Remove neutron-fwaas for >= V
Also adds config option enable-fwaas which defaults to True to allow disabling fwaas for releases earlier than Victoria. Change-Id: Ic9251c5290f777f544a150a92702566474b264b8 Closes-Bug: 1934129
This commit is contained in:
parent
0d4c5e139a
commit
00e7c8b6ad
@ -22,6 +22,15 @@ options:
|
|||||||
such as thresholds and a destination log file are available in the neutron-openvswitch charm.
|
such as thresholds and a destination log file are available in the neutron-openvswitch charm.
|
||||||
Also, an neutron-openvswitch charm config option "firewall-driver" should be explicitly
|
Also, an neutron-openvswitch charm config option "firewall-driver" should be explicitly
|
||||||
set to "openvswitch", since security group logging works only with OVS firewall driver now.
|
set to "openvswitch", since security group logging works only with OVS firewall driver now.
|
||||||
|
enable-fwaas:
|
||||||
|
type: boolean
|
||||||
|
default: True
|
||||||
|
description: |
|
||||||
|
Setting this to True will enable FWaasS (FWaaSv2 from Stein onwards).
|
||||||
|
This feature is disabled from Victoria onwards and will have no effect.
|
||||||
|
.
|
||||||
|
NOTE: Neutron FWaaS has been deprecated as of the OpenStack Ussuri
|
||||||
|
release and will be removed during the W cycle.
|
||||||
enable-firewall-group-logging:
|
enable-firewall-group-logging:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: False
|
default: False
|
||||||
|
@ -401,6 +401,23 @@ class NeutronCCContext(context.NeutronContext):
|
|||||||
|
|
||||||
return settings
|
return settings
|
||||||
|
|
||||||
|
def get_service_plugins(self, cmp_release, plugin_defs):
|
||||||
|
if str(cmp_release) in plugin_defs:
|
||||||
|
return plugin_defs[str(cmp_release)]
|
||||||
|
|
||||||
|
# find the last available set of plugins.
|
||||||
|
last_available = None
|
||||||
|
for r in plugin_defs.keys():
|
||||||
|
if cmp_release > CompareOpenStackReleases(r):
|
||||||
|
if last_available:
|
||||||
|
if (CompareOpenStackReleases(r) <
|
||||||
|
CompareOpenStackReleases(last_available)):
|
||||||
|
continue
|
||||||
|
|
||||||
|
last_available = r
|
||||||
|
|
||||||
|
return plugin_defs[last_available]
|
||||||
|
|
||||||
def __call__(self):
|
def __call__(self):
|
||||||
from neutron_api_utils import api_port
|
from neutron_api_utils import api_port
|
||||||
ctxt = super(NeutronCCContext, self).__call__()
|
ctxt = super(NeutronCCContext, self).__call__()
|
||||||
@ -618,8 +635,9 @@ class NeutronCCContext(context.NeutronContext):
|
|||||||
'train': ['router', 'firewall_v2', 'metering', 'segments',
|
'train': ['router', 'firewall_v2', 'metering', 'segments',
|
||||||
('neutron_dynamic_routing.'
|
('neutron_dynamic_routing.'
|
||||||
'services.bgp.bgp_plugin.BgpPlugin')],
|
'services.bgp.bgp_plugin.BgpPlugin')],
|
||||||
# TODO: FWaaS was deprecated at Ussuri and will be removed
|
'victoria': ['router', 'metering', 'segments',
|
||||||
# during the W cycle
|
('neutron_dynamic_routing.'
