Enable fwaas recipe again after refactoring

Change-Id: Id2b6035ca330c1bf1e89bdda237d84b785f6a212
This commit is contained in:
Jan Klare 2016-08-26 11:48:21 +02:00
parent 29e771a9f3
commit 0141794350
8 changed files with 66 additions and 33 deletions

View File

@ -1,18 +1,20 @@
# This configuration was generated by # This configuration was generated by
# `rubocop --auto-gen-config` # `rubocop --auto-gen-config`
# on 2016-02-19 12:46:00 +0100 using RuboCop version 0.34.2. # on 2016-08-26 13:02:36 +0200 using RuboCop version 0.39.0.
# The point is for the user to remove these configuration records # The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base. # one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new # Note that changes in the inspected code, or installation of new
# versions of RuboCop, may require this file to be generated again. # versions of RuboCop, may require this file to be generated again.
# Offense count: 9 # Offense count: 10
# Configuration parameters: EnforcedStyle, SupportedStyles. # Configuration parameters: EnforcedStyle, SupportedStyles.
# SupportedStyles: nested, compact
Style/ClassAndModuleChildren: Style/ClassAndModuleChildren:
Exclude: Exclude:
- 'recipes/_bridge_config_example.rb' - 'recipes/_bridge_config_example.rb'
- 'recipes/client.rb' - 'recipes/client.rb'
- 'recipes/default.rb' - 'recipes/default.rb'
- 'recipes/fwaas.rb'
- 'recipes/identity_registration.rb' - 'recipes/identity_registration.rb'
- 'recipes/l3_agent.rb' - 'recipes/l3_agent.rb'
- 'recipes/lbaas.rb' - 'recipes/lbaas.rb'

View File

@ -141,6 +141,8 @@ end
# ============================= VPN Agent Configuration ==================== # ============================= VPN Agent Configuration ====================
# vpn_device_driver_packages in platform-specific settings is used to get driver dependencies installed, default is strongswan # vpn_device_driver_packages in platform-specific settings is used to get driver dependencies installed, default is strongswan
# vpn_device_driver_services in platform-specific settings is used to enable services required by vpn drivers, default is strongswan # vpn_device_driver_services in platform-specific settings is used to enable services required by vpn drivers, default is strongswan
# To enable 'vpnaas' as service_plugin, you need to add it to neutron.conf
# ['Default']['service_plugins']
# Set to true to enable vpnaas # Set to true to enable vpnaas
default['openstack']['network_vpnaas']['enabled'] = false default['openstack']['network_vpnaas']['enabled'] = false
# Custom the vpnaas config file path # Custom the vpnaas config file path
@ -163,6 +165,8 @@ default['openstack']['network_vpnaas']['conf'].tap do |conf|
end end
# ============================= LBaaS Agent Configuration ================== # ============================= LBaaS Agent Configuration ==================
# To enable 'lbaas' as service_plugin, you need to add it to neutron.conf
# ['Default']['service_plugins']
# Set to true to enable lbaas # Set to true to enable lbaas
default['openstack']['network_lbaas']['enabled'] = false default['openstack']['network_lbaas']['enabled'] = false
# Custom the lbaas config file path # Custom the lbaas config file path
@ -181,15 +185,17 @@ default['openstack']['network_lbaas']['conf'].tap do |conf|
end end
# ============================= FWaaS Configuration ================== # ============================= FWaaS Configuration ==================
# TODO(jklare) : check why the package is installed and if the configuration # To enable 'firewall' as service_plugin, you need to add it to neutron.conf
# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas # ['Default']['service_plugins']
# recipes and attributes)
# Set to True to enable firewall service # Set to True to enable firewall service
default['openstack']['network_fwaas']['enabled'] = false default['openstack']['network_fwaas']['enabled'] = false
# Firewall service driver with linux iptables # Firewall service driver with linux iptables
# default['openstack']['network']['fwaas']['driver'] = 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver' default['openstack']['network_fwaas']['conf'].tap do |conf|
conf['fwaas']['driver'] =
'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver'
end
# Custom the fwaas config file path # Custom the fwaas config file path
# default['openstack']['network']['fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini' default['openstack']['network_fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini'
# ============================= platform-specific settings =========== # ============================= platform-specific settings ===========
default['openstack']['network']['platform'].tap do |platform| default['openstack']['network']['platform'].tap do |platform|
platform['user'] = 'neutron' platform['user'] = 'neutron'

