Fuel for OpenStack

Unhardcode iptables rules for VIPs

Bug #1517497 reported by Sergey Vasilenko on 2015-11-18

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Released	High	Stanislav Makar	Fuel for OpenStack 8.0

Bug Description

The deployment/puppet/osnailyfacter/lib/puppet/parser/functions/generate_vips.rb parser function contains hardcoded IPtables rules.

work items:

* research, that variables should be interpolated into rules (IMHO it should be any, that can be fetched by get_network_role_property)
* Hardcoded in vip_generate() function iptables rules should be moved
  to a VIP declaration section into Nailgun fixtures.
  Additional iptables rules for Ironic VIP should be placed into VIP
  declaration section into Nailgun fixtures.
* change ISO on CI
* make ability to pass rules from the VIP declaration to the cluster::vip resource. Variables from VIP declaration should be interpolated at this step.

See original description

Tags:

Sergey Vasilenko (xenolog) on 2015-11-18

tags:

added: feature

Dmitry Pyzhov (dpyzhov) on 2015-11-18

tags:

added: area-library

Ilya Kutukov (ikutukov) on 2015-11-18

Changed in fuel:
status:	New → Confirmed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-26: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/250395

Changed in fuel:
status:	Confirmed → In Progress

Sergey Vasilenko (xenolog) on 2015-11-27

description:	updated
description:	updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-12-02: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/250395
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=f44c7efb877fa6c86acf61c156c2ce41e8199549
Submitter: Jenkins
Branch: master

commit f44c7efb877fa6c86acf61c156c2ce41e8199549
Author: Stanislav Makar <email address hidden>
Date: Thu Nov 26 14:02:12 2015 +0000

VIP iptables rules are not hardcoded

    The function generate_vips:
    *receives input parameters: network_metadata, network_scheme and role
    *searches vendor_specific and iptables_rules in network_metadata and
    processes them
    *recognizes and substitutes authomatically such words: <%INT%>, <%IP%>
    and <%CIDR%> in iptables rules

    DocImpact:
    Change-Id: Ic3fde513ea8b1ccf94305d9d25615471f563779e
    Closes-bug: #1517497

Changed in fuel:
status:	In Progress → Fix Committed

Aleksei Stepanov (penguinolog) on 2015-12-02

tags:

added: on-verification

Aleksei Stepanov (penguinolog) on 2015-12-03

Changed in fuel:
status:	Fix Committed → Fix Released
tags:	removed: on-verification

Revision history for this message

Aleksei Stepanov (penguinolog) wrote on 2015-12-03:

Covered by current automated tests.
BVT2 passed.
Merged code verified.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1502922

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.