From dcc25d85242485124bd6169987e198584d60c48d Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 31 Jan 2019 14:36:43 +0000 Subject: [PATCH] Configure VM interfaces in macvtap passthrough mode Tenks currently uses macvtap interfaces in 'VEPA' mode for the VMs. If the VMs run any virtual networking internally, typically this will use a different MAC address, which will not be reachable from outside due to the macvtap MAC filtering. This change uses macvtap 'passthrough' mode, such that all traffic is passed. Change-Id: I0077c7001b2b419a94ea420833fa6dd3e8a3a967 Story: 2004906 Task: 29256 --- ansible/filter_plugins/tenks.py | 5 ++++- .../notes/macvtap-passthrough-adfecbce7dcd8474.yaml | 6 ++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/macvtap-passthrough-adfecbce7dcd8474.yaml diff --git a/ansible/filter_plugins/tenks.py b/ansible/filter_plugins/tenks.py index a03b90b..c7fb921 100644 --- a/ansible/filter_plugins/tenks.py +++ b/ansible/filter_plugins/tenks.py @@ -70,9 +70,12 @@ def set_libvirt_interfaces(context, node): """ node['interfaces'] = [] for physnet in node.get('physical_networks', []): + # Use macvtap 'passthrough' mode, since this does not filter packets + # based on MAC address of the interface. node['interfaces'].append( {'type': 'direct', - 'source': {'dev': source_link_name(context, node, physnet)}} + 'source': {'dev': source_link_name(context, node, physnet), + 'mode': 'passthrough'}} ) return node diff --git a/releasenotes/notes/macvtap-passthrough-adfecbce7dcd8474.yaml b/releasenotes/notes/macvtap-passthrough-adfecbce7dcd8474.yaml new file mode 100644 index 0000000..2e71add --- /dev/null +++ b/releasenotes/notes/macvtap-passthrough-adfecbce7dcd8474.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes an issue where deployed VMs can't be reached on a different MAC + address than the one originally assigned. See `story 2004906 + `__ for details.