From b7cb3b7523b70dd94135f07b6307fa48563119f8 Mon Sep 17 00:00:00 2001 From: Michael Still Date: Tue, 4 Jul 2017 18:19:44 +1000 Subject: [PATCH] Only setup iptables for metadata if using nova-net As discussed in the bug report, we setup iptables rules for the metadata service even if we're using neutron (which routes to metadata in a different way). This is because of the split-brain behaviour of the network driver interface versus the network API interface. Instead, only setup iptables if we are _not_ using neutron. Change-Id: I43df9200aba1018d2c7cd2f118864326af15fd42 Closes-Bug: #1687187 --- nova/api/manager.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/nova/api/manager.py b/nova/api/manager.py index f254475cc2d4..32f800e1b5a3 100644 --- a/nova/api/manager.py +++ b/nova/api/manager.py @@ -16,6 +16,7 @@ from nova import manager from nova.network import driver +from nova import utils class MetadataManager(manager.Manager): @@ -26,5 +27,10 @@ class MetadataManager(manager.Manager): """ def __init__(self, *args, **kwargs): super(MetadataManager, self).__init__(*args, **kwargs) - self.network_driver = driver.load_network_driver() - self.network_driver.metadata_accept() + + if not utils.is_neutron(): + # NOTE(mikal): we only add iptables rules if we're running + # under nova-network. This code should go away when the + # deprecation of nova-network is complete. + self.network_driver = driver.load_network_driver() + self.network_driver.metadata_accept()