Merge "NSX|V3: Configure tier0 transit networks"

2018-12-25 13:16:26 +00:00 · 2018-12-25 13:16:26 +00:00 · 9e3533db93
commit 9e3533db93
parent ab39109550 31757d54e1
2 changed files with 12 additions and 7 deletions
--- a/vmware_nsx/common/config.py
+++ b/vmware_nsx/common/config.py
@ -479,7 +479,11 @@ nsx_v3_opts = nsx_v3_and_p + [
    cfg.BoolOpt('housekeeping_readonly',
                default=True,
                help=_("Housekeeping will only warn about breakage.")),
-
+    cfg.ListOpt('transit_networks',
+                default=['100.64.0.0/16'],
+                help=_("List of transit networks used by NSX tier0 routers. "
+                       "Neutron subnets will not be allowed to use those "
+                       "cidrs")),
 ]

 nsx_p_opts = nsx_v3_and_p + [
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@ -1618,13 +1618,14 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,

        # Check if subnet overlaps with shared address space.
        # This is checked on the backend when attaching subnet to a router.
-        shared_ips = '100.64.0.0/10'
+        shared_ips_cidrs = cfg.CONF.nsx_v3.transit_networks
        for subnet_net in subnet_networks:
-            if netaddr.IPSet(subnet_net) & netaddr.IPSet([shared_ips]):
-                msg = _("Subnet overlaps with shared address space "
-                        "%s") % shared_ips
-                LOG.error(msg)
-                raise n_exc.InvalidInput(error_message=msg)
+            for shared_ips in shared_ips_cidrs:
+                if netaddr.IPSet(subnet_net) & netaddr.IPSet([shared_ips]):
+                    msg = _("Subnet overlaps with shared address space "
+                            "%s") % shared_ips
+                    LOG.error(msg)
+                    raise n_exc.InvalidInput(error_message=msg)

        # Ensure that the NSX uplink does not lie on the same subnet as
        # the external subnet