Configure NAT with baremetal when necessary

We currently only enable NAT on undercloud for virtual deployments.
However, there could be a case where a baremetal deployment also needs
NAT as it is not using an interface on the overcloud nodes with external
access. Therefore this patch changes the behavior to configure NAT when
the gateway of either the external or admin (when external is disabled)
network matches an IP assigned to the undercloud.

JIRA: APEX-605

Change-Id: I9c79af371913e6e5f0d39b433f68205bc7e106c5
Signed-off-by: Tim Rozet <trozet@redhat.com>

diff --git a/apex/tests/test_apex_undercloud.py b/apex/tests/test_apex_undercloud.py
index fce7a55..9bc91e5 100644 (file)
--- a/apex/tests/test_apex_undercloud.py
+++ b/apex/tests/test_apex_undercloud.py
@@ -24,6 +24,7 @@ from nose.tools import (
     assert_regexp_matches,
     assert_raises,
     assert_true,
+    assert_false,
     assert_equal)
 
 
@@ -114,6 +115,105 @@ class TestUndercloud(unittest.TestCase):
         mock_set_ip.return_value = False
         assert_raises(ApexUndercloudException, uc.start)
 
+    @patch('apex.undercloud.undercloud.utils')
+    @patch.object(Undercloud, 'generate_config', return_value={})
+    @patch.object(Undercloud, '_get_vm', return_value=None)
+    @patch.object(Undercloud, 'create')
+    def test_detect_nat_with_external(self, mock_create, mock_get_vm,
+                                      mock_generate_config, mock_utils):
+        ns = MagicMock()
+        ns.enabled_network_list = ['admin', 'external']
+        ns_dict = {
+            'apex': MagicMock(),
+            'dns-domain': 'dns',
+            'networks': {'admin':
+                         {'cidr': ipaddress.ip_network('192.0.2.0/24'),
+                          'installer_vm': {'ip': '192.0.2.1',
+                                           'vlan': 'native'},
+                          'dhcp_range': ['192.0.2.15', '192.0.2.30'],
+                          'gateway': '192.1.1.1',
+                          },
+                         'external':
+                         [{'enabled': True,
+                           'cidr': ipaddress.ip_network('192.168.0.0/24'),
+                          'installer_vm': {'ip': '192.168.0.1',
+                                           'vlan': 'native'},
+                           'gateway': '192.168.0.1'
+                           }]
+                         }
+        }
+        ns.__getitem__.side_effect = ns_dict.__getitem__
+        ns.__contains__.side_effect = ns_dict.__contains__
+
+        uc = Undercloud('img_path', 'tplt_path', external_network=True)
+        assert_true(uc.detect_nat(ns))
+
+    @patch('apex.undercloud.undercloud.utils')
+    @patch.object(Undercloud, 'generate_config', return_value={})
+    @patch.object(Undercloud, '_get_vm', return_value=None)
+    @patch.object(Undercloud, 'create')
+    def test_detect_nat_no_external(self, mock_create, mock_get_vm,
+                                    mock_generate_config, mock_utils):
+        ns = MagicMock()
+        ns.enabled_network_list = ['admin', 'external']
+        ns_dict = {
+            'apex': MagicMock(),
+            'dns-domain': 'dns',
+            'networks': {'admin':
+                         {'cidr': ipaddress.ip_network('192.0.2.0/24'),
+                          'installer_vm': {'ip': '192.0.2.1',
+                                           'vlan': 'native'},
+                          'dhcp_range': ['192.0.2.15', '192.0.2.30'],
+                          'gateway': '192.0.2.1',
+                          },
+                         'external':
+                         [{'enabled': False,
+                           'cidr': ipaddress.ip_network('192.168.0.0/24'),
+                          'installer_vm': {'ip': '192.168.0.1',
+                                           'vlan': 'native'},
+                           'gateway': '192.168.1.1'
+                           }]
+                         }
+        }
+        ns.__getitem__.side_effect = ns_dict.__getitem__
+        ns.__contains__.side_effect = ns_dict.__contains__
+
+        uc = Undercloud('img_path', 'tplt_path', external_network=False)
+        assert_true(uc.detect_nat(ns))
+
+    @patch('apex.undercloud.undercloud.utils')
+    @patch.object(Undercloud, 'generate_config', return_value={})
+    @patch.object(Undercloud, '_get_vm', return_value=None)
+    @patch.object(Undercloud, 'create')
+    def test_detect_no_nat_no_external(self, mock_create, mock_get_vm,
+                                       mock_generate_config, mock_utils):
+        ns = MagicMock()
+        ns.enabled_network_list = ['admin', 'external']
+        ns_dict = {
+            'apex': MagicMock(),
+            'dns-domain': 'dns',
+            'networks': {'admin':
+                         {'cidr': ipaddress.ip_network('192.0.2.0/24'),
+                          'installer_vm': {'ip': '192.0.2.1',
+                                           'vlan': 'native'},
+                          'dhcp_range': ['192.0.2.15', '192.0.2.30'],
+                          'gateway': '192.0.2.3',
+                          },
+                         'external':
+                         [{'enabled': False,
+                           'cidr': ipaddress.ip_network('192.168.0.0/24'),
+                          'installer_vm': {'ip': '192.168.0.1',
+                                           'vlan': 'native'},
+                           'gateway': '192.168.1.1'
+                           }]
+                         }
+        }
+        ns.__getitem__.side_effect = ns_dict.__getitem__
+        ns.__contains__.side_effect = ns_dict.__contains__
+
+        uc = Undercloud('img_path', 'tplt_path', external_network=False)
+        assert_false(uc.detect_nat(ns))
+
     @patch('apex.undercloud.undercloud.utils')
     @patch.object(Undercloud, 'generate_config', return_value={})
     @patch.object(Undercloud, '_get_vm', return_value=None)

diff --git a/apex/undercloud/undercloud.py b/apex/undercloud/undercloud.py
index 3cd1e70..d2de2de 100644 (file)
--- a/apex/undercloud/undercloud.py
+++ b/apex/undercloud/undercloud.py
@@ -124,6 +124,16 @@ class Undercloud:
                 "Unable to find IP for undercloud.  Check if VM booted "
                 "correctly")
 
+    def detect_nat(self, net_settings):
+        if self.external_net:
+            net = net_settings['networks'][constants.EXTERNAL_NETWORK][0]
+        else:
+            net = net_settings['networks'][constants.ADMIN_NETWORK]
+        if net['gateway'] == net['installer_vm']['ip']:
+            return True
+        else:
+            return False
+
     def configure(self, net_settings, deploy_settings,
                   playbook, apex_temp_dir, virtual_oc=False):
         """
@@ -141,7 +151,8 @@ class Undercloud:
         ansible_vars = Undercloud.generate_config(net_settings,
                                                   deploy_settings)
         ansible_vars['apex_temp_dir'] = apex_temp_dir
-        ansible_vars['virtual_overcloud'] = virtual_oc
+
+        ansible_vars['nat'] = self.detect_nat(net_settings)
         try:
             utils.run_ansible(ansible_vars, playbook, host=self.ip,
                               user='stack')

diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index bb58059..040a559 100644 (file)
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -188,7 +188,7 @@
       become: yes
       when:
         - not nat_network_ipv6
-        - virtual_overcloud
+        - nat
     - name: fetch storage environment file
       fetch:
         src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml