Configure IP tables in devstack plugin
Currently, we instruct users to manually configure IP tables for IP masquerading. We should take a step forward to automatically configure IP tables in Magnum's devstack plugin. Note: The functional gate test needs this patch to allow internet access inside the provisioned bay. Change-Id: Ia2ca494f85bfed76a80027bc3310494494d704cd Closes-Bug: #1478106
This commit is contained in:
parent
657136ec22
commit
5f4a0ca6a7
|
@ -17,6 +17,7 @@
|
|||
# - init_magnum
|
||||
# - magnum_register_image
|
||||
# - start_magnum
|
||||
# - configure_iptables
|
||||
# - stop_magnum
|
||||
# - cleanup_magnum
|
||||
|
||||
|
@ -61,6 +62,10 @@ else
|
|||
MAGNUM_BIN_DIR=$(get_python_exec_prefix)
|
||||
fi
|
||||
|
||||
if is_service_enabled ir-api; then
|
||||
MAGNUM_CONFIGURE_IPTABLES=${MAGNUM_CONFIGURE_IPTABLES:-False}
|
||||
fi
|
||||
|
||||
# Functions
|
||||
# ---------
|
||||
|
||||
|
@ -255,6 +260,16 @@ function start_magnum_api {
|
|||
}
|
||||
|
||||
|
||||
# configure_iptables() - Configure the IP table rules for Magnum
|
||||
function configure_iptables {
|
||||
if [ "$MAGNUM_CONFIGURE_IPTABLES" != "False" ]; then
|
||||
ROUTE_TO_INTERNET=$(ip route get 8.8.8.8)
|
||||
OBOUND_DEV=$(echo ${ROUTE_TO_INTERNET#*dev} | awk '{print $1}')
|
||||
sudo iptables -t nat -A POSTROUTING -o $OBOUND_DEV -j MASQUERADE
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
# start_magnum() - Start running processes, including screen
|
||||
function start_magnum {
|
||||
|
||||
|
|
|
@ -45,6 +45,8 @@ if is_service_enabled m-api m-cond; then
|
|||
# Start the magnum API and magnum taskmgr components
|
||||
echo_summary "Starting magnum"
|
||||
start_magnum
|
||||
|
||||
configure_iptables
|
||||
fi
|
||||
|
||||
if [[ "$1" == "unstack" ]]; then
|
||||
|
|
|
@ -141,18 +141,6 @@ http://docs.openstack.org/developer/devstack/configuration.html
|
|||
More neutron configuration information can be found at
|
||||
http://docs.openstack.org/developer/devstack/guides/neutron.html
|
||||
|
||||
Create a local.sh to automatically make necessary networking changes during
|
||||
the devstack deployment process. This will allow bays spawned by magnum to
|
||||
access the internet through PUBLIC_INTERFACE::
|
||||
|
||||
cat > /opt/stack/devstack/local.sh << 'END_LOCAL_SH'
|
||||
#!/bin/sh
|
||||
ROUTE_TO_INTERNET=$(ip route get 8.8.8.8)
|
||||
OBOUND_DEV=$(echo ${ROUTE_TO_INTERNET#*dev} | awk '{print $1}')
|
||||
sudo iptables -t nat -A POSTROUTING -o $OBOUND_DEV -j MASQUERADE
|
||||
END_LOCAL_SH
|
||||
chmod 755 /opt/stack/devstack/local.sh
|
||||
|
||||
Run devstack::
|
||||
|
||||
cd /opt/stack/devstack
|
||||
|
|
Loading…
Reference in New Issue