From de8cba696323a6b3a0617eda3650a2425fbc6e95 Mon Sep 17 00:00:00 2001
From: Vishvananda Ishaya <vishvananda@gmail.com>
Date: Tue, 20 Nov 2012 12:05:04 -0800
Subject: [PATCH] Allow multi_host compute nodes to share dhcp ip

This adds a new flag: share_dhcp_address which if enabled in
multihost mode will allow all compute nodes to share an ip on
guest network. The code will isolate the address using iptables
and ebtables so it is only visible to the vms.

This patch has two benefits:

a) we don't have to use an ip address from every network for each
compute node. This is especially valuable in vlan mode where the
networks are generally small

b) we can improve security by blocking all access to the ip on the
guest network from outside the compute node. While we could do similar
blocking using a different ip for each node, it makes dhcp setup
much more complicated if a vm is migrated to another node.

Implements blueprint shared-dhcp-ip

Change-Id: Iaf84c0ad2848921122866956105eb44c074450dc
---
 nova/tests/test_db_api.py | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/nova/tests/test_db_api.py b/nova/tests/test_db_api.py
index 19337855..f54af15d 100644
--- a/nova/tests/test_db_api.py
+++ b/nova/tests/test_db_api.py
@@ -469,6 +469,33 @@ class DbApiTestCase(test.TestCase):
         data = db.network_get_associated_fixed_ips(ctxt, 1, 'nothing')
         self.assertEqual(len(data), 0)
 
+    def test_network_get_all_by_host(self):
+        ctxt = context.get_admin_context()
+        data = db.network_get_all_by_host(ctxt, 'foo')
+        self.assertEqual(len(data), 0)
+        # dummy network
+        net = db.network_create_safe(ctxt, {})
+        # network with host set
+        net = db.network_create_safe(ctxt, {'host': 'foo'})
+        data = db.network_get_all_by_host(ctxt, 'foo')
+        self.assertEqual(len(data), 1)
+        # network with fixed ip with host set
+        net = db.network_create_safe(ctxt, {})
+        values = {'host': 'foo', 'network_id': net['id']}
+        fixed_address = db.fixed_ip_create(ctxt, values)
+        data = db.network_get_all_by_host(ctxt, 'foo')
+        self.assertEqual(len(data), 2)
+        # network with instance with host set
+        net = db.network_create_safe(ctxt, {})
+        instance = db.instance_create(ctxt, {'host': 'foo'})
+        values = {'instance_uuid': instance['uuid']}
+        vif = db.virtual_interface_create(ctxt, values)
+        values = {'network_id': net['id'],
+                  'virtual_interface_id': vif['id']}
+        fixed_address = db.fixed_ip_create(ctxt, values)
+        data = db.network_get_all_by_host(ctxt, 'foo')
+        self.assertEqual(len(data), 3)
+
     def _timeout_test(self, ctxt, timeout, multi_host):
         values = {'host': 'foo'}
         instance = db.instance_create(ctxt, values)