Merge "Skip IPv6 sysctl calls when IPv6 is disabled"

neutron/agent/linux/dhcp.py

@@ -39,6 +39,7 @@ from neutron.agent.linux import ip_lib
 from neutron.agent.linux import iptables_manager
 from neutron.cmd import runtime_checks as checks
 from neutron.common import constants as n_const
+from neutron.common import ipv6_utils
 from neutron.common import utils as common_utils
 from neutron.ipam import utils as ipam_utils
 
@@ -1430,8 +1431,9 @@ class DeviceManager(object):
         # and added back statically in the call to init_l3() below.
         if network.namespace:
             ip_lib.IPWrapper().ensure_namespace(network.namespace)
-        self.driver.configure_ipv6_ra(network.namespace, 'default',
-                                      n_const.ACCEPT_RA_DISABLED)
+        if ipv6_utils.is_enabled_and_bind_by_default():
+            self.driver.configure_ipv6_ra(network.namespace, 'default',
+                                          n_const.ACCEPT_RA_DISABLED)
 
         if ip_lib.ensure_device_is_ready(interface_name,
                                          namespace=network.namespace):

neutron/agent/linux/ip_lib.py

@@ -31,6 +31,7 @@ import six
 from neutron._i18n import _
 from neutron.agent.common import utils
 from neutron.common import exceptions as n_exc
+from neutron.common import ipv6_utils
 from neutron.common import utils as common_utils
 from neutron.privileged.agent.linux import ip_lib as privileged
 
@@ -332,6 +333,8 @@ class IPDevice(SubProcessBase):
                           " floatingip %s", ip_str)
 
     def disable_ipv6(self):
+        if not ipv6_utils.is_enabled_and_bind_by_default():
+            return
         sysctl_name = re.sub(r'\.', '/', self.name)
         cmd = ['net.ipv6.conf.%s.disable_ipv6=1' % sysctl_name]
         return sysctl(cmd, namespace=self.namespace)

neutron/tests/unit/agent/linux/test_ip_lib.py

@@ -1754,3 +1754,28 @@ class TestSetIpNonlocalBindForHaNamespace(base.BaseTestCase):
         """Make sure message is formatted correctly."""
         with mock.patch.object(ip_lib, 'set_ip_nonlocal_bind', return_value=1):
             ip_lib.set_ip_nonlocal_bind_for_namespace('foo')
+
+
+class TestSysctl(base.BaseTestCase):
+    def setUp(self):
+        super(TestSysctl, self).setUp()
+        self.execute_p = mock.patch.object(ip_lib.IpNetnsCommand, 'execute')
+        self.execute = self.execute_p.start()
+
+    def test_disable_ipv6_when_ipv6_globally_enabled(self):
+        dev = ip_lib.IPDevice('tap0', 'ns1')
+        with mock.patch.object(ip_lib.ipv6_utils,
+                               'is_enabled_and_bind_by_default',
+                               return_value=True):
+            dev.disable_ipv6()
+            self.execute.assert_called_once_with(
+                ['sysctl', '-w', 'net.ipv6.conf.tap0.disable_ipv6=1'],
+                log_fail_as_error=True, run_as_root=True)
+
+    def test_disable_ipv6_when_ipv6_globally_disabled(self):
+        dev = ip_lib.IPDevice('tap0', 'ns1')
+        with mock.patch.object(ip_lib.ipv6_utils,
+                               'is_enabled_and_bind_by_default',
+                               return_value=False):
+            dev.disable_ipv6()
+            self.assertFalse(self.execute.called)