Merge "[DHCP agent] Add route to OVN metadata port if exists"
This commit is contained in:
commit
dfa6dc4c0e
@ -1208,6 +1208,14 @@ class Dnsmasq(DhcpLocalProcess):
|
|||||||
file_utils.replace_file(name, '\n'.join(options))
|
file_utils.replace_file(name, '\n'.join(options))
|
||||||
return name
|
return name
|
||||||
|
|
||||||
|
def _get_ovn_metadata_port_ip(self, subnet):
|
||||||
|
m_ports = [port for port in self.network.ports if
|
||||||
|
self._is_ovn_metadata_port(port, self.network.id)]
|
||||||
|
if m_ports:
|
||||||
|
for fixed_ip in m_ports[0].fixed_ips:
|
||||||
|
if fixed_ip.subnet_id == subnet.id:
|
||||||
|
return fixed_ip.ip_address
|
||||||
|
|
||||||
def _generate_opts_per_subnet(self):
|
def _generate_opts_per_subnet(self):
|
||||||
options = []
|
options = []
|
||||||
subnets_without_nameservers = set()
|
subnets_without_nameservers = set()
|
||||||
@ -1261,23 +1269,33 @@ class Dnsmasq(DhcpLocalProcess):
|
|||||||
else:
|
else:
|
||||||
host_routes.append("%s,%s" % (hr.destination, hr.nexthop))
|
host_routes.append("%s,%s" % (hr.destination, hr.nexthop))
|
||||||
|
|
||||||
# Add host routes for isolated network segments
|
# Determine metadata port route
|
||||||
|
if subnet.ip_version == constants.IP_VERSION_4:
|
||||||
|
metadata_route_ip = None
|
||||||
|
# NOTE: OVN metadata port IP is used in a case when the DHCP
|
||||||
|
# agent is deployed in the ML2/OVN enviroment where the native
|
||||||
|
# ovn-controller dhcp is disabled. The ovn metadata route
|
||||||
|
# takes precedence over native force_metadata and
|
||||||
|
# enable_isolated_metadata routes settings.
|
||||||
|
ovn_metadata_port_ip = self._get_ovn_metadata_port_ip(subnet)
|
||||||
|
if ovn_metadata_port_ip:
|
||||||
|
metadata_route_ip = ovn_metadata_port_ip
|
||||||
|
|
||||||
if ((self.conf.force_metadata or
|
elif (self.conf.force_metadata or
|
||||||
(isolated_subnets[subnet.id] and
|
(isolated_subnets[subnet.id] and
|
||||||
self.conf.enable_isolated_metadata)) and
|
self.conf.enable_isolated_metadata)):
|
||||||
subnet.ip_version == 4):
|
subnet_dhcp_ip = subnet_to_interface_ip.get(subnet.id)
|
||||||
subnet_dhcp_ip = subnet_to_interface_ip.get(subnet.id)
|
if subnet_dhcp_ip:
|
||||||
if subnet_dhcp_ip:
|
metadata_route_ip = subnet_dhcp_ip
|
||||||
|
|
||||||
|
if not isolated_subnets[subnet.id] and gateway:
|
||||||
|
metadata_route_ip = gateway
|
||||||
|
|
||||||
|
if metadata_route_ip:
|
||||||
host_routes.append(
|
host_routes.append(
|
||||||
'%s,%s' % (constants.METADATA_CIDR, subnet_dhcp_ip)
|
'%s,%s' % (constants.METADATA_CIDR, metadata_route_ip)
|
||||||
)
|
)
|
||||||
elif not isolated_subnets[subnet.id] and gateway:
|
|
||||||
host_routes.append(
|
|
||||||
'%s,%s' % (constants.METADATA_CIDR, gateway)
|
|
||||||
)
|
|
||||||
|
|
||||||
if subnet.ip_version == 4:
|
|
||||||
for s in self._get_all_subnets(self.network):
|
for s in self._get_all_subnets(self.network):
|
||||||
sub_segment_id = getattr(s, 'segment_id', None)
|
sub_segment_id = getattr(s, 'segment_id', None)
|
||||||
if (s.ip_version == 4 and
|
if (s.ip_version == 4 and
|
||||||
@ -1442,13 +1460,21 @@ class Dnsmasq(DhcpLocalProcess):
|
|||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _is_ovn_metadata_port(port, network_id):
|
||||||
|
return (port.device_id == 'ovnmeta-' + network_id and
|
||||||
|
port.device_owner == constants.DEVICE_OWNER_DISTRIBUTED)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def should_enable_metadata(cls, conf, network):
|
def should_enable_metadata(cls, conf, network):
|
||||||
"""Determine whether the metadata proxy is needed for a network
|
"""Determine whether the metadata proxy is needed for a network
|
||||||
|
|
||||||
This method returns True for truly isolated networks (ie: not attached
|
If the given network contains a ovn metadata port then this method
|
||||||
to a router) when enable_isolated_metadata is True, or for all the
|
assumes that the ovn metadata service is in use and this metadata
|
||||||
networks when the force_metadata flags is True.