|
||||||
|
'services.bgp.bgp_plugin.BgpPlugin')],
|
||||||
}
|
}
|
||||||
if cmp_release >= 'rocky' and cmp_release < 'train':
|
if cmp_release >= 'rocky' and cmp_release < 'train':
|
||||||
if ctxt.get('load_balancer_name', None):
|
if ctxt.get('load_balancer_name', None):
|
||||||
@ -629,13 +647,11 @@ class NeutronCCContext(context.NeutronContext):
|
|||||||
# TODO(fnordahl): Remove fall-back in next charm release
|
# TODO(fnordahl): Remove fall-back in next charm release
|
||||||
service_plugins[release].append('lbaasv2')
|
service_plugins[release].append('lbaasv2')
|
||||||
|
|
||||||
# TODO: FWaaS was deprecated at Ussuri and will be removed
|
if cmp_release >= 'stein' and cmp_release <= 'ussuri':
|
||||||
# during the W cycle
|
|
||||||
if cmp_release >= 'stein':
|
|
||||||
ctxt['firewall_v2'] = True
|
ctxt['firewall_v2'] = True
|
||||||
|
|
||||||
ctxt['service_plugins'] = service_plugins.get(
|
ctxt['service_plugins'] = self.get_service_plugins(
|
||||||
release, service_plugins['stein'])
|
cmp_release, service_plugins)
|
||||||
|
|
||||||
if is_nsg_logging_enabled() or is_nfg_logging_enabled():
|
if is_nsg_logging_enabled() or is_nfg_logging_enabled():
|
||||||
ctxt['service_plugins'].append('log')
|
ctxt['service_plugins'].append('log')
|
||||||
|
@ -102,14 +102,12 @@ BASE_PACKAGES = [
|
|||||||
# TODO: FWaaS was deprecated at Ussuri and will be removed during the W cycle
|
# TODO: FWaaS was deprecated at Ussuri and will be removed during the W cycle
|
||||||
KILO_PACKAGES = [
|
KILO_PACKAGES = [
|
||||||
'python-neutron-lbaas',
|
'python-neutron-lbaas',
|
||||||
'python-neutron-fwaas',
|
|
||||||
'python-neutron-vpnaas',
|
'python-neutron-vpnaas',
|
||||||
]
|
]
|
||||||
|
|
||||||
PY3_PACKAGES = [
|
PY3_PACKAGES = [
|
||||||
'python3-neutron',
|
'python3-neutron',
|
||||||
'python3-neutron-lbaas',
|
'python3-neutron-lbaas',
|
||||||
'python3-neutron-fwaas',
|
|
||||||
'python3-neutron-dynamic-routing',
|
'python3-neutron-dynamic-routing',
|
||||||
'python3-networking-hyperv',
|
'python3-networking-hyperv',
|
||||||
'python3-memcache',
|
'python3-memcache',
|
||||||
@ -132,6 +130,10 @@ PURGE_EXTRA_PACKAGES_ON_TRAIN = [
|
|||||||
'python3-neutron-lbaas',
|
'python3-neutron-lbaas',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
PURGE_EXTRA_PACKAGES_ON_VICTORIA = [
|
||||||
|
'python3-neutron-fwaas',
|
||||||
|
]
|
||||||
|
|
||||||
VERSION_PACKAGE = 'neutron-common'
|
VERSION_PACKAGE = 'neutron-common'
|
||||||
|
|
||||||
BASE_SERVICES = [
|
BASE_SERVICES = [
|
||||||
@ -460,6 +462,8 @@ def determine_packages(source=None, openstack_release=None):
|
|||||||
packages = deepcopy(BASE_PACKAGES)
|
packages = deepcopy(BASE_PACKAGES)
|
||||||
if cmp_release >= 'rocky':
|
if cmp_release >= 'rocky':
|
||||||
packages.extend(PY3_PACKAGES)
|
packages.extend(PY3_PACKAGES)
|
||||||
|
if config('enable-fwaas') and cmp_release <= 'ussuri':
|
||||||
|
packages.append('python3-neutron-fwaas')
|
||||||
if cmp_release >= 'train':
|
if cmp_release >= 'train':
|
||||||
packages.remove('python3-neutron-lbaas')
|
packages.remove('python3-neutron-lbaas')
|
