Re-add missing iptables rule for metadata service
In patch [1] there were some lines that were missed out. Specifically an iptables rule and a cleanup line. This patch re-adds the rule and cleanup code. [1] https://review.openstack.org/#/c/583878/ Change-Id: I32045f60e205d59382ef3d98f845c4c1c8bea37f Partial-Bug: #1781376
This commit is contained in:
parent
0f05fc13d7
commit
945b1e368c
|
@ -184,10 +184,10 @@ function configure_df_metadata_service {
|
||||||
iniset $DRAGONFLOW_CONF df_metadata ip "$DF_METADATA_SERVICE_IP"
|
iniset $DRAGONFLOW_CONF df_metadata ip "$DF_METADATA_SERVICE_IP"
|
||||||
iniset $DRAGONFLOW_CONF df_metadata port "$DF_METADATA_SERVICE_PORT"
|
iniset $DRAGONFLOW_CONF df_metadata port "$DF_METADATA_SERVICE_PORT"
|
||||||
iniset $DRAGONFLOW_CONF df_metadata metadata_interface "$DF_METADATA_SERVICE_INTERFACE"
|
iniset $DRAGONFLOW_CONF df_metadata metadata_interface "$DF_METADATA_SERVICE_INTERFACE"
|
||||||
pushd $DRAGONFLOW_DIR
|
pushd $DRAGONFLOW_DIR
|
||||||
# TODO(snapiri) When we add more switch backends, this should be conditional
|
# TODO(snapiri) When we add more switch backends, this should be conditional
|
||||||
tools/ovs_metadata_service_deployment.sh install $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP
|
tools/ovs_metadata_service_deployment.sh install $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP $DF_METADATA_SERVICE_PORT
|
||||||
popd
|
popd
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -507,10 +507,10 @@ function stop_df_metadata_agent {
|
||||||
if is_service_enabled df-metadata ; then
|
if is_service_enabled df-metadata ; then
|
||||||
echo "Stopping Dragonflow metadata service"
|
echo "Stopping Dragonflow metadata service"
|
||||||
stop_process df-metadata
|
stop_process df-metadata
|
||||||
pushd $DRAGONFLOW_DIR
|
pushd $DRAGONFLOW_DIR
|
||||||
# TODO(snapiri) When we add more switch backends, this should be conditional
|
# TODO(snapiri) When we add more switch backends, this should be conditional
|
||||||
tools/ovs_metadata_service_deployment.sh remove $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
tools/ovs_metadata_service_deployment.sh remove $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
||||||
popd
|
popd
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,14 +3,16 @@
|
||||||
ACTION=$1; shift
|
ACTION=$1; shift
|
||||||
INTEGRATION_BRIDGE=${1:-"br-int"}; shift
|
INTEGRATION_BRIDGE=${1:-"br-int"}; shift
|
||||||
DF_METADATA_SERVICE_INTERFACE=${1:-"tap-metadata"}; shift
|
DF_METADATA_SERVICE_INTERFACE=${1:-"tap-metadata"}; shift
|
||||||
|
METADATA_ROUTE_TABLE_ID=2
|
||||||
|
|
||||||
function usage {
|
function usage {
|
||||||
cat>&2<<EOF
|
cat>&2<<EOF
|
||||||
USAGE: $0 <action> [<integration-bridge>] [<interface>] [<IP>]
|
USAGE: $0 <action> [<integration-bridge>] [<interface>] [<IP>] [<port>]
|
||||||
action - install / remove
|
action - install / remove
|
||||||
integration-bridge - name of the integration bridge (br-int)
|
integration-bridge - name of the integration bridge (br-int)
|
||||||
interface - name of the interface to add to the bridge (tap-metadata)
|
interface - name of the interface to add to the bridge (tap-metadata)
|
||||||
IP - address to assign to the interface (169.254.169.254)
|
IP - address to assign to the interface (169.254.169.254)
|
||||||
|
port - port to listen on (18080)
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -22,15 +24,18 @@ fi
|
||||||
case $ACTION in
|
case $ACTION in
|
||||||
install)
|
install)
|
||||||
DF_METADATA_SERVICE_IP=${1:-"169.254.169.254"}; shift
|
DF_METADATA_SERVICE_IP=${1:-"169.254.169.254"}; shift
|
||||||
|
DF_METADATA_SERVICE_PORT=${1:-18080}; shift
|
||||||
|
|
||||||
sudo ovs-vsctl add-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE -- set Interface $DF_METADATA_SERVICE_INTERFACE type=internal
|
sudo ovs-vsctl add-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE -- set Interface $DF_METADATA_SERVICE_INTERFACE type=internal
|
||||||
sudo ip addr add dev $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP/0
|
sudo ip addr add dev $DF_METADATA_SERVICE_INTERFACE $DF_METADATA_SERVICE_IP/0
|
||||||
sudo ip link set dev $DF_METADATA_SERVICE_INTERFACE up
|
sudo ip link set dev $DF_METADATA_SERVICE_INTERFACE up
|
||||||
sudo ip route add 0.0.0.0/0 dev $DF_METADATA_SERVICE_INTERFACE table 2
|
sudo ip route add 0.0.0.0/0 dev $DF_METADATA_SERVICE_INTERFACE table ${METADATA_ROUTE_TABLE_ID}
|
||||||
sudo ip rule add from $DF_METADATA_SERVICE_IP table 2
|
sudo ip rule add from $DF_METADATA_SERVICE_IP table ${METADATA_ROUTE_TABLE_ID}
|
||||||
|
sudo iptables -I INPUT -i $INTEGRATION_BRIDGE -p tcp --dport ${DF_METADATA_SERVICE_PORT} -j ACCEPT
|
||||||
;;
|
;;
|
||||||
remove)
|
remove)
|
||||||
sudo ovs-vsctl del-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
sudo ovs-vsctl del-port $INTEGRATION_BRIDGE $DF_METADATA_SERVICE_INTERFACE
|
||||||
|
sudo ip rule del from $DF_METADATA_SERVICE_IP table ${METADATA_ROUTE_TABLE_ID}
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
usage
|
usage
|
||||||
|
|
Loading…
Reference in New Issue