ae67cb76ade85b08c028b6e88bfc867afc9
Author: Ihar Hrachyshka <email address hidden>
Date: Mon Apr 20 17:06:38 2015 +0200

tests: confirm that _output_hosts_file does not log too often

    I3ad7864eeb2f959549ed356a1e34fa18804395cc didn't include any regression unit
    tests to validate that the method won't ever log too often again,
    reintroducing performance drop in later patches. It didn't play well
    with stable backports of the fix, where context was lost when doing the
    backport, that left the bug unfixed in stable/juno even though the patch
    was merged there [1].

    The patch adds an explicit note in the code that suggests not to add new
    log messages inside the loop to avoid regression, and a unit test was
    added to capture it.

Once the test is merged in master, it will be proposed for stable/juno
inclusion, with additional changes that would fix the regression again.

    Related-Bug: #1414218
    Change-Id: I5d43021932d6a994638c348eda277dd8337cf041
    (cherry picked from commit 3b74095a935f6d2027e6bf04cc4aa21f8a1b46f2)

commit 53b3e751f3c7b32bed48c14742d3dd3a1178d00d
Author: Maru Newby <email address hidden>
Date: Thu Apr 9 17:00:57 2015 +0000

Double functional testing timeout to 180s

    The increase in ovs testing is resulting in job failure due to
    timeouts in test_killed_monitor_respawns. Giving the test more
    time to complete should reduce the failure rate.

    Change-Id: I2ba9b1eb388bfbbebbd6b0f3edb6d5a5ae0bfead
    Closes-Bug: #1442272
    (c...

Reviewed:  https://review.openstack.org/179286
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=b8a09568b5bde8b71ad00468c27b757c98d9c0da
Submitter: Jenkins
Branch:    master

commit 7260e0e3fc2ea479e80e0962624aca7fd38a1f60
Author: Henry Gessau <gessau@cisco.com>
Date:   Mon Apr 27 09:59:21 2015 -0400

Run radvd as root
    
    During the refactoring of external process management radvd lost
    its root privileges.
    
    Closes-bug: 1448813
    
    Change-Id: I84883fe81684afafac9b024282a03f447c8f825a
    (cherry picked from commit a5e54338770fc074e01fa88dbf909ee1af1b66b2)

commit d37e566dcadf8a540eb5f84b668847fa192393a1
Author: Kevin Benton <blak111@gmail.com>
Date:   Fri Apr 24 00:35:31 2015 -0700

Don't resync on DHCP agent setup failure
    
    There are various cases where the DHCP agent will try to
    create a DHCP port for a network and there will be a failure.
    This has primarily been caused by a lack of available IP addresses
    in the allocation pool. Trying to fix all availability corner cases
    on the server side will be very difficult due to race conditions between
    multiple ports being created, the dhcp_agents_per_network parameter, etc.
    
    This patch just stops the resync attempt on the agent side if a failure
    is caused by an IP address generation problem. Future updates to the subnet
    will cause another attempt so if the tenant does fix the issue they will
    get DHCP service.
    
    Change-Id: I0896730126d6dca13fe9284b4d812cfb081b6218
    Closes-Bug: #1447883
    (cherry picked from commit db9ac7e0110a0c2ef1b65213317ee8b7f1053ddc)

commit 38211ae67cb76ade85b08c028b6e88bfc867afc9
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Mon Apr 20 17:06:38 2015 +0200

tests: confirm that _output_hosts_file does not log too often
    
    I3ad7864eeb2f959549ed356a1e34fa18804395cc didn't include any regression unit
    tests to validate that the method won't ever log too often again,
    reintroducing performance drop in later patches. It didn't play well
    with stable backports of the fix, where context was lost when doing the
    backport, that left the bug unfixed in stable/juno even though the patch
    was merged there [1].
    
    The patch adds an explicit note in the code that suggests not to add new
    log messages inside the loop to avoid regression, and a unit test was
    added to capture it.
    
    Once the test is merged in master, it will be proposed for stable/juno
    inclusion, with additional changes that would fix the regression again.
    
    Related-Bug: #1414218
    Change-Id: I5d43021932d6a994638c348eda277dd8337cf041
    (cherry picked from commit 3b74095a935f6d2027e6bf04cc4aa21f8a1b46f2)

commit 53b3e751f3c7b32bed48c14742d3dd3a1178d00d
Author: Maru Newby <marun@redhat.com>
Date:   Thu Apr 9 17:00:57 2015 +0000

Double functional testing timeout to 180s
    
    The increase in ovs testing is resulting in job failure due to
    timeouts in test_killed_monitor_respawns.  Giving the test more
    time to complete should reduce the failure rate.
    
    Change-Id: I2ba9b1eb388bfbbebbd6b0f3edb6d5a5ae0bfead
    Closes-Bug: #1442272
    (cherry picked from commit 81098620c298394e1a98127ceeba7f297db2d906)

commit 0536ec113bc438265ba547bb8a8006aa96e646e3
Author: watanabe.isao <zou.yun@jp.fujitsu.com>
Date:   Wed Apr 15 15:48:08 2015 +0900

Restrict subnet create/update to avoid DHCP resync
    
    As we know, IPs in subnet CIDR are used for
    1) Broadcast port
    2) Gateway port
    3) DHCP port if enable_dhcp is True, or update to True
    4) Others go into allocation_pools
    Above 1) to 3) are created by default, which means if CIDR doesn't
    have that much of IPs, subnet create/update will cause a DHCP resync.
    
    This fix is to add some restricts to the issue:
    A) When subnet create, if enable_dhcp is True, /31 and /32
       cidrs are forbidden for IPv4 subnets while /127 and /128 cidrs are
       forbidden for IPv6 subnets.
    B) When subnet update, if enable_dhcp is changing to True and there are no
       more IPs in allocation_pools, the request should be denied.
    
    Change-Id: I2e4a4d5841b9ad908f02b7d0795cba07596c023d
    Co-authored-by: Andrew Boik <dboik@cisco.com>
    Closes-Bug: #1443798
    (cherry picked from commit 0c1f96ad5a6606c1205bd50ea944c3a383892cde)

commit cbfb3e487d97998ec49d7faa751bc26202da7d0e
Author: Kevin Benton <blak111@gmail.com>
Date:   Mon Apr 20 22:26:22 2015 -0700

Only update MTU in update code for MTU
    
    The ML2 create_network_db was re-passing in the entire network
    with extensions like vlan_transparency present that was causing
    issues in the base update function it was calling.
    
    This corrects the behavior by having it only update the MTU, which
    is the only thing it was intending to update in the first place.
    
    Change-Id: I723c5c138e0830de98f6024c7635ec65065e9346
    Closes-Bug: #1446784
    (cherry picked from commit f85de393c469d1e649a1c1e5ee1b683246442351)

commit 9bc812e92fb27b297ccfe960267dcab173aea6c9
Author: OpenStack Proposal Bot <openstack-infra@lists.openstack.org>
Date:   Thu Apr 23 02:15:06 2015 +0000

Updated from global requirements
    
    Change-Id: I514c65fac38ef0e534e7401a5f3643b1906adea7

commit b339391bcb223c0f03d30f36dea47d13adb12c71
Author: mathieu-rohon <mathieu.rohon@gmail.com>
Date:   Sat Mar 7 13:30:49 2015 +0100

ML2: Change port status only when it's bound to the host
    
    Currently, nothing prevents the port status to be changed to BUILD
    state when get_device_details() is sent by a host that doesn't own
    the port.
    In some cases the port might stay in BUILD state.
    This could happen during a live-migration, or for multi-hosted ports
    such as HA ports.
    This commit allows the port status modification only if the port
    is bound to the host that is asking for it.
    
    Closes-Bug: #1439857
    Closes-Bug: #1438040
    Closes-Bug: #1416933
    
    Change-Id: I9b3673f453abbafaaa4f78542fcfebe8dc93f2bb
    (cherry picked from commit 9b53b82ce7dad551ebc0f02ff667d5345fb7e139)

commit f7ae3a04b541767c638fc4c8ff1e0db78ab94996
Author: Andreas Jaeger <aj@suse.de>
Date:   Mon Apr 20 11:07:37 2015 +0200

Release Import of Translations from Transifex
    
    Manual import of Translations from Transifex. This change also removes
    all po files that are less than 66 per cent translated since such
    partially translated files will not help users.
    
    This updates also recreates all pot (translation source files) to
    reflect the state of the repository.
    
    This change needs to be done manually since the automatic import does
    not handle the proposed branches and we need to sync with latest
    translations.
    
    Change-Id: I1b7bd1773bcd12ab282e77ee0dc41c27846fb66b

commit e2f6902315de76a1020aa87ea161c8fdc6697ed7
Author: Swaminathan Vasudevan <swaminathan.vasudevan@hp.com>
Date:   Tue Apr 14 21:34:33 2015 -0700

Fixes race condition and boosts the scheduling performance
    
    This patch fixes a race-condition that occurs when the
    scheduler tries to check for dvr serviceable ports before
    it schedules a router when a subnet is associated with
    a router.
    
    Sometimes the dhcp port creation is delayed and so the
    router is not scheduled to the l3-agent.
    
    Also it boosts the scheduling performance on dvr-snat
    node for scheduling a router.
    
    This patch will provide a work around to fix this race
    condition and to boost the scheduling performance
    by scheduling a router on a dvr-snat when
    dhcp is enabled on the provided subnet, instead of checking
    all the available ports on the subnet.
    
    Closes-Bug: #1442494
    
    Change-Id: I089fefdd8535bdc9ed90b3230438ab0bfb6aab4f
    (cherry picked from commit c65d3ab6ad4589e6e4a6b488d2eb5d1e4cfee138)

commit a6b2c22dcea73754dbfd0ef39c60ad28ab2dbb73
Author: Kevin Benton <blak111@gmail.com>
Date:   Mon Mar 30 23:52:56 2015 -0700

Set IPset hash type to 'net' instead of 'ip'
    
    The previous hash type was 'ip' and this caused a major
    issue with the allowed address pairs extension since it
    results in CIDRs being passed to ipset. When the hash type
    is 'ip', a CIDR is completely enumerated into all of its
    addresses so 10.100.0.0/16 results in ~65k entries. This
    meant a single allowed_address_pairs entry could easily
    exhaust an entire set.
    
    This patch changes the hash type to 'net', which is designed
    to handle a CIDRs as a single entry.
    
    This patch also changes the names of the ipsets because
    creating an ipset with different parameters will cause an
    error and our ipset manager code isn't robust enough to handle
    that at this time. There is another ongoing patch to fix
    that but it won't be ready in time.[1]
    
    The related bug was closed by increasing the set limit, which
    did alleviate the problem. However, this change would also
    address the issue because the gate tests run an allowed address
    pairs extension test with the CIDR mentioned above.
    
    1. I59e2e1c090cb95ee1bd14dbb53b6ff2c5e2713fd
    
    Related-Bug: #1439817
    Closes-Bug: #1444397
    Change-Id: I8177699b157cd3eac46e2f481f47b5d966c49b07
    (cherry picked from commit a38b5df5cd3c47672705aad4c30e789ae11ec958)

commit 8b8095e43a143426c501669167490d7867a55749
Author: Kevin Benton <blak111@gmail.com>
Date:   Tue Mar 31 08:53:56 2015 -0700

Revert "Add ipset element and hashsize tunables"
    
    This reverts commit b5b919a7a3569ccb93c3d7d523c1edfaeddb7cb9.
    
    The current ipset manager code isn't robust enough to handle
    ipsets that already exist with different parameters. This reverts
    the ability to change the parameters so we don't break upgrades
    to Kilo.
    
    Conflicts:
    	neutron/agent/linux/ipset_manager.py
    	neutron/tests/unit/agent/linux/test_ipset_manager.py
    
    Change-Id: I538714df52424f0502cb75daea310517d1142c42
    Closes-Bug: #1444201
    (cherry picked from commit 03be14a569d240865dabff8b4c30385abf1dbe62)

commit 2add4e5ad4d12c817737d04ddb973b3aeeb25af3
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Apr 16 16:27:38 2015 -0700

Update .gitreview to point to stable/kilo
    
    This is the stable/kilo branch. When people make changes
    here it's highly likely that they want to propose them
    to stable/kilo on gerrit.
    
    Change-Id: Ie61a9f0c0b0b4896da33a201e42b1c4bc4bae49b

commit ffc48f286e1756302d9259dc514dd562d3c251ba
Author: Henry Gessau <gessau@cisco.com>
Date:   Thu Apr 16 13:38:46 2015 -0400

Add Kilo release milestone
    
    Change-Id: Id7d969c92b7c757b766760681357ac13c8079ca3

commit 1dc98e414f200a78a6b1dc78f222c588646e6935
Author: Dane LeBlanc <leblancd@cisco.com>
Date:   Thu Apr 9 10:32:33 2015 -0400

IPv6 SLAAC subnet create should update ports on net
    
    If ports are first created on a network, and then an IPv6 SLAAC
    or DHCPv6-stateless subnet is created on that network, then the
    ports created prior to the subnet create are not getting
    automatically updated (associated) with addresses for the
    SLAAC/DHCPv6-stateless subnet, as required.
    
