Add support for Ironic inspection through DHCP-relay

This change fix the issue when inspection didn't work corrctly in case of L3-routed Ironic networks when DHCP packets received via a DHCP-relay. The dnsmasq optional netmask part in the dhcp-range parameter should be specified [1] in this case. [1] https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html Change-Id: I9488a72db588e31289907668f1997596a8ccdec6 Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/813268 Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2021-10-09 02:35:36 +03:00 · 2021-10-09 02:35:36 +03:00 · 02e01e983b
parent e97a8fe63d
commit 02e01e983b
5 changed files with 11 additions and 2 deletions
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@ -100,6 +100,7 @@
        kolla_selinux_state: disabled
        kolla_inspector_dhcp_pool_start: "{{ inspection_net_name | net_inspection_allocation_pool_start }}"
        kolla_inspector_dhcp_pool_end: "{{ inspection_net_name | net_inspection_allocation_pool_end }}"
+        kolla_inspector_netmask: "{{ inspection_net_name | net_mask }}"
        kolla_inspector_default_gateway: "{{ inspection_net_name | net_inspection_gateway or inspection_net_name | net_gateway }}"
        kolla_inspector_extra_kernel_options: "{{ inspector_extra_kernel_options }}"
        kolla_enable_host_ntp: false
--- a/ansible/roles/kolla-ansible/defaults/main.yml
+++ b/ansible/roles/kolla-ansible/defaults/main.yml
@ -165,6 +165,9 @@ kolla_inspector_dhcp_pool_start:
 # End of range of IP addresses for dnsmasq to allocate from.
 kolla_inspector_dhcp_pool_end:

+# The inspection network netmask.
+kolla_inspector_netmask:
+
 # Default gateway to use for inspection network.
 kolla_inspector_default_gateway:

--- a/ansible/roles/kolla-ansible/templates/kolla/globals.yml
+++ b/ansible/roles/kolla-ansible/templates/kolla/globals.yml
@ -394,7 +394,7 @@ enable_{{ feature_flag }}: {{ hostvars[inventory_hostname]['kolla_enable_' ~ fea
 # Ironic options
 #############################
 {% if kolla_inspector_dhcp_pool_start and kolla_inspector_dhcp_pool_end %}
-ironic_dnsmasq_dhcp_range: {{ kolla_inspector_dhcp_pool_start }},{{ kolla_inspector_dhcp_pool_end }}
+ironic_dnsmasq_dhcp_range: "{{ kolla_inspector_dhcp_pool_start }},{{ kolla_inspector_dhcp_pool_end }}{% if kolla_inspector_netmask %},{{ kolla_inspector_netmask }}{% endif %}"
 {% endif %}
 {% if kolla_inspector_default_gateway %}
 ironic_dnsmasq_default_gateway: {{ kolla_inspector_default_gateway }}
--- a/ansible/roles/kolla-ansible/tests/test-extras.yml
+++ b/ansible/roles/kolla-ansible/tests/test-extras.yml
@ -125,6 +125,7 @@
            grafana_local_admin_user_name: "grafana-admin"
            kolla_inspector_dhcp_pool_start: "1.2.3.4"
            kolla_inspector_dhcp_pool_end: "1.2.3.5"
+            kolla_inspector_netmask: "255.255.255.0"
            kolla_inspector_default_gateway: "1.2.3.6"
            # Enable everything.
            kolla_enable_aodh: True
@ -249,7 +250,7 @@
              kolla_internal_fqdn_cert: "{{ temp_path }}/etc/kolla/certificates/internal.pem"
              openstack_logging_debug: True
              grafana_admin_username: "grafana-admin"
-              ironic_dnsmasq_dhcp_range: "1.2.3.4,1.2.3.5"
+              ironic_dnsmasq_dhcp_range: "1.2.3.4,1.2.3.5,255.255.255.0"
              ironic_dnsmasq_default_gateway: "1.2.3.6"
              # NOTE: The following options are not present in globals.yml.
              # It's possible this is related to the use of hostvars and
--- a/releasenotes/notes/inspector-dhcp-range-netmask-bb46eb7df77587a4.yaml
+++ b/releasenotes/notes/inspector-dhcp-range-netmask-bb46eb7df77587a4.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Adds support for inspection of L3-routed Ironic networks via DHCP-relay.