All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit 55fdc666 authored by Simon Redman's avatar Simon Redman

Prevent adding ULA IPv6 addresses to the management interfaces

parent ea37f512
......@@ -127,21 +127,28 @@ def parse_local_interface_addresses(netgraph):
return interface_map
def construct_ULAs(ipv6_link_local_map, ipv4_map):
def construct_ULAs(ipv6_link_local_map, ipv4_map, ignore_addrs=[]):
"""
Combine the per-host, per-interface IPv6 and IPv4 information into per-host, per-interface Unique Local Addresses
:param ipv6_link_local_map: per-host per-interface IPv6 link local address map as built by parse_local_interface_addresses
:param ipv4_map: per-host per-interface IPv4 address map as built by parse_ipv4_networks
:param ignore_addrs: List of interface IPv4 or IPv6 addresses which should be ignored
:return: mapping of hosts to interfaces to ULAs
"""
ULA_map = {}
# Convert the addresses to ignore into IPAddress objects. If they already were, this is a noop
ignore_addrs = [ipaddress.ip_address(addr) for addr in ignore_addrs]
for host in ipv6_link_local_map:
ULA_map[host] = {}
for interface in ipv6_link_local_map[host]:
link_local_addr = ipv6_link_local_map[host][interface]
ipv4_addr = ipv4_map[host][interface]
if (link_local_addr.ip in ignore_addrs or ipv4_addr.ip in ignore_addrs):
# If the IP address should be ignored, ignore it
continue
ULA_map[host][interface] = convert_link_local_addr_to_ULA(link_local_addr, ipv4_addr)
return ULA_map
......@@ -213,10 +220,11 @@ if __name__ == "__main__":
netgraph = NetJsonParser(file=args.in_file)
ssh_helper.network_graph_login(netgraph.graph, args.username)
management_ips = [node["management-ip"] for node in netgraph.graph._node.values()]
link_local_map = parse_local_interface_addresses(netgraph.graph)
ipv4_map = parse_ipv4_networks(netgraph.graph)
ULA_map = construct_ULAs(link_local_map, ipv4_map)
ULA_map = construct_ULAs(link_local_map, ipv4_map, management_ips)
add_ULAs_to_hosts(netgraph.graph, ULA_map)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment