Expose metadata config options

Expose the 'enable_metadata_network' and 'enable_isolated_metadata'
configuration options. enable_isolated_metadata enables metadata the
metadata service on networks with no router port.

Change-Id: If773109007a456385adebf295d044247417135db
Closes-Bug: 1514901

config.yaml

@@ -268,3 +268,14 @@ options:
     description: |
       Experimental enable apparmor profile. Valid settings: 'complain', 'enforce' or 'disable'.
       AA disabled by default.
+  enable-metadata-network:
+    type: boolean
+    default: False
+    description: |
+      The metadata network is used by solutions which do not leverage the l3
+      agent for providing access to the metadata service.
+  enable-isolated-metadata:
+    type: boolean
+    default: False
+    description: |
+      Enable metadata on an isolated network (no router ports).

hooks/neutron_contexts.py

@@ -93,6 +93,8 @@ class NeutronGatewayContext(NeutronAPIContext):
             'enable_l3ha': api_settings['enable_l3ha'],
             'overlay_network_type':
             api_settings['overlay_network_type'],
+            'enable_metadata_network': config('enable-metadata-network'),
+            'enable_isolated_metadata': config('enable-isolated-metadata'),
         }
 
         fallback = get_host_ip(unit_get('private-address'))
@@ -131,6 +133,12 @@ class NeutronGatewayContext(NeutronAPIContext):
             ctxt['network_device_mtu'] = net_dev_mtu
             ctxt['veth_mtu'] = net_dev_mtu
 
+        # Override user supplied config for these plugins as these settings are
+        # mandatory
+        if ctxt['plugin'] in ['nvp', 'nsx', 'n1kv']:
+            ctxt['enable_metadata_network'] = True
+            ctxt['enable_isolated_metadata'] = True
+
         return ctxt
 
 

templates/mitaka/dhcp_agent.ini

@@ -0,0 +1,24 @@
+###############################################################################
+# [ WARNING ]
+# Configuration file maintained by Juju. Local changes may be overwritten.
+###############################################################################
+[DEFAULT]
+state_path = /var/lib/neutron
+interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
+root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
+
+{% if instance_mtu or dnsmasq_flags -%}
+dnsmasq_config_file = /etc/neutron/dnsmasq.conf
+{% endif -%}
+
+enable_metadata_network = {{ enable_metadata_network }}
+enable_isolated_metadata = {{ enable_isolated_metadata }}
+
+{% if plugin == 'n1kv' %}
+resync_interval = 30
+use_namespaces = True
+dhcp_lease_time=3600
+{% else %}
+ovs_use_veth = True
+{% endif %}

unit_tests/test_neutron_contexts.py

@@ -166,6 +166,8 @@ class TestNeutronGatewayContext(CharmTestCase):
             'vlan_ranges': 'physnet1:1000:2000,physnet2:2001:3000',
             'network_device_mtu': 9000,
             'veth_mtu': 9000,
+            'enable_isolated_metadata': False,
+            'enable_metadata_network': False,
             'dnsmasq_flags': {
                 'dhcp-userclass': 'set:ipxe,iPXE',
                 'dhcp-match': 'set:ipxe,175'
@@ -216,12 +218,41 @@ class TestNeutronGatewayContext(CharmTestCase):
             'vlan_ranges': 'physnet1:1000:2000,physnet2:2001:3000',
             'network_device_mtu': 9000,
             'veth_mtu': 9000,
+            'enable_isolated_metadata': False,
+            'enable_metadata_network': False,
             'dnsmasq_flags': {
                 'dhcp-userclass': 'set:ipxe,iPXE',
                 'dhcp-match': 'set:ipxe,175'
             }
         })
 
+    @patch('charmhelpers.contrib.openstack.context.relation_get')
+    @patch('charmhelpers.contrib.openstack.context.related_units')
+    @patch('charmhelpers.contrib.openstack.context.relation_ids')
+    @patch.object(neutron_contexts, 'get_shared_secret')
+    def test_dhcp_settings(self, _secret, _rids, _runits, _rget):
+        self.test_config.set('enable-isolated-metadata', True)
+        self.test_config.set('enable-metadata-network', True)
+        self.network_get_primary_address.return_value = '192.168.20.2'
+        self.unit_get.return_value = '10.5.0.1'
+        ctxt = neutron_contexts.NeutronGatewayContext()()
+        self.assertTrue(ctxt['enable_isolated_metadata'])
+        self.assertTrue(ctxt['enable_metadata_network'])
+
+    @patch('charmhelpers.contrib.openstack.context.relation_get')
+    @patch('charmhelpers.contrib.openstack.context.related_units')
+    @patch('charmhelpers.contrib.openstack.context.relation_ids')
+    @patch.object(neutron_contexts, 'get_shared_secret')
+    def test_dhcp_setting_plug_override(self, _secret, _rids, _runits, _rget):
+        self.test_config.set('plugin', 'nsx')
+        self.test_config.set('enable-isolated-metadata', False)
+        self.test_config.set('enable-metadata-network', False)
+        self.network_get_primary_address.return_value = '192.168.20.2'
+        self.unit_get.return_value = '10.5.0.1'
+        ctxt = neutron_contexts.NeutronGatewayContext()()
+        self.assertTrue(ctxt['enable_isolated_metadata'])
+        self.assertTrue(ctxt['enable_metadata_network'])
+
 
 class TestSharedSecret(CharmTestCase):