Browse Source

Enable fwaas recipe again after refactoring

Change-Id: Id2b6035ca330c1bf1e89bdda237d84b785f6a212
Jan Klare 2 years ago
parent
commit
0141794350
8 changed files with 66 additions and 33 deletions
  1. 4
    2
      .rubocop_todo.yml
  2. 11
    5
      attributes/default.rb
  3. 39
    23
      recipes/fwaas.rb
  4. 4
    1
      recipes/l3_agent.rb
  5. 1
    1
      recipes/lbaas.rb
  6. 2
    1
      recipes/vpnaas.rb
  7. 1
    0
      spec/l3_agent_spec.rb
  8. 4
    0
      spec/vpnaas_spec.rb

+ 4
- 2
.rubocop_todo.yml View File

@@ -1,18 +1,20 @@
1 1
 # This configuration was generated by
2 2
 # `rubocop --auto-gen-config`
3
-# on 2016-02-19 12:46:00 +0100 using RuboCop version 0.34.2.
3
+# on 2016-08-26 13:02:36 +0200 using RuboCop version 0.39.0.
4 4
 # The point is for the user to remove these configuration records
5 5
 # one by one as the offenses are removed from the code base.
6 6
 # Note that changes in the inspected code, or installation of new
7 7
 # versions of RuboCop, may require this file to be generated again.
8 8
 
9
-# Offense count: 9
9
+# Offense count: 10
10 10
 # Configuration parameters: EnforcedStyle, SupportedStyles.
11
+# SupportedStyles: nested, compact
11 12
 Style/ClassAndModuleChildren:
12 13
   Exclude:
13 14
     - 'recipes/_bridge_config_example.rb'
14 15
     - 'recipes/client.rb'
15 16
     - 'recipes/default.rb'
17
+    - 'recipes/fwaas.rb'
16 18
     - 'recipes/identity_registration.rb'
17 19
     - 'recipes/l3_agent.rb'
18 20
     - 'recipes/lbaas.rb'

+ 11
- 5
attributes/default.rb View File

@@ -141,6 +141,8 @@ end
141 141
 # ============================= VPN Agent Configuration ====================
142 142
 # vpn_device_driver_packages in platform-specific settings is used to get driver dependencies installed, default is strongswan
143 143
 # vpn_device_driver_services in platform-specific settings is used to enable services required by vpn drivers, default is strongswan
144
+# To enable 'vpnaas' as service_plugin, you need to add it to neutron.conf
145
+# ['Default']['service_plugins']
144 146
 # Set to true to enable vpnaas
145 147
 default['openstack']['network_vpnaas']['enabled'] = false
146 148
 # Custom the vpnaas config file path
@@ -163,6 +165,8 @@ default['openstack']['network_vpnaas']['conf'].tap do |conf|
163 165
 end
164 166
 
165 167
 # ============================= LBaaS Agent Configuration ==================
168
+# To enable 'lbaas' as service_plugin, you need to add it to neutron.conf
169
+# ['Default']['service_plugins']
166 170
 # Set to true to enable lbaas
167 171
 default['openstack']['network_lbaas']['enabled'] = false
168 172
 # Custom the lbaas config file path
@@ -181,15 +185,17 @@ default['openstack']['network_lbaas']['conf'].tap do |conf|
181 185
 end
182 186
 
183 187
 # ============================= FWaaS Configuration ==================
184
-# TODO(jklare) : check why the package is installed and if the configuration
185
-# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas
186
-# recipes and attributes)
188
+# To enable 'firewall' as service_plugin, you need to add it to neutron.conf
189
+# ['Default']['service_plugins']
187 190
 # Set to True to enable firewall service
188 191
 default['openstack']['network_fwaas']['enabled'] = false
189 192
 # Firewall service driver with linux iptables
190
-# default['openstack']['network']['fwaas']['driver'] = 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver'
193
+default['openstack']['network_fwaas']['conf'].tap do |conf|
194
+  conf['fwaas']['driver'] =
195
+    'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver'
196
+end
191 197
 # Custom the fwaas config file path
192
-# default['openstack']['network']['fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini'
198
+default['openstack']['network_fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini'
193 199
 # ============================= platform-specific settings ===========
194 200
 default['openstack']['network']['platform'].tap do |platform|
195 201
   platform['user'] = 'neutron'

