Browse Source

Merge "ovn-metadata-agent: bind haproxy to 169.254.169.254"

Zuul 3 months ago
parent
commit
141da5bc6d

+ 1
- 1
networking_ovn/agent/metadata/agent.py View File

@@ -387,7 +387,7 @@ class MetadataAgent(object):
387 387
         # Spawn metadata proxy if it's not already running.
388 388
         metadata_driver.MetadataDriver.spawn_monitored_metadata_proxy(
389 389
             self._process_monitor, namespace, METADATA_PORT,
390
-            self.conf, network_id=datapath)
390
+            self.conf, bind_address=METADATA_DEFAULT_IP, network_id=datapath)
391 391
 
392 392
         self.update_chassis_metadata_networks(datapath)
393 393
         return namespace

+ 12
- 7
networking_ovn/agent/metadata/driver.py View File

@@ -55,7 +55,7 @@ defaults
55 55
     timeout http-keep-alive 30s
56 56
 
57 57
 listen listener
58
-    bind 0.0.0.0:%(port)s
58
+    bind %(host)s:%(port)s
59 59
     server metadata %(unix_socket_path)s
60 60
     http-request add-header X-OVN-%(res_type)s-ID %(res_id)s
61 61
 """
@@ -66,13 +66,14 @@ class InvalidUserOrGroupException(Exception):
66 66
 
67 67
 
68 68
 class HaproxyConfigurator(object):
69
-    def __init__(self, network_id, router_id, unix_socket_path, port, user,
70
-                 group, state_path, pid_file):
69
+    def __init__(self, network_id, router_id, unix_socket_path, host,
70
+                 port, user, group, state_path, pid_file):
71 71
         self.network_id = network_id
72 72
         self.router_id = router_id
73 73
         if network_id is None and router_id is None:
74 74
             raise exceptions.NetworkIdOrRouterIdRequiredError()
75 75
 
76
+        self.host = host
76 77
         self.port = port
77 78
         self.user = user
78 79
         self.group = group
@@ -104,6 +105,7 @@ class HaproxyConfigurator(object):
104 105
                     _("Invalid group/gid: '%s'") % self.group)
105 106
 
106 107
         cfg_info = {
108
+            'host': self.host,
107 109
             'port': self.port,
108 110
             'unix_socket_path': self.unix_socket_path,
109 111
             'user': username,
@@ -162,8 +164,8 @@ class MetadataDriver(object):
162 164
         return user, group
163 165
 
164 166
     @classmethod
165
-    def _get_metadata_proxy_callback(cls, port, conf, network_id=None,
166
-                                     router_id=None):
167
+    def _get_metadata_proxy_callback(cls, bind_address, port, conf,
168
+                                     network_id=None, router_id=None):
167 169
         def callback(pid_file):
168 170
             metadata_proxy_socket = conf.metadata_proxy_socket
169 171
             user, group = (
@@ -171,6 +173,7 @@ class MetadataDriver(object):
171 173
             haproxy = HaproxyConfigurator(network_id,
172 174
                                           router_id,
173 175
                                           metadata_proxy_socket,
176
+                                          bind_address,
174 177
                                           port,
175 178
                                           user,
176 179
                                           group,
@@ -185,10 +188,12 @@ class MetadataDriver(object):
185 188
 
186 189
     @classmethod
187 190
     def spawn_monitored_metadata_proxy(cls, monitor, ns_name, port, conf,
188
-                                       network_id=None, router_id=None):
191
+                                       bind_address="0.0.0.0", network_id=None,
192
+                                       router_id=None):
189 193
         uuid = network_id or router_id
190 194
         callback = cls._get_metadata_proxy_callback(
191
-            port, conf, network_id=network_id, router_id=router_id)
195
+            bind_address, port, conf, network_id=network_id,
196
+            router_id=router_id)
192 197
         pm = cls._get_metadata_proxy_process_manager(uuid, conf,
193 198
                                                      ns_name=ns_name,
194 199
                                                      callback=callback)

+ 9
- 6
networking_ovn/tests/unit/agent/metadata/test_driver.py View File

@@ -34,6 +34,7 @@ class TestMetadataDriverProcess(base.BaseTestCase):
34 34
 
35 35
     EUNAME = 'neutron'
36 36
     EGNAME = 'neutron'
37
+    METADATA_DEFAULT_IP = '169.254.169.254'
37 38
     METADATA_PORT = 8080
38 39
     METADATA_SOCKET = '/socket/path'
39 40
     PIDFILE = 'pidfile'
@@ -76,6 +77,7 @@ class TestMetadataDriverProcess(base.BaseTestCase):
76 77
                 metadata_ns,
77 78
                 self.METADATA_PORT,
78 79
                 cfg.CONF,
80
+                bind_address=self.METADATA_DEFAULT_IP,
79 81
                 network_id=datapath_id)
80 82
 
81 83
             netns_execute_args = [
@@ -85,6 +87,7 @@ class TestMetadataDriverProcess(base.BaseTestCase):
85 87
             cfg_contents = metadata_driver._HAPROXY_CONFIG_TEMPLATE % {
86 88
                 'user': self.EUNAME,
87 89
                 'group': self.EGNAME,
90
+                'host': self.METADATA_DEFAULT_IP,
88 91
                 'port': self.METADATA_PORT,
89 92
                 'unix_socket_path': self.METADATA_SOCKET,
90 93
                 'res_type': 'Network',
@@ -107,9 +110,9 @@ class TestMetadataDriverProcess(base.BaseTestCase):
107 110
         with mock.patch('pwd.getpwnam', side_effect=KeyError):
108 111
             config = metadata_driver.HaproxyConfigurator(mock.ANY, mock.ANY,
109 112
                                                          mock.ANY, mock.ANY,
110
-                                                         self.EUNAME,
111
-                                                         self.EGNAME,
112
-                                                         mock.ANY, mock.ANY)
113
+                                                         mock.ANY, self.EUNAME,
114
+                                                         self.EGNAME, mock.ANY,
115
+                                                         mock.ANY)
113 116
             self.assertRaises(metadata_driver.InvalidUserOrGroupException,
114 117
                               config.create_config_file)
115 118
 
@@ -119,8 +122,8 @@ class TestMetadataDriverProcess(base.BaseTestCase):
119 122
                            return_value=test_utils.FakeUser(self.EUNAME)):
120 123
             config = metadata_driver.HaproxyConfigurator(mock.ANY, mock.ANY,
121 124
                                                          mock.ANY, mock.ANY,
122
-                                                         self.EUNAME,
123
-                                                         self.EGNAME,
124
-                                                         mock.ANY, mock.ANY)
125
+                                                         mock.ANY, self.EUNAME,
126
+                                                         self.EGNAME, mock.ANY,
127
+                                                         mock.ANY)
125 128
             self.assertRaises(metadata_driver.InvalidUserOrGroupException,
126 129
                               config.create_config_file)

Loading…
Cancel
Save