Go to file

Bernard Cafarelli 6124f60297 Switch isolated metadata proxy to bind to 169.254.169.254

Currently the metadata proxy binds to default 0.0.0.0, which does not
add any advantage (metadata requests are not sent to random IP
addresses), and may allow access to cloud information from
third parties.

This changes the generated configuration to bind to METADATA_DEFAULT_IP
address instead.

This is not enabled in other metadata proxy configuration (in the L3
agent), as this would require net.ipv4.ip_nonlocal_bind everywhere
(currently only enabled for DVR) or transparent mode in haproxy (which
requires net.ipv4.ip_nonlocal_bind anyway)

Changed set_ip_nonlocal_bind_for_namespace() to support setting the
value in both the given and root namespace correctly, since it was
only used from inside the neutron codebase according to codesearch.

Change-Id: I388391cf697dade1a163d15ab568b33134f7b2d9
Co-Authored-By: Andrey Arapov <andrey.arapov@nixaid.com>
Closes-Bug: #1745618

2019-01-30 14:17:43 +00:00

api-ref

Fix some typos

2016-06-28 22:46:19 +02:00

bin

Use os-xenapi for neutron when XenServer as hypervisor

2017-03-30 18:33:37 +00:00

devstack

[L3][QoS] Agent side router gateway IP rate limit

2018-12-01 17:45:47 +08:00

doc

Remove extra spaces in admin config files

2019-01-25 17:15:37 -05:00

etc

Rename README.policy.json.txt

2019-01-07 12:45:15 -05:00

neutron

Switch isolated metadata proxy to bind to 169.254.169.254

2019-01-30 14:17:43 +00:00

playbooks/legacy

Migrate neutron-tempest-linuxbridge job to zuulv3 and python 3

2019-01-17 20:07:33 +00:00

rally-jobs

rally-jobs: Set floating network as a parameter

2018-12-17 16:31:10 +02:00

releasenotes

Add a new configuration parameter rpc_response_max_timeout

2019-01-18 09:55:31 +00:00

tools

Merge "Remove unnecessary 'set -x' at EOL in genconfig script"

2018-12-15 14:09:19 +00:00

.coveragerc

Cleanup coverage configuration

2016-10-17 17:06:19 +05:30

.gitignore

doc: Add policy reference

2018-12-20 14:19:40 +09:00

.gitreview

Fix .gitreview to not point at a branch

2015-08-17 13:51:51 -06:00

.mailmap

Add mailmap entry

2014-05-16 13:40:04 -04:00

.pylintrc

Disable some pylint checks

2018-10-03 08:41:56 +00:00

.stestr.conf

Fix post gate hook to accommodate for new os-testr

2017-09-12 14:20:12 -06:00

.zuul.yaml

Use renamed template 'integrated-gate-py3'

2019-01-25 08:47:34 +00:00

babel.cfg

Use babel to generate translation file

2013-01-24 00:20:32 +08:00

bindep.txt

Add libffi-dev to bindep.txt

2017-06-13 19:26:49 +00:00

CONTRIBUTING.rst

Update link for contribution

2017-08-31 16:44:51 +02:00

HACKING.rst

Update the documentation link for doc migration

2017-07-22 18:46:13 +09:00

LICENSE

Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to

2011-08-08 12:31:04 -07:00

lower-constraints.txt

bump neutron-lib to 1.22.0

2019-01-24 14:27:56 +00:00

README.rst

Update mailinglist from dev to discuss

2018-12-12 12:44:12 +08:00

requirements.txt

bump neutron-lib to 1.22.0

2019-01-24 14:27:56 +00:00

setup.cfg

Merge "Upgrade check command - add support for 3rd party checks"

2018-12-19 12:50:19 +00:00

setup.py

Updated from global requirements

2017-03-04 11:19:58 +00:00

test-requirements.txt

Upgrade pylint to a version that works with python3

2018-10-04 18:03:25 +00:00

TESTING.rst

doc: Small clearances for fullstack testing

2018-09-05 09:40:07 +02:00

tox.ini

Merge "tox: Hide deprecation warnings from distgit"

2018-12-20 17:03:42 +00:00

README.rst

Team and repository tags

Welcome!

To learn more about neutron:

Documentation: https://docs.openstack.org

Features: https://specs.openstack.org/openstack/neutron-specs

Defects: https://launchpad.net/neutron

Release notes: https://docs.openstack.org/releasenotes/neutron/index.html

Get in touch via email. Use [Neutron] in your subject.

To learn how to contribute:

CONTRIBUTING.rst