+ 39
- 23
recipes/fwaas.rb View File

@@ -1,24 +1,40 @@
1
-# TODO(jklare) : check why the package is installed and if the configuration
2
-# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas
3
-# recipes and attributes)
4
-# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb----
5
-# <%= node["openstack"]["network"]["custom_template_banner"] %>
6
-# [fwaas]
7
-# driver = <%= node['openstack']['network']['fwaas']['driver'] %>
8
-# enabled = <%= node['openstack']['network']['fwaas']['enabled'] %>
9
-# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb----
10
-# ---- moved from recipes/l3_agent----
1
+# Encoding: utf-8
2
+#
3
+# Cookbook Name:: openstack-network
4
+# Recipe:: fwaas
5
+#
6
+# Licensed under the Apache License, Version 2.0 (the "License");
7
+# you may not use this file except in compliance with the License.
8
+# You may obtain a copy of the License at
9
+#
10
+#     http://www.apache.org/licenses/LICENSE-2.0
11
+#
12
+# Unless required by applicable law or agreed to in writing, software
13
+# distributed under the License is distributed on an "AS IS" BASIS,
14
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+# See the License for the specific language governing permissions and
16
+# limitations under the License.
17
+
18
+include_recipe 'openstack-network'
19
+
20
+# Make Openstack object available in Chef::Recipe
21
+class ::Chef::Recipe
22
+  include ::Openstack
23
+end
24
+
25
+node.default['openstack']['network_fwaas']['conf'].tap do |conf|
26
+  conf['fwaas']['enabled'] = true
27
+end
28
+
11 29
 # As the fwaas package will be installed anyway, configure its config-file attributes following environment.
12
-# template node['openstack']['network']['fwaas']['config_file'] do
13
-#  source 'services/neutron-fwaas/fwaas_driver.ini.erb'
14
-#  user node['openstack']['network']['platform']['user']
15
-#  group node['openstack']['network']['platform']['group']
16
-#  mode 00640
17
-#  # Only restart vpn agent to avoid synchronization problem, when vpn agent is enabled.
18
-#  if node['openstack']['network']['enable_vpn']
19
-#    notifies :restart, 'service[neutron-vpn-agent]', :delayed
20
-#  else
21
-#    notifies :restart, 'service[neutron-l3-agent]', :immediately
22
-#  end
23
-# end
24
-# ---- moved from recipes/l3_agent----
30
+service_conf = merge_config_options 'network_fwaas'
31
+template node['openstack']['network_fwaas']['config_file'] do
32
+  source 'openstack-service.conf.erb'
33
+  cookbook 'openstack-common'
34
+  owner node['openstack']['network']['platform']['user']
35
+  group node['openstack']['network']['platform']['group']
36
+  mode 00640
37
+  variables(
38
+    service_config: service_conf
39
+  )
40
+end

+ 4
- 1
recipes/l3_agent.rb View File

@@ -62,6 +62,9 @@ service 'neutron-l3-agent' do
62 62
     action [:stop, :disable]
63 63
   else
64 64
     action [:enable, :start]
65
-    subscribes :restart, 'template[/etc/neutron/neutron.conf]'
65
+    subscribes :restart, [
66
+      'template[/etc/neutron/neutron.conf]',
67
+      "template[#{node['openstack']['network_fwaas']['config_file']}]"
68
+    ]
66 69
   end
67 70
 end

+ 1
- 1
recipes/lbaas.rb View File

@@ -1,7 +1,7 @@
1 1
 # Encoding: utf-8
2 2
 #
3 3
 # Cookbook Name:: openstack-network
4
-# Recipe:: balancer
4
+# Recipe:: lbaas
5 5
 #
6 6
 # Copyright 2013, Mirantis IT
7 7
 #

+ 2
- 1
recipes/vpnaas.rb View File

@@ -68,6 +68,7 @@ service 'neutron-vpn-agent' do
68 68
   action [:enable, :start]
69 69
   subscribes :restart, [
70 70
     'template[/etc/neutron/neutron.conf]',
71
-    "template[#{node['openstack']['network_vpnaas']['config_file']}]"
71
+    "template[#{node['openstack']['network_vpnaas']['config_file']}]",
72
+    "template[#{node['openstack']['network_fwaas']['config_file']}]"
72 73
   ]
73 74
 end

+ 1
- 0
spec/l3_agent_spec.rb View File

@@ -19,6 +19,7 @@ describe 'openstack-network::l3_agent' do
19 19
       it 'subscribes the l3 agent service to neutron.conf' do
20 20
         expect(chef_run.service('neutron-l3-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
21 21
       end
22
+
22 23
       %w(neutron-l3-agent radvd keepalived).each do |pkg|
23 24
         it "upgrades #{pkg} package" do
24 25
           expect(chef_run).to upgrade_package(pkg)

+ 4
- 0
spec/vpnaas_spec.rb View File

@@ -36,6 +36,10 @@ describe 'openstack-network::vpnaas' do
36 36
       expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
37 37
     end
38 38
 
39
+    it 'subscribes the vpn agent service to vpn_agent.ini' do
40
+      expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/vpn_agent.ini]').delayed
41
+    end
42
+
39 43
     describe 'vpn_agent.ini' do
40 44
       let(:file) { chef_run.template('/etc/neutron/vpn_agent.ini') }
41 45
 

Loading…
Cancel
Save