Merge "NSX|V: enable binding floating ip's per AZ"
This commit is contained in:
commit
f001513e7f
@ -0,0 +1,10 @@
|
||||
---
|
||||
prelude: >
|
||||
Enable 'bind_floatingip_to_all_interfaces' to be configured per
|
||||
availability zone.
|
||||
features:
|
||||
- |
|
||||
Enable 'bind_floatingip_to_all_interfaces' to be configured per
|
||||
availability zone. This will enable an admin to ensure that an AZ
|
||||
can have flotaing IP's configured on all edge vNICS. This enables VM's
|
||||
on the same subnet to communicate via floating IP's.
|
@ -777,6 +777,12 @@ nsxv_az_opts = [
|
||||
cfg.BoolOpt('exclusive_dhcp_edge',
|
||||
default=False,
|
||||
help=_("(Optional) Have exclusive DHCP edge per network.")),
|
||||
cfg.BoolOpt('bind_floatingip_to_all_interfaces', default=False,
|
||||
help=_("If set to False, router will associate floating ip "
|
||||
"with external interface of only, thus denying "
|
||||
"connectivity between hosts on same network via "
|
||||
"their floating ips. If True, floating ip will "
|
||||
"be associated with all router interfaces.")),
|
||||
]
|
||||
|
||||
# define the configuration of each NSX-V3 availability zone.
|
||||
|
@ -67,6 +67,8 @@ class NsxVAvailabilityZone(common_az.ConfiguredAvailabilityZone):
|
||||
self.dvs_id = cfg.CONF.nsxv.dvs_id
|
||||
self.edge_host_groups = cfg.CONF.nsxv.edge_host_groups
|
||||
self.exclusive_dhcp_edge = cfg.CONF.nsxv.exclusive_dhcp_edge
|
||||
self.bind_floatingip_to_all_interfaces = (
|
||||
cfg.CONF.nsxv.bind_floatingip_to_all_interfaces)
|
||||
|
||||
# No support for metadata per az
|
||||
self.az_metadata_support = False
|
||||
@ -135,6 +137,8 @@ class NsxVAvailabilityZone(common_az.ConfiguredAvailabilityZone):
|
||||
self.edge_host_groups = cfg.CONF.nsxv.edge_host_groups
|
||||
|
||||
self.exclusive_dhcp_edge = az_info.get('exclusive_dhcp_edge', False)
|
||||
self.bind_floatingip_to_all_interfaces = az_info.get(
|
||||
'bind_floatingip_to_all_interfaces', False)
|
||||
|
||||
# Support for metadata per az only if configured, and different
|
||||
# from the global one
|
||||
@ -195,6 +199,8 @@ class NsxVAvailabilityZone(common_az.ConfiguredAvailabilityZone):
|
||||
self.dvs_id = cfg.CONF.nsxv.dvs_id
|
||||
self.edge_host_groups = cfg.CONF.nsxv.edge_host_groups
|
||||
self.exclusive_dhcp_edge = cfg.CONF.nsxv.exclusive_dhcp_edge
|
||||
self.bind_floatingip_to_all_interfaces = (
|
||||
cfg.CONF.nsxv.bind_floatingip_to_all_interfaces)
|
||||
|
||||
def supports_metadata(self):
|
||||
# Return True if this az has it's own metadata configuration
|
||||
|
@ -24,6 +24,7 @@ from neutron_lib.callbacks import registry
|
||||
from vmware_nsx._i18n import _
|
||||
from vmware_nsx.common import exceptions as nsxv_exc
|
||||
from vmware_nsx.common import nsxv_constants
|
||||
from vmware_nsx.plugins.nsx_v import availability_zones as nsx_az
|
||||
from vmware_nsx.plugins.nsx_v.vshield import edge_utils
|
||||
|
||||
|
||||
@ -76,6 +77,7 @@ class RouterBaseDriver(RouterAbstractDriver):
|
||||
self.nsx_v = plugin.nsx_v
|
||||
self.edge_manager = plugin.edge_manager
|
||||
self.vcns = self.nsx_v.vcns
|
||||
self._availability_zones = nsx_az.NsxVAvailabilityZones()
|
||||
|
||||
def _notify_after_router_edge_association(self, context, router):
|
||||
registry.notify(nsxv_constants.SERVICE_EDGE, events.AFTER_CREATE,
|
||||
|
@ -211,6 +211,9 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
|
||||
|
||||
def _update_nat_rules_on_routers(self, context,
|
||||
target_router_id, router_ids):
|
||||
edge_id, az_name = self.plugin._get_edge_id_and_az_by_rtr_id(
|
||||
context, target_router_id)
|
||||
az = self._availability_zones.get_availability_zone(az_name)
|
||||
snats = []
|
||||
dnats = []
|
||||
vnics_by_router = self._get_all_routers_vnic_indices(
|
||||
@ -222,7 +225,7 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
|
||||
snat, dnat = self.plugin._get_nat_rules(context, router)
|
||||
snats.extend(snat)
|
||||
dnats.extend(dnat)
|
||||
if (not cfg.CONF.nsxv.bind_floatingip_to_all_interfaces and
|
||||
if (not az.bind_floatingip_to_all_interfaces and
|
||||
len(dnat) > 0):
|
||||
# Copy each DNAT rule to all vnics of the other routers,
|
||||
# to allow NAT-ed traffic between routers
|
||||
@ -241,7 +244,7 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
|
||||
dnats.extend([new_rule])
|
||||
|
||||
edge_utils.update_nat_rules(
|
||||
self.nsx_v, context, target_router_id, snats, dnats)
|
||||
self.nsx_v, context, target_router_id, snats, dnats, az=az)
|
||||
|
||||
def _update_external_interface_on_routers(self, context,
|
||||
target_router_id, router_ids):
|
||||
|
@ -2393,10 +2393,13 @@ def delete_interface(nsxv_manager, context, router_id, network_id, dist=False):
|
||||
context.session, edge_id, network_id)
|
||||
|
||||
|
||||
def update_nat_rules(nsxv_manager, context, router_id, snat, dnat):
|
||||
def update_nat_rules(nsxv_manager, context, router_id, snat, dnat, az=None):
|
||||
binding = nsxv_db.get_nsxv_router_binding(context.session, router_id)
|
||||
if binding:
|
||||
bind_to_all = cfg.CONF.nsxv.bind_floatingip_to_all_interfaces
|
||||
if not az:
|
||||
azs = nsx_az.NsxVAvailabilityZones()
|
||||
az = azs.get_availability_zone(binding['availability_zone'])
|
||||
bind_to_all = az.bind_floatingip_to_all_interfaces
|
||||
|
||||
indices = None
|
||||
if bind_to_all:
|
||||
|
Loading…
Reference in New Issue
Block a user