Fixes bug
1096532
A new configuration variable is added to enable the user to indicate
if the gateway should be validated on the subnet. For backward
compatibility this is set as False by default.
Change-Id: Ieadd60a945d34703bfee7576aa3b2ff7da3143d4
# Attention: the following parameter MUST be set to False if Quantum is
# being used in conjunction with nova security groups and/or metadata service.
# allow_overlapping_ips = False
+# Ensure that configured gateway is on subnet
+# force_gateway_on_subnet = False
+
# RPC configuration options. Defined in rpc __init__
# The messaging module to use, defaults to kombu.
default='quantum',
help='AMQP exchange to connect to if using RabbitMQ or Qpid'),
cfg.StrOpt('host', default=utils.get_hostname()),
-
+ cfg.BoolOpt('force_gateway_on_subnet', default=False,
+ help=_("Ensure that configured gateway is on subnet")),
]
# Register the configuration options
s['gateway_ip'] and
s['gateway_ip'] != attributes.ATTR_NOT_SPECIFIED):
self._validate_ip_version(ip_ver, s['gateway_ip'], 'gateway_ip')
+ if (cfg.CONF.force_gateway_on_subnet and
+ not QuantumDbPluginV2._check_subnet_ip(s['cidr'],
+ s['gateway_ip'])):
+ error_message = _("Gateway is not valid on subnet")
+ raise q_exc.InvalidInput(error_message=error_message)
if ('dns_nameservers' in s and
s['dns_nameservers'] != attributes.ATTR_NOT_SPECIFIED):
subnet = self._test_create_subnet(expected=expected,
gateway_ip=gateway)
+ def test_create_force_subnet_gw_values(self):
+ cfg.CONF.set_override('force_gateway_on_subnet', True)
+ with self.network() as network:
+ self._create_subnet('json',
+ network['network']['id'],
+ '10.0.0.0/24',
+ 400,
+ gateway_ip='100.0.0.1')
+
def test_create_subnet_with_allocation_pool(self):
gateway_ip = '10.0.0.1'
cidr = '10.0.0.0/24'
Code Review / openstack-build / neutron-build.git / commitdiff