Resolve hostnames if needed to allow access in ufw
In some cases juju 1.25 (with maas 1.9) may return a hostname in the private-address field breaking the assumption that private-address will always be an IP address. This patch uses socket.getaddrinfo() to assure an IP address is given to ufw. Change-Id: I99b0110beed6075164eb549ec2433071af699c04 Closes-Bug: 1747516
This commit is contained in:
parent
6c549d8018
commit
4896ac5b5b
@ -1,6 +1,7 @@
|
||||
import json
|
||||
import os
|
||||
import re
|
||||
import socket
|
||||
import subprocess
|
||||
import shutil
|
||||
import tempfile
|
||||
@ -136,6 +137,20 @@ FIRST = 1
|
||||
KV_DB_PATH = '/var/lib/juju/swift_storage/charm_kvdata.db'
|
||||
|
||||
|
||||
def _ensure_ip(value):
|
||||
"""Ensure to always return an ip address.
|
||||
|
||||
:param value: IP address or domain
|
||||
|
||||
See LP: #1747516
|
||||
"""
|
||||
if not value:
|
||||
return value
|
||||
|
||||
resp = socket.getaddrinfo(value, None)
|
||||
return resp[0][4][0]
|
||||
|
||||
|
||||
def ensure_swift_directories():
|
||||
'''
|
||||
Ensure all directories required for a swift storage node exist with
|
||||
@ -620,7 +635,7 @@ def setup_ufw():
|
||||
allowed_hosts = RsyncContext()().get('allowed_hosts', '').split(' ')
|
||||
|
||||
# Storage clients (swift-proxy)
|
||||
allowed_hosts += [ingress_address(rid=u.rid, unit=u.unit)
|
||||
allowed_hosts += [_ensure_ip(ingress_address(rid=u.rid, unit=u.unit))
|
||||
for u in iter_units_for_relation_name('swift-storage')]
|
||||
|
||||
# Grant access for peers and clients
|
||||
|
@ -500,3 +500,10 @@ class SwiftStorageUtilsTests(CharmTestCase):
|
||||
for port in ports:
|
||||
calls.append(call(addr, port))
|
||||
mock_grant_access.assert_has_calls(calls)
|
||||
|
||||
def test_ensure_ip(self):
|
||||
self.assertEqual(swift_utils._ensure_ip('ubuntu.com'), '91.189.94.40')
|
||||
self.assertEqual(swift_utils._ensure_ip('91.189.94.40'),
|
||||
'91.189.94.40')
|
||||
self.assertEqual(swift_utils._ensure_ip('2001:67c:1560:8001::14'),
|
||||
'2001:67c:1560:8001::14')
|
||||
|
Loading…
Reference in New Issue
Block a user