openstack
/
instack-undercloud
Code Issues Proposed changes

Add per subnet network cidr nat rules 

Change-Id: I904bbbac383f5fddbe6a88177ef65981d009d28c
Implements: blueprint tripleo-routed-networks-deployment
This commit is contained in:
Harald Jensas 2018-01-13 17:19:17 +01:00
parent 5353915e2c
commit 1b83386162
3 changed files with 47 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
elements/puppet-stack-config/puppet-stack-config.yaml.template
View File

@ -1017,9 +1017,8 @@ tripleo::firewall::firewall_rules:
- 13787
'139 apache vhost':
dport: "%{hiera('ironic_ipxe_port')}"
'140 network cidr nat':
chain: FORWARD
destination: {{NETWORK_CIDR}}
# 140 network cidr nat rules
{{SUBNETS_CIDR_NAT_RULES}}
'142 tripleo-ui':
dport:
- 3000

27
instack_undercloud/tests/test_undercloud.py
View File

@ -714,6 +714,33 @@ class TestGenerateEnvironment(BaseTestCase):
actual = json.loads(env['SUBNETS_STATIC_ROUTES'])
self.assertEqual(reference, actual)
def test_subnets_subnets_cidr_nat_rules(self):
self.conf.config(subnets=['ctlplane-subnet', 'subnet1', 'subnet2'])
self.conf.register_opts(self.opts, group=self.grp1)
self.conf.register_opts(self.opts, group=self.gtp2)
self.conf.config(cidr='192.168.24.0/24',
dhcp_start='192.168.24.5', dhcp_end='192.168.24.24',
inspection_iprange='192.168.24.100,192.168.24.120',
gateway='192.168.24.1', group='ctlplane-subnet')
self.conf.config(cidr='192.168.10.0/24', dhcp_start='192.168.10.10',
dhcp_end='192.168.10.99',
inspection_iprange='192.168.10.100,192.168.10.189',
gateway='192.168.10.254', group='subnet1')
self.conf.config(cidr='192.168.20.0/24', dhcp_start='192.168.20.10',
dhcp_end='192.168.20.99',
inspection_iprange='192.168.20.100,192.168.20.189',
gateway='192.168.20.254', group='subnet2')
env = undercloud._generate_environment('.')
reference = ('"140 ctlplane-subnet cidr nat": '
'{"chain": "FORWARD", "destination": "192.168.24.0/24"}'
'\n "140 subnet1 cidr nat": '
'{"chain": "FORWARD", "destination": "192.168.10.0/24"}'
'\n "140 subnet2 cidr nat": '
'{"chain": "FORWARD", "destination": "192.168.20.0/24"}')
actual = env['SUBNETS_CIDR_NAT_RULES']
self.assertEqual(reference, actual)
class TestWritePasswordFile(BaseTestCase):
def test_normal(self):

20
instack_undercloud/undercloud.py
View File

@ -1157,8 +1157,8 @@ class InstackEnvironment(dict):
'ENABLED_RAID_INTERFACES', 'ENABLED_VENDOR_INTERFACES',
'ENABLED_MANAGEMENT_INTERFACES', 'SYSCTL_SETTINGS',
'LOCAL_IP_WRAPPED', 'ENABLE_ARCHITECTURE_PPC64LE',
'INSPECTION_SUBNETS', 'SUBNETS_STATIC_ROUTES',
}
'INSPECTION_SUBNETS', 'SUBNETS_CIDR_NAT_RULES',
'SUBNETS_STATIC_ROUTES'}
"""The variables we calculate in _generate_environment call."""
PUPPET_KEYS = DYNAMIC_KEYS | {opt.name.upper() for _, group in list_opts()
@ -1286,6 +1286,21 @@ def _generate_subnets_static_routes():
return json.dumps(env_list)
def _generate_subnets_cidr_nat_rules():
env_list = []
for subnet in CONF.subnets:
env_dict = {}
s = CONF.get(subnet)
env_dict['140 ' + subnet + ' cidr nat'] = {
'chain': 'FORWARD',
'destination': s.cidr
}
# NOTE(hjensas): sort_keys=True because unit test reference is static
env_list.append(json.dumps(env_dict, sort_keys=True)[1:-1])
# Whitespace after newline required for indentation in templated yaml
return '\n '.join(env_list)
def _generate_environment(instack_root):
"""Generate an environment dict for instack
@ -1375,6 +1390,7 @@ def _generate_environment(instack_root):
_process_drivers_and_hardware_types(instack_env)
instack_env['INSPECTION_SUBNETS'] = _generate_inspection_subnets()
instack_env['SUBNETS_CIDR_NAT_RULES'] = _generate_subnets_cidr_nat_rules()
instack_env['SUBNETS_STATIC_ROUTES'] = _generate_subnets_static_routes()
instack_env['SYSCTL_SETTINGS'] = _generate_sysctl_settings()