Merge "Makes sure gateways forward properly"

author: Jenkins <jenkins@review.openstack.org> 2011-11-16 23:24:03 +0000
committer: Gerrit Code Review <review@openstack.org> 2011-11-16 23:24:03 +0000
commit: 381e5e5b0dbbb6fefdc8194fa103176f18760060 (patch)
tree: 1495e04765a7762dcfb670b254da55ba9b8c11ab
parent: 217af7df5980ee7a258d2e8b24aea4444c083201 (diff)
parent: 41af372219793556e6ba335d765761fa277107df (diff)
download: nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.tar.gz
nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.tar.xz
nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.zip
2 files changed, 29 insertions, 11 deletions
diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py
index 0cda55b32..6773bd619 100755
--- a/nova/network/linux_net.py
+++ b/nova/network/linux_net.py
@@ -599,7 +599,7 @@ def update_dhcp(context, dev, network_ref):
     conffile = _dhcp_file(dev, 'conf')
     with open(conffile, 'w') as f:
         f.write(get_dhcp_hosts(context, network_ref))
-    restart_dhcp(dev, network_ref)
+    restart_dhcp(context, dev, network_ref)
 
 
 def update_dhcp_hostfile_with_text(dev, hosts_text):
@@ -617,7 +617,7 @@ def kill_dhcp(dev):
 #           configuration options (like dchp-range, vlan, ...)
 #           aren't reloaded.
 @utils.synchronized('dnsmasq_start')
-def restart_dhcp(dev, network_ref):
+def restart_dhcp(context, dev, network_ref):
     """(Re)starts a dnsmasq server for a given network.
 
     If a dnsmasq instance is already running then send a HUP
@@ -894,6 +894,8 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
                           network['bridge_interface'],
                           network, gateway)
 
+        # NOTE(vish): applying here so we don't get a lock conflict
+        iptables_manager.apply()
         return network['bridge']
 
     def unplug(self, network):
@@ -963,14 +965,14 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
 
             # NOTE(vish): This will break if there is already an ip on the
             #             interface, so we move any ips to the bridge
-            gateway = None
+            old_gateway = None
             out, err = _execute('route', '-n', run_as_root=True)
             for line in out.split('\n'):
                 fields = line.split()
                 if fields and fields[0] == '0.0.0.0' and \
                                 fields[-1] == interface:
-                    gateway = fields[1]
-                    _execute('route', 'del', 'default', 'gw', gateway,
+                    old_gateway = fields[1]
+                    _execute('route', 'del', 'default', 'gw', old_gateway,
                              'dev', interface, check_exit_code=False,
                              run_as_root=True)
             out, err = _execute('ip', 'addr', 'show', 'dev', interface,
@@ -983,8 +985,8 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
                                 run_as_root=True)
                     _execute(*_ip_bridge_cmd('add', params, bridge),
                                 run_as_root=True)
-            if gateway:
-                _execute('route', 'add', 'default', 'gw', gateway,
+            if old_gateway:
+                _execute('route', 'add', 'default', 'gw', old_gateway,
                             run_as_root=True)
 
             if (err and err != "device %s is already a member of a bridge;"
diff --git a/nova/tests/test_linux_net.py b/nova/tests/test_linux_net.py
index 0e933eff5..0f5862f22 100755
--- a/nova/tests/test_linux_net.py
+++ b/nova/tests/test_linux_net.py
@@ -15,17 +15,15 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from nova import context
+import mox
+
 from nova import db
-from nova import exception
 from nova import flags
 from nova import log as logging
 from nova import test
 from nova import utils
-from nova.network import manager as network_manager
 from nova.network import linux_net
 
-import mox
 
 FLAGS = flags.FLAGS
 
@@ -346,6 +344,24 @@ class LinuxNetworkTestCase(test.TestCase):
         actual = self.driver._host_dhcp(fixed_ips[0])
         self.assertEquals(actual, expected)
 
+    def test_linux_bridge_driver_plug(self):
+        """Makes sure plug doesn't drop FORWARD by default.
+
+        Ensures bug 890195 doesn't reappear."""
+
+        def fake_execute(*args, **kwargs):
+            return "", ""
+        self.stubs.Set(utils, 'execute', fake_execute)
+
+        def verify_add_rule(chain, rule):
+            self.assertEqual(chain, 'FORWARD')
+            self.assertIn('ACCEPT', rule)
+        self.stubs.Set(linux_net.iptables_manager.ipv4['filter'],
+                       'add_rule', verify_add_rule)
+        driver = linux_net.LinuxBridgeInterfaceDriver()
+        driver.plug({"bridge": "br100", "bridge_interface": "eth0"},
+                    "fakemac")
+
     def _test_initialize_gateway(self, existing, expected, routes=''):
         self.flags(fake_network=False)
         executes = []
author	Jenkins <jenkins@review.openstack.org>	2011-11-16 23:24:03 +0000
committer	Gerrit Code Review <review@openstack.org>	2011-11-16 23:24:03 +0000
commit	381e5e5b0dbbb6fefdc8194fa103176f18760060 (patch)
tree	1495e04765a7762dcfb670b254da55ba9b8c11ab
parent	217af7df5980ee7a258d2e8b24aea4444c083201 (diff)
parent	41af372219793556e6ba335d765761fa277107df (diff)
download	nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.tar.gz nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.tar.xz nova-381e5e5b0dbbb6fefdc8194fa103176f18760060.zip