From c0c66a93c0641ebf591124cb05ee50e5ed5fda07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Thu, 6 Sep 2018 14:56:40 +0200 Subject: [PATCH] Only validate admin and public host in local_subnet cidr When multiple subnets are configured validations where failing becuase the admin and public host addresses where checked for all subnets. The admin and public host addresses should only be validated against the cidr of the local_subnet. Closes-Bug: #1791088 Change-Id: Ie9a6f88cc449c135593a0df0426e4d8054b38183 --- ...against-local-subnet-5e98a220e01e6c19.yaml | 6 ++++ tripleoclient/v1/undercloud_preflight.py | 32 +++++++++---------- 2 files changed, 22 insertions(+), 16 deletions(-) create mode 100644 releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml diff --git a/releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml b/releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml new file mode 100644 index 000000000..ef4c535cf --- /dev/null +++ b/releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes a validation issue, validation would fail when multiple ctlplane + subnets were defined in ``undercloud.conf``. + `Bug: 1791088 `_. diff --git a/tripleoclient/v1/undercloud_preflight.py b/tripleoclient/v1/undercloud_preflight.py index 88b38b619..0d0f17aa3 100644 --- a/tripleoclient/v1/undercloud_preflight.py +++ b/tripleoclient/v1/undercloud_preflight.py @@ -284,25 +284,25 @@ def _validate_in_cidr(subnet_props, subnet_name): LOG.error(message) raise FailedValidation(message) + validate_addr_in_cidr(subnet_props.gateway, 'gateway') + validate_addr_in_cidr(subnet_props.dhcp_start, 'dhcp_start') + validate_addr_in_cidr(subnet_props.dhcp_end, 'dhcp_end') if subnet_name == CONF.local_subnet: validate_addr_in_cidr(str(netaddr.IPNetwork(CONF.local_ip).ip), 'local_ip') - validate_addr_in_cidr(subnet_props.gateway, 'gateway') - # NOTE(bnemec): The ui needs to be externally accessible, which means in - # many cases we can't have the public vip on the provisioning network. - # In that case users are on their own to ensure they've picked valid - # values for the VIP hosts. - if ((CONF.undercloud_service_certificate or - CONF.generate_service_certificate) and - not CONF.enable_ui): - validate_addr_in_cidr(CONF['undercloud_public_host'], - 'undercloud_public_host', - require_ip=False, log_only=True) - validate_addr_in_cidr(CONF['undercloud_admin_host'], - 'undercloud_admin_host', - require_ip=False) - validate_addr_in_cidr(subnet_props.dhcp_start, 'dhcp_start') - validate_addr_in_cidr(subnet_props.dhcp_end, 'dhcp_end') + # NOTE(bnemec): The ui needs to be externally accessible, which means + # in many cases we can't have the public vip on the provisioning + # network. In that case users are on their own to ensure they've picked + # valid values for the VIP hosts. + if ((CONF.undercloud_service_certificate or + CONF.generate_service_certificate) and + not CONF.enable_ui): + validate_addr_in_cidr(CONF['undercloud_public_host'], + 'undercloud_public_host', + require_ip=False, log_only=True) + validate_addr_in_cidr(CONF['undercloud_admin_host'], + 'undercloud_admin_host', + require_ip=False) def _validate_dhcp_range(subnet_props):