• Jose A. Lopes's avatar
    Check prereq instance communication network in 'SetParams' · 11eeb1b9
    Jose A. Lopes authored
    
    
    Later, the logical unit for 'OpClusterSetParams' will be responsible
    for creating the instance communication network in case it does not
    exist.  For now, it is important to check whether the network the user
    is requesting to become assigned to instance communication has the
    right configuration and otherwise warn about potential security risks.
    
    * Add a new static method
      'LUClusterSetParams._CheckInstanceCommunicationNetwork' which checks
      if the user-supplied network is configured correctly and issues
      security warnings otherwise.  A correctly configured instance
      communication network is link-local (i.e., 169.254.0.0/16 for IPv4
      and fe80::/64 for IPv6), has no gateways, and has a specific MAC
      prefix.
    
    * Extend 'LUClusterSetParams.CheckPrereq' to call the above method to
      check whether the user supplied network matches the intended
      configuration.
    Signed-off-by: default avatarJose A. Lopes <jabolopes@google.com>
    Reviewed-by: default avatarHelga Velroyen <helgav@google.com>
    11eeb1b9
cluster.py 131 KB