Move metadata_service deployment out of DF code
The deployment should be done via deployment scripts and not in the code (nor in plugin.sh directly, as to allow production deployment). Moved the deployment to a script located in the tools directory, which is now called from the plugin.sh, and may be called from any production deployment mechanism. Partial-Bug: #1781376 Change-Id: I90a7e8a87764354ab9e2a8ab149f00f2eaea94f5
This commit is contained in:
parent
cbb9993b3d
commit
f624265558
@ -184,6 +184,10 @@ function configure_df_metadata_service {
|
||||
iniset $DRAGONFLOW_CONF df_metadata ip "$DF_METADATA_SERVICE_IP"
|
||||
iniset $DRAGONFLOW_CONF df_metadata port "$DF_METADATA_SERVICE_PORT"
|
||||
iniset $DRAGONFLOW_CONF df_metadata metadata_interface "$DF_METADATA_SERVICE_INTERFACE"
|
||||
pushd $DRAGONFLOW_DIR
|
||||
# TODO(snapiri) When we add more switch backends, this should be conditional
|
||||
tools/ovs_metadata_service_deployment.sh install $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP
|
||||
popd
|
||||
fi
|
||||
}
|
||||
|
||||
@ -503,7 +507,10 @@ function stop_df_metadata_agent {
|
||||
if is_service_enabled df-metadata ; then
|
||||
echo "Stopping Dragonflow metadata service"
|
||||
stop_process df-metadata
|
||||
sudo ovs-vsctl del-port br-int $DF_METADATA_SERVICE_INTERFACE
|
||||
pushd $DRAGONFLOW_DIR
|
||||
# TODO(snapiri) When we add more switch backends, this should be conditional
|
||||
tools/ovs_metadata_service_deployment.sh remove $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
||||
popd
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -12,8 +12,6 @@
|
||||
|
||||
from oslo_log import log
|
||||
|
||||
from neutron.agent.common import utils
|
||||
from neutron.agent.linux import ip_lib
|
||||
from neutron.common import config
|
||||
from neutron.conf.agent.metadata import config as metadata_conf
|
||||
from neutron import wsgi
|
||||
@ -28,59 +26,12 @@ import sys
|
||||
|
||||
LOG = log.getLogger(__name__)
|
||||
|
||||
METADATA_ROUTE_TABLE_ID = '2'
|
||||
|
||||
|
||||
def environment_setup():
|
||||
bridge = cfg.CONF.df.integration_bridge
|
||||
interface = cfg.CONF.df_metadata.metadata_interface
|
||||
port = cfg.CONF.df_metadata.port
|
||||
if ip_lib.device_exists(interface):
|
||||
LOG.info("Device %s already exists", interface)
|
||||
# Destroy the environment when the device exists.
|
||||
# We can re-initialize the environment correctly.
|
||||
environment_destroy()
|
||||
|
||||
cmd = ["ovs-vsctl", "add-port", bridge, interface,
|
||||
"--", "set", "Interface", interface, "type=internal"]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
ip = cfg.CONF.df_metadata.ip
|
||||
cmd = ["ip", "addr", "add", "dev", interface, "{}/0".format(ip)]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
cmd = ["ip", "link", "set", "dev", interface, "up"]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
cmd = ["ip", "route", "add", "0.0.0.0/0", "dev", interface,
|
||||
"table", METADATA_ROUTE_TABLE_ID]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
cmd = ["ip", "rule", "add", "from", ip, "table", METADATA_ROUTE_TABLE_ID]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
cmd = ["iptables", '-I', 'INPUT', '-i', interface, '-p', 'tcp', '--dport',
|
||||
str(port), '-j', 'ACCEPT']
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
|
||||
def environment_destroy():
|
||||
bridge = cfg.CONF.df.integration_bridge
|
||||
interface = cfg.CONF.df_metadata.metadata_interface
|
||||
cmd = ["ovs-vsctl", "del-port", bridge, interface]
|
||||
utils.execute(cmd, run_as_root=True, check_exit_code=[0])
|
||||
|
||||
ip = cfg.CONF.df_metadata.ip
|
||||
cmd = ["ip", "rule", "del", "from", ip, "table", METADATA_ROUTE_TABLE_ID]
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
|
||||
|
||||
def main():
|
||||
metadata_conf.register_meta_conf_opts(
|
||||
metadata_conf.METADATA_PROXY_HANDLER_OPTS)
|
||||
config.init(sys.argv[1:])
|
||||
config.setup_logging()
|
||||
environment_setup()
|
||||
nb_api = api_nb.NbApi.get_instance()
|
||||
