yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1159015] Re: enable_isolated_metadata_proxy should be called only when enable_isolated_metadata enabled

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 29 May 2013 11:05:21 -0000
Reply-to: Bug 1159015 <1159015@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Changed in: quantum
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to quantum.
https://bugs.launchpad.net/bugs/1159015

Title:
  enable_isolated_metadata_proxy should be called only when
  enable_isolated_metadata enabled

Status in OpenStack Quantum (virtual network service):
  Fix Released

Bug description:
  now the enable_isolated_metadata_proxy is always called no matter what is the enable_isolated_metadata option value.
  In fact, if enable_isolated_metadata=False, the proxy should not work according to code:
  1.     def _output_opts_file(self) in dhcp.py:
          """Write a dnsmasq compatible options file."""
             ...

              host_routes = ["%s,%s" % (hr.destination, hr.nexthop)
                             for hr in subnet.host_routes]
              subnet_dhcp_ip = subnet_to_interface_ip[subnet.id]
              # Add host routes for isolated network segments
              enable_metadata = (
                  self.conf.enable_isolated_metadata
                  and not subnet.gateway_ip
                  and subnet.ip_version == 4)

              if enable_metadata:
                  host_routes.append(
                      '%s/32,%s' % (METADATA_DEFAULT_IP, subnet_dhcp_ip)
                  )
     So if enable_isolated_metadata, dnsmasq will use host router to lead 169.254.169.254 traffic of VM to IP of dnsmasq is listensing.
  2.     def setup(self, network, reuse_existing=False): in dhcp_agent.py
          """Create and initialize a device for network's DHCP on this host."""
          device_id = self.get_device_id(network)
          port = self.plugin.get_dhcp_port(network.id, device_id)

          interface_name = self.get_interface_name(network, port)

          if self.conf.use_namespaces:
              namespace = NS_PREFIX + network.id
          else:
              namespace = None

          if ip_lib.device_exists(interface_name,
                                  self.root_helper,
                                  namespace):
              if not reuse_existing:
                  raise exceptions.PreexistingDeviceFailure(
                      dev_name=interface_name)

              LOG.debug(_('Reusing existing device: %s.'), interface_name)
          else:
              self.driver.plug(network.id,
                               port.id,
                               interface_name,
                               port.mac_address,
                               namespace=namespace)
          ip_cidrs = []
          for fixed_ip in port.fixed_ips:
              subnet = fixed_ip.subnet
              net = netaddr.IPNetwork(subnet.cidr)
              ip_cidr = '%s/%s' % (fixed_ip.ip_address, net.prefixlen)
              ip_cidrs.append(ip_cidr)

          if (self.conf.enable_isolated_metadata and
              self.conf.use_namespaces):
              ip_cidrs.append(METADATA_DEFAULT_IP)

  so we are adding '169.254.169.254/%d' % METADATA_DEFAULT_PREFIX (16)
  to dhcp tap device.

  the metadata_proxy process should not be called if
  self.conf.enable_isolated_metadata is false.

To manage notifications about this bug go to:
https://bugs.launchpad.net/quantum/+bug/1159015/+subscriptions