Code Review / fuel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 5fdc0c1) | patch
mcpcontrol: policy based routing for INSTALLER_IP 86/67586/1
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>
Sun, 14 Apr 2019 23:58:03 +0000 (01:58 +0200)
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>
Mon, 15 Apr 2019 00:36:13 +0000 (02:36 +0200)
commitc7a28fcf419f78aa44af8800e1f35e47471c4bb0
tree828cdb96274e66edeed328932e1160f760c8be66tree | snapshot
parent5fdc0c1db38310e5fde7833393cfefb9d3e96fb6commit | diff
mcpcontrol: policy based routing for INSTALLER_IP

To bypass Docker 'bridge'-backed network isolation, we previously
added an extra routing hop, which broke access from inside the
'mcpcontrol' Docker network (typically 10.20.0.0/24) to its
bridge address (10.20.0.1), leading to DNS issues on Salt Master.

This change leverages policy based routing to only add the extra
routing hop for connections originating from the default Docker
bridge network ('docker0'). Note that other Docker networks
using the 'bridge' driver are still isolated from 'mcpcontrol'.

Fixes: d9b44acb

Change-Id: Ib92901c3278ae9b815f28f26d4c26f82bcadacd6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
mcp/scripts/lib_jump_deploy.sh diff | blob | history