diff --git a/doc/source/user/config/configuration.rst b/doc/source/user/config/configuration.rst index a76ab1f73..36fbf3bb2 100644 --- a/doc/source/user/config/configuration.rst +++ b/doc/source/user/config/configuration.rst @@ -254,18 +254,22 @@ are connecting to OpenStack can share a cache should you desire. IPv6 ---- -IPv6 is the future, and you should always use it if your cloud supports it and -if your local network supports it. Both of those are easily detectable and all -friendly software should do the right thing. However, sometimes you might -exist in a location where you have an IPv6 stack, but something evil has -caused it to not actually function. In that case, there is a config option -you can set to unbreak you `force_ipv4`, or `OS_FORCE_IPV4` boolean -environment variable. +IPv6 is the future, and you should always use it if your cloud +supports it and if your local network supports it. Both of those are +easily detectable and all friendly software should do the right thing. + +However, sometimes a cloud API may return IPv6 information that is not +useful to a production deployment. For example, the API may provide +an IPv6 address for a server, but not provide that to the host +instance via metadata (configdrive) or standard IPv6 autoconfiguration +methods (i.e. the host either needs to make a bespoke API call, or +otherwise statically configure itself). + +For such situations, you can set the ``force_ipv4``, or ``OS_FORCE_IPV4`` +boolean environment variable. For example: .. code-block:: yaml - client: - force_ipv4: true clouds: mtvexx: profile: vexxhost @@ -276,15 +280,24 @@ environment variable. region_name: ca-ymq-1 dns_api_version: 1 monty: - profile: rax + profile: fooprovider + force_ipv4: true auth: username: mordred@inaugust.com password: XXXXXXXXX project_name: mordred@inaugust.com - region_name: DFW + region_name: RegionFoo + +The above snippet will tell client programs to prefer the IPv4 address +and leave the ``public_v6`` field of the `Server` object blank for the +``fooprovider`` cloud . You can also set this with a client flag for +all clouds: + +.. code-block:: yaml + + client: + force_ipv4: true -The above snippet will tell client programs to prefer returning an IPv4 -address. Per-region settings ------------------- diff --git a/openstack/cloud/meta.py b/openstack/cloud/meta.py index 874c69a6e..cdd372436 100644 --- a/openstack/cloud/meta.py +++ b/openstack/cloud/meta.py @@ -280,6 +280,7 @@ def get_server_external_ipv6(server): :param server: the server from which we want to get an IPv6 address :return: a string containing the IPv6 address or None """ + # Don't return ipv6 interfaces if forcing IPv4 if server['accessIPv6']: return server['accessIPv6'] addresses = find_nova_addresses(addresses=server['addresses'], version=6) @@ -448,7 +449,12 @@ def add_server_interfaces(cloud, server): # not exist to remain consistent with the pre-existing missing values server['addresses'] = _get_supplemental_addresses(cloud, server) server['public_v4'] = get_server_external_ipv4(cloud, server) or '' - server['public_v6'] = get_server_external_ipv6(server) or '' + # If we're forcing IPv4, then don't report IPv6 interfaces which + # are likely to be unconfigured. + if cloud.force_ipv4: + server['public_v6'] = '' + else: + server['public_v6'] = get_server_external_ipv6(server) or '' server['private_v4'] = get_server_private_ip(server, cloud) or '' server['interface_ip'] = _get_interface_ip(cloud, server) or '' diff --git a/openstack/tests/unit/cloud/test_meta.py b/openstack/tests/unit/cloud/test_meta.py index e925c63dd..6a6a7349c 100644 --- a/openstack/tests/unit/cloud/test_meta.py +++ b/openstack/tests/unit/cloud/test_meta.py @@ -1018,6 +1018,7 @@ class TestMeta(base.TestCase): hostvars = meta.get_hostvars_from_server( fake_cloud, meta.obj_to_munch(standard_fake_server)) self.assertEqual(PUBLIC_V4, hostvars['interface_ip']) + self.assertEqual('', hostvars['public_v6']) @mock.patch.object(meta, 'get_server_external_ipv4') def test_private_interface_ip(self, mock_get_server_external_ipv4): diff --git a/releasenotes/notes/force_ipv4_no_ipv6_address-9842168b5d05d262.yaml b/releasenotes/notes/force_ipv4_no_ipv6_address-9842168b5d05d262.yaml new file mode 100644 index 000000000..8cca5a205 --- /dev/null +++ b/releasenotes/notes/force_ipv4_no_ipv6_address-9842168b5d05d262.yaml @@ -0,0 +1,6 @@ +--- +upgrade: + - | + Cloud with the `force_ipv4` flag will no longer return a + `public_v6` value, even if one is provided by the cloud. This is + to avoid having entries for unconfigured interfaces.