From 1133ea8de25517321068ec77980f264fdce1d073 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Wed, 8 Jun 2016 18:56:14 +0100
Subject: [PATCH] Remove the AIO metadata checksum fix from run-playbooks

With the implementation of I008bfdb2960800845703e721b38640b7434d1404
it should be safe to remove the AIO metadata checksum fix from
run-playbooks.

This patch implements the appropriate AIO configuration to ensure that
the fix is still implemented by the os_neutron role, and also implements
a convenience fix for repeated runs of run-playbooks (mostly as a proof
of concept right now).

The intent is still to wholly replace run-playbooks with the standard
production execution of the three high-level playbooks. This will be
implemented in a follow-on patch.

Change-Id: If75911c2aafa691e147f3b444d922f1dfcf87860
---
 scripts/run-playbooks.sh                      | 23 +++++++------------
 .../templates/user_variables.aio.yml.j2       |  3 +++
 2 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/scripts/run-playbooks.sh b/scripts/run-playbooks.sh
index ec1090cf50..0a0c38d54c 100755
--- a/scripts/run-playbooks.sh
+++ b/scripts/run-playbooks.sh
@@ -60,27 +60,20 @@ pushd "playbooks"
                   -t "${COMMAND_LOGS}/host_net_bounce" \
                   &> ${COMMAND_LOGS}/host_net_bounce.log
 
+    # If run-playbooks is executed more than once, the above lxcbr0 network
+    # restart will break any existing container networks. The lxc_host role
+    # places a convenience script on the host which fixes that, so let's use
+    # it to repair the container networks.
+    if [ -f /usr/local/bin/lxc-veth-check ]; then
+      /usr/local/bin/lxc-veth-check
+    fi
+
     # Create the containers.
     install_bits lxc-containers-create.yml
 
     # Log some data about the instance and the rest of the system
     log_instance_info
 
-    # When running in an AIO, we need to drop the following iptables rule in any neutron_agent containers
-    # to that ensure instances can communicate with the neutron metadata service.
-    # This is necessary because in an AIO environment there are no physical interfaces involved in
-    # instance -> metadata requests, and this results in the checksums being incorrect.
-    if [ "${ADD_NEUTRON_AGENT_CHECKSUM_RULE}" == "yes" ]; then
-      mkdir -p "${COMMAND_LOGS}/add_neutron_agent_checksum_rule"
-      ansible neutron_agent -m command \
-                            -a '/sbin/iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill' \
-                            -t "${COMMAND_LOGS}/add_neutron_agent_checksum_rule" \
-                            &> ${COMMAND_LOGS}/add_neutron_agent_checksum_rule.log
-      ansible neutron_agent -m shell \
-                            -a 'DEBIAN_FRONTEND=noninteractive apt-get install iptables-persistent' \
-                            -t "${COMMAND_LOGS}/add_neutron_agent_checksum_rule" \
-                            &>> ${COMMAND_LOGS}/add_neutron_agent_checksum_rule.log
-    fi
   fi
 
   if [ "${DEPLOY_LB}" == "yes" ]; then
diff --git a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2 b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
index 81e6195622..808adefbc8 100644
--- a/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
+++ b/tests/roles/bootstrap-host/templates/user_variables.aio.yml.j2
@@ -57,6 +57,9 @@ galera_innodb_log_buffer_size: 32M
 galera_wsrep_provider_options:
  - { option: "gcache.size", value: "32M" }
 
+## Neutron settings
+neutron_metadata_checksum_fix: True
+
 ## Set workers for all services to optimise memory usage
 ceilometer_api_workers: 2
 ceilometer_collector_workers: 2