Only validate admin and public host in local_subnet cidr

When multiple subnets are configured validations where failing
becuase the admin and public host addresses where checked
for all subnets. The admin and public host addresses should
only be validated against the cidr of the local_subnet.

Closes-Bug: #1791088
Change-Id: Ie9a6f88cc449c135593a0df0426e4d8054b38183
changes/39/600439/3
Harald Jensås 4 years ago
parent 6b0f54c07a
commit c0c66a93c0
  1. 6
      releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml
  2. 32
      tripleoclient/v1/undercloud_preflight.py

@ -0,0 +1,6 @@
---
fixes:
- |
Fixes a validation issue, validation would fail when multiple ctlplane
subnets were defined in ``undercloud.conf``.
`Bug: 1791088 <https://bugs.launchpad.net/tripleo/+bug/1791088>`_.

@ -284,25 +284,25 @@ def _validate_in_cidr(subnet_props, subnet_name):
LOG.error(message)
raise FailedValidation(message)
if subnet_name == CONF.local_subnet:
validate_addr_in_cidr(str(netaddr.IPNetwork(CONF.local_ip).ip),
'local_ip')
validate_addr_in_cidr(subnet_props.gateway, 'gateway')
# NOTE(bnemec): The ui needs to be externally accessible, which means in
# many cases we can't have the public vip on the provisioning network.
# In that case users are on their own to ensure they've picked valid
# values for the VIP hosts.
if ((CONF.undercloud_service_certificate or
CONF.generate_service_certificate) and
not CONF.enable_ui):
validate_addr_in_cidr(CONF['undercloud_public_host'],
'undercloud_public_host',
require_ip=False, log_only=True)
validate_addr_in_cidr(CONF['undercloud_admin_host'],
'undercloud_admin_host',
require_ip=False)
validate_addr_in_cidr(subnet_props.dhcp_start, 'dhcp_start')
validate_addr_in_cidr(subnet_props.dhcp_end, 'dhcp_end')
if subnet_name == CONF.local_subnet:
validate_addr_in_cidr(str(netaddr.IPNetwork(CONF.local_ip).ip),
'local_ip')
# NOTE(bnemec): The ui needs to be externally accessible, which means
# in many cases we can't have the public vip on the provisioning
# network. In that case users are on their own to ensure they've picked
# valid values for the VIP hosts.
if ((CONF.undercloud_service_certificate or
CONF.generate_service_certificate) and
not CONF.enable_ui):
validate_addr_in_cidr(CONF['undercloud_public_host'],
'undercloud_public_host',
require_ip=False, log_only=True)
validate_addr_in_cidr(CONF['undercloud_admin_host'],
'undercloud_admin_host',
require_ip=False)
def _validate_dhcp_range(subnet_props):

Loading…
Cancel
Save