    Change-Id: I88d04a13ce5b8ed4c88eac734e589e8a90e986a0
    Closes-Bug: 1427474
    Closes-Bug: 1441382
    Closes-Bug: 1440183
    (cherry picked from commit bd1044ba0e9d7d0f4752c891ac340b115f0019c4)

commit 55536a4ecb6c71e5451b8a9664d87e32146f071d
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Fri Apr 10 15:07:33 2015 +0200

Removed ml2_conf_odl.ini config file
    
    The file is already packaged into decomposed networking-odl repo [1].
    
    [1]: https://git.openstack.org/cgit/stackforge/networking-odl/tree/etc/neutron/plugins/ml2/ml2_conf_odl.ini
    
    Closes-Bug: #1442615
    Change-Id: Ic280454190aab4e3b881cde15a882808b652861e
    (cherry picked from commit b3334eca0ae9f9c64ccd646035e69081f669e3e4)

Christopher Aedo (docaedo) on 2015-06-22

no longer affects:

app-catalog

Thierry Carrez (ttx) on 2015-06-24

Changed in neutron:
status:	Fix Committed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-06-26: Fix proposed to neutron (feature/qos)

#11

Fix proposed to branch: feature/qos
Review: https://review.openstack.org/196097

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-06-26: Fix merged to neutron (feature/qos)

#12

Download full text (93.9 KiB)

Reviewed: https://review.openstack.org/196097
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=1cfed745d54a6ce9cb3dd4e6f454666d9e6676c2
Submitter: Jenkins
Branch: feature/qos

commit ba7d673d1ddd5bfa5aa1be5b26a59e9a8cd78a9f
Author: Kevin Benton <email address hidden>
Date: Thu Jun 25 18:31:38 2015 -0700

Remove duplicated call to setup_coreplugin

    The test case for vlan_transparent was calling setup_coreplugin
    before calling the super setUp method which already calls
    setup_coreplugin. This was causing duplicate core plugin fixtures
    which resulted in patching the dhcp periodic check twice.

Change-Id: Ide4efad42748e799d8e9c815480c8ffa94b27b38
Partial-Bug: #1468998

commit e64062efa3b793f7c4ce4ab9e62918af4f1bfcc9
Author: Kevin Benton <email address hidden>
Date: Thu Jun 25 18:29:37 2015 -0700

Remove double mock of dhcp agent periodic check

    The test case for the periodic check was patching a target
    that the core plugin fixture already patched out. This removes
    that and exposes the mock from the fixture so the test case
    can reference it.

Change-Id: I3adee6a875c497e070db4198567b52aa16b81ce8
Partial-Bug: #1468998

commit 25ae0429a713143d42f626dd59ed4514ba25820c
Author: Kevin Benton <email address hidden>
Date: Thu Jun 25 18:24:10 2015 -0700

Remove double fanout mock

The test_mech_driver was duplicating a fanout mock already setup
in the setUp routine.

Change-Id: I5b88dff13113d55c72241d3d5025791a76672ac2
Partial-Bug: #1468998

commit 993771556332d9b6bbf7eb3f0300cf9d8a2cb464
Author: Kevin Benton <email address hidden>
Date: Thu Jun 25 17:55:16 2015 -0700

Remove double callback manager mocks

    setup_test_registry_instance() in the base test case class gives
    each test its own registry by mocking out the get_callback_manager.
    The L3 agent test cases were duplicating this.

Partial-Bug: #1468998
Change-Id: I7356daa846524611e9f92365939e8ad15d1e1cd8

commit 0be1efad93734f11cd63fb3b7bd2983442ce1268
Author: Kevin Benton <email address hidden>
Date: Thu Jun 25 16:57:30 2015 -0700

Remove ensure_dirs double-patch

    test_spawn_radvd called mock.patch on ensure_dirs after the
    setup method already patched it out. This causes issues when
    mock.patch.stopall() is called because the mocks are stored
    as a set and are unwound in a non-deterministic fashion.[1]
    So some of the time they will be undone correctly, but others
    will leave a monkey-patched in mock, causing the ensure_dir
    test to fail.

1. http://bugs.python.org/issue21239

Closes-Bug: #1467908
Change-Id: I321b5fed71dc73bd19b5099311c6f43640726cd4

commit 0a2238e34e72c17ca8a75e36b1f56e41a3ece74e
Author: Sukhdev Kapur <email address hidden>
Date: Thu Jun 25 15:11:28 2015 -0700

Fix tenant-id in Arista ML2 driver to support HA router

    When HA router is created, the framework creates a network and does
    not specify the tenant-id. This casuse Arista ML2 driver to fail.
    This patch sets the tenant-id when it is not passed explicitly by
    by the network_create() call from the HA r...

Reviewed:  https://review.openstack.org/196097
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=1cfed745d54a6ce9cb3dd4e6f454666d9e6676c2
Submitter: Jenkins
Branch:    feature/qos

commit ba7d673d1ddd5bfa5aa1be5b26a59e9a8cd78a9f
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Jun 25 18:31:38 2015 -0700

Remove duplicated call to setup_coreplugin
    
    The test case for vlan_transparent was calling setup_coreplugin
    before calling the super setUp method which already calls
    setup_coreplugin. This was causing duplicate core plugin fixtures
    which resulted in patching the dhcp periodic check twice.
    
    Change-Id: Ide4efad42748e799d8e9c815480c8ffa94b27b38
    Partial-Bug: #1468998

commit e64062efa3b793f7c4ce4ab9e62918af4f1bfcc9
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Jun 25 18:29:37 2015 -0700

Remove double mock of dhcp agent periodic check
    
    The test case for the periodic check was patching a target
    that the core plugin fixture already patched out. This removes
    that and exposes the mock from the fixture so the test case
    can reference it.
    
    Change-Id: I3adee6a875c497e070db4198567b52aa16b81ce8
    Partial-Bug: #1468998

commit 25ae0429a713143d42f626dd59ed4514ba25820c
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Jun 25 18:24:10 2015 -0700

Remove double fanout mock
    
    The test_mech_driver was duplicating a fanout mock already setup
    in the setUp routine.
    
    Change-Id: I5b88dff13113d55c72241d3d5025791a76672ac2
    Partial-Bug: #1468998

commit 993771556332d9b6bbf7eb3f0300cf9d8a2cb464
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Jun 25 17:55:16 2015 -0700

Remove double callback manager mocks
    
    setup_test_registry_instance() in the base test case class gives
    each test its own registry by mocking out the get_callback_manager.
    The L3 agent test cases were duplicating this.
    
    Partial-Bug: #1468998
    Change-Id: I7356daa846524611e9f92365939e8ad15d1e1cd8

commit 0be1efad93734f11cd63fb3b7bd2983442ce1268
Author: Kevin Benton <blak111@gmail.com>
Date:   Thu Jun 25 16:57:30 2015 -0700

Remove ensure_dirs double-patch
    
    test_spawn_radvd called mock.patch on ensure_dirs after the
    setup method already patched it out. This causes issues when
    mock.patch.stopall() is called because the mocks are stored
    as a set and are unwound in a non-deterministic fashion.[1]
    So some of the time they will be undone correctly, but others
    will leave a monkey-patched in mock, causing the ensure_dir
    test to fail.
    
    1. http://bugs.python.org/issue21239
    
    Closes-Bug: #1467908
    Change-Id: I321b5fed71dc73bd19b5099311c6f43640726cd4

commit 0a2238e34e72c17ca8a75e36b1f56e41a3ece74e
Author: Sukhdev Kapur <sukhdev@aristanetworks.com>
Date:   Thu Jun 25 15:11:28 2015 -0700

Fix tenant-id in Arista ML2 driver to support HA router
    
    When HA router is created, the framework creates a network and does
    not specify the tenant-id. This casuse Arista ML2 driver to fail.
    This patch sets the tenant-id when it is not passed explicitly by
    by the network_create() call from the HA router framework.
    
    Even though original issue was discovered for network_create()
    it turns out the same issue applies for port_create() as well
    so all the methods are fixed in this patch
    
    Change-Id: Id03e26dac003fa589477ed78a4ed3c44cc2f708d
    Closes-Bug: 1468828

commit 334d9a33404f4c8438d105f91bff1a9fd9236513
Author: Assaf Muller <amuller@redhat.com>
Date:   Thu Jun 25 16:34:09 2015 -0400

Log OVS agent configuration mismatch
    
    Change-Id: I55aef3bdc32dcee3436cb8b987fb796a4898b20e
    Closes-Bug: #1468893

commit c48e12b781c9ffd885ebc96283ecda2849fd1e22
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Wed Jun 24 21:31:33 2015 +0200

Avoid env variable duplication in tox.ini
    
    Some environment variables are defined multiple times in tox.ini. This
    change defines "fake" tox jobs and refactors existing jobs to reduce
    duplicated environment variables.
    
    Change-Id: I0ccebea4fbfff8dda34d1ed348b96b3b8ebd59e2

commit 747738d36572079307f228a861a067ca0cd815c2
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 3 15:20:27 2015 -0700

Skip ARP protection if 0.0.0.0/0 in addr pairs
    
    Don't setup ARP protection on ports with allowed address pairs
    that allow them to use any IP address. This is necessary because
    OVS doesn't support the /0 prefix in rules that match on ARP headers.
    
    Related-Bug: #1461054
    Closes-Bug: #1468009
    Change-Id: I913a86f22b228aa11fa3dabd9493c3995198f7ec

commit 61909ac515c337c94f55805641b1b7c725a95191
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Thu Jun 25 15:54:34 2015 +0200

linuxbridge: clean up README file
    
    It's weird that we suggest users to copy python files around instead of
    relying on generated console_scripts.
    
    Other configuration information located here is trivial and is
    documented elsewhere, f.e. [1].
    
    [1]: http://docs.openstack.org/networking-guide/deploy_scenario1b.html
    
    Change-Id: Ie8dd37087599ff4b5e23f0ad01105f94f5b886ab

commit 0af5abdb1f608a5e84a64627adf42dd8d5526560
Author: John Davidge <jodavidg@cisco.com>
Date:   Thu Jun 25 15:12:59 2015 +0100

Fix tox errors in thirdparty-ci docs
    
    Fixes errors causing tox failures.
    
    Change-Id: I361ef791c0de1aac1304bb8ad979066400930434
    Closes-Bug: #1468765

commit 9a6536de6e1a7fe9b2552adc142e254426b82b6f
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Thu Jun 25 15:41:02 2015 +0200

Removed test_lib module
    
    It's not really needed. It was once used to allow some out-of-tox plugin
    specific testing scripts to inject configuration files into
    BaseTestCase.
    
    Now, our testing story does not have any notion of out-of-gate plugin
    specific testing, so let's just clean it up.
    
    Change-Id: If287a38e80016b1dba049a2b745bad7af40583a8

commit 2557c47668ad822810aad523643014c6a5d4a064
Author: Russell Bryant <rbryant@redhat.com>
Date:   Wed Jun 24 14:59:26 2015 -0400

Updated from global requirements
    
    This patch takes the latest global requirements update from change
    Ibcb49412a012f79be2f7fd697349ddbf43bd7b9b except takes out the update
    to setup.py which reverts the windows specific requirements.  We are
    still working on getting the custom changes out of setup.py in change
    I3c07c279d33f6aed46c3a97dd9ba81251e51429a.
    
    Change-Id: Iee7612d39b520cf04e3b2ec503ec79d23f15f949

commit 2ecac909ba419f258e47b456196a1af7a87661ed
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Thu Jun 25 11:59:37 2015 +0000

Remove quantum untracked files from .gitignore
    
    This change removes obsolete quantum untracked files from .gitignore.
    
    Change-Id: I1ddf0b03d29066363f155dd5af8294efde5b0ef0

commit df06a326de39a6792e2e82eafa5cf50eb325b34e
Author: Matthew Booth <mbooth@redhat.com>
Date:   Thu Jun 25 10:20:08 2015 +0100

Context class should initialise its own data
    
    This is a trivial cleanup. A superclass was initialising data which
    was only used in a subclass.
    
    Change-Id: I6930fdaef3dcb960f6baaedbd191e22b565f319e

commit 2e1b0ea4032f05afef16efd451e2eea5df901d97
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 23 17:33:38 2015 +0200

ovsdb: attempt to enable connection_uri for native impl on startup
    
    The port is in most cases disabled, so to use it, we should first enable
    it, and it means that we should still rely on ovs-vsctl for that initial
    call.
    
