Relax undercloud pre-flight public VIP CIDR check
When using public TLS and there is an external network additionally to ctlplane, users might not expect to see a preflight fails on validating that public VIP to belong to control plane (internal) CIDR. This is as well valid in general, only admin VIPs should be checked against that CIDR. Change-Id: I010489f14ade757c35d04af68c328508a3ee46d3 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
This commit is contained in:
parent
f2eac2c7e6
commit
91c25ef2a0
|
@ -236,13 +236,17 @@ def _validate_value_formats():
|
||||||
def _validate_in_cidr(subnet_props, subnet_name):
|
def _validate_in_cidr(subnet_props, subnet_name):
|
||||||
cidr = netaddr.IPNetwork(subnet_props.cidr)
|
cidr = netaddr.IPNetwork(subnet_props.cidr)
|
||||||
|
|
||||||
def validate_addr_in_cidr(addr, pretty_name=None, require_ip=True):
|
def validate_addr_in_cidr(addr, pretty_name=None, require_ip=True,
|
||||||
|
log_only=False):
|
||||||
try:
|
try:
|
||||||
if netaddr.IPAddress(addr) not in cidr:
|
if netaddr.IPAddress(addr) not in cidr:
|
||||||
message = ('Config option %s "%s" not in defined CIDR "%s"' %
|
message = ('Config option %s "%s" not in defined CIDR "%s"' %
|
||||||
(pretty_name, addr, cidr))
|
(pretty_name, addr, cidr))
|
||||||
LOG.error(message)
|
if log_only:
|
||||||
raise FailedValidation(message)
|
LOG.warning(message)
|
||||||
|
else:
|
||||||
|
LOG.error(message)
|
||||||
|
raise FailedValidation(message)
|
||||||
except netaddr.core.AddrFormatError:
|
except netaddr.core.AddrFormatError:
|
||||||
if require_ip:
|
if require_ip:
|
||||||
message = 'Invalid IP address: %s' % addr
|
message = 'Invalid IP address: %s' % addr
|
||||||
|
@ -262,7 +266,7 @@ def _validate_in_cidr(subnet_props, subnet_name):
|
||||||
not CONF.enable_ui):
|
not CONF.enable_ui):
|
||||||
validate_addr_in_cidr(CONF['undercloud_public_host'],
|
validate_addr_in_cidr(CONF['undercloud_public_host'],
|
||||||
'undercloud_public_host',
|
'undercloud_public_host',
|
||||||
require_ip=False)
|
require_ip=False, log_only=True)
|
||||||
validate_addr_in_cidr(CONF['undercloud_admin_host'],
|
validate_addr_in_cidr(CONF['undercloud_admin_host'],
|
||||||
'undercloud_admin_host',
|
'undercloud_admin_host',
|
||||||
require_ip=False)
|
require_ip=False)
|
||||||
|
|
Loading…
Reference in New Issue