[Neutron] use correct iface addresses on tunnel firewall rules

We need to get ipadresses of interfaces in CONFIG_NEUTRON_OVS_TUNNEL_IF to correctly set firewall rules for tunnels. ClosesBug: rhbz#1215638 Change-Id: I6235ba847e6e411d4487c45a7c5ff27d4a37c655
2015-06-09 08:18:43 -04:00 · 2015-06-09 08:18:43 -04:00 · d1211af056
parent a8c558e3ca
commit d1211af056
1 changed files with 17 additions and 1 deletions
--- a/packstack/plugins/neutron_350.py
+++ b/packstack/plugins/neutron_350.py
@ -578,7 +578,23 @@ def create_manifests(config, messages):
                fw_details = dict()
                key = "neutron_tunnel_%s_%s" % (host, n_host)
                fw_details.setdefault(key, {})
-                fw_details[key]['host'] = "%s" % n_host
+                if config['CONFIG_NEUTRON_OVS_TUNNEL_IF']:
+                    if config['CONFIG_USE_SUBNETS'] == 'y':
+                        iface = common.cidr_to_ifname(
+                            config['CONFIG_NEUTRON_OVS_TUNNEL_IF'],
+                            n_host, config)
+                    else:
+                        iface = config['CONFIG_NEUTRON_OVS_TUNNEL_IF']
+                    ifip = ("ipaddress_%s" % iface)
+                    try:
+                        src_host = config['HOST_DETAILS'][n_host][ifip]
+                    except KeyError:
+                        raise KeyError('Couldn\'t detect ipaddress of '
+                                       'interface %s on node %s' %
+                                       (iface, n_host))
+                else:
+                    src_host = n_host
+                fw_details[key]['host'] = "%s" % src_host
                fw_details[key]['service_name'] = "neutron tunnel port"
                fw_details[key]['chain'] = "INPUT"
                if use_openvswitch_vxlan(config):