-
Notifications
You must be signed in to change notification settings - Fork 96
If using External Router topology then determine external network ID when adding floating IP and explicitly pass it to rtwo #624
If using External Router topology then determine external network ID when adding floating IP and explicitly pass it to rtwo #624
Conversation
Tested on atmobeta with only one external network, and with multiple external networks; removing WIP label. |
service/tasks/driver.py
Outdated
== "External Router Topology": | ||
# Determine correct external network based on external gateway | ||
# info of the identity's public router | ||
public_router_name = identity.credentials['router_name'] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be identity.get_credential('router_name')
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rtwo identity objects don't have a .get_credential
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I confused identity with core_identity. The credentials object actually exists in the core_identity model, the rtwo identity's credentials is just a copy, so core_identity.get_credential('router_name')
. I do not know why the rtwo Identity class exists.
floating_ip = \ | ||
network_driver.associate_floating_ip(instance_alias) | ||
floating_ip_addr = \ | ||
floating_ip["floating_ip_address"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should instead store the external_network in the identity's credentials. add_floating_ip
doesn't need to be responsible for looking this up every time we add a floating.
Could be something like:
associate_args = (instance_alias,)
if core_identity.provider.cloud_config['network']['topology'] \
== "External Router Topology":
external_network_id = identity.get_credential('external_network_id')
associate_args = (instance_alias, external_network_id)
floating_ip = network_driver.associate_floating_ip(*associate_args)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case, what do you think should be responsible for looking up the appropriate external network for an identity's router, and setting that in the identity's credentials? Should that be done when an identity is created? If so, we'd also need some on-demand process to set external networks for existing identities.
What if the above logic was moved to some helper function (e.g. get_external_network
) that was called by add_floating_ip
-- do you think that would suffice?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll take a look at this today.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm okay with this change, there are larger fish to fry.
if router['name'] == public_router_name: | ||
public_router = router | ||
if not public_router: | ||
raise Exception("Could not find a router matching" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should include router_name, and username in this exception for the traceback to be more valuable
c851263
to
970dc4e
Compare
public_router = router | ||
if not public_router: | ||
raise Exception("Could not find a router matching" | ||
" public_router name {} for user {}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made a small change to remove the specific numeric reference inside each {}
which is only primarily useful when you want them to appear in a different order than listed, or more than once.
076ba45
to
7c6370d
Compare
…when adding floating IP and explicitly pass it to rtwo
7c6370d
to
076ba45
Compare
…ram to associate_floating_ip
076ba45
to
25168db
Compare
== "External Router Topology": | ||
# Determine correct external network based on external gateway | ||
# info of the identity's public router | ||
public_router_name = core_identity.get_credential('router_name') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I meant to say core_identity earlier in my previous comment. If you do a quick search in the codebase the credentials object is never accessed off an rtwo identity, its a copy of the credental set model on the core identity.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I realized just before merging, that rtwo was never upgraded to the necessary version. I tacked on a commit to do this. Can you test in a way that requires the proper version of rtwo to be loaded? Does jtc have more than one external network?
@cdosborn before testing, I manually patched rtwo with the version that accepts an external network ID in |
You can try it out now on JTC if you wish :) |
Right, obviously you tested with the right rtwo version, or this wouldn't have worked. LTGM |
Description
Problem: When creating a floating IP address and associating it to an instance, rtwo chooses an arbitrary external network (the first one that happens to be returned from the API). If there are multiple extrenal networks, rtwo may select a network which is unreachable from the user's private network (no router connects them).
Solution: When using external router topology, determine the correct external network (based on the user's assigned public router) and explicitly specity it when creating a floating IP address.
Co-depends on rtwo #27
Checklist before merging Pull Requests
New test(s) included to reproduce the bug/verify the featureDocumentation created/updated (include links)If creating/modifying DB models which will contain secrets or sensitive information, PR to clank updating sanitation queries inroles/sanitary-sql-access/templates/sanitize-dump.sh.j2
New variables supported in ClankNew variables committed to secrets repos