OpenStack Networking (Neutron)

Go to file

Cedric Brandily 1d776bc16c Allow to request metadata proxy only with redirection metadata service should be requested on 169.254.169.254:80 and router namespace iptables rules redirect the request to the metadata-ns-proxy on 127.0.0.1:$metadata_port. But currently the metadata-ns-proxy can be requested directly on $router-ip:$metadata_port. To avoid such behavior, this change marks packets redirection in mangle table (PREROUTING), redirects (PREROUTING) them in nat table, accepts them in filter table (INPUT) using the mark. Packets send to the metadata proxy port without mark (so directly) are dropped. The mark can be configured through the new option metadata_access_mark. Remark: redirected packets are not local packets (in general), so setting metadata proxy server host to 127.0.0.1 will disallow direct queries but so redirected queries. DocImpact Partial-Bug: #1187102 Change-Id: I6a9bb12c8bf68c6fcf4e4060f8dfe44a309a41da		2015-01-30 09:34:49 +00:00
bin	Remove the useless vim modelines	2014-06-21 15:07:31 +08:00
doc	Add notes on how to deal with stable branches	2015-01-23 09:36:29 -08:00
etc	Allow to request metadata proxy only with redirection	2015-01-30 09:34:49 +00:00
neutron	Allow to request metadata proxy only with redirection	2015-01-30 09:34:49 +00:00
rally-jobs	Update rally-jobs files	2014-11-24 23:21:11 +04:00
tools	Merge "Remove check_i18n tox target"	2015-01-26 19:18:48 +00:00
.coveragerc	fix some missing change from quantum to neutron	2013-07-08 12:11:04 +08:00
.gitignore	Add support for retargetable functional api testing	2015-01-06 02:37:59 +00:00
.gitreview	Rename quantum to neutron in .gitreview.	2013-07-06 12:25:09 -04:00
.mailmap	Add mailmap entry	2014-05-16 13:40:04 -04:00
.pylintrc	Fix pylint unbalanced-tuple-unpacking warning	2015-01-18 11:37:43 +00:00
.testr.conf	Add an explicit tox job for functional tests	2014-02-05 17:11:52 +00:00
babel.cfg	Use babel to generate translation file	2013-01-24 00:20:32 +08:00
CONTRIBUTING.rst	Workflow documentation is now in infra-manual	2014-12-05 03:30:37 +00:00
HACKING.rst	Update hacking to 0.10	2015-01-12 23:46:06 +01:00
LICENSE	Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to	2011-08-08 12:31:04 -07:00
MANIFEST.in	Rename Quantum to Neutron	2013-07-06 15:02:43 -04:00
openstack-common.conf	Migrate to oslo.concurrency	2015-01-15 21:01:06 +01:00
README.rst	Updated the README.rst	2014-12-02 14:33:30 -06:00
requirements.txt	Updated from global requirements	2015-01-24 20:17:48 +00:00
run_tests.sh	Migrate to oslo.concurrency	2015-01-15 21:01:06 +01:00
setup.cfg	Merge "Service split: cleaned up setup.cfg"	2015-01-15 17:50:49 +00:00
setup.py	Updated from global requirements	2014-04-30 02:41:29 +00:00
test-requirements.txt	Updated from global requirements	2015-01-24 20:17:48 +00:00
TESTING.rst	Replace mention of nose with nose2 in devref	2015-01-06 00:46:47 +00:00
tox.ini	pep8: cleaned up excludes	2015-01-23 15:04:56 +01:00

README.rst

Welcome!

You have come across a cloud computing network fabric controller. It has identified itself as "Neutron." It aims to tame your (cloud) networking!

External Resources:

The homepage for Neutron is: http://launchpad.net/neutron. Use this site for asking for help, and filing bugs. Code is available on git.openstack.org at <http://git.openstack.org/cgit/openstack/neutron>.

The latest and most in-depth documentation on how to use Neutron is available at: <http://docs.openstack.org>. This includes:

Neutron Administrator Guide: http://docs.openstack.org/admin-guide-cloud/content/ch_networking.html
Neutron API Reference:: http://docs.openstack.org/api/openstack-network/2.0/content/
Current Neutron developer documentation is available at:: http://wiki.openstack.org/NeutronDevelopment

For help on usage and hacking of Neutron, please send mail to <mailto:openstack-dev@lists.openstack.org>.

For information on how to contribute to Neutron, please see the contents of the CONTRIBUTING.rst file.