|
service is not required, method returns False. For other cases this
|
||||||
|
method returns True for truly isolated networks (ie: not attached to a
|
||||||
|
router) when enable_isolated_metadata is True, or for all the networks
|
||||||
|
when the force_metadata flags is True.
|
||||||
|
|
||||||
This method also returns True when enable_metadata_network is True,
|
This method also returns True when enable_metadata_network is True,
|
||||||
and the network passed as a parameter has a subnet in the link-local
|
and the network passed as a parameter has a subnet in the link-local
|
||||||
@ -1457,6 +1483,10 @@ class Dnsmasq(DhcpLocalProcess):
|
|||||||
providing access to the metadata service via logical routers built
|
providing access to the metadata service via logical routers built
|
||||||
with 3rd party backends.
|
with 3rd party backends.
|
||||||
"""
|
"""
|
||||||
|
for port in network.ports:
|
||||||
|
if cls._is_ovn_metadata_port(port, network.id):
|
||||||
|
return False
|
||||||
|
|
||||||
all_subnets = cls._get_all_subnets(network)
|
all_subnets = cls._get_all_subnets(network)
|
||||||
dhcp_subnets = [s for s in all_subnets if s.enable_dhcp]
|
dhcp_subnets = [s for s in all_subnets if s.enable_dhcp]
|
||||||
if not dhcp_subnets:
|
if not dhcp_subnets:
|
||||||
|
@ -152,10 +152,27 @@ fake_port_subnet_2 = dhcp.DictModel(
|
|||||||
|
|
||||||
fake_ipv6_port = dhcp.DictModel(id='12345678-1234-aaaa-123456789000',
|
fake_ipv6_port = dhcp.DictModel(id='12345678-1234-aaaa-123456789000',
|
||||||
device_owner='',
|
device_owner='',
|
||||||
|
device_id='',
|
||||||
mac_address='aa:bb:cc:dd:ee:99',
|
mac_address='aa:bb:cc:dd:ee:99',
|
||||||
network_id=FAKE_NETWORK_UUID,
|
network_id=FAKE_NETWORK_UUID,
|
||||||
fixed_ips=[fake_fixed_ipv6])
|
fixed_ips=[fake_fixed_ipv6])
|
||||||
|
|
||||||
|
fake_ovn_port = dhcp.DictModel(id='12345678-1234-aaaa-123456789000',
|
||||||
|
device_owner='',
|
||||||
|
device_id='',
|
||||||
|
mac_address='aa:bb:cc:dd:ee:98',
|
||||||
|
network_id=FAKE_NETWORK_UUID,
|
||||||
|
fixed_ips=[fake_fixed_ip2])
|
||||||
|
|
||||||
|
fake_ovn_metadata_port = dhcp.DictModel(id='12345678-1234-aaaa-123456789000',
|
||||||
|
device_owner=const.