||||||
|
|
||||||
@ -476,6 +480,8 @@ def determine_packages(source=None, openstack_release=None):
|
|||||||
if cmp_release < 'rocky':
|
if cmp_release < 'rocky':
|
||||||
if cmp_release >= 'kilo':
|
if cmp_release >= 'kilo':
|
||||||
packages.extend(KILO_PACKAGES)
|
packages.extend(KILO_PACKAGES)
|
||||||
|
if config('enable-fwaas'):
|
||||||
|
packages.append('python-neutron-fwaas')
|
||||||
if cmp_release >= 'ocata':
|
if cmp_release >= 'ocata':
|
||||||
packages.append('python-neutron-dynamic-routing')
|
packages.append('python-neutron-dynamic-routing')
|
||||||
if cmp_release >= 'pike':
|
if cmp_release >= 'pike':
|
||||||
@ -497,10 +503,14 @@ def determine_packages(source=None, openstack_release=None):
|
|||||||
def determine_purge_packages():
|
def determine_purge_packages():
|
||||||
'''Return a list of packages to purge for the current OS release'''
|
'''Return a list of packages to purge for the current OS release'''
|
||||||
cmp_os_source = CompareOpenStackReleases(os_release('neutron-common'))
|
cmp_os_source = CompareOpenStackReleases(os_release('neutron-common'))
|
||||||
if cmp_os_source >= 'train':
|
purge_pkgs = PURGE_PACKAGES
|
||||||
return PURGE_PACKAGES + PURGE_EXTRA_PACKAGES_ON_TRAIN
|
if cmp_os_source >= 'victoria':
|
||||||
|
purge_pkgs += PURGE_EXTRA_PACKAGES_ON_TRAIN
|
||||||
|
return purge_pkgs + PURGE_EXTRA_PACKAGES_ON_VICTORIA
|
||||||
|
elif cmp_os_source >= 'train':
|
||||||
|
return purge_pkgs + PURGE_EXTRA_PACKAGES_ON_TRAIN
|
||||||
elif cmp_os_source >= 'rocky':
|
elif cmp_os_source >= 'rocky':
|
||||||
return PURGE_PACKAGES
|
return purge_pkgs
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
|
||||||
@ -680,8 +690,10 @@ def do_openstack_upgrade(configs):
|
|||||||
if CompareOpenStackReleases(os_release('neutron-common')) < 'liberty':
|
if CompareOpenStackReleases(os_release('neutron-common')) < 'liberty':
|
||||||
stamp_neutron_database(cur_os_rel)
|
stamp_neutron_database(cur_os_rel)
|
||||||
migrate_neutron_database(upgrade=True)
|
migrate_neutron_database(upgrade=True)
|
||||||
if CompareOpenStackReleases(new_os_rel) >= 'stein':
|
if config('enable-fwaas'):
|
||||||
fwaas_migrate_v1_to_v2()
|
if (CompareOpenStackReleases(new_os_rel) >= 'stein' and
|
||||||
|
CompareOpenStackReleases(new_os_rel) <= 'ussuri'):
|
||||||
|
fwaas_migrate_v1_to_v2()
|
||||||
|
|
||||||
|
|
||||||
# TODO: make an attribute of the context for shared usage
|
# TODO: make an attribute of the context for shared usage
|
||||||
|
@ -433,6 +433,17 @@ class NeutronCCContextTest(CharmTestCase):
|
|||||||
def tearDown(self):
|
def tearDown(self):
|
||||||
super(NeutronCCContextTest, self).tearDown()
|
super(NeutronCCContextTest, self).tearDown()
|
||||||
|
|
||||||
|
def test_get_service_plugins(self):
|
||||||
|
plugs = {"mitaka": "A",
|
||||||
|
"queens": "B",
|
||||||
|
"ussuri": "C"}
|
||||||
|
p = context.NeutronCCContext().get_service_plugins('train', plugs)
|
||||||
|
self.assertEquals(p, "B")
|
||||||
|
p = context.NeutronCCContext().get_service_plugins('ussuri', plugs)
|
||||||
|
self.assertEquals(p, "C")
|
||||||
|
