Fuel for OpenStack

Cannot specify custom iptables rules for VIP in network role

Bug #1502922 reported by Andrey Shestakov on 2015-10-05

This bug report is a duplicate of: Bug #1517497: Unhardcode iptables rules for VIPs. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	In Progress	Medium	Stanislav Makar	Fuel for OpenStack 8.0

Bug Description

When custom network role defined with VIP
Is not possible to specify custom firewall rules for that VIP in namespace

I see needed parameters are hardcoded:
https://github.com/stackforge/fuel-library/blob/master/deployment/puppet/osnailyfacter/lib/puppet/parser/functions/generate_vips.rb#L100

Tags:

Veronica Krayneva (vkrayneva) on 2015-10-07

Changed in fuel:
assignee:	nobody → Fuel Python Team (fuel-python)
milestone:	none → 8.0
importance:	Undecided → Medium

Revision history for this message

Dmitry Klenov (dklenov) wrote on 2015-10-08:

Andrey, can you please specify:
* Detailed steps to reproduce.
* At which step(s) you see the discrepancy with expected results.

Changed in fuel:
status:	New → Incomplete
assignee:	Fuel Python Team (fuel-python) → Andrey Shestakov (ashestakov)

Revision history for this message

Sergey Vasilenko (xenolog) wrote on 2015-10-09:

For unhardcode this parameters from generate_vip function, I propose move it to VIP declaration yaml.

For this we should add hash, that will not parsed by nailgun and will be passed to astute.yaml as is.
I.e VIP declaration may be look following:

    vip:
       - name: "baremetal"
         namespace: "haproxy"
         node_roles: [.......]
         vendor_specific:
             firewall_start: rule1
             firewall_stop: rule2

This 'vendor_specific' field may be used for transfer all plugin-specific information to puppet manifests.

Dmitry Pyzhov (dpyzhov) on 2015-10-22

tags:

added: area-mos

OpenStack Infra (hudson-openstack) on 2015-11-10

Changed in fuel:
status:	Incomplete → In Progress

OpenStack Infra (hudson-openstack) on 2015-11-30

Changed in fuel:
assignee:	Andrey Shestakov (ashestakov) → Stanislav Makar (smakar)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-12-01: Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/243045
Committed: https://git.openstack.org/cgit/openstack/fuel-web/commit/?id=1fd1ca52b3c4abee2cd40a4e8eb463867209278f
Submitter: Jenkins
Branch: master

commit 1fd1ca52b3c4abee2cd40a4e8eb463867209278f
Author: Andrey Shestakov <email address hidden>
Date: Fri Nov 13 16:25:13 2015 +0200

Add vendor_specific parameter to VIPs meta

    This parameter allows specify plugin specific informaton in VIPs
    declaration.
    Add default iptables rules for vrouter_pub VIP

    DocImpact:
    Change-Id: I4fce3411d36f6d9e6257230f76178fd39ffd70c2
    Partial-bug: #1502922

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1517497 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.