From 71a303db65c431e64452b25109229b380dc42484 Mon Sep 17 00:00:00 2001 From: Liam Young Date: Fri, 6 Jan 2017 11:00:05 +0000 Subject: [PATCH] Expose metadata config options Expose the 'enable_metadata_network' and 'enable_isolated_metadata' configuration options. enable_isolated_metadata enables metadata the metadata service on networks with no router port. Change-Id: If773109007a456385adebf295d044247417135db Closes-Bug: 1514901 --- config.yaml | 11 ++++++++++ hooks/neutron_contexts.py | 8 ++++++++ templates/mitaka/dhcp_agent.ini | 24 ++++++++++++++++++++++ unit_tests/test_neutron_contexts.py | 31 +++++++++++++++++++++++++++++ 4 files changed, 74 insertions(+) create mode 100644 templates/mitaka/dhcp_agent.ini diff --git a/config.yaml b/config.yaml index bd97e914..f0b98de9 100644 --- a/config.yaml +++ b/config.yaml @@ -268,3 +268,14 @@ options: description: | Experimental enable apparmor profile. Valid settings: 'complain', 'enforce' or 'disable'. AA disabled by default. + enable-metadata-network: + type: boolean + default: False + description: | + The metadata network is used by solutions which do not leverage the l3 + agent for providing access to the metadata service. + enable-isolated-metadata: + type: boolean + default: False + description: | + Enable metadata on an isolated network (no router ports). diff --git a/hooks/neutron_contexts.py b/hooks/neutron_contexts.py index 599e97f6..4d82b783 100644 --- a/hooks/neutron_contexts.py +++ b/hooks/neutron_contexts.py @@ -93,6 +93,8 @@ class NeutronGatewayContext(NeutronAPIContext): 'enable_l3ha': api_settings['enable_l3ha'], 'overlay_network_type': api_settings['overlay_network_type'], + 'enable_metadata_network': config('enable-metadata-network'), + 'enable_isolated_metadata': config('enable-isolated-metadata'), } fallback = get_host_ip(unit_get('private-address')) @@ -131,6 +133,12 @@ class NeutronGatewayContext(NeutronAPIContext): ctxt['network_device_mtu'] = net_dev_mtu ctxt['veth_mtu'] = net_dev_mtu + # Override user supplied config for these plugins as these settings are + # mandatory + if ctxt['plugin'] in ['nvp', 'nsx', 'n1kv']: + ctxt['enable_metadata_network'] = True + ctxt['enable_isolated_metadata'] = True + return ctxt diff --git a/templates/mitaka/dhcp_agent.ini b/templates/mitaka/dhcp_agent.ini new file mode 100644 index 00000000..f2f2fea1 --- /dev/null +++ b/templates/mitaka/dhcp_agent.ini @@ -0,0 +1,24 @@ +############################################################################### +# [ WARNING ] +# Configuration file maintained by Juju. Local changes may be overwritten. +############################################################################### +[DEFAULT] +state_path = /var/lib/neutron +interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver +dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq +root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf + +{% if instance_mtu or dnsmasq_flags -%} +dnsmasq_config_file = /etc/neutron/dnsmasq.conf +{% endif -%} + +enable_metadata_network = {{ enable_metadata_network }} +enable_isolated_metadata = {{ enable_isolated_metadata }} + +{% if plugin == 'n1kv' %} +resync_interval = 30 +use_namespaces = True +dhcp_lease_time=3600 +{% else %} +ovs_use_veth = True +{% endif %} diff --git a/unit_tests/test_neutron_contexts.py b/unit_tests/test_neutron_contexts.py index d95be7c1..5f32acbc 100644 --- a/unit_tests/test_neutron_contexts.py +++ b/unit_tests/test_neutron_contexts.py @@ -166,6 +166,8 @@ class TestNeutronGatewayContext(CharmTestCase): 'vlan_ranges': 'physnet1:1000:2000,physnet2:2001:3000', 'network_device_mtu': 9000, 'veth_mtu': 9000, + 'enable_isolated_metadata': False, + 'enable_metadata_network': False, 'dnsmasq_flags': { 'dhcp-userclass': 'set:ipxe,iPXE', 'dhcp-match': 'set:ipxe,175' @@ -216,12 +218,41 @@ class TestNeutronGatewayContext(CharmTestCase): 'vlan_ranges': 'physnet1:1000:2000,physnet2:2001:3000', 'network_device_mtu': 9000, 'veth_mtu': 9000, + 'enable_isolated_metadata': False, + 'enable_metadata_network': False, 'dnsmasq_flags': { 'dhcp-userclass': 'set:ipxe,iPXE', 'dhcp-match': 'set:ipxe,175' } }) + @patch('charmhelpers.contrib.openstack.context.relation_get') + @patch('charmhelpers.contrib.openstack.context.related_units') + @patch('charmhelpers.contrib.openstack.context.relation_ids') + @patch.object(neutron_contexts, 'get_shared_secret') + def test_dhcp_settings(self, _secret, _rids, _runits, _rget): + self.test_config.set('enable-isolated-metadata', True) + self.test_config.set('enable-metadata-network', True) + self.network_get_primary_address.return_value = '192.168.20.2' + self.unit_get.return_value = '10.5.0.1' + ctxt = neutron_contexts.NeutronGatewayContext()() + self.assertTrue(ctxt['enable_isolated_metadata']) + self.assertTrue(ctxt['enable_metadata_network']) + + @patch('charmhelpers.contrib.openstack.context.relation_get') + @patch('charmhelpers.contrib.openstack.context.related_units') + @patch('charmhelpers.contrib.openstack.context.relation_ids') + @patch.object(neutron_contexts, 'get_shared_secret') + def test_dhcp_setting_plug_override(self, _secret, _rids, _runits, _rget): + self.test_config.set('plugin', 'nsx') + self.test_config.set('enable-isolated-metadata', False) + self.test_config.set('enable-metadata-network', False) + self.network_get_primary_address.return_value = '192.168.20.2' + self.unit_get.return_value = '10.5.0.1' + ctxt = neutron_contexts.NeutronGatewayContext()() + self.assertTrue(ctxt['enable_isolated_metadata']) + self.assertTrue(ctxt['enable_metadata_network']) + class TestSharedSecret(CharmTestCase):