    Closes-Bug: #1468259
    Change-Id: I097b1c441df1f7f1785b8744f27809617bb21c14

commit 668b12c2c8a60ce20ecdad2193ede9371d5cc391
Author: Doug Wiegley <dougw@a10networks.com>
Date:   Mon Jun 1 20:58:41 2015 -0600

Move third-party CI policy under docs/policies
    
    Change-Id: Ib2ed587670f206283d735191b3a2580bf3d1a04f

commit 3bf62772d39d8b3b8b518ae88a6fcea7414d6884
Author: Doug Wiegley <dougw@a10networks.com>
Date:   Mon Jun 1 20:31:01 2015 -0600

Remove lbaas API tests, which are now in the lbaas repo
    
    Change-Id: I2009ca3f102d0ca0db3f12af3012989f2a036c48

commit 1a480203b2531925d7520b62c94954064a26139d
Author: Aaron Rosen <aaronorosen@gmail.com>
Date:   Wed Jun 24 10:28:18 2015 -0700

Only create one netaddr.IPNetwork object
    
    Change-Id: I8c6a08e0cf3b5b5386fe03af9f2174c663b8ac73

commit d9a23f882f0d78aaca34c3607d9ca9ad54ac063b
Author: Aaron Rosen <aaronorosen@gmail.com>
Date:   Wed Jun 3 16:19:39 2015 -0700

Provide work around for 0.0.0.0/0 ::/0 for ipset
    
    Previously, the ipset_manager would pass in 0.0.0.0/0 or ::/0 if
    these addresses were inputted as allowed address pairs. This causes
    ipset to raise an error as it does not work with zero prefix sizes.
    To solve this problem we use two ipset rules to represent this:
    
    Ipv4: 0.0.0.0/1 and 128.0.0.1/1
    IPv6: ::/1' and '8000::/1
    
    All of this logic is handled via _sanitize_addresses() in the ipset_manager
    which is called to convert the input.
    
    Change-Id: I8c6a08e0cf3b5b5386fe03af9f2174c666b8ac75
    Closes-bug: 1461054

commit 93d564223e8b76d10aa7b55f1b1d49f592d1c800
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 24 09:19:18 2015 -0700

Fix >80 char lines that pep8 failed to detect
    
    Change-Id: I602e0d484c5e00eb48b86c4c8c4eff0be195c3a5

commit 830e9114817765efc93c772dcbc735a6bb28a7ff
Author: Anthony Chow <vCloudernBeer@gmail.com>
Date:   Tue Jun 23 22:05:23 2015 -0700

Deprecate "router_delete_namespaces" and "dhcp_delete_namespaces"
    
    These 2 configuration options are no longer be necessary.
    
    They are marked as deprecated in this release and will be removed in the
    next release.
    
    Change-Id: I4e02a291738b16c7c9b7600f0bc9a47fb1318569
    Partial-Bug: #1418079

commit a84ef9ae54a7dfe6d9dee54a01b189dd40bce423
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 24 03:27:16 2015 -0700

Make DHCPv6 out of bounds API test deterministic
    
    The test_dhcp_stateful_fixedips_outrange API test was randomly
    picking an IP from last + 1 up to last + 10 in the allocation
    range. This made it fail randomly when there was an issue related
    to the subnet allocation having an off-by-one issue.
    
    This adjusts the test to just always test last +1 and +2.
    
    Related-Bug: #1468163
    Change-Id: I641ab092e0ea0aae67ec717b492118a2f8a6f4fd

commit f527f8cf426ee63b592225d5e691ac107085784d
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 24 02:15:29 2015 -0700

Don't process network_delete events on OVS agent
    
    There is no reason to reclaim the local VLAN on a network_delete
    event since it will be reclaimed when the last port is deleted anyway.
    
    This method was racey with recent port creation events and lead to
    occasional traces when it would yank the local VLAN out from underneath
    an ongoing port wiring process.
    
    Change-Id: I5eee6175c053006b35b6efe274d27931a9d5d89f
    Closes-Bug: #1468251

commit 1d61c5f736b9df7253a1939fe55f1875f988d1f4
Author: Henry Gessau <gessau@cisco.com>
Date:   Wed Jun 24 03:16:52 2015 +0000

Revert "Fix subnet creation failure on IPv6 valid gateway"
    
    Because it breaks tests.api.test_dhcp_ipv6.NetworksTestDHCPv6.test_dhcp_stateful_fixedips_outrange
    
    This reverts commit ee51ef72d37a02005a7733b7f2faf7236db850a1.
    
    Change-Id: Id02d9034ca809f194ff7551167bfda3559fb1200

commit 7eb9d9d316d35840706a767576ff083c9a04d781
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Wed Jun 24 00:08:22 2015 +0200

Support oslo_db 1.12
    
    oslo_db 1.12[1] decorates oslo_context.context.RequestContext with
    session management[2][3] and add a read-only attribute 'session'. Such
    feature breaks Brocade plugin and its unittests because they define
    on RequestContext the 'session' attribute which now is a read-only
    property. This change uses neutron.context instead of
    oslo_context.context in order to delegate session management to the
    neutron.context and remove read-only attribute set.
    
    A follow-up change will refactor neutron.context in order to use oslo_db
    1.12 session management instead of homemade one.
    
    [1] https://github.com/openstack/oslo.db/releases/tag/1.12.0
    [2] https://github.com/openstack/oslo.db/commit/\
        fdbd928b1fdf0334e1740e565ab8206fff54eaa6
    [3] https://github.com/openstack/oslo.db/blob/\
        fdbd928b1fdf0334e1740e565ab8206fff54eaa6/oslo_db/sqlalchemy/\
        enginefacade.py#L782
    
    Closes-Bug: #1468128
    Change-Id: I0e3331f9a383fa2562706eeadb229f55593b888c

commit ad86291408fc74827c2bd31f89a2dce34f887823
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Tue Jun 23 15:28:34 2015 +0000

Python 3: do not use itertools.izip
    
    This no longer exists in Python 3. Use the zip function instead.
    
    Blueprint: neutron-python3
    Change-Id: Id7d33ec3d27a27f17040d28bead10f2eb3b831bb

commit d23a59f1c808c50575f49f9291bd70c6b3a5797a
Author: Jeremy Stanley <fungi@yuggoth.org>
Date:   Thu Jun 18 19:09:05 2015 +0000

Override opportunistic database tests to PyMySQL
    
    Set the OS_TEST_DBAPI_ADMIN_CONNECTION override variable so that
    oslo.db opportunistic detection will know to use PyMySQL until
    I12b32dc097a121bd43991bc38dd4d289b65e86c1 makes it the default
    behavior.
    
    This change removes previous code[1] enabling PyMySQL use.
    
    [1] Ic5c1d12ab75443e1cc290a7447eeb4b452b4a9dd
    
    Change-Id: Ic39feee0248f2ffabdba26f3779ab40a8f3838e6
    Co-Authored-By: Victor Sergeyev <vsergeyev@mirantis.com>
    Co-Authored-By: Cedric Brandily <zzelle@gmail.com>

commit 04d44cee63f3fbba45956abd28f325d5ac3ca2d9
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Tue Jun 23 20:00:30 2015 +0200

Extend default setenv instead of replacing it in tox.ini
    
    Some tox jobs[1] define their own setenv without extending/referencing
    default setenv, it disallows to define environment variables shared by
    all jobs. This change updates previous jobs[1] in order to extend
    instead of replacing default setenv and enable global environement
    variables (used in daughter change).
    
    One remark, this change sets VIRTUAL_ENV environment variable in updated
    jobs[1] but it has no effect on them.
    
    [1] (dsvm-)functional, (dsvm-)fullstack and api jobs
    
    Closes-Bug: #1468059
    Change-Id: I99184f7375571fb8569a24ba04ae267108f5da08

commit b7dc34ef15061577158eeafc179915e5bde73c64
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 23 14:28:59 2015 +0200

Cleanup get_plugin_name() from the tree
    
    It does not seem to be used since Icehouse: the patch that removed its
    last usage is: 1b36e2077141749495bb32b423f3df8cbbd0eb40
    
    I don't think we should have it as part of abstract interface for
    service plugins.
    
    Change-Id: If03f67a617efd3a7cadb96d1a86283ac14088a83

commit 277d89b67a6a8ea4f6a7bc216014d55ace5c1d2d
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Tue Jun 23 12:07:43 2015 +0300

Bulk move methods to ipam_backend_mixin.py
    
    ipam_backend_mixin contains methods common for both backends:
    pluggable and non-pluggable, so moving methods to make them accessible
    by backends.
    Next methods were moved from db_base_plugin_v2.py to
    ipam_backend_mixin.py:
    - _validate_subnet_cidr
    - _validate_network_subnetpools
    - _allocate_pools_for_subnet
    - _save_subnet
    
    This commit moves methods without any internal changes.
    All future changes and decomposition of these methods will be handled in
    next commits.
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I1ec786754467fc9039d2276f084f1bceaab15635

commit c384b13ae6b83a8bad944972c60bdcbe6f4fa050
Author: Brian Haley <brian.haley@hp.com>
Date:   Thu Apr 16 16:20:01 2015 -0400

Add IPset cleanup script
    
    This will aid in removing stale IPsets when we change the prefix
    used in creating IPset names.
    
    Change-Id: Ia9ff79c34bd4c9124ec8663a8f616ded4f389f62
    Partial-Bug: #1444201

commit 7e117c13fd3fb125c857dadfa2945799b39e1634
Author: Rawlin Peters <rawlin.peters@hp.com>
Date:   Thu Jun 18 11:22:13 2015 -0600

Optimize ipset usage in IptablesFirewallDriver
    
    Currently, IptablesFirewallDriver._update_ipset_members() iterates
    through a list of security group IDs and makes a call to
    IpsetManager.set_members() for each security group ID in the list. The
    problem is that set_members() is repeatedly called with the same
    arguments over and over again because the list of security group IDs
    contains duplicates. These duplicated calls are unnecessary because they
    are idempotent.
    
    For instance, with a security group of 50 rules created in this manner:
        neutron security-group-rule-create $SECGRP --remote_group_id $SECGRP
            --protocol tcp --port_range_min $i --port_range_max $i
    
    Adding a server to that security group will cause 50 calls to
    IpsetManager.set_members() because the list of security group IDs is 50 of
    the same ID. Only one call to IpsetManager.set_members() is necessary
    per security group ID.
    
    This patch converts that list of security group IDs into a set, which
    eliminates the duplicate idempotent calls to
    IpsetManager.set_members() with the same arguments. This will affect
    performance by reducing the amount of file locking around ipset when
    adding servers to security groups.
    
    Change-Id: Id2c8c8c1093c8abcf1fd897b23b0358aeb55b526
    Closes-Bug: 1466921

commit f44800f1eb649d83a338d320020d3479fc3b6790
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Mon Jun 22 14:59:59 2015 +0000

Python3: do not set Request.body to a text string
    
    In Python 3, Request.body must be set to a bytes object.
    
    Change-Id: I17785d1e9eb253a1c6cae300b207fb0a08873b0e
    Blueprint: neutron-python3

commit 408af3f7dab477517b1761aeda2b76384f5fffbe
Author: Assaf Muller <amuller@redhat.com>
Date:   Sun Jun 21 15:34:21 2015 -0400

Prepare for full stack CI job
    
    Related-Bug: #1467275
    
    Change-Id: I90f4794f48ae151a888f37df26c087a7fdcd9d31

commit 76b4803530c0d5f47659aa519585178cc33cba46
Author: Oleg Bondarev <obondarev@mirantis.com>
Date:   Tue Jun 2 16:14:40 2015 +0300

Fix callback registry notification for security group rule
    
    Some housekeeping was done in
     - SecurityGroupDbMixin:
       - create_rule_bulk() calls to create_rule();
       - registry notification is in create_rule();
       - separate validation for a single rule and for a group of rules
     - SecurityGroupServerRpcMixin:
       - overriden methods call to corresponding super class methods;
    
    Hopefully code is now self-documented enough
    
    Closes-Bug: #1461024
    Change-Id: Ia75d7e206716bbe74aae89e4cebd0c2c40af68a8

commit 6da2d24ff44cbc8dd0ea8d2e6f72419a46026989
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Mon Jun 22 15:43:20 2015 +0200

Ease debugging alembic by passing proper scripts path in alembic.ini
    
    Otherwise, anyone who attempts to issue an alembic command with the file
    gets:
    
      FAILED: Path doesn't exist:
      '<...>/neutron/neutron/db/migration/alembic'.  Please use the 'init'
      command to create a new scripts folder.
    
    Change-Id: I5b5f2802b478c8d8c327d24faa838f7a6859b979

commit fe6654b25044de7d7d15573c689a0f003c018e99
Author: Martin Roy <mroy@iweb.com>
Date:   Thu Jun 18 13:45:02 2015 -0400

Use string exception casting everywhere
    
    Instead of the deprecated "message" member access,
    casting to a string invokes the __str__ method of the exception
    that is wired to return the message
    
    Added a test of the failure cases of IpRouteCommand::delete_gateway
    because they were missing
    
    Running unit and functional tests locally no longer shows the warning
    reported in the bug.
    