service_instance = metadata_service.DFMetadataProxyHandler(
|
||||
cfg.CONF, nb_api)
|
||||
@ -92,4 +43,3 @@ def main():
|
||||
port=cfg.CONF.df_metadata.port,
|
||||
)
|
||||
service.wait()
|
||||
environment_destroy()
|
||||
|
@ -10,12 +10,8 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from neutron.agent.common import utils
|
||||
from neutron.agent.linux import ip_lib
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
|
||||
from dragonflow.cmd.eventlet import df_metadata_service
|
||||
from dragonflow.conf import df_metadata_service as df_metadata_service_conf
|
||||
from dragonflow.tests.fullstack import test_base
|
||||
|
||||
@ -28,42 +24,5 @@ class TestMetadataService(test_base.DFTestBase):
|
||||
def setUp(self):
|
||||
super(TestMetadataService, self).setUp()
|
||||
df_metadata_service_conf.register_opts()
|
||||
# Override defaults to avoid collision with existing metadata service
|
||||
cfg.CONF.df_metadata.ip = '1.1.1.1'
|
||||
cfg.CONF.df_metadata.metadata_interface = 'tap-md-test'
|
||||
df_metadata_service.METADATA_ROUTE_TABLE_ID = '3'
|
||||
self.metadata_ip = cfg.CONF.df_metadata.ip
|
||||
self.isTornDown = False
|
||||
|
||||
def test_metadata_proxy_exit_clear_ip_rule(self):
|
||||
df_metadata_service.environment_setup()
|
||||
ip_rule = ip_lib.IPRule().rule
|
||||
rules = ip_rule.list_rules(4)
|
||||
rules_source = [r['from'] for r in rules if 'from' in r]
|
||||
self.assertIn(self.metadata_ip, rules_source)
|
||||
|
||||
df_metadata_service.environment_destroy()
|
||||
self.isTornDown = True
|
||||
rules = ip_rule.list_rules(4)
|
||||
rules_source = [r['from'] for r in rules if 'from' in r]
|
||||
self.assertNotIn(self.metadata_ip, rules_source)
|
||||
|
||||
def tearDown(self):
|
||||
if not self.isTornDown:
|
||||
bridge = cfg.CONF.df.integration_bridge
|
||||
interface = cfg.CONF.df_metadata.metadata_interface
|
||||
cmd = ["ovs-vsctl", "del-port", bridge, interface]
|
||||
try:
|
||||
utils.execute(cmd, run_as_root=True, check_exit_code=[0])
|
||||
except Exception:
|
||||
LOG.exception("Failed to delete metadata test port")
|
||||
|
||||
ip = cfg.CONF.df_metadata.ip
|
||||
cmd = ["ip", "rule", "del", "from", ip, "table",
|
||||
df_metadata_service.METADATA_ROUTE_TABLE_ID]
|
||||
try:
|
||||
utils.execute(cmd, run_as_root=True)
|
||||
except Exception:
|
||||
LOG.exception(
|
||||
"Failed to delete metadata test routing rule")
|
||||
super(TestMetadataService, self).tearDown()
|
||||
# TODO(snapiri) Add some tests for the actual metadata service logic
|
||||
|
40
tools/ovs_metadata_service_deployment.sh
Executable file
40
tools/ovs_metadata_service_deployment.sh
Executable file
@ -0,0 +1,40 @@
|
||||
#!/bin/bash
|
||||
|
||||
ACTION=$1; shift
|
||||
INTEGRATION_BRIDGE=${1:-"br-int"}; shift
|
||||
DF_METADATA_SERVICE_INTERFACE=${1:-"tap-metadata"}; shift
|
||||
|
||||
function usage {
|
||||
cat>&2<<EOF
|
||||
USAGE: $0 <action> [<integration-bridge>] [<interface>] [<IP>]
|
||||
action - install / remove
|
||||
integration-bridge - name of the integration bridge (br-int)
|
||||
interface - name of the interface to add to the bridge (tap-metadata)
|
||||
IP - address to assign to the interface (169.254.169.254)
|
||||
EOF
|
||||
}
|
||||
|
||||
if [ -z "$ACTION" ]; then
|
||||
usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case $ACTION in
|
||||
install)
|
||||
DF_METADATA_SERVICE_IP=${1:-"169.254.169.254"}; shift
|
||||
|
||||
sudo ovs-vsctl add-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE -- set Interface $DF_METADATA_SERVICE_INTERFACE type=internal
|
||||
sudo ip addr add dev $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP/0
|
||||
sudo ip link set dev $DF_METADATA_SERVICE_INTERFACE up
|
||||
sudo ip route add 0.0.0.0/0 dev $DF_METADATA_SERVICE_INTERFACE table 2
|
||||
sudo ip rule add from $DF_METADATA_SERVICE_IP table 2
|
||||
;;
|
||||
remove)
|
||||
sudo ovs-vsctl del-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
||||
;;
|
||||
*)
|
||||
usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
Loading…
Reference in New Issue
Block a user