From: Hui HX Xiang <xianghui@cn.ibm.com>
Date: Sun, 8 Sep 2013 02:51:42 +0000 (-0700)
Subject: Don't add neutron metadata_nat_rules if disable metadata proxy
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=84d73ec5999339919c937687c81de77732886bd4;p=openstack-build%2Fneutron-build.git

Don't add neutron metadata_nat_rules if disable metadata proxy

This patchset fixes this issue by adding a condition when adding nat
rules of neutron metadata proxy.

fixes bug #1212168

Change-Id: I99775aad73c49a8df3043690440d214614279a2b
---

diff --git a/neutron/agent/l3_agent.py b/neutron/agent/l3_agent.py
index 26c613fb2..f5900806c 100644
--- a/neutron/agent/l3_agent.py
+++ b/neutron/agent/l3_agent.py
@@ -534,9 +534,10 @@ class L3NATAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, manager.Manager):
 
     def metadata_nat_rules(self):
         rules = []
-        rules.append(('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
-                     '-p tcp -m tcp --dport 80 -j REDIRECT '
-                     '--to-port %s' % self.conf.metadata_port))
+        if self.conf.enable_metadata_proxy:
+            rules.append(('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
+                          '-p tcp -m tcp --dport 80 -j REDIRECT '
+                          '--to-port %s' % self.conf.metadata_port))
         return rules
 
     def external_gateway_nat_rules(self, ex_gw_ip, internal_cidrs,
diff --git a/neutron/tests/unit/test_l3_agent.py b/neutron/tests/unit/test_l3_agent.py
index 010a20084..e4057d354 100644
--- a/neutron/tests/unit/test_l3_agent.py
+++ b/neutron/tests/unit/test_l3_agent.py
@@ -634,6 +634,18 @@ class TestBasicRouterOperations(base.BaseTestCase):
     def test_disable_metadata_proxy_spawn(self):
         self._configure_metadata_proxy(enableflag=False)
 
+    def test_metadata_nat_rules(self):
+        self.conf.set_override('enable_metadata_proxy', False)
+        agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+        self.assertEqual([], agent.metadata_nat_rules())
+
+        self.conf.set_override('metadata_port', '8775')
+        self.conf.set_override('enable_metadata_proxy', True)
+        agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+        rules = ('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 '
+                 '-p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775')
+        self.assertEqual([rules], agent.metadata_nat_rules())
+
 
 class TestL3AgentEventHandler(base.BaseTestCase):