    Change-Id: Ia79f526aa973ece1145615d65349f860aa3fd465
    Closes-Bug: #1466542

commit c3d65a0ed920110223e1b73d6982968552ca7716
Author: ChangBo Guo(gcb) <eric.guo@easystack.cn>
Date:   Tue Mar 3 17:08:48 2015 +0800

Switch to oslo_utils.uuidutils
    
    Get rid of oslo-incubator uuidutils
    
    Closes-Bug: #1467020
    Depends-On: I2df519965883b05d5d58cdc4785c850b0685dc2c
    Depends-On: I9f8e98ad9517864a9ffdacf01c0a9a5aab554edb
    Depends-On: Ied0faac809a5b72b1cd466c8babc9ca5418692c3
    Change-Id: Iebe491b981b4b7c02785412fadd27678bb5e47de

commit ee51ef72d37a02005a7733b7f2faf7236db850a1
Author: David Edery <david.edery@alcatel-lucent.com>
Date:   Sun Jun 21 15:59:49 2015 +0300

Fix subnet creation failure on IPv6 valid gateway
    
    Currently a valid IPv6 address gateway of the "*::ffff:ffff:ffff:ffff"
    pattern is failing due to netaddr.broadcast returning value for both IPv6
    and IPv4 addresses. IPv6 has no broadcast address so the fix checks if
    the gateway is the subnet broadcast address only in the case of IPv4
    subnet
    
    Change-Id: I849f95b30343d0b1c90cf91203df220bf731d8d5
    Closes-Bug: 1466322

commit b9e551936410eca647b48c48f49f2b2be5d2d4a4
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Fri Jun 19 17:58:57 2015 +0300

Decompose _create_subnet_from_pool
    
    Moved validations into separate methods:
    - _validate_pools_with_subnetpool
    Verifies that allocation pools are set only for specific subnet request.
    For any subnet request allocation pools can not be set manually
    - _validate_ip_version_with_subnetpool
    Verifies that subnet has the same ip version as subnet pool
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I63f6aa2a0c94c3437fa624ac800943976f4fc50f

commit 29bb401973af81f4a4b8a667f8b7445e19e017da
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Thu Jun 18 15:24:44 2015 +0300

Move _delete_port
    
    Pluggable ipam implementation will do additional actions on port
    deletion (deallocate ip using ipam driver).
    Existing _delete_port code will be resused.
    Moving _delete_port to ipam_backend_mixin to make this code
    accessible and extendable by both backends (pluggable and non
    pluggable).
    
    This commit is a preparation step before pluggable ipam implementation
    can be used.
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: If6cd623aad9e5501a26e5fb8cdecd5f55e85cd05

commit c0ef7a8f4546cd3c081a61c742dd9ed70ec2c147
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Thu Jun 18 14:52:24 2015 +0300

Decompose create_port and save_subnet
    
    This commit is a preparation step for enabling pluggable ipam.
    Some actions in create_port and save_subnet are specific for
    non pluggable ipam implementation.
    
    - create_port
    Moved allocation ips for port and storing results into separate method
    _allocate_ips_for_port_and_store.
    Moved to ipam_non_pluggable_backend, since pluggable implementation will
    be different due to rollback on failure logic included.
    
    - save_subnet
    Moved saving allocation pools into new method _save_allocation_pools.
    Moved to ipam_non_pluggable_backend, since pluggable ipam implementation
    does not need to save IPAvailabilityRange (availability ranges are
    maintained by ipam driver for pluggable case)
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I4a3e5d7f3aa54630279d9589225a509c96ed2186

commit ee14186fbb2486f9088103e9621bc366cc64c552
Author: Henry Gessau <gessau@cisco.com>
Date:   Sun Jun 21 01:30:05 2015 -0400

Allow setting Agents description to None
    
    Fix the validator for the 'description' attribute of Agents, allowing
    it to be set to None.
    
    Fix an API test that had two problems:
     1. It was not restoring the description to the agent it had updated
     2. It was retoring the description to '' instead of None.
    
    Closes-Bug: #1466642
    
    Change-Id: I50723e1346be0953d26216ba24907bac008ccfb6

commit d0d62927e661c84003845a61d2b991a54e723ed4
Author: Darragh O'Reilly <darragh.oreilly@hp.com>
Date:   Sat Jun 20 11:55:27 2015 +0000

Fix RPC version to be a string
    
    The RPC version was being passed as a float which caused an
    exception.
    
    Change-Id: I2a2888fcafcc426009fc841b81049a22e072ce75
    Closes-Bug: #1467087

commit 35654ec23ef9db6bda313ea300ab76c287a98ceb
Author: Gal Sagie <gal.sagie@huawei.com>
Date:   Mon May 25 15:20:05 2015 +0300

Decompose DVR CSNAT L3 Agent from Compute Node L3 Agent
    
    Currently the same dvr router class is used both by the L3 Agent
    in the compute nodes that is responsible for the virtual routers
    namespace and the fip namespace and also used by the centralized
    SNAT L3 Agent in the network node.
    This is the first step to decompose the two into different
    classes.
    
    The above means that we have one class of DVR router which is used
    for two jobs (the virtual router namespace wiring and the fips wiring
    in the compute node in one hand and the centralized snat wiring in the other)
    The end goal of this patch is to separate the two into different classes
    which will also help maintaining it and also help projects that want
    to use one but not the other (for example only use the centralized
    SNAT behaviour with there own DVR implementation)
    
    Change-Id: I581a097b9e7c49f20d0eb0e4ca66a25e90d9511b
    Partial-Bug: #1458541
    Partially-Implements: blueprint dvr-router-code-decompose

commit 0e48d9d203619f50adae94ddb6bbccd28f381737
Author: Davanum Srinivas <davanum@gmail.com>
Date:   Sun Jun 7 10:10:18 2015 -0400

cleanup openstack-common.conf and sync updated files
    
    Periodic update of latest files from oslo-incubator
    
    Change-Id: Ie7eb02e4e9277c18abfb438b6cf710e0aa426b15

commit 74b0c53da5d7e4305606c100becf34966d8af350
Author: Oleg Bondarev <obondarev@mirantis.com>
Date:   Thu Jun 11 13:38:55 2015 +0300

Fix l3 agent to not create already deleted router
    
    In case router is deleted during l3 agent resync,
    the "deleted" event is processed with higher priority, then
    resync event for the router may be processed which will recreate
    already deleted router.
    This happens due to timestamp not being properly updated for deleted
    router in router processor.
    The fix adds timestamp update for deleted router.
    
    Functional test will be updated in a follow-up patch
    
    Logging was improved to make debugging a bit easier.
    
    Closes-Bug: #1455439
    Change-Id: I2d060064acccc10591a3d90be9011f116548cfce

commit 4f5171d2cedb32fdc5a59d241e7ae91c7284b75c
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Fri Jun 19 13:24:34 2015 +0000

Python3: do not use '+' on dict_items objects
    
    In Python 3, dict.items() returns an iterator. Iterators cannot be added.
    
    Blueprint: neutron-python3
    Change-Id: I487178ebceae9946cb53dea1e847d7715f4577f3

commit b336b7c438f3f5d4ee8d23d6bb2d2cf8fe1657f4
Author: Jakub Libosvar <libosvar@redhat.com>
Date:   Fri Jun 19 15:52:35 2015 +0200

Disable keepalived process in keepalived func test
    
    Previously, keepalived process itself was disabled that lead to
    respawning of keepalived by KeepalivedManager. This patch disables
    KeepalivedManager in cleanup thus no respawn happens.
    
    Closes-Bug: #1466873
    Change-Id: If5524116e5d4fc41600920d31481282c5b797f7b

commit a4b17cbb80b48c8e4bcd7cc005139f8e66066d68
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Thu Jun 18 11:52:28 2015 +0000

Python3: do not use im_self/im_func/func_closure
    
    One should use __self__, __func__ and __closure__ instead, as they work
    with both Python 2 and 3.
    
    Change-Id: I2b2847cfd5b4fa70e45387ff369240227ce9e526
    Blueprint: neutron-python3

commit 432567f9477eadd840e407c5c057fc664e46d731
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Wed Jun 17 15:48:09 2015 +0300

Add request factory for pluggable IPAM
    
    Pluggable IPAM implementation requires separation between requesting
    address/subnet and it's actual allocation, which can happen on
    third-party IPAM servers. Request factory stands for simplifying
    building right request from input.
    
    Added AddressRequestFactory and SubnetRequestFactory.
    
    AddressRequestFactory creates instance of AnyAddressRequest or
    SpecificAddressRequest depending on presence of ip address in input.
    SubnetRequestFactory creates instance of AnySubnetRequest or
    SpecificSubnetRequest depending on input.
    
    get_subnet_request_factory and get_address_request_factory can be
    redefined on driver level to use custom request factories.
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: Iedc0cfa326d60810099148f0ef8a1edac9e8aa12

commit 870fb38b1c7ddd5ddb399e6ff13a4f7992f8f9a6
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Fri Jun 19 13:59:46 2015 +0200

Python3: use dict.keys() instead of dict.iterkeys()
    
    The "keys" method works on both Python 2 and 3, and the performance
    impact should be negligible.
    
    Change-Id: I4771797859666000921e4e38cc5de72a8c084ca0
    Blueprint: neutron-python3

commit 538a7bf3c73d968185590d81a9b3a6523190aeb4
Author: Salvatore Orlando <salv.orlando@gmail.com>
Date:   Tue Jun 9 03:41:07 2015 -0700

NSX QoS ext: RXTX factor can be decimal
    
    In Nova flavors it is ok to specify a decimal RXTX factor.
    For this reason when applying QoS to a port Neutron should not
    convert this factor to an integer value, but simply ensure
    it's a valid float number and positive.
    
    Partial-Bug: #1463363
    
    Change-Id: I983123ef7fd8f1b52b358aff3b579459fce63033

commit 5aaae68e5148f01e78a5e6013dce797dd42c1917
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Thu Jun 18 14:17:58 2015 +0300

Move _add_auto_addrs_on_network_ports
    
    Moved to ipam_non_pluggable_backend.py since implementation
    is specific for non pluggable ipam backend.
    Pluggable implementation will additionally include rollback on failure actions.
    
    This commit is a preparation step for using pluggable ipam.
    More changes in this methods are expected to be done by following
    patches.
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I1876846526e370a7fcfa05b9a23fd9065973f111

commit 6669ee9af6bd635ae7efbc2f02e10914549ef708
Author: Lucas Alvares Gomes <lucasagomes@gmail.com>
Date:   Thu Apr 9 14:02:36 2015 +0100

DHCP agent: Set an "ipxe" tag to work with Ironic
    
    Ironic expects neutron to have an "ipxe" tag for the option 175 which is
    sent by iPXE/gPXE when booting a node. The problem is that up to now this
    tag was not created by Neutron, causing the nodes deployed with Ironic
    + iPXE to fail to boot. This patch is creating this tag when launching
    the dnsmasq process.
    
    DocImpact
    Change-Id: I45a0f51365b37e7d85848fcdcbcf7aa6a1dddfed
    Closes-Bug: #1442123

commit 735f193668d61dd7c09f710e555ab91d1d91abe6
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Wed Jun 17 18:47:11 2015 +0300

Remove _check_ip_in_allocation_pool
    
    _check_ip_in_allocation_pool is not used anywhere in neutron.
    Cleaning up unused code from db_base_plugin_v2.py.
    Caller was removed over a year ago in change
    Ib31550fa9000fc75768a327cb6cc1c419e06568f
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I41b7254835c308dda679ee2a5ebbccba528fd108

commit e3710f59481b4f9c3430228e8f074c845e93fbe7
Author: shihanzhang <shihanzhang@huawei.com>
Date:   Mon Jun 15 14:51:16 2015 +0800

Don't delete DVR namespace if there are still ports on this node
    
    Skip deleting DVR namespaces if they contain ports in the BUILD or
    DOWN status.
    
    Change-Id: I026f2014ede800c0f4532ca15f1fccdaa59d5b61
    Closes-bug: #1464527

commit 345ffb99ef92f567562c178c57b9c110740a3767
Author: Doug Wiegley <dougw@a10networks.com>
Date:   Thu Jun 18 18:13:43 2015 -0600

Updated from global requirements
    
    Since we can't merge proposal bot at the moment, due to a conflict with
    setup.py, at least get our reqs files up to snuff.
    
    Change-Id: Ie313c81502dfe17a4afdcfdba4e207b9866e1399

commit 42826a0e64b3499cda065fd9ffdf0b5af5754c85
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Mon Jun 15 16:06:21 2015 +0200

Fixed the only sphinx warning in docs
    
    We made previous attempt to get rid of all warnings, but it turned out
    that gate does not execute tox's docs job but runs build_sphinx
    directly.
    
    The latter behaviour should be fixed, but while at it, we
    should prepare neutron job to be executed in gate by cleaning up all
    warnings.
    
    Closes-Bug: #1466554
    
    Change-Id: I8c265eae2175425568479116d1faef7d87fdcc02

commit 63e318f5f8159f108cf1e7a82c952fa5f882870f
Author: Moshe Levi <moshele@mellanox.com>
Date:   Thu Jun 11 12:24:03 2015 +0300

Fix SR-IOV mech driver to set port status to down when agent is required
    
    SR-IOV mech driver has 2 modes agent and agent-less. Currently in both
    modes port status are active. This patch update the port status to down
    when using agent mode. This will allow the SR-IOV agent to get port
    update notification and apply its additional functionality
    when launching vm.
    
