From 76a7a3540b3e2f111c267df83fb0b528dd8c6fa5 Mon Sep 17 00:00:00 2001 From: Dan Smith Date: Fri, 22 Jun 2012 10:15:42 -0700 Subject: Migrate existing routes from flat_interface Right now, any routes that exist on flat_interface (other than the default route) get lost when we set up the bridge. This patch migrates them over to avoid losing that connectivity. It does so by using 'ip route' instead of 'route', which is much easier to script and is consistent with other use of iproute2 tools in linux_net.py. Bug 962822 Change-Id: I7d9e8e05169f2f87e8481595397c02fd3a3612f4 --- etc/nova/rootwrap.d/compute.filters | 11 +++-------- etc/nova/rootwrap.d/network.filters | 11 +++-------- 2 files changed, 6 insertions(+), 16 deletions(-) (limited to 'etc') diff --git a/etc/nova/rootwrap.d/compute.filters b/etc/nova/rootwrap.d/compute.filters index c2e760f0e..fffeff85a 100644 --- a/etc/nova/rootwrap.d/compute.filters +++ b/etc/nova/rootwrap.d/compute.filters @@ -78,6 +78,9 @@ cp: CommandFilter, /bin/cp, root # nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, .. # nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, .. # nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up' +# nova/network/linux_net.py: 'ip', 'route', 'add', .. +# nova/network/linux_net.py: 'ip', 'route', 'del', . +# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev ip: CommandFilter, /sbin/ip, root # nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev @@ -130,14 +133,6 @@ ip6tables-restore_usr: CommandFilter, /usr/sbin/ip6tables-restore, root arping: CommandFilter, /usr/bin/arping, root arping_sbin: CommandFilter, /sbin/arping, root -# nova/network/linux_net.py: 'route', '-n' -# nova/network/linux_net.py: 'route', 'del', 'default', 'gw' -# nova/network/linux_net.py: 'route', 'add', 'default', 'gw' -# nova/network/linux_net.py: 'route', '-n' -# nova/network/linux_net.py: 'route', 'del', 'default', 'gw', old_gw, .. -# nova/network/linux_net.py: 'route', 'add', 'default', 'gw', old_gateway -route: CommandFilter, /sbin/route, root - # nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address dhcp_release: CommandFilter, /usr/bin/dhcp_release, root diff --git a/etc/nova/rootwrap.d/network.filters b/etc/nova/rootwrap.d/network.filters index c85ab9a33..c635f12e4 100644 --- a/etc/nova/rootwrap.d/network.filters +++ b/etc/nova/rootwrap.d/network.filters @@ -21,6 +21,9 @@ # nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, .. # nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, .. # nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up' +# nova/network/linux_net.py: 'ip', 'route', 'add', .. +# nova/network/linux_net.py: 'ip', 'route', 'del', . +# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev ip: CommandFilter, /sbin/ip, root # nova/virt/libvirt/vif.py: 'ovs-vsctl', ... @@ -48,14 +51,6 @@ ip6tables-restore_usr: CommandFilter, /usr/sbin/ip6tables-restore, root arping: CommandFilter, /usr/bin/arping, root arping_sbin: CommandFilter, /sbin/arping, root -# nova/network/linux_net.py: 'route', '-n' -# nova/network/linux_net.py: 'route', 'del', 'default', 'gw' -# nova/network/linux_net.py: 'route', 'add', 'default', 'gw' -# nova/network/linux_net.py: 'route', '-n' -# nova/network/linux_net.py: 'route', 'del', 'default', 'gw', old_gw, .. -# nova/network/linux_net.py: 'route', 'add', 'default', 'gw', old_gateway -route: CommandFilter, /sbin/route, root - # nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address dhcp_release: CommandFilter, /usr/bin/dhcp_release, root -- cgit