]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commitdiff
Code Review / openstack-build / neutron-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: c896e34)
Don't add neutron metadata_nat_rules if disable metadata proxy
authorHui HX Xiang <xianghui@cn.ibm.com>
Sun, 8 Sep 2013 02:51:42 +0000 (19:51 -0700)
committerHui HX Xiang <xianghui@cn.ibm.com>
Wed, 11 Sep 2013 12:38:36 +0000 (05:38 -0700)
This patchset fixes this issue by adding a condition when adding nat
rules of neutron metadata proxy.

fixes bug #1212168

Change-Id: I99775aad73c49a8df3043690440d214614279a2b

neutron/agent/l3_agent.py patch | blob | history
neutron/tests/unit/test_l3_agent.py patch | blob | history

diff --git a/neutron/agent/l3_agent.py b/neutron/agent/l3_agent.py
index 26c613fb2c58fe1166399305673450957559010c..f5900806c9da2b66e4c919093efa57e2ba54a437 100644 (file)
--- a/neutron/agent/l3_agent.py
+++ b/neutron/agent/l3_agent.py
@@ -534,9 +534,10 @@ class L3NATAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, manager.Manager):
 
     def metadata_nat_rules(self):
         rules = []
-        rules.append(('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
-                     '-p tcp -m tcp --dport 80 -j REDIRECT '
-                     '--to-port %s' % self.conf.metadata_port))
+        if self.conf.enable_metadata_proxy:
+            rules.append(('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
+                          '-p tcp -m tcp --dport 80 -j REDIRECT '
+                          '--to-port %s' % self.conf.metadata_port))
         return rules
 
     def external_gateway_nat_rules(self, ex_gw_ip, internal_cidrs,
diff --git a/neutron/tests/unit/test_l3_agent.py b/neutron/tests/unit/test_l3_agent.py
index 010a2008447ccbfe106bf07c22374ab020e14cb0..e4057d3541a14e9768691b4c0b3772fb072a2125 100644 (file)
--- a/neutron/tests/unit/test_l3_agent.py
+++ b/neutron/tests/unit/test_l3_agent.py
@@ -634,6 +634,18 @@ class TestBasicRouterOperations(base.BaseTestCase):
     def test_disable_metadata_proxy_spawn(self):
         self._configure_metadata_proxy(enableflag=False)
 
+    def test_metadata_nat_rules(self):
+        self.conf.set_override('enable_metadata_proxy', False)
+        agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+        self.assertEqual([], agent.metadata_nat_rules())
+
+        self.conf.set_override('metadata_port', '8775')
+        self.conf.set_override('enable_metadata_proxy', True)
+        agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+        rules = ('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
+                 '-p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775')
+        self.assertEqual([rules], agent.metadata_nat_rules())
+
 
 class TestL3AgentEventHandler(base.BaseTestCase):