    Co-Authored-By: Berezovsky Irena <irenab.dev@gmail.com>
    
    Closes-Bug: #1464186
    
    Change-Id: Ibd9b31b4f2393b8732253d5cbfd36e8b5614860d

commit cdde9a3aeb929e80aa3c251a44060b8174ab7b6c
Author: venkata anil <anil.venkata@enovance.com>
Date:   Thu Jun 18 10:03:12 2015 +0000

read_hosts_file_leases shouldn't parse stateless IPv6
    
    Error when _read_hosts_file_leases tries to parse stateless IPv6 entry
    in hosts file
    TRACE neutron.agent.dhcp.agent ip = host[2].strip('[]')
    TRACE neutron.agent.dhcp.agent IndexError: list index out of range
    
    Neutron creates entries in dhcp host file for each subnet of a port.
    Each of these entries will have same mac address as first field,
    and may have client_id, fqdn, ipv4/ipv6 address for dhcp/dhcpv6 stateful,
    or tag as other fields.
    
    For dhcpv6 stateless subnet with extra_dhcp_opts,
    host file will have only mac address and tag. So _read_hosts_file_leases
    shouldn't check for ip address for this entry in host file.
    
    Closes-bug: #1465330
    Change-Id: Iad6605ac5c7bcd6ec9204352037ed021f5007738

commit 31f846c1b9fa17d1812f78dffe1dcf883da52bab
Author: shihanzhang <shihanzhang@huawei.com>
Date:   Fri Jan 30 09:50:52 2015 +0800

Fix 'router_gateway' port status can't be updated
    
    when it creates a ovs bridge without parameter 'bridge-id',
    it's default 'bridge-id' is None, so ovs agent should also
    deal with these ovs bridges, for example if ancillary bridge
    br-ex does not be handled, the 'router_gateway' port status
    can't be updated.
    
    Change-Id: If428eadadfd36a9b19ea75920120e48ac49659f2
    Closes-Bug: #1416181

commit 2db459f284002e45497d768a8a53c9b43d045d45
Author: Doug Hellmann <doug@doughellmann.com>
Date:   Tue Jun 16 19:49:15 2015 +0000

Update version for Liberty
    
    Update the version for Liberty, switching from date-based versioning
    to pre-versioning using SemVer. See
    http://lists.openstack.org/pipermail/openstack-dev/2015-May/065211.html
    and
    http://lists.openstack.org/pipermail/openstack-dev/2015-June/067082.html
    for details.
    
    Change-Id: I6a35fa0dda798fad93b804d00a46af80f08d475c

commit 98d0be2f82523a40e630cf08dd8479b4cbb48add
Author: armando-migliaccio <armamig@gmail.com>
Date:   Wed Jun 17 11:33:56 2015 -0700

Add networking-sfc to the list of affiliated Neutron projects
    
    The project is being bootstrapped in [1,2], this change reflects
    that in the sub_projects doc.
    
    [1] I3825a1e02713f45e2c769eaa8fd0f1ab48d14372
    [2] Iec53129d7c19620d690e71032c83907f03c66d9f
    
    Change-Id: I7c235bfe444bbb9afc7d4d8c92704c9bfc09ab49

commit 315b10dc9fa7b8d889a24e0c6cdf72f5341d92d5
Author: armando-migliaccio <armamig@gmail.com>
Date:   Wed Jun 17 11:31:01 2015 -0700

Minor improvements to sub_projects document
    
    Let's remove the empty table, to cut down the risk of inconsistency,
    and further explain what the list of affiliated project is for.
    
    Change-Id: I3c8970db8de4fc211233903e8220cda72d47e193

commit 53209ca19ac2116d293b6fbc7b31254cb27a3ecb
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Wed Jun 17 14:25:56 2015 +0000

Python 3: do not use cmp(), nor sorted(..., cmp=...)
    
    * The "cmp" function has been removed, so we must not use it any more;
    * The "cmp" keyword argument of the "sorted" function has been removed, so
      replace it with "key=functool.cmp_to_key".
    
    Change-Id: Ic39d29dc1002a68f36f04c32e53a36bc826dce78
    Blueprint: neutron-python3

commit 4a73ab99c9fcc63adbbb41d4a9b9ba8669afdc61
Author: Miguel Angel Ajo <mangelajo@redhat.com>
Date:   Tue Jun 16 13:48:26 2015 +0200

Move get_inteface_by_ip from LinuxBridge class to ip_lib
    
    get_interface_by_ip is moved fro LinuxBridgeManager to ip_lib
    as a more generic get_device_by_ip.
    
    System-faking unit tests have been switched for functional
    testing that also performs a negative test.
    
    This can be reused in the openvswitch-agent code to validate
    local_ip reusing the LinuxBridge logic.
    
    Change-Id: I9237871a6e24dd99556c71844624be510e20d289
    Related-Bug: #1464178
    Related-Bug: #1408603

commit 76dd333167920f447bdbedbbee10fdab593abe5b
Author: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Date:   Wed Jun 17 14:02:22 2015 +0300

Fix cisco_csr_identifier_map.ipsec_site_conn_id
    
    Some database engines require exact match of sizes of foreign keys
    and referenced fields. Foreign key ipsec_site_conn_id of table
    cisco_csr_identifier_map is varchar(64) but it references field
    id varchar(36) of table ipsec_site_connections. This gives error
    while running migration scripts in such databases.
    
    This fix only applies to new installations. Existing databases will
    be corrected by migration scripts introduced in
    https://review.openstack.org/190569 - they will take care of resizing
    the field and adjusting the model.
    
    Change-Id: I6cc9625a2d96d1330b06eb727cc7fa5363c697b8
    Depends-On: I384a9bbaba05ef94174b666bdcfb276eedc74134
    Closes-Bug: #1463806

commit 7a7377681133785e12a296ff7077b039708da97d
Author: Thomas Morin <thomas.morin@orange.com>
Date:   Wed Jun 17 12:13:35 2015 +0200

fix rootwrap debug filter for ping all
    
    NeutronDebugAgent.ping_all calls ping with "-c 1 -w <number>' so
    the filter should accept this order, and not only "-w .. -c ..".
    
    Not changing the existing filter to not break other tools
    that might use -w -c in that order.
    
    Change-Id: I5b3d67dfcdc15c53ac3bf2fb39de29fd97e98a19

commit 7d704db18ec7635328bfce7dc6e936151f264f1f
Author: Aman Kumar <amank@hp.com>
Date:   Tue Jun 16 23:16:24 2015 -0700

Refactor rpc_loop() in ovs neutron agent
    
    This patch segregates the port_info recieved by
    scan_ports and scan_ancillary_ports.
    
    This refactoring is basically required for this patch set:
    https://review.openstack.org/#/c/165023/
    
    Co-Authored-By: Romil Gupta <romilg@hp.com>
    
    Change-Id: I9b43c230cda9d2659ad0e806bebe8a3dc12826ec
    Partial-Bug: #1329223

commit 4e77442d529d9803ff90de905b846af940eaf382
Author: Kevin Benton <blak111@gmail.com>
Date:   Sat Jun 13 18:45:19 2015 -0700

Add deadlock retry to API and ML2 RPC port update
    
    With the switch to the pymsql SQL driver, eventlet will now yield
    during database transactions. This greatly increased our probability
    of multiple coroutines running transactions on the same table that
    result in deadlocks.
    
    These deadlocks could result from many things including the following:
    * a coroutine holding a pessimistic "SELECT for UPDATE" lock when
      another tries to update the locked records
    * two coroutines both issue update statements using a WHERE clause
      invalidated by the other update (e.g. from a compare and swap approach)
    * two coroutines insert records that, when combined, violate a unique
      constraint on the table in a master-master Galera deployment
    * any two workers using "SELECT for UPDATE" in a master-master Galera
      deployment (write-set certification failure translates to deadlock)
    
    This problem is exacerbated by the switch to multiple API and RPC
    workers, each of which can lead to most of the errors above even
    without the switch to pymysql.
    
    This patch adds a deadlock retry decorator to the delete, create,
    and update methods at the HTTP API layer. Additionally, it adds a
    decorator to the update_port_status AMQP API in ML2 since it updates
    the port table, which is a heavily locked table by ML2 making it a
    prime candidate for deadlocks.
    
    Nova has had relied on the deadlock retry mechanism for quite some
    time now. We were limping along by not using additional workers and
    by relying on the unyielding nature of the MySQL C driver to
    serialize everything.
    
    Closes-Bug: #1464612
    Change-Id: I635cc49ca69f589f99ab145d4d51e511b24194d2

commit 95b6a74af10e2150b017647028de8454ef1cda2f
Author: Aaron Rosen <aaronorosen@gmail.com>
Date:   Tue Jun 16 17:23:09 2015 -0700

ovsdb: session.rpc never initialized
    
    Previously, if idl.Transaction.commit_block() returned a status of
    TRY_AGAIN we would check self.api.idl._session.rpc.status which would
    result in an attribute error as rpc is None.
    
    This patch fixes this attribute error by removing this unneeded check. In
    addtion, the force_reconnect() is also removed as ovs.jsonrpc handles
    reconnecting automatically for us.
    
    Change-Id: Ibf3ce5cd3432845f8938a1d83637ecf59b14b5ca
    Closes-bug: 1465889

commit fc0c3a83659a86453acd5745a5632729b99cb3de
Author: Rawlin Peters <rawlin.peters@hp.com>
Date:   Mon Jun 15 10:57:02 2015 -0600

Remove duplicated debug logging around locking
    
    Currently, iptables_manager.py does extra unnecessary logging about lock
    acquisition and release. It uses lockutils.lock() which passes
    do_log=True by default, which causes lockutils.lock() to do debug
    logging about lock acquisition/release. IptablesManager itself also writes
    debug log info about lock acquisition and release.
    
    This change will eliminate unnecessary duplicate logging in order to
    reduce log noise about locking. This change is also related to
    https://github.com/harlowja/fasteners/commit/f88f2fea7fe250b7d26cdcbc84633ccbbc68eeee
    which reduces the logging level in the underlying lock implementation
    used by oslo.concurrency. That change along with this one will remove
    the duplicate debug logging about locking in iptables_manager.py and also in
    ipset_manager.py.
    
    Change-Id: If6f4a7101f3783ad83645e28bbb5c577dd403d3b
    Closes-Bug: 1464727

commit 8f2014ea556404fb99c78add1e46b80c718cf491
Author: Aman Kumar <amank@hp.com>
Date:   Tue Jun 16 05:32:44 2015 -0700

Refactor scan_ports() and update_ancillary_ports() in OVS Neutron Agent
    
    Used a helper method which contains the common code from scan_ports()
    and update_ancillary_ports(). And also renamed the name of
    update_ancillary_ports() method to scan_ancillary_ports() to have parity
    between normal ports and ancillary ports.
    
    Added unit tests for scan_ancillary_ports.
    
    Co-Authored-By: Romil Gupta <romilg@hp.com>
    
    Partial-Bug: #1329223
    
    Change-Id: I8b3e00a9371d5a03cc8b4be24bf20eec10bef5df

commit 4f46d2ae3a089f36512fae3bf49f155927095922
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Tue Jun 16 13:38:13 2015 +0000

Python3: do not change the size of a dict while iterating over it
    
    This does not work in Python3, so we have to store the items first.
    
    Change-Id: I7d8641f980fe62d2900559433d5060a6281a97f8
    Blueprint: neutron-python3

commit 0488ac707493575e084f02273df2c4ec598541ba
Author: Elena Ezhova <eezhova@mirantis.com>
Date:   Mon Jun 1 12:34:41 2015 +0300

Refactor TestRpcWorker and TestWorkerService
    
    TestRpcWorker and TestWorkerService have a duplicate test_reset.
    This patch introduces a base class from which tests for service
    workers can inherit.
    
    Change-Id: Ic4690c3b066b03c2fbb463f1329208ad1307d83d

commit fca84f69659e4e81790de405213f31e80fd8c239
Author: Ann Kamyshnikova <akamyshnikova@mirantis.com>
Date:   Tue Jun 2 18:45:51 2015 +0300

Juno_initial migration
    
    Havana was deprecated with the kilo release, and icehouse will be
    deprecated with the liberty release, so havana_inital migration should be
    removed and replaced with juno_initial.
    
    Closes-bug: #1461103
    
    Change-Id: I2e6802c9ab64d164bd888278d555dfeeaf47257b

commit 037f3111cd3968ff00593387daf2b832761e5ef4
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 16 09:21:42 2015 +0200

docs: added job to well known tox envlist
    
    This is to make 'tox -l' return the job name in its output (needed to
    allow run-docs.sh script in project-config to determine whether the job
    is present, to rely on it when generating docs in gate).
    
    Change-Id: I80eb169b7b4e5a3490586722c64394dbb724928d

commit 9fc422a93a00f4126e91fa79ffcd43903ea9c8ac
Author: Sean M. Collins <sean@coreitpro.com>
Date:   Mon Jun 15 13:51:05 2015 -0400

API Extensions: inherit from the ExtensionDescriptor
    
    For consistency in the codebase, API extensions should inherit from the
    abstract base class ExtensionDescriptor.
    