|
||||||
|
DEVICE_OWNER_DISTRIBUTED,
|
||||||
|
device_id='ovnmeta-{}'.format(
|
||||||
|
FAKE_NETWORK_UUID),
|
||||||
|
mac_address='aa:bb:cc:dd:ee:99',
|
||||||
|
network_id=FAKE_NETWORK_UUID,
|
||||||
|
fixed_ips=[fake_fixed_ip1])
|
||||||
|
|
||||||
fake_meta_port = dhcp.DictModel(id='12345678-1234-aaaa-1234567890ab',
|
fake_meta_port = dhcp.DictModel(id='12345678-1234-aaaa-1234567890ab',
|
||||||
mac_address='aa:bb:cc:dd:ee:ff',
|
mac_address='aa:bb:cc:dd:ee:ff',
|
||||||
network_id=FAKE_NETWORK_UUID,
|
network_id=FAKE_NETWORK_UUID,
|
||||||
@ -191,6 +208,12 @@ fake_network_ipv6 = dhcp.NetModel(id=FAKE_NETWORK_UUID,
|
|||||||
subnets=[fake_ipv6_subnet],
|
subnets=[fake_ipv6_subnet],
|
||||||
ports=[fake_ipv6_port])
|
ports=[fake_ipv6_port])
|
||||||
|
|
||||||
|
fake_ovn_network = dhcp.NetModel(id=FAKE_NETWORK_UUID,
|
||||||
|
project_id=FAKE_PROJECT_ID,
|
||||||
|
admin_state_up=True,
|
||||||
|
subnets=[fake_ipv6_subnet],
|
||||||
|
ports=[fake_ovn_metadata_port, fake_ovn_port])
|
||||||
|
|
||||||
fake_network_ipv6_ipv4 = dhcp.NetModel(
|
fake_network_ipv6_ipv4 = dhcp.NetModel(
|
||||||
id=FAKE_NETWORK_UUID,
|
id=FAKE_NETWORK_UUID,
|
||||||
project_id=FAKE_PROJECT_ID,
|
project_id=FAKE_PROJECT_ID,
|
||||||
@ -803,7 +826,7 @@ class TestDhcpAgentEventHandler(base.BaseTestCase):
|
|||||||
default_cmd_callback=mock.ANY)
|
default_cmd_callback=mock.ANY)
|
||||||
|
|
||||||
def _enable_dhcp_helper(self, network, enable_isolated_metadata=False,
|
def _enable_dhcp_helper(self, network, enable_isolated_metadata=False,
|
||||||
is_isolated_network=False):
|
is_isolated_network=False, is_ovn_network=False):
|
||||||
self.dhcp._process_monitor = mock.Mock()
|
self.dhcp._process_monitor = mock.Mock()
|
||||||
if enable_isolated_metadata:
|
if enable_isolated_metadata:
|
||||||
cfg.CONF.set_override('enable_isolated_metadata', True)
|
cfg.CONF.set_override('enable_isolated_metadata', True)
|
||||||
@ -813,7 +836,8 @@ class TestDhcpAgentEventHandler(base.BaseTestCase):
|
|||||||
mock.call.get_network_info(network.id)])
|
mock.call.get_network_info(network.id)])
|
||||||
self.call_driver.assert_called_once_with('enable', network)
|
self.call_driver.assert_called_once_with('enable', network)
|
||||||
self.cache.assert_has_calls([mock.call.put(network)])
|
self.cache.assert_has_calls([mock.call.put(network)])
|
||||||
if is_isolated_network and enable_isolated_metadata:
|
if (is_isolated_network and enable_isolated_metadata and not
|
||||||
|
is_ovn_network):
|
||||||
self.external_process.assert_has_calls([
|
self.external_process.assert_has_calls([
|
||||||
self._process_manager_constructor_call(),
|
self._process_manager_constructor_call(),
|
||||||
mock.call().enable()], any_order=True)
|
mock.call().enable()], any_order=True)
|
||||||
@ -858,6 +882,21 @@ class TestDhcpAgentEventHandler(base.BaseTestCase):
|
|||||||
enable_isolated_metadata=True,
|
enable_isolated_metadata=True,
|
||||||
is_isolated_network=False)
|
is_isolated_network=False)
|
||||||
|
|
||||||
|
def test_enable_dhcp_helper_enable_metadata_ovn_network(self):
|
||||||
|
# Metadata should not be enabled when the dhcp agent is used
|
||||||
|
# in ML2/OVN where the ovn metadata agent is responsible for the
|
||||||
|
# metadata service.
|
||||||
|
self._enable_dhcp_helper(fake_ovn_network, is_ovn_network=True)
|
||||||
|
|
||||||
|
def test_enable_dhcp_helper_ovn_network_with_enable_isolated_metadata(
|
||||||
|
self):
|
||||||
|
# Metadata should not be enabled when the dhcp agent is used
|
||||||
|
# in ML2/OVN where the ovn metadata agent is responsible for the
|
||||||
|
# metadata service. Even if the enable_isolated_metadata is enabled
|
||||||
|
self._enable_dhcp_helper(fake_ovn_network,
|
||||||
|
enable_isolated_metadata=True,
|
||||||
|
is_ovn_network=True)
|
||||||
|
|
||||||
def test_enable_dhcp_helper_enable_metadata_empty_network(self):
|
def test_enable_dhcp_helper_enable_metadata_empty_network(self):
|
||||||
self._enable_dhcp_helper(empty_network,
|
self._enable_dhcp_helper(empty_network,
|
||||||
