1123502 – Rubygem-Staypuft: Need to enforce usage of a different interface than the interface used for pxe/provisioning the node for Nova deployment with vlan tenant network type and no single nic to be allowed.

Bug 1123502 - Rubygem-Staypuft: Need to enforce usage of a different interface than the interface used for pxe/provisioning the node for Nova deployment with vlan tenant network type and no single nic to be allowed.

Summary: Rubygem-Staypuft: Need to enforce usage of a different interface than the in...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	rubygem-staypuft
Sub Component:
Version:	5.0 (RHEL 7)
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	z2
Target Release:	Installer
Assignee:	Scott Seago
QA Contact:	Alexander Chuzhoy
Docs Contact:
URL:	https://trello.com/c/xah3Fy17/232-val...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-07-25 20:36 UTC by Alexander Chuzhoy
Modified:	2014-11-04 17:01 UTC (History)
CC List:	5 users (show)
Fixed In Version:	ruby193-rubygem-staypuft-0.4.2-1.el6ost
Doc Type:	Bug Fix
Doc Text:	Prior to this update, deployments would fail if tenant networks, external networks, and the provisioning network were configured to operate off the same subnet. This update addresses the issue by enforcing the separation of these networks. As a result, users will be alerted if attempting to assign any of these networks to the same subnet.
Clone Of:
Environment:
Last Closed:	2014-11-04 17:01:34 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2014:1800	0	normal	SHIPPED_LIVE	Red Hat Enterprise Linux OpenStack Platform Installer Bug Fix Advisory	2014-11-04 22:00:19 UTC

Description Alexander Chuzhoy 2014-07-25 20:36:38 UTC

Rubygem-Staypuft:  Need to enforce usage of a different interface than the interface used for pxe/provisioning the node for Nova deployment with vlan tenant network type

Environment:
rhel-osp-installer-0.1.6-2.el6ost.noarch
openstack-foreman-installer-2.0.16-1.el6ost.noarch
ruby193-rubygem-foreman_openstack_simplify-0.0.6-8.el6ost.noarch
openstack-puppet-modules-2014.1-19.4.el6ost.noarch


Steps to reproduce:
1. install rhel-osp-installer.
2. create a nova network deployment with Tenant Network Type set to vlan.

Result:
You'll note the suggestion at the bottom that says:

"NOTE: Best practice is to use a different interface than the interface used for pxe/provisioning the node. This practice is mandatory if VLAN is chosen as the tenant network type."

This isn't enforced and can easily be configured, which will result in a failed deployment.

Expected result:
The mandatory practice of configuring a different interface than the interface used for pxe/provisioning the node should be enforced.

Comment 4 Scott Seago 2014-10-07 16:09:24 UTC

https://github.com/theforeman/staypuft/pull/333 does this -- although the separation is enforce all the time, not just for VLAN.

Comment 5 Scott Seago 2014-10-07 16:10:46 UTC

"separation is *enforced*" in the above comment, not "is enforce"

Comment 8 Alexander Chuzhoy 2014-10-14 14:55:27 UTC

Verified:
rhel-osp-installer-0.4.2-1.el6ost.noarch                
ruby193-rubygem-foreman_openstack_simplify-0.0.6-8.el6ost.noarch
openstack-puppet-modules-2014.1-23.el6ost.noarch                
openstack-foreman-installer-2.0.29-1.el6ost.noarch  


The UI was changed and there's a validation now that the tenant traffic uses its own NIC.

Comment 11 errata-xmlrpc 2014-11-04 17:01:34 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2014-1800.html

Note You need to log in before you can comment on or make changes to this bug.