    Change-Id: Id4829c265866e80c042c433bebcc01383e1e7417

commit 34aa030847ed24ad6ca7759459cbe9a6d0f43db3
Author: Henry Gessau <gessau@cisco.com>
Date:   Mon Jun 15 14:47:21 2015 -0400

Remove fossilized remains
    
    Clean up ancient stuff that hasn't been touched in over 3 years.
    
    Change-Id: I67fcd85027fb6614cafe8d92ddbf8c24aed58a4f

commit f88f3dc8d6f7240d6c0d9d5006345b3a797ae067
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Wed Jun 10 16:18:40 2015 +0300

Refactor update_port in db_base_plugin_v2
    
    This commit is a preparation step for using pluggable IPAM.
    - moved validations into _validate_port_for_update;
    - updating ip addresses for port is backend specific, so
      moved into _update_port_with_ips in ipam_non_pluggable_backend;
    - writing port changes to db is common for both backends, so
      moved into _update_db_port in ipam_backend_mixin;
    - updated to use namedtuple to track add/original/remove ips;
    - added _make_fixed_ip_dict to exclude keys other than
      ip_address and subnet_id;
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: I1110e88f372b1d0cc7ec72049ba69a6d548da867

commit a89f99c6b700b1c6f918fe359c7271ac25ed4bc4
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Wed Jun 10 14:56:58 2015 +0300

Refactor _update_ips_for_port
    
    This commit is a preparation step for using pluggable IPAM.
    _update_ips_for_port was refactored and split into two methods:
    - _get_changed_ips_for_port
      This method contains calculations common for pluggable and
      non-pluggable IPAM implementation, was moved to ipam_backend_mixin.
    - _update_ips_for_port
      This method is specific for non-pluggable IPAM implementation, so it
      was moved to ipam_non_pluggable_backend_common.
    
    Other changes:
    - _update_ips_for_port now returns namedtuple with added, removed, original
      ips (previously added and original ips were returned).
      List of removed ips is required by pluggable IPAM implementaion
      to apply rollback-on-failure logic;
    - removed unused port_id argument from _update_ips_for_port argument list;
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: Id50b6227c8c2d94c35473aece080a6f106a5dfd8

commit a8619e9bd1247e8ec494c456aee9ee7163231f62
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Mon Jun 15 15:07:28 2015 +0000

Python 3: use dict.values instead of dict.itervalues
    
    This works with both Python 2 and 3, and should not have any performance
    impact.
    
    Change-Id: I2a14945c60de513b91c6f022ff5dcc503ce2a8ad
    Blueprint: neutron-python3

commit 62faedddf2b0315484a04bd9092e96a3a828e46a
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Mon Jun 15 16:15:11 2015 +0200

Put output of docs job into doc/build/html
    
    This is the path where jenkins/scripts/run-docs.sh that is used by gate
    to generate project documentation expects to see the output.
    
    Change-Id: Id276fa59edb33f7789ab06055300b4dc2385472a

commit ad1c7a35dec614a26de0a426950fa005df5f489d
Author: Sean M. Collins <sean@coreitpro.com>
Date:   Wed Jun 10 10:23:44 2015 -0400

Remove get_namespace from API extensions
    
    Based on the conversation on the ML.
    
    http://lists.openstack.org/pipermail/openstack-dev/2015-June/066219.html
    
    APIImpact
    DocImpact
    
    Closes-Bug: #1464023
    Depends-On: 6f900fc429bf24cb31e0d2f149aa732055fd5956
    Change-Id: I3c406910991c33cf959c5345d76153eabe3ace2d

commit b370c69b75fe38cd285512f9516ce428e8a806dd
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Tue Jun 9 16:00:58 2015 +0000

Ensure no "db" related functional/fullstack tests are skipped in the gate
    
    Currently neutron uses MySQLTestCase[1] and
    PostgreSQLOpportunisticTestCase[2] for functional and fullstack tests
    using a real MySQL/PostgreSQL database. These classes skip tests when
    the db is unavailable (db not installed/configured, missing packages,
    etc.) which is fine when tests are runned by developers but not when
    runned by the gate jobs.
    
    This change updates MySQLTestCase[1] and defines PostgreSQLTestCase[1]
    as PostgreSQL oslo.db test class wrapper: when the db is unavailable,
    these classes ensure tests will:
    
    * fail in the gate (dsvm-functional, dsvm-fullstack jobs),
    * be skipped by default otherwise (functional, fullstack jobs).
    
    [1] neutron.tests.common.base
    [2] oslo_db.sqlalchemy.test_base
    
    Closes-Bug: #1404093
    Change-Id: I77b12e728ce9a7b0222c3df081842635f6375a3e

commit 278a5fce29504c43d669feed210f7b3627616e22
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Wed Jun 10 22:35:11 2015 +0200

Use PyMySQL in MySQL related functional/fullstack tests
    
    mysql-python driver has been replaced by PyMySQL driver[1] in neutron
    code but MySQL related functional/fullstack tests try to use
    mysql-python driver because of MySQLOpportunisticTestCase[2] and tests
    are skipped because mysql-python driver is no more available.
    
    This change provides a backend implementation for mysql+pymysql, a base
    base testcase MySQLTestCase[2] using mysql+pymysql implementation
    (currently oslo.db provides none of them but will in the future) and
    replaces MySQLOpportunisticTestCase with MySQLTestCase.
    
    [1] I73e0fdb6eca70e7d029a40a2f6f17a7c0797a21d
    [2] neutron.tests.common.base
    
    Closes-Bug: #1463980
    Change-Id: Ic5c1d12ab75443e1cc290a7447eeb4b452b4a9dd

commit 1318437a0caf38e695a819848832a955fef7d909
Author: Eugene Nikanorov <enikanorov@mirantis.com>
Date:   Fri Jun 5 01:46:22 2015 +0400

Skip rescheduling networks if no DHCP agents available
    
    This eliminates the problem of unscheduled networks in case
    of communication failure between agents and servers which
    can occur if messaging queue service fails.
    
    Change-Id: Ied4fa301fc3d475bee25c47f3a01c2381ae9a01e
    Closes-Bug: #1461714

commit bb846c89ee120662eabdd4b0136fac82de076777
Author: Russell Bryant <rbryant@redhat.com>
Date:   Fri Jun 12 21:26:37 2015 -0400

Reflect project moves from stackforge to openstack.
    
    Several git repos were just moved from stackforge to openstack.
    Reflect the move in various places where the URL was in docs and
    comments.  In passing, also change URLs to git.openstack.org instead
    of github, as that is the official home of all of these repos.
    
    Change-Id: I6c79a192d6604cef01e88d5b305fcc2b0f9c6b30
    Co-Authored-By: Kyle Mestery <mestery@mestery.com>
    Signed-off-by: Russell Bryant <rbryant@redhat.com>
    Signed-off-by: Kyle Mestery <mestery@mestery.com>

commit 1710f7c72f2c509d1009ee36ba4f66b298967fe9
Author: Kobi Samoray <ksamoray@vmware.com>
Date:   Thu Jun 4 15:49:13 2015 +0300

VMWare NSXv: Add distributed URL locking to ini
    
    NSXv plugin supports distributed locking using tooz library.
    This patch adds the required parameter to the ini file.
    
    DocImpact
    
    Depends-On: Icbcec938c1c5ae7a528350f2f283388b81fa66b7
    Change-Id: I8a7c36d044c4be29b0dfa3fbb8e9379723cebd61

commit 9952abaab182f3ec701aad2397d6f3fcc0bacc7f
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Mon Jun 8 14:15:30 2015 +0300

Decompose db_base_plugin_v2.py with changes
    
    This commit is a preparation step for using pluggable IPAM.
    1. Moved get_subnets functionality to db_base_plugin_common to make it
    accessible by ipam backends.
    2. Reworked update_subnet routine:
    - moved db part into update_db_subnet;
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: Idb8f54d9fccaad1137222d156590c37d86aa576b

commit a5bf502fab57453a1aedd3a53ce89eaf464e1cd9
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Fri Jun 12 21:11:02 2015 +0200

Remove duplicate tunnel id check in sync_allocations
    
    Currently, gre/vxlan sync_allocations and _parse_tunnel_ranges both
    check tunnel id values. This change removes the check in gre/vxlan
    sync_allocations as they duplicate _parse_tunnel_ranges check and is
    less fine.
    
    Change-Id: I5827468aeaec5d6c79d469132b129aeb7da171e2

commit 901e6ae6fb05d65ccfc4a6602de4160c3a34031e
Author: Akihiro Motoki <motoki@da.jp.nec.com>
Date:   Sat Jun 13 02:14:17 2015 +0900

Remove meaningless no_delete from L3 test
    
    no_delete parameter was removed in Kilo and it no longer
    has any effect.
    
    Change-Id: Idf0f3ac24b3978392222efbf465cc9e6cfd5d346

commit ba2c44ef000221f8a18274a9569838d8c26014c0
Author: armando-migliaccio <armamig@gmail.com>
Date:   Fri Jun 12 08:58:05 2015 -0700

Revert "Revert "Set default of api_workers to number of CPUs""
    
    This reverts commit 12a564cf03e612dda36df26df8d28dfc75f1af6e.
    
    We should re-enable this feature on a controlled basis so that we can
    flush out any outstanding issue we may have.
    
    Related-bug: #1432189
    
    Change-Id: I2cfd93fdb032b461022b729347390ff8636ccdeb

commit 89a83bf199e7ea75c04f3205ff77987feed13184
Author: rossella <rsblendido@suse.com>
Date:   Thu Jun 11 10:43:36 2015 +0200

OVSNeutronAgent pass the config as parameter
    
    Instead of using the global cfg.CONF, pass the config as parameter.
    This is very useful to test the agent without having to override
    the global config.
    
    Change-Id: I45534d79e044da9f2be4d596a58310fb28b7bf22

commit 7e0222409dab6223579efea34ba0d3ccf93e11d3
Author: Pavel Bondar <pbondar@infoblox.com>
Date:   Thu Jun 11 17:23:41 2015 +0300

Refactor _update_subnet_allocation_pools
    
    Moved _update_subnet_allocation_pools to ipam_backend_mixin.py.
    Call _rebuild_availability_ranges with self to make it overridable
    on upper level (from non-pluggable backend).
    
    Partially-Implements: blueprint neutron-ipam
    
    Change-Id: If7b1e720f88a2f0177b6772a015ae216f19ee22d

commit 5ff082bcfe12647036e5b033bfc2bac514acdb42
Author: Dane LeBlanc <leblancd@cisco.com>
Date:   Tue Feb 24 15:47:01 2015 -0500

Stop sending gratuitous arp when ip version is 6
    
    This fix prevents calls to the arping utility for IPv6
    addresses, thereby eliminating errors reported by arping
    for IPv6 addresses.
    
    The assumption is that NDP, DAD, and RAs are sufficient
    for address resolution and duplicate address detection
    for IPv6, and that unsolicited Neighbor Advertisements (NAs)
    are not required for OpenStack services. If this turns out
    not to be the case for some service/feature, then a separate
    bug should be filed to add support for unsolicited NAs for
    that service.
    
    Change-Id: I14f869b7d488d7e691f7316eafcab3064e12cda6
    Closes-Bug: 1357068

commit 1552f311532fdbd03a79ecfc1fae488b072c5a14
Author: Ann Kamyshnikova <akamyshnikova@mirantis.com>
Date:   Tue Jun 9 11:30:06 2015 +0300

Fix Enum usage in 589f9237ca0e_cisco_n1kv_ml2_driver_tables
    
    PostgreSQL is more sensitive with types than MySQL, it creates a
    separate type when a Enum is created. In migration 589f9237ca0e
    type profile_type is trying to be created, but the type with such
    name was already created in havana_initial migration.
    
    The solution for this is not to create type in 589f9237ca0e
    migration when dialect is PostgreSQL and use already created.
    
    Closes-bug: #1463301
    
    Change-Id: I66e74d50cc70673de8635616076779cc20cde113

commit cd56a657a19a5a756d191c614becfd3e386b3c80
Author: OpenStack Proposal Bot <openstack-infra@lists.openstack.org>
Date:   Thu Jun 11 06:03:07 2015 +0000

Imported Translations from Transifex
    
    For more information about this automatic import see:
    https://wiki.openstack.org/wiki/Translations/Infrastructure
    
    Change-Id: If91f3ac94562cc5130dd5ea5ac5d71aec64b74e3

commit 7b51521e31f896d0095510b52644b728aaadca5a
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 10 21:45:41 2015 -0700

power grab
    
    The current core reviewers hierarchy didn't have a place for the
    parts of ML2 that weren't related to agent communication. For now
    we can put all of ML2 under the built-in control-plane until we
    decide it needs to be put somewhere else.
    
    Change-Id: Ic4924e0041c4cbb955d8fac0f96ec56406d6466e

commit 1c29fab7cb3e586be72dd7910e2022b45c809c5f
Author: Brian Haley <brian.haley@hp.com>
Date:   Thu Jun 4 23:54:31 2015 -0400

Change ensure_dir to not check directory exists first
    
    I224be69168ede8a496a5f7d59b04b722f4de7192 added an EEXIST
    check, so no need to check if the directory is already
    there, just try and create it.
    