enable_isolated_metadata=True,
|
enable_isolated_metadata=True,
|
||||||
|
@ -90,6 +90,19 @@ class FakeDhcpPort(object):
|
|||||||
self.extra_dhcp_opts = []
|
self.extra_dhcp_opts = []
|
||||||
|
|
||||||
|
|
||||||
|
class FakeOvnMetadataPort(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.id = 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaa'
|
||||||
|
self.admin_state_up = True
|
||||||
|
self.device_owner = constants.DEVICE_OWNER_DISTRIBUTED
|
||||||
|
self.fixed_ips = [
|
||||||
|
FakeIPAllocation('192.168.0.10',
|
||||||
|
'dddddddd-dddd-dddd-dddd-dddddddddddd')]
|
||||||
|
self.mac_address = '00:00:80:aa:bb:ee'
|
||||||
|
self.device_id = 'ovnmeta-aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa'
|
||||||
|
self.extra_dhcp_opts = []
|
||||||
|
|
||||||
|
|
||||||
class FakeReservedPort(object):
|
class FakeReservedPort(object):
|
||||||
def __init__(self, id='reserved-aaaa-aaaa-aaaa-aaaaaaaaaaa'):
|
def __init__(self, id='reserved-aaaa-aaaa-aaaa-aaaaaaaaaaa'):
|
||||||
self.admin_state_up = True
|
self.admin_state_up = True
|
||||||
@ -768,6 +781,14 @@ class FakeNetworkDhcpPort(object):
|
|||||||
self.namespace = 'qdhcp-ns'
|
self.namespace = 'qdhcp-ns'
|
||||||
|
|
||||||
|
|
||||||
|
class FakeNetworkDhcpandOvnMetadataPort(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.id = 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa'
|
||||||
|
self.subnets = [FakeV4Subnet()]
|
||||||
|
self.ports = [FakePort1(), FakeDhcpPort(), FakeOvnMetadataPort()]
|
||||||
|
self.namespace = 'qdhcp-ns'
|
||||||
|
|
||||||
|
|
||||||
class FakeDualNetworkGatewayRoute(object):
|
class FakeDualNetworkGatewayRoute(object):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.id = 'cccccccc-cccc-cccc-cccc-cccccccccccc'
|
self.id = 'cccccccc-cccc-cccc-cccc-cccccccccccc'
|
||||||
@ -3129,6 +3150,10 @@ class TestDnsmasq(TestBase):
|
|||||||
self.assertFalse(dhcp.Dnsmasq.has_metadata_subnet(
|
self.assertFalse(dhcp.Dnsmasq.has_metadata_subnet(
|
||||||
[FakeV4Subnet()]))
|
[FakeV4Subnet()]))
|
||||||
|
|
||||||
|
def test_should_enable_metadata_ovn_metadata_port_returns_false(self):
|
||||||
|
self.assertFalse(dhcp.Dnsmasq.should_enable_metadata(
|
||||||
|
self.conf, FakeNetworkDhcpandOvnMetadataPort()))
|
||||||
|
|
||||||
def test_should_enable_metadata_isolated_network_returns_true(self):
|
def test_should_enable_metadata_isolated_network_returns_true(self):
|
||||||
self.assertTrue(dhcp.Dnsmasq.should_enable_metadata(
|
self.assertTrue(dhcp.Dnsmasq.should_enable_metadata(
|
||||||
self.conf, FakeV4NetworkNoRouter()))
|
self.conf, FakeV4NetworkNoRouter()))
|
||||||
@ -3177,6 +3202,12 @@ class TestDnsmasq(TestBase):
|
|||||||
'force_metadata': False}
|
'force_metadata': False}
|
||||||
self._test__generate_opts_per_subnet_helper(config, False)
|
self._test__generate_opts_per_subnet_helper(config, False)
|
||||||
|
|
||||||
|
def test__generate_opts_per_subnet_with_metadata_port(self):
|
||||||
|
config = {'enable_isolated_metadata': False,
|
||||||
|
'force_metadata': False}
|
||||||
|
self._test__generate_opts_per_subnet_helper(config, True,
|
||||||
|
network_class=FakeNetworkDhcpandOvnMetadataPort)
|
||||||
|
|
||||||
def test__generate_opts_per_subnet_isolated_metadata_with_router(self):
|
def test__generate_opts_per_subnet_isolated_metadata_with_router(self):
|
||||||
config = {'enable_isolated_metadata': True,
|
config = {'enable_isolated_metadata': True,
|
||||||
'force_metadata': False}
|
'force_metadata': False}
|
||||||
|
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Fixed the scenario where the DHCP agent is deployed in conjunction with
|
||||||
|
the OVN metadata agent in order to serve metadata for baremetal nodes.
|
||||||
|
In this scenario, the DHCP agent would not set the route needed for the
|
||||||
|
OVN metadata agent service resulting in baremetal nodes not being able
|
||||||
|
to query the metadata service. For more information see
|
||||||
|
`bug 1982569 <https://bugs.launchpad.net/neutron/+bug/1982569>`_.
|
Loading…
x
Reference in New Issue
Block a user