Merge "Deprecate default 192.0.2.0/24 CIDR"
This commit is contained in:
commit
38dc0ec46f
|
@ -113,6 +113,7 @@ class TestValidator(base.BaseTestCase):
|
|||
undercloud._validate_network)
|
||||
|
||||
def test_no_alter_params(self):
|
||||
self.conf.config(network_cidr='192.0.2.0/24')
|
||||
params = {opt.name: self.conf.conf[opt.name]
|
||||
for opt in undercloud._opts}
|
||||
save_params = dict(params)
|
||||
|
|
|
@ -77,11 +77,30 @@ secured.
|
|||
|
||||
#############################################################################
|
||||
"""
|
||||
CIDR_DEPRECATION_MESSAGE = """
|
||||
*****************************************************************************
|
||||
The old default CIDR of 192.0.2.0/24 is deprecated due to it being an
|
||||
unroutable address range under RFC 5737. This default will change in the
|
||||
Ocata release of OpenStack, so you should stop using the default CIDR and set
|
||||
a valid, routable CIDR instead.
|
||||
|
||||
Note that if you have already deployed an overcloud with the 192.0.2.0/24
|
||||
CIDR, it will not be possible to change it without re-deploying. If the
|
||||
overcloud cannot be re-deployed, you must explicitly set the network values
|
||||
in undercloud.conf to ensure continued use of the 192.0.2.0/24 CIDR during
|
||||
future upgrades.
|
||||
*****************************************************************************
|
||||
"""
|
||||
# We need 4 GB, leave a little room for variation in what 4 GB means on
|
||||
# different platforms.
|
||||
REQUIRED_MB = 3750
|
||||
|
||||
|
||||
# Allow logging of a warning at the end of the deploy if the deprecated cidr
|
||||
# is in use.
|
||||
deprecated_cidr = False
|
||||
|
||||
|
||||
# When adding new options to the lists below, make sure to regenerate the
|
||||
# sample config by running "tox -e genconfig" in the project root.
|
||||
_opts = [
|
||||
|
@ -154,10 +173,21 @@ _opts = [
|
|||
help=('MTU to use for the local_interface.')
|
||||
),
|
||||
cfg.StrOpt('network_cidr',
|
||||
default='192.0.2.0/24',
|
||||
sample_default='192.0.2.0/24',
|
||||
help=('Network CIDR for the Neutron-managed network for '
|
||||
'Overcloud instances. This should be the subnet used '
|
||||
'for PXE booting.')
|
||||
'for PXE booting. The current default for this value '
|
||||
'is 192.0.2.0/24, but this is deprecated due to it being '
|
||||
'a non-routable CIDR under RFC 5737. The default value '
|
||||
'for this option will be changed in the Ocata release. '
|
||||
'A different, valid CIDR should be selected to avoid '
|
||||
'problems. If an overcloud has already been deployed '
|
||||
'with the 192.0.2.0/24 CIDR and therefore the CIDR '
|
||||
'cannot be changed, you must set this option to '
|
||||
'192.0.2.0/24 explicitly to avoid it changing in future '
|
||||
'releases, and all other network options related to the '
|
||||
'CIDR (e.g. local_ip) must also be set to maintain a '
|
||||
'valid configuration.')
|
||||
),
|
||||
cfg.StrOpt('masquerade_network',
|
||||
default='192.0.2.0/24',
|
||||
|
@ -527,10 +557,30 @@ def _validate_network():
|
|||
LOG.error('Undercloud configuration validation failed: %s', message)
|
||||
raise validator.FailedValidation(message)
|
||||
|
||||
_validate_cidr()
|
||||
params = {opt.name: CONF[opt.name] for opt in _opts}
|
||||
validator.validate_config(params, error_handler)
|
||||
|
||||
|
||||
def _validate_cidr():
|
||||
"""Check for default network_cidr
|
||||
|
||||
The old default cidr of 192.0.2.0/24 is deprecated due to being unroutable
|
||||
under RFC 5737. However, since we need to give users notice of the
|
||||
change, we need some logic to warn them of the problem before actually
|
||||
changing the default, which could be a breaking change on upgrades.
|
||||
|
||||
This function handles the sentinel value of None, which indicates that
|
||||
the user has not overridden the default value, and sets an override on the
|
||||
conf opt to match the previous default. It also sets a global flag so we
|
||||
can warn about the deprecation at the end of the deploy.
|
||||
"""
|
||||
if CONF.network_cidr is None:
|
||||
global deprecated_cidr
|
||||
deprecated_cidr = True
|
||||
CONF.set_override('network_cidr', '192.0.2.0/24')
|
||||
|
||||
|
||||
def _validate_configuration():
|
||||
_check_hostname()
|
||||
_check_memory()
|
||||
|
@ -1062,3 +1112,5 @@ def install(instack_root):
|
|||
_run_command(['sudo', 'rm', '-f', '/tmp/svc-map-services'], None, 'rm')
|
||||
LOG.info(COMPLETION_MESSAGE, {'password_path': PATHS.PASSWORD_PATH,
|
||||
'stackrc_path': os.path.expanduser('~/stackrc')})
|
||||
if deprecated_cidr:
|
||||
LOG.warning(CIDR_DEPRECATION_MESSAGE)
|
||||
|
|
|
@ -60,8 +60,16 @@
|
|||
#local_mtu = 1500
|
||||
|
||||
# Network CIDR for the Neutron-managed network for Overcloud
|
||||
# instances. This should be the subnet used for PXE booting. (string
|
||||
# value)
|
||||
# instances. This should be the subnet used for PXE booting. The
|
||||
# current default for this value is 192.0.2.0/24, but this is
|
||||
# deprecated due to it being a non-routable CIDR under RFC 5737. The
|
||||
# default value for this option will be changed in the Ocata release.
|
||||
# A different, valid CIDR should be selected to avoid problems. If an
|
||||
# overcloud has already been deployed with the 192.0.2.0/24 CIDR and
|
||||
# therefore the CIDR cannot be changed, you must set this option to
|
||||
# 192.0.2.0/24 explicitly to avoid it changing in future releases, and
|
||||
# all other network options related to the CIDR (e.g. local_ip) must
|
||||
# also be set to maintain a valid configuration. (string value)
|
||||
#network_cidr = 192.0.2.0/24
|
||||
|
||||
# Network that will be masqueraded for external access, if required.
|
||||
|
|
Loading…
Reference in New Issue