p = context.NeutronCCContext().get_service_plugins('wallaby', plugs)
|
||||||
|
self.assertEquals(p, "C")
|
||||||
|
|
||||||
@patch.object(context, 'NeutronLoadBalancerContext')
|
@patch.object(context, 'NeutronLoadBalancerContext')
|
||||||
@patch.object(context.NeutronCCContext, 'network_manager')
|
@patch.object(context.NeutronCCContext, 'network_manager')
|
||||||
@patch.object(context.NeutronCCContext, 'plugin')
|
@patch.object(context.NeutronCCContext, 'plugin')
|
||||||
@ -776,7 +787,7 @@ class NeutronCCContextTest(CharmTestCase):
|
|||||||
def test_neutroncc_context_api_rel(self, _import, plugin, nm, nlb):
|
def test_neutroncc_context_api_rel(self, _import, plugin, nm, nlb):
|
||||||
nova_url = 'http://127.0.0.10'
|
nova_url = 'http://127.0.0.10'
|
||||||
plugin.return_value = None
|
plugin.return_value = None
|
||||||
self.os_release.return_value = 'havana'
|
self.os_release.return_value = 'queens'
|
||||||
self.related_units.return_value = ['unit1']
|
self.related_units.return_value = ['unit1']
|
||||||
self.relation_ids.return_value = ['rid2']
|
self.relation_ids.return_value = ['rid2']
|
||||||
self.test_relation.set({'nova_url': nova_url,
|
self.test_relation.set({'nova_url': nova_url,
|
||||||
|
@ -138,7 +138,7 @@ class TestNeutronAPIUtils(CharmTestCase):
|
|||||||
pkg_list = nutils.determine_packages()
|
pkg_list = nutils.determine_packages()
|
||||||
expect = deepcopy(nutils.BASE_PACKAGES)
|
expect = deepcopy(nutils.BASE_PACKAGES)
|
||||||
expect.extend(['neutron-server', 'neutron-plugin-ml2',
|
expect.extend(['neutron-server', 'neutron-plugin-ml2',
|
||||||
'python-networking-hyperv'])
|
'python-networking-hyperv', 'python-neutron-fwaas'])
|
||||||
expect.extend(nutils.KILO_PACKAGES)
|
expect.extend(nutils.KILO_PACKAGES)
|
||||||
self.assertEqual(sorted(pkg_list), sorted(expect))
|
self.assertEqual(sorted(pkg_list), sorted(expect))
|
||||||
|
|
||||||
@ -156,7 +156,7 @@ class TestNeutronAPIUtils(CharmTestCase):
|
|||||||
])
|
])
|
||||||
expect.extend(nutils.KILO_PACKAGES)
|
expect.extend(nutils.KILO_PACKAGES)
|
||||||
expect = [p for p in expect if not p.startswith('python-')]
|
expect = [p for p in expect if not p.startswith('python-')]
|
||||||
expect.extend(nutils.PY3_PACKAGES)
|
expect.extend(nutils.PY3_PACKAGES + ['python3-neutron-fwaas'])
|
||||||
expect.remove('python3-neutron-lbaas')
|
expect.remove('python3-neutron-lbaas')
|
||||||
self.assertEqual(sorted(pkg_list), sorted(expect))
|
self.assertEqual(sorted(pkg_list), sorted(expect))
|
||||||
|
|
||||||
@ -171,7 +171,8 @@ class TestNeutronAPIUtils(CharmTestCase):
|
|||||||
'memcached',
|
'memcached',
|
||||||
'neutron-server',
|
'neutron-server',
|
||||||
'neutron-plugin-ml2',
|
'neutron-plugin-ml2',
|
||||||
'python-networking-hyperv'
|
'python-networking-hyperv',
|
||||||
|
'python3-neutron-fwaas',
|
||||||
])
|
])
|
||||||
expect.extend(nutils.KILO_PACKAGES)
|
expect.extend(nutils.KILO_PACKAGES)
|
||||||
expect = [p for p in expect if not p.startswith('python-')]
|
expect = [p for p in expect if not p.startswith('python-')]
|
||||||
|
Loading…
x
Reference in New Issue
Block a user