    Change-Id: Iba51fc8263bf59326489319d0dd3f69af00a8eeb

commit 7c331be77fb6a835f1fb79c674d8d6c39c7eb357
Author: armando-migliaccio <armamig@gmail.com>
Date:   Wed Jun 10 16:53:25 2015 -0700

Document existence of br-tun and br-int in the OVS agent
    
    Question about the use of the two bridges has come up in the past
    multiple times, so let's fill the gap in the developer documentation.
    
    A user-facing documentation patch will have to follow up, if we want
    to be very thorough.
    
    Change-Id: I6dac0f9bdaf7b3b7bff8745d4103ccc71df61a0a

commit 9c8a19ba4032f98ecbffe53c4e731587550ded96
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Wed Jun 10 22:08:45 2015 +0200

Correct indentation in neutron.api.v2.attributes
    
    This change corrects subnetpool resource definition indentation in
    neutron.api.v2.attributes.
    
    Change-Id: I6738ff6b73bd0b943cec32f14ccb8946ba28d2e3

commit fd85b3ead32cd988e93f1d33d219ffd52cd77a51
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Wed Jun 10 10:20:58 2015 +0000

Python3: replace 'unicode' with 'six.text_type'
    
    In Python 3, 'unicode' does not exist; 'six.text_type' should be used instead.
    
    Change-Id: I71011b4beee9817a61278eb473804cfb798de74a
    Blueprint: neutron-python3

commit c34ce7c9845cc56f981e0ee8714d1f9345df5852
Author: Saksham Varma <sakvarma@cisco.com>
Date:   Tue Apr 7 18:12:02 2015 -0700

Moving out the cisco n1kv section to stackforge
    
    Since most of the n1kv plugin code resides in stackforge/networking-cisco
    repo, it's best to move the n1kv section there
    
    Change-Id: Ic1388980dea0d27dfa5e84869f1f20cc9bff78e5
    Closes-Bug: #1441400

commit 27df3e9fb98407e94bdeb9df493a9a3a0be639ca
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Mon Jun 1 22:29:39 2015 +0200

Ensure no "agent" functional tests are skipped in the gate
    
    Some "agent" functional tests[1] can be skipped if some requirements are
    not satisfied in order to allow developers to run functional tests on
    various environments. These tests should not be skipped in the gate.
    
    This change defines the decorator no_skip_on_missing_deps[2] to ensure
    no "agent" functional tests are skipped in the gate. More precisely
    no_skip_on_missing_deps transforms a skipTest into an error in:
    
    * dsvm-functional and dsvm-fullstack jobs,
    * functional and fullstack jobs when OS_FAIL_ON_MISSING_DEPS is
      evaluated as True.
    
    The change enlarges OS_FAIL_ON_MISSING_DEPS environment variable scope
    (ie: missing dependencies + system requirements).
    
    [1] in neutron.tests.functional
    [2] in neutron.tests.common.base
    
    Change-Id: Iacd4a5ef249fc1d7c75135ead9d0cf99d8a98a06
    Closes-Bug: #1459844

commit ca63dfd0f39c7d691247c146b7529937c5804c9e
Author: Romil Gupta <romilg@hp.com>
Date:   Wed Jun 10 09:43:56 2015 -0700

Remove useless pass from methods in type_tunnel.py
    
    The pass is useless because there is a docstring in the methods.
    Generally considered as uncovered by coverage tool.
    
    Change-Id: Id1275c51e9adb865a3da9f0db007f3092b55b140

commit 87fecfcc50f371d8dd593b3cd372da9db56f39c6
Author: Sean M. Collins <sean@coreitpro.com>
Date:   Wed Jun 10 10:29:33 2015 -0400

Make Vlantransparent extension inherit from ExtensionDescriptor
    
    Change-Id: Ic615578a1fe1d401b53d0b44ff5275d9518b97fd

commit eeacb95e65a749ce3a032246c36d10cad9df22b1
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Wed Jun 10 13:10:54 2015 +0200

Actually allow to pass TRACE_FAILONLY to ostestr
    
    The comment below suggests to use TRACE_FAILONLY to fail quickly when
    running unit tests, while tox 2.0 does not allow to pass envvars from
    the cli caller unless they are explicitly mentioned in passenv=
    directive.
    
    Change-Id: I6861498e7609b0c21fad844009420ea9734e2352

commit 1c124a309bc941c078b8bb622ea248a3ed3829e1
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 9 11:28:10 2015 +0200

Switch to os-testr to control testr
    
    It's a nice wrapper spinned out recently from tempest-lib that should
    cover all our needs that we currently fulfill with pretty_tox.sh.
    
    Change-Id: I2268ed45ab628fe5dcab657d6287594847ab587c

commit da42745c466c14e6dbe58cdbc830ae5d1c8bb114
Author: Jakub Libosvar <libosvar@redhat.com>
Date:   Tue Jun 9 16:08:50 2015 +0000

Introduce functions using arping executable
    
    The arpinger is gonna be used in the next changeset introducing
    connection testers.
    
    Change-Id: I90ae32c2f52f1debfb11ae2a08b2828ee2be04cc

commit 328b72cf8c5f514434de0b73c9137bde52b5eeea
Author: Kevin Benton <kevinbenton@buttewifi.com>
Date:   Wed Jun 10 07:04:25 2015 +0000

Revert "Defer segment lookup in NetworkContext object"
    
    This reverts commit e61865807c4c8ff959a7746fe3e17f1ae574c9d0.
    
    This patch likely violated the idea of a NetworkContext
    being a snapshot of the network at the time it was created.
    This needs a different approach.
    
    Change-Id: I20b132a0181d35b0517330fb7fbf293c3e979d0e

commit e33d92c894df4664d01d040ba4305c7cb4ef6e27
Author: Fawad Khaliq <fawad@plumgrid.com>
Date:   Tue Jun 9 22:18:18 2015 -0700

Added networking-plumgrid in plugin requirements
    
    Closes-Bug: 1463665
    Change-Id: I7152dedd83659ee51274be31ef305af9e82d695a

commit f08e9f1f53efa97e07f21ca72a940fcbeb4570e5
Author: Jeremy Stanley <fungi@yuggoth.org>
Date:   Wed May 20 01:03:59 2015 +0000

Switch from MySQL-python to PyMySQL
    
    As discussed in the Liberty Design Summit "Moving apps to Python 3"
    cross-project workshop, the way forward in the near future is to
    switch to the pure-python PyMySQL library as a default.
    
    https://etherpad.openstack.org/p/liberty-cross-project-python3
    
    Change-Id: I73e0fdb6eca70e7d029a40a2f6f17a7c0797a21d

commit 6886655b491aede40aa9f4a0bd4c6d402d5a7a78
Author: Salvatore Orlando <salv.orlando@gmail.com>
Date:   Tue Apr 28 04:59:35 2015 -0700

Context: Remove logic for read_deleted and deprecate it
    
    The read_deleted parameter in the Context object is simply unused.
    This patch removes associated logic, and for what is worth, adds
    deprecation warnings against explicit usage of read_deleted when
    creating a context instance, generate an admin context, and
    elevating a context instance.
    
    Change-Id: Ic69d22dc229ebe8fac1f6be0c4860d19732505b1
    Closes-Bug: #1449462

commit 303f37f4e0c84f90e40b95731a828fc6ce8a0bbf
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Mon Jun 8 16:09:49 2015 +0000

Python 3: use next() instead of iterator.next()
    
    The latter only works in Python 2.
    
    Also define a __next__ method in the classes that define a next method.
    
    Change-Id: Iaa1a1e500facab50d8bcdffda39ccad3f2e4e9bb
    Blueprint: neutron-python3

commit 9143ce10e422bd17c4817dfe08163879e0e5a4ca
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Thu Apr 23 12:12:52 2015 +0200

Consume oslo.policy
    
    Some non intrusive changes to tests are needed, so that we don't rely on
    library symbols that are now private (f.e. parse_rule).
    
    Closes-Bug: #1458945
    Change-Id: I90326479e908042fec9ecb25fa19a8dd5b15e7d8

commit 66fece4f84e62f14fb59a721b37986784976d0c4
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Thu Apr 23 14:03:52 2015 +0200

policy: cleanup deprecation code to handle old extension:xxx rules
    
    It served and warned users for enough time (since Icehouse) to be sure
    everyone was notified about the need to update their policy file.
    
    Change-Id: I240b935741e49fbf65c0b95715af04af4b2a73e7

commit 53ec63c430d123cd1ed4acd3b94537e9cb380bcd
Author: Romil Gupta <romilg@hp.com>
Date:   Thu Jun 4 04:21:14 2015 -0700

Fix a regression in "Separate ovs-ofctl using code as a driver" change
    
    The tunnels are not getting established between Network Node and
    Compute Nodes in non DVR mode with l2pop enabled and throws
    the AttributeError: add_tunnel_port.
    
    This fixes a regression in change Ie1224f8a1c17268cd7d1c474ed82fdfb8852eaa8.
    
    Co-Authored-By: YAMAMOTO Takashi <yamamoto@midokura.com>
    Closes-Bug: #1461486
    Change-Id: I1106fd3dd32f6f827eb25dec4815ff1120af96f0

commit 753196480d9cca10c5b91dfa8221e89f658fa110
Author: Jakub Libosvar <libosvar@redhat.com>
Date:   Wed May 27 13:54:06 2015 +0000

Break Pinger class to functions
    
    As the class served only for storing parameters that can be passed as
    actual function parameters, there is no reason for class.
    
    Change-Id: I553b4d6daeb78d495cda09894582a3d885b5d1b5

commit 6d0d72973152bb45587437c80d4ffe0fe7bba761
Author: Elena Ezhova <eezhova@mirantis.com>
Date:   Tue Apr 7 14:58:13 2015 +0300

Handle SIGHUP: neutron-server (multiprocess) and metadata agent
    
    All launchers implemented in common.service require each service to
    implement reset method because it is called in case a process
    receives a SIGHUP.
    
    This change adds the reset method to neutron.service.RpcWorker and
    neutron.wsgi.WorkerService which are used to wrap rpc and api
    workers correspondingly.
    
    Now neutron-server running in multiprocess mode (api_workers > 0 and
    rpc_workers > 0) and metadata agent don't die on receiving SIGHUP and support
    reloading policy_path and logging options in config.
    
    Note that reset is called only in case a service is running in daemon mode.
    
    Other changes made in the scope of this patch that need to be mentioned:
    
    * Don't empty self._servers list in RpcWorker's stop method
    
      When a service is restarted all services are gracefully shutdowned,
      resetted and started again (see openstack.common.service code).
      As graceful shutdown implies calling service.stop() and then
      service.wait() we don't want to clean self._servers list because
      it would be impossible to wait for them to stop processing
      requests and cleaning up their resources.
      Otherwise, this would lead to problems with rpc after starting
      the rpc server again.
    
    * Create a duplicate socket each time WorkerService starts
    
      When api worker is stopped it kills the eventlet wsgi server
      which internally closes the wsgi server socket object. This server
      socket object becomes not usable which leads to "Bad file
      descriptor" errors on service restart.
    
    Added functional and unit tests.
    
    DocImpact
    Partial-Bug: #1276694
    Change-Id: I75b00946b7cae891c6eb192e853118e7d49e4a24

commit ea35b299f06050608f3e7bb6fbc880006ed31024
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 3 18:25:14 2015 -0700

Allow update_port_status to take network param
    
    Allow the update_port_status function to take a network as
    an optional parameter to skip calling get_network again if
    the caller has already done so.
    
    Closes-Bug: #1463656
    Change-Id: I994f3abdb1b0ad3b2766f409b206ad4a8b2309b6

commit d0be7bc57f573d5696108b571c731decfbde9f0b
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 9 12:46:54 2015 +0200

Make pep8 job succeed when /etc/neutron/neutron.conf is not installed
    
    Currently, if /etc/neutron/neutron.conf is not installed in the system,
    neutron-db-manage fails in oslo.config code when trying to determine the
    default configuration file to use.
    
    Test job should not rely on any contents inside /etc/.
    
    Instead, pass --config-file with test-only configuration explicitly into
    the utility.
    
    neutron.conf.test was renamed into neutron.conf since for some reason
    oslo.config does not support a name that does not have .conf at its
    filename end.
    
    Change-Id: I719829fc83a7b20a49c338aaf1dbef916dcc768c

commit 826428dc8aeef124c2251624ae34fdc003e69ca4
Author: YAMAMOTO Takashi <yamamoto@midokura.com>
Date:   Tue Jun 9 19:00:40 2015 +0900

Add a comment on _check_update_has_security_groups
    
    Despite of its name, _check_update_has_security_groups can
    handle create requests as well.  There are plugins actually
    using it for create.  eg. ml2, vmware
    
    Change-Id: I3c26ad0ac00b12ce24096bfc27606797af2d9098

commit 6b13cc5275df53c765c450d570521c425c3345d9
Author: Ihar Hrachyshka <ihrachys@redhat.com>
Date:   Tue Jun 9 10:57:29 2015 +0200

Enable all deprecation warnings for test runs
    
    We would like to catch all deprecation warnings during test runs to be
    notified in advance about potential problems with next library releases
    we depend on.
    
