From: Marga Millet <fragatina@yahoo.com>
Date: Wed, 12 Aug 2015 10:49:09 +0000 (-0700)
Subject: Support dhcp metadata service for all networks
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=09b09de925a69bdb4f83b3709b83634f98d8d99f;p=openstack-build%2Fneutron-build.git

Support dhcp metadata service for all networks

Vendors implementing Neutron L3 API in their devices may not be able to provide
metadata server access via the Neutron router. In such cases we want to allow
the metadata service as done for non-isolated networks segments.

DocImpact
Change-Id: I5f6ee9788717c3d4f1f2e2a4b9734fdd8dd92b40
Closes-Bug:#1483939
---

diff --git a/etc/dhcp_agent.ini b/etc/dhcp_agent.ini
index 115ff86a2..7637be6f5 100644
--- a/etc/dhcp_agent.ini
+++ b/etc/dhcp_agent.ini
@@ -36,11 +36,19 @@
 # use_namespaces = True will be enforced.
 # use_namespaces = True
 
+# In some cases the neutron router is not present to provide the metadata
+# IP but the DHCP server can be used to provide this info. Setting this
+# value will force the DHCP server to append specific host routes to the
+# DHCP request. If this option is set, then the metadata service will be
+# activated for all the networks.
+# force_metadata = False
+
 # The DHCP server can assist with providing metadata support on isolated
 # networks. Setting this value to True will cause the DHCP server to append
 # specific host routes to the DHCP request. The metadata service will only
 # be activated when the subnet does not contain any router port. The guest
 # instance must be configured to request host routes via DHCP (Option 121).
+# This option doesn't have any effect when force_metadata is set to True.
 # enable_isolated_metadata = False
 
 # Allows for serving metadata requests coming from a dedicated metadata
diff --git a/neutron/agent/dhcp/config.py b/neutron/agent/dhcp/config.py
index eefac85d4..06345047e 100644
--- a/neutron/agent/dhcp/config.py
+++ b/neutron/agent/dhcp/config.py
@@ -24,6 +24,8 @@ DHCP_AGENT_OPTS = [
                help=_("The driver used to manage the DHCP server.")),
     cfg.BoolOpt('enable_isolated_metadata', default=False,
                 help=_("Support Metadata requests on isolated networks.")),
+    cfg.BoolOpt('force_metadata', default=False,
+                help=_("Force to use DHCP to get Metadata on all networks.")),
     cfg.BoolOpt('enable_metadata_network', default=False,
                 help=_("Allows for serving metadata requests from a "
                        "dedicated network. Requires "
diff --git a/neutron/agent/linux/dhcp.py b/neutron/agent/linux/dhcp.py
index e562ab36d..337106edf 100644
--- a/neutron/agent/linux/dhcp.py
+++ b/neutron/agent/linux/dhcp.py
@@ -761,9 +761,10 @@ class Dnsmasq(DhcpLocalProcess):
 
             # Add host routes for isolated network segments
 
-            if (isolated_subnets[subnet.id] and
+            if (self.conf.force_metadata or
+                (isolated_subnets[subnet.id] and
                     self.conf.enable_isolated_metadata and
-                    subnet.ip_version == 4):
+                    subnet.ip_version == 4)):
                 subnet_dhcp_ip = subnet_to_interface_ip[subnet.id]
                 host_routes.append(
                     '%s/32,%s' % (METADATA_DEFAULT_IP, subnet_dhcp_ip)
@@ -900,7 +901,7 @@ class Dnsmasq(DhcpLocalProcess):
 
         A subnet is considered non-isolated if there is a port connected to
         the subnet, and the port's ip address matches that of the subnet's
-        gateway. The port must be owned by a nuetron router.
+        gateway. The port must be owned by a neutron router.
         """
         isolated_subnets = collections.defaultdict(lambda: True)
         subnets = dict((subnet.id, subnet) for subnet in network.subnets)
@@ -919,7 +920,8 @@ class Dnsmasq(DhcpLocalProcess):
         """Determine whether the metadata proxy is needed for a network
 
         This method returns True for truly isolated networks (ie: not attached
-        to a router), when the enable_isolated_metadata flag is True.
+        to a router) when enable_isolated_metadata is True, or for all the
+        networks when the force_metadata flags is True.
 
         This method also returns True when enable_metadata_network is True,
         and the network passed as a parameter has a subnet in the link-local
@@ -928,6 +930,9 @@ class Dnsmasq(DhcpLocalProcess):
         providing access to the metadata service via logical routers built
         with 3rd party backends.
         """
+        if conf.force_metadata:
+            return True
+
         if conf.enable_metadata_network and conf.enable_isolated_metadata:
             # check if the network has a metadata subnet
             meta_cidr = netaddr.IPNetwork(METADATA_DEFAULT_CIDR)
diff --git a/neutron/tests/unit/agent/linux/test_dhcp.py b/neutron/tests/unit/agent/linux/test_dhcp.py
index 60c241d8a..0d8a9227b 100644
--- a/neutron/tests/unit/agent/linux/test_dhcp.py
+++ b/neutron/tests/unit/agent/linux/test_dhcp.py
@@ -776,6 +776,8 @@ class TestBase(TestConfBase):
         self.mock_mgr = instance.start()
         self.conf.register_opt(cfg.BoolOpt('enable_isolated_metadata',
                                            default=True))
+        self.conf.register_opt(cfg.BoolOpt("force_metadata",
+                                           default=False))
         self.conf.register_opt(cfg.BoolOpt('enable_metadata_network',
                                            default=False))
         self.config_parse(self.conf)
@@ -1878,6 +1880,11 @@ class TestDnsmasq(TestBase):
         self.assertTrue(dhcp.Dnsmasq.should_enable_metadata(
             self.conf, FakeV4MetadataNetwork()))
 
+    def test_should_force_metadata_returns_true(self):
+        self.conf.set_override("force_metadata", True)
+        self.assertTrue(dhcp.Dnsmasq.should_enable_metadata(self.conf,
+                                                            mock.ANY))
+
 
 class TestDeviceManager(TestConfBase):