From 697e74e41acc7129bb6b0937012209136cd4e01a Mon Sep 17 00:00:00 2001 From: Pierre Riteau Date: Fri, 2 Aug 2019 14:08:34 +0200 Subject: [PATCH] Stop allocating network and broadcast addresses When an allocation pool range is not defined by the operator, we should not include network and broadcast addresses in the list of IP addresses to give to hosts. Change-Id: Id6e14286b5eb2b767a515e7edfc56741fb8d2c78 Story: 2006267 Task: 35958 --- ansible/roles/ip-allocation/library/ip_allocation.py | 3 +++ doc/source/configuration/network.rst | 12 ++++++++---- .../restrict-ip-allocation-8e20022110c2283e.yaml | 5 +++++ 3 files changed, 16 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/restrict-ip-allocation-8e20022110c2283e.yaml diff --git a/ansible/roles/ip-allocation/library/ip_allocation.py b/ansible/roles/ip-allocation/library/ip_allocation.py index 0eb3ee944..9f30bad06 100644 --- a/ansible/roles/ip-allocation/library/ip_allocation.py +++ b/ansible/roles/ip-allocation/library/ip_allocation.py @@ -147,6 +147,9 @@ def update_allocation(module, allocations): allocation_pool = netaddr.IPSet(allocation_pool) else: allocation_pool = netaddr.IPSet([network]) + if network.prefixlen != 32: + reserved_ips = [network.network, network.broadcast] + allocation_pool -= netaddr.IPSet(reserved_ips) free_ips = allocation_pool - allocated_ips for free_cidr in free_ips.iter_cidrs(): ip = free_cidr[0] diff --git a/doc/source/configuration/network.rst b/doc/source/configuration/network.rst index 455568e07..04434cdf5 100644 --- a/doc/source/configuration/network.rst +++ b/doc/source/configuration/network.rst @@ -157,10 +157,12 @@ To configure a network called ``example`` with VLAN ID ``123``: IP Address Allocation ===================== -IP addresses are allocated automatically by Kayobe from the -allocation pool -defined by ``allocation_pool_start`` and ``allocation_pool_end``. The -allocated addresses are stored in +IP addresses are allocated automatically by Kayobe from the allocation pool +defined by ``allocation_pool_start`` and ``allocation_pool_end``. If these +variables are undefined, the entire network is used, except for network and +broadcast addresses. IP addresses are only allocated if the network ``cidr`` is +set and DHCP is not used (see ``bootproto`` in +:ref:`configuration-network-per-host`). The allocated addresses are stored in ``${KAYOBE_CONFIG_PATH}/network-allocation.yml`` using the global per-network attribute ``ips`` which maps Ansible inventory hostnames to allocated IPs. @@ -264,6 +266,8 @@ To configure a network called ``example`` with a default route and a - cidr: 10.1.0.0/24 table: exampleroutetable +.. _configuration-network-per-host: + Per-host Network Configuration ============================== diff --git a/releasenotes/notes/restrict-ip-allocation-8e20022110c2283e.yaml b/releasenotes/notes/restrict-ip-allocation-8e20022110c2283e.yaml new file mode 100644 index 000000000..6441f66f3 --- /dev/null +++ b/releasenotes/notes/restrict-ip-allocation-8e20022110c2283e.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - | + Stops allocating network and broadcast addresses to hosts when an allocation pool + is not defined.