    Change-Id: I876d8c4de88618b01898ab537a44920789d8178e

commit 734e77365b0f241a3cea0f3c9dfb1d5fcf6eac8c
Author: Salvatore Orlando <salv.orlando@gmail.com>
Date:   Fri Apr 17 15:00:20 2015 -0700

Remove get_admin_roles and associated logic
    
    get_admin_roles was introduced so that contextes generated from
    within plugins could be used for policy checks. This was the case
    up to the Havana release as several plugins invoked the policy
    engine directly to authorize requests.
    
    This was an incorrect behaviour and has now been fixed, meaning
    that get_admin_roles is no longer need and can be safely removed.
    This will result in a leaner and more reliable codebase. Indeed the
    function being removed here was the cause of several bugs where the
    policy engine was initialized too early in the server bootstrap
    process.
    While this patch removes the feature it does not remove the
    load_admin_roles parameter from context.get_admin_context. Doing so
    will break other projects such as neutron-lbaas. The parameter is
    deprecated by this patch and an appropriate warning emitted.
    
    As a consequence neutron's will now no longer perform policy checks
    when context.is_admin=True. This flag is instead set either when
    a context is explicitly created for granting admin privileges, or
    when Neutron is operating in noauth mode. In the latter case every
    request is treated by neutron as an admin request, and get_admin_roles
    is simply ensuring the appropriate roles get pushed into the context
    so that the policy engine will grant admin rights to the request.
    This behaviour is probably just a waste of resource; also it is not
    adding anything from a security perspective.
    
    On the other hand not performing checks when context.is_admin is
    True should not pose a security threat either in noauth mode or
    with the keystone middleware. In the former case the software keeps
    operating assuming admin rights for every requests, whereas in the
    latter case the keystone middleware will always supply a context
    with the appropriate roles, and there is no way for an attacker
    to trick keystonemiddleware into generating a context for which
    is_admin=True.
    
    Finally, this patch also does some non-trivial changes in test_l3.py
    as some tests were mocking context.to_dict ignoring the is_admin flag.
    
    Closes-Bug: #1446021
    
    Change-Id: I8a5c02712a0b43f3e36a4f14620ebbd73fbfb03f

commit 89c0875178f22651109a85d3c522d80324368caf
Author: Gal Sagie <gal.sagie@huawei.com>
Date:   Mon Jun 8 14:27:47 2015 +0300

Add documentations for VXLAN Tunnels
    
    The VXLAN type driver is currently supported, this patch add
    description and links for more information to the user.
    
    Change-Id: Idb221ca4cce1a3a27bebe5ae6fc1e6ab5d030836

commit e61865807c4c8ff959a7746fe3e17f1ae574c9d0
Author: Kevin Benton <blak111@gmail.com>
Date:   Wed Jun 3 19:03:29 2015 -0700

Defer segment lookup in NetworkContext object
    
    Avoid call to get network segments for network context objects until
    a caller actually tries to lookup the segments. This optimizes cases
    where the user of a port context never looks at the segments of the
    associated network context (e.g. update_port_status).
    
    Closes-Bug: #1463254
    Change-Id: I7e95f81d9a3ef26ccdb18c6bfdf9adc29523aa79

commit d0bbfc090bb25f1e05b98f0ad70c18209b87ed6b
Author: Zhenguo Niu <niuzhenguo@huawei.com>
Date:   Tue Jun 9 08:28:45 2015 +0800

Fix typos in docs
    
    Change-Id: I71aeb8f1e5fc5f3e330e593a463858dd65e6093b

commit b322ebae09cc59ed0a860ea6e39ed9b6fa6c5c12
Author: yuyangbj <yangyu@vmware.com>
Date:   Wed May 13 14:07:36 2015 +0800

Fixes bulk insertion of data to ml2_port_binding
    
    We should use schema definition to insert bulk of data to table.
    Closes-Bug: #1454566
    
    Change-Id: I66b3ee8c2f9fa6f04b9e89dc49d1a3d277d63191

commit 3a5a8a62c372f3a516caa59fd655dcf923a82519
Author: Kyle Mestery <mestery@mestery.com>
Date:   Mon Jun 8 15:27:23 2015 +0000

Add Neutron PTL Office Hours
    
    To ensure a weekly oppurtunity to sync between the PTL and the
    Lieutenants, officially setup Neutron PTL Office Hours.
    
    Depends-On: Ia5c8090e90939097104cb95c0aa3b883f7b4dd9b
    Change-Id: Iab3c21764937ebb3a1d0553b3a3d42b5c44bf3cc
    Signed-off-by: Kyle Mestery <mestery@mestery.com>

commit 00899b56213753d523842f29d50353a067df6064
Author: Cyril Roelandt <cyril@redhat.com>
Date:   Mon Jun 8 14:42:18 2015 +0000

Python3: Enable all working tests in tox.ini
    
    Thanks to the recent Python3-related changes, these tests can now be run on
    Python 3.
    
    Change-Id: I7f689e221e59128012d46da2c90e61d5206fe828
    Blueprint: neutron-python3

commit 725543684cbe0df0edc4b6924f85e63e1628fa92
Author: rossella <rsblendido@suse.com>
Date:   Thu Mar 5 09:24:10 2015 +0000

Add get_events to OVSDB monitor
    
    OVSDB monitor can generate the events that the OVS agent
    needs to process (device added or updated). Instead of
    notifying only that a change occurred and that polling
    is needed, pass the events to the agent
    
    Change-Id: I3d17bf995ad4508c4c6d089de550148da1465fa1
    Partially-Implements: blueprint restructure-l2-agent

commit b239f75644bfdfec86f8a8efdabd6b11b766e822
Author: shihanzhang <shihanzhang@huawei.com>
Date:   Tue May 26 16:42:44 2015 +0800

Update ipset members when corresponding sg member is empty
    
    if a security group has a rule with 'remote-group-id', the ports
    in this security group should update its relevant ipset member
    when the remote-group members is empty.
    
    Change-Id: I980ebfd8f6537f803d9d5cbf21ca33f727fea3b3
    Closes-bug: #1458786

commit 127de06c7e09e1468f2855a3033fb6193a6b9365
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Wed May 6 22:40:39 2015 +0200

Clean only floating-ip related connection states
    
    Currently init_l3 deletes connection states related to ALL ips deleted
    in init_l3 but it's required only when floating-ips are deleted[1].
    
    This change deletes only connection states related to floating-ips
    deleted in init_l3 ... it avoids to delete connection states in dhcp
    agents and on router internal ports!
    
    [1] look at change Ia9bd7ae243a0859dcb97e2fa939f7d16f9c2456c
    
    Closes-Bug: #1452434
    Related-Bug: #1334926
    Change-Id: Icfcfc585df6fd41de1e1345fd731e4631a6950ce

commit 713ba0e8d7ce59eaff41518360530b2e7831c322
Author: Carl Baldwin <carl.baldwin@hp.com>
Date:   Thu Jun 4 22:25:44 2015 +0000

Refactor awkward logic in setup_dhcp_port
    
    I noticed this logic as I was reviewing another patch set [1].  I
    didn't like removing subnet ids from dhcp_enabled_subnet_ids and I
    wasn't too keen on the ips_need_removal semantics that were kind of
    forced by the existing structure of the code.  I hope you find this
    alternative much clearer.  I like straight-forward code with less
    indentation that doesn't use awkward booleans like ips_needs_removal.
    
    [1] https://review.openstack.org/#/c/157697/6
    
    Change-Id: I8bd3d6924a855ea08f8096e66bd3bfbb165a4da3

commit 45b28ddfe8ac23871e65feb4132d5f048c783222
Author: Vincent Legoll <vincent.legoll@iphc.cnrs.fr>
Date:   Fri Jun 5 13:05:48 2015 +0200

Fix typo in test class name
    
    Make "Redering" -> "Rendering"
    
    Change-Id: Ieedb446fa1e06705eb70293d83350d4dfd57d2db
    Signed-off-by: Vincent Legoll <vincent.legoll@iphc.cnrs.fr>

commit 359b7c971a88f6dff64e8e4d558210a880f3ee0f
Author: Ian Wienand <iwienand@redhat.com>
Date:   Thu May 7 14:59:38 2015 +1000

Ensure netfilter is enabled for bridges
    
    Since security-groups use iptables rules on Linux bridges, we need to
    ensure that netfilter is enabled for bridges.  Unfortunately, there
    seems to be a long history of distributions having differing defaults
    for this, best described in [1].
    
    It seems at the moment everyone has to discover this for themselves;
    packstack found it in Ia8c86dcb31810a8d6b133a161388604fde9bead4, then
    fuel found the same thing in I8582c24706c3a7253e00569eef275f116d765bca
    and then finally someone else hit it and put it into documentation
    with I4ed3cec03a1b3a7d56dfe18394154ec1b2db6791.  I just spent a long
    time figuring it out too when deploying with devstack.
    
    Rather than having yet another fix in devstack, I don't see why
    neutron shouldn't be ensuring the setting is correct when it starts up
    -- without these settings enabled, security-groups are silently
    broken.  This does that, and modifies test-cases to check we make the
    calls.
    
    [1] http://wiki.libvirt.org/page/Net.bridge-nf-call_and_sysctl.conf
    
    Change-Id: If2d316eb8c422dc1e4f34b17a50b93dd72993a99

commit 3682e3391f188845d0c7f382f0ccd4b38db3904e
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Mon May 4 23:36:19 2015 +0200

Ensure non-overlapping cidrs in subnetpools without galera
    
    _get_allocated_cidrs[1] locks only allocated subnets in a subnetpool
    (with mysql/postgresql at least). It ensures we don't allocate a cidr
    overlapping with existent cidrs but nothing disallows a concurrent
    subnet allocation to create a subnet in the same subnetpool.
    
    This change replaces the lock on subnetpool subnets by a lock on the
    subnetpool itself. It disallows to allocate concurrently 2 subnets in
    the same subnetpool and ensure non-overlapping cidrs in the same
    subnetpool.
    
    Moreover this change solves a trouble with postgresql which disallows
    to lock an empty select with an outer join: it happens on first subnet
    allocation in a subnetpool when no specific cidr is provided. Moving
    the lock ensures the lock is done on a non-empty select.
    
    But this change does not ensure non-overlapping cidrs in subnetpools
    with galera because galera doesn't support SELECT FOR UPDATE locks. A
    follow-up change will (try to?) remove locks from subnet allocation[1]
    in order to ensure non-overlapping cidrs in subnetpools also with galera.
    
    [1] in neutron.ipam.subnet_alloc.SubnetAllocator
    
    Closes-Bug: #1451558
    Partial-Bug: #1451576
    Change-Id: I73854f9863f44621ae0d89c5dc4893ccc16d07e4

commit 3d2543d710c7071ffeb5c9857ac30a4d95695a7b
Author: dql <duquanglong@gmail.com>
Date:   Mon Mar 9 12:52:11 2015 +0800

fix DHCP port changed when dhcp-agent restart
    
    When DHCP server is started, the periodic task is running
    before loading cache state.The method port_update_end
    need to use the cache information, but the cache information
    has not been loaded.
    
    Change-Id: I0d1da11bb559b7f0f9d4428b82573fb26916a933
    Closes-Bug: #1420042

commit 6d15bf48ee27ceab64e88f81ba6433058313759a
Author: Cedric Brandily <zzelle@gmail.com>
Date:   Sat May 9 00:52:29 2015 +0200

Remove from BridgeDevice homemade execute in namespace
    
    Currently BridgeDevice[1] defines homemade execute with namespace
    support but could use IPWrapper. This change replaces homemade
    implementation with IPWrapper use to respect DRY principle.
    
    [1] neutron.agent.linux.bridge_lib
    
    Change-Id: I12d4d40432e57ce8b6960276c41321c1efd98705

commit 7260e0e3fc2ea479e80e0962624aca7fd38a1f60
Author: Henry Gessau <gessau@cisco.com>
Date:   Mon Apr 27 09:59:21 2015 -0400

Run radvd as root
    
    During the refactoring of external process management radvd lost
    its root privileges.
    
    Closes-bug: 1448813
    
    Change-Id: I84883fe81684afafac9b024282a03f447c8f825a
    (cherry picked from commit a5e54338770fc074e01fa88dbf909ee1af1b66b2)

commit 4e71c48bbfd5e8b8c59f0c45ade52ba8eddc8b63
Author: rossella <rsblendido@suse.com>
Date:   Thu Jan 15 16:15:23 2015 +0100

Add devices to update in RPC call security_groups_provider_updated
    
    When a security_groups_provider_updated is received then a global
    refresh of the firewall is performed. This can be avoided if the
    plugins pass as parameter of the call the devices that belongs to
    the network updated.
    
    Partially-Implements: blueprint restructure-l2-agent
    Change-Id: I1e78f3a5ec7e5c5bcba338a0097566422411ef7e