Ignore seg rules of IPv6
1. What is the problem? After creating a load balancer, Octavia will update security rules of the amphora. But the Tricircle cannot support IPv6 well. 2. What is the solution to the problem? Ignore seg rules of IPv6 in central plugin. 3. What the features to be implemented in the Tricircle to realize the solution? No new features. Change-Id: I2796399fafcfc95b57811028b7c6953ee91a406b
This commit is contained in:
parent
4631302991
commit
230d90263d
|
@ -439,6 +439,8 @@ class XManagerTest(unittest.TestCase):
|
|||
sg_id = uuidutils.generate_uuid()
|
||||
sg_rule_id_1 = uuidutils.generate_uuid()
|
||||
sg_rule_id_2 = uuidutils.generate_uuid()
|
||||
sg_rule_id_3 = uuidutils.generate_uuid()
|
||||
|
||||
sg = {'id': sg_id,
|
||||
'tenant_id': project_id,
|
||||
'name': 'default',
|
||||
|
@ -460,6 +462,15 @@ class XManagerTest(unittest.TestCase):
|
|||
'ethertype': 'IPv4',
|
||||
'port_range_max': -1,
|
||||
'port_range_min': -1,
|
||||
'security_group_id': sg_id},
|
||||
{'id': sg_rule_id_3,
|
||||
'remote_group_id': None,
|
||||
'direction': 'ingress',
|
||||
'remote_ip_prefix': '2001:db8::/64',
|
||||
'protocol': None,
|
||||
'ethertype': 'IPv6',
|
||||
'port_range_max': -1,
|
||||
'port_range_min': -1,
|
||||
'security_group_id': sg_id}]}
|
||||
RES_MAP['top']['security_group'].append(sg)
|
||||
|
||||
|
@ -475,7 +486,8 @@ class XManagerTest(unittest.TestCase):
|
|||
'network_id': network['id'],
|
||||
'cidr': '10.0.%d.0/24' % i,
|
||||
'gateway_ip': '10.0.%d.1' % i,
|
||||
'tenant_id': project_id}
|
||||
'tenant_id': project_id,
|
||||
'ip_version': q_constants.IP_VERSION_4}
|
||||
RES_MAP['top']['network'].append(network)
|
||||
RES_MAP['top']['subnet'].append(subnet)
|
||||
|
||||
|
@ -488,6 +500,18 @@ class XManagerTest(unittest.TestCase):
|
|||
core.create_resource(self.context, models.ResourceRouting,
|
||||
route)
|
||||
|
||||
network_ipv6 = {'id': 'network_ipv6_1',
|
||||
'tenant_id': project_id}
|
||||
subnet_ipv6 = {'id': 'subnet_ipv6_1',
|
||||
'network_id': network_ipv6['id'],
|
||||
'cidr': '2001:db8::/64',
|
||||
'gateway_ip': '2001:db8::2',
|
||||
'tenant_id': project_id,
|
||||
'ip_version': q_constants.IP_VERSION_6}
|
||||
RES_MAP['top']['network'].append(network_ipv6)
|
||||
RES_MAP['top']['subnet'].append(subnet_ipv6)
|
||||
RES_MAP['pod_1']['security_group'].append(sg)
|
||||
|
||||
db_api.new_job(self.context, constants.JT_SEG_RULE_SETUP, project_id)
|
||||
self.xmanager.configure_security_group_rules(
|
||||
self.context, payload={constants.JT_SEG_RULE_SETUP: project_id})
|
||||
|
|
|
@ -734,10 +734,13 @@ class XManager(PeriodicTasks):
|
|||
ip_net = netaddr.IPNetwork(subnet['cidr'])
|
||||
if ip_net in bridge_ip_net:
|
||||
continue
|
||||
# leave sg_id empty here
|
||||
new_b_rules.append(
|
||||
self._construct_bottom_rule(t_rule, '',
|
||||
subnet['cidr']))
|
||||
# leave sg_id empty here.
|
||||
# Tricircle has not supported IPv6 well yet,
|
||||
# so we ignore seg rules temporarily.
|
||||
if subnet['ip_version'] == q_constants.IP_VERSION_4:
|
||||
new_b_rules.append(
|
||||
self._construct_bottom_rule(t_rule, '',
|
||||
subnet['cidr']))
|
||||
|
||||
mappings = db_api.get_bottom_mappings_by_top_id(
|
||||
ctx, top_sg['id'], constants.RT_SG)
|
||||
|
|
Loading…
Reference in New Issue