Only validate admin and public host in local_subnet cidr

When multiple subnets are configured validations where failing becuase the admin and public host addresses where checked for all subnets. The admin and public host addresses should only be validated against the cidr of the local_subnet. Closes-Bug: #1791088 Change-Id: Ie9a6f88cc449c135593a0df0426e4d8054b38183 (cherry picked from commit c0c66a93c0)
2018-09-06 14:56:40 +02:00 · 2018-09-06 14:56:40 +02:00 · 9fd921b5fc
parent cb976f6729
commit 9fd921b5fc
2 changed files with 22 additions and 16 deletions
--- a/releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml
+++ b/releasenotes/notes/fix-container-undercloud-validations-admin-host-only-against-local-subnet-5e98a220e01e6c19.yaml
@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixes a validation issue, validation would fail when multiple ctlplane
+    subnets were defined in ``undercloud.conf``.
+    `Bug: 1791088 <https://bugs.launchpad.net/tripleo/+bug/1791088>`_.
--- a/tripleoclient/v1/undercloud_preflight.py
+++ b/tripleoclient/v1/undercloud_preflight.py
@ -216,25 +216,25 @@ def _validate_in_cidr(subnet_props, subnet_name):
                LOG.error(message)
                raise FailedValidation(message)

+    validate_addr_in_cidr(subnet_props.gateway, 'gateway')
+    validate_addr_in_cidr(subnet_props.dhcp_start, 'dhcp_start')
+    validate_addr_in_cidr(subnet_props.dhcp_end, 'dhcp_end')
    if subnet_name == CONF.local_subnet:
        validate_addr_in_cidr(str(netaddr.IPNetwork(CONF.local_ip).ip),
                              'local_ip')
-    validate_addr_in_cidr(subnet_props.gateway, 'gateway')
-    # NOTE(bnemec): The ui needs to be externally accessible, which means in
-    # many cases we can't have the public vip on the provisioning network.
-    # In that case users are on their own to ensure they've picked valid
-    # values for the VIP hosts.
-    if ((CONF.undercloud_service_certificate or
-            CONF.generate_service_certificate) and
-            not CONF.enable_ui):
-        validate_addr_in_cidr(CONF['undercloud_public_host'],
-                              'undercloud_public_host',
-                              require_ip=False, log_only=True)
-        validate_addr_in_cidr(CONF['undercloud_admin_host'],
-                              'undercloud_admin_host',
-                              require_ip=False)
-    validate_addr_in_cidr(subnet_props.dhcp_start, 'dhcp_start')
-    validate_addr_in_cidr(subnet_props.dhcp_end, 'dhcp_end')
+        # NOTE(bnemec): The ui needs to be externally accessible, which means
+        # in many cases we can't have the public vip on the provisioning
+        # network. In that case users are on their own to ensure they've picked
+        # valid values for the VIP hosts.
+        if ((CONF.undercloud_service_certificate or
+             CONF.generate_service_certificate) and
+                not CONF.enable_ui):
+            validate_addr_in_cidr(CONF['undercloud_public_host'],
+                                  'undercloud_public_host',
+                                  require_ip=False, log_only=True)
+            validate_addr_in_cidr(CONF['undercloud_admin_host'],
+                                  'undercloud_admin_host',
+                                  require_ip=False)


 def _validate_dhcp_range(subnet_props):