If using External Router topology then determine external network ID when adding floating IP and explicitly pass it to rtwo #624
Conversation
c-mart
changed the title
|
Tested on atmobeta with only one external network, and with multiple external networks; removing WIP label. |
c-mart
changed the title
service/tasks/driver.py
Outdated
| == "External Router Topology": | ||
| # Determine correct external network based on external gateway | ||
| # info of the identity's public router | ||
| public_router_name = identity.credentials['router_name'] |
There was a problem hiding this comment.
Should be identity.get_credential('router_name')
There was a problem hiding this comment.
rtwo identity objects don't have a .get_credential
There was a problem hiding this comment.
I confused identity with core_identity. The credentials object actually exists in the core_identity model, the rtwo identity's credentials is just a copy, so core_identity.get_credential('router_name'). I do not know why the rtwo Identity class exists.
| floating_ip = \ | ||
| network_driver.associate_floating_ip(instance_alias) | ||
| floating_ip_addr = \ | ||
| floating_ip["floating_ip_address"] |
There was a problem hiding this comment.
I think we should instead store the external_network in the identity's credentials. add_floating_ip doesn't need to be responsible for looking this up every time we add a floating.
Could be something like:
associate_args = (instance_alias,)
if core_identity.provider.cloud_config['network']['topology'] \
== "External Router Topology":
external_network_id = identity.get_credential('external_network_id')
associate_args = (instance_alias, external_network_id)
floating_ip = network_driver.associate_floating_ip(*associate_args)
There was a problem hiding this comment.
In that case, what do you think should be responsible for looking up the appropriate external network for an identity's router, and setting that in the identity's credentials? Should that be done when an identity is created? If so, we'd also need some on-demand process to set external networks for existing identities.
What if the above logic was moved to some helper function (e.g. get_external_network) that was called by add_floating_ip -- do you think that would suffice?
There was a problem hiding this comment.
I'll take a look at this today.
There was a problem hiding this comment.
I'm okay with this change, there are larger fish to fry.
| if router['name'] == public_router_name: | ||
| public_router = router | ||
| if not public_router: | ||
| raise Exception("Could not find a router matching" |
There was a problem hiding this comment.
Should include router_name, and username in this exception for the traceback to be more valuable
cdosborn
force-pushed
the
handle-multiple-external-networks
branch
from
c851263
to
970dc4e
Compare
| public_router = router | ||
| if not public_router: | ||
| raise Exception("Could not find a router matching" | ||
| " public_router name {} for user {}" |
There was a problem hiding this comment.
I made a small change to remove the specific numeric reference inside each {} which is only primarily useful when you want them to appear in a different order than listed, or more than once.
cdosborn
force-pushed
the
handle-multiple-external-networks
branch
from
076ba45
to
7c6370d
Compare
…when adding floating IP and explicitly pass it to rtwo
cdosborn
force-pushed
the
handle-multiple-external-networks
branch
from
7c6370d
to
076ba45
Compare
…ram to associate_floating_ip
cdosborn
force-pushed
the
handle-multiple-external-networks
branch
from
076ba45
to
25168db
Compare
| == "External Router Topology": | ||
| # Determine correct external network based on external gateway | ||
| # info of the identity's public router | ||
| public_router_name = core_identity.get_credential('router_name') |
There was a problem hiding this comment.
I meant to say core_identity earlier in my previous comment. If you do a quick search in the codebase the credentials object is never accessed off an rtwo identity, its a copy of the credental set model on the core identity.
|
@cdosborn before testing, I manually patched rtwo with the version that accepts an external network ID in |
|
You can try it out now on JTC if you wish :) |
|
Right, obviously you tested with the right rtwo version, or this wouldn't have worked. LTGM |
Description
Problem: When creating a floating IP address and associating it to an instance, rtwo chooses an arbitrary external network (the first one that happens to be returned from the API). If there are multiple extrenal networks, rtwo may select a network which is unreachable from the user's private network (no router connects them).
Solution: When using external router topology, determine the correct external network (based on the user's assigned public router) and explicitly specity it when creating a floating IP address.
Co-depends on rtwo #27
Checklist before merging Pull Requests
New test(s) included to reproduce the bug/verify the featureDocumentation created/updated (include links)If creating/modifying DB models which will contain secrets or sensitive information, PR to clank updating sanitation queries inroles/sanitary-sql-access/templates/sanitize-dump.sh.j2New variables supported in ClankNew variables committed to secrets repos