View File

@ -1,24 +1,40 @@
# TODO(jklare) : check why the package is installed and if the configuration # Encoding: utf-8
# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas #
# recipes and attributes) # Cookbook Name:: openstack-network
# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb---- # Recipe:: fwaas
# <%= node["openstack"]["network"]["custom_template_banner"] %> #
# [fwaas] # Licensed under the Apache License, Version 2.0 (the "License");
# driver = <%= node['openstack']['network']['fwaas']['driver'] %> # you may not use this file except in compliance with the License.
# enabled = <%= node['openstack']['network']['fwaas']['enabled'] %> # You may obtain a copy of the License at
# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb---- #
# ---- moved from recipes/l3_agent---- # http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
include_recipe 'openstack-network'
# Make Openstack object available in Chef::Recipe
class ::Chef::Recipe
include ::Openstack
end
node.default['openstack']['network_fwaas']['conf'].tap do |conf|
conf['fwaas']['enabled'] = true
end
# As the fwaas package will be installed anyway, configure its config-file attributes following environment. # As the fwaas package will be installed anyway, configure its config-file attributes following environment.
# template node['openstack']['network']['fwaas']['config_file'] do service_conf = merge_config_options 'network_fwaas'
# source 'services/neutron-fwaas/fwaas_driver.ini.erb' template node['openstack']['network_fwaas']['config_file'] do
# user node['openstack']['network']['platform']['user'] source 'openstack-service.conf.erb'
# group node['openstack']['network']['platform']['group'] cookbook 'openstack-common'
# mode 00640 owner node['openstack']['network']['platform']['user']
# # Only restart vpn agent to avoid synchronization problem, when vpn agent is enabled. group node['openstack']['network']['platform']['group']
# if node['openstack']['network']['enable_vpn'] mode 00640
# notifies :restart, 'service[neutron-vpn-agent]', :delayed variables(
# else service_config: service_conf
# notifies :restart, 'service[neutron-l3-agent]', :immediately )
# end end
# end
# ---- moved from recipes/l3_agent----

View File

@ -62,6 +62,9 @@ service 'neutron-l3-agent' do
action [:stop, :disable] action [:stop, :disable]
else else
action [:enable, :start] action [:enable, :start]
subscribes :restart, 'template[/etc/neutron/neutron.conf]' subscribes :restart, [
'template[/etc/neutron/neutron.conf]',
"template[#{node['openstack']['network_fwaas']['config_file']}]"
]
end end
end end

View File

@ -1,7 +1,7 @@
# Encoding: utf-8 # Encoding: utf-8
# #
# Cookbook Name:: openstack-network # Cookbook Name:: openstack-network
# Recipe:: balancer # Recipe:: lbaas
# #
# Copyright 2013, Mirantis IT # Copyright 2013, Mirantis IT
# #

View File

@ -68,6 +68,7 @@ service 'neutron-vpn-agent' do
action [:enable, :start] action [:enable, :start]
subscribes :restart, [ subscribes :restart, [
'template[/etc/neutron/neutron.conf]', 'template[/etc/neutron/neutron.conf]',
"template[#{node['openstack']['network_vpnaas']['config_file']}]" "template[#{node['openstack']['network_vpnaas']['config_file']}]",
"template[#{node['openstack']['network_fwaas']['config_file']}]"
] ]
end end

View File

@ -19,6 +19,7 @@ describe 'openstack-network::l3_agent' do
it 'subscribes the l3 agent service to neutron.conf' do it 'subscribes the l3 agent service to neutron.conf' do
expect(chef_run.service('neutron-l3-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed expect(chef_run.service('neutron-l3-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
end end
%w(neutron-l3-agent radvd keepalived).each do |pkg| %w(neutron-l3-agent radvd keepalived).each do |pkg|
it "upgrades #{pkg} package" do it "upgrades #{pkg} package" do
expect(chef_run).to upgrade_package(pkg) expect(chef_run).to upgrade_package(pkg)

View File

@ -36,6 +36,10 @@ describe 'openstack-network::vpnaas' do
expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
end end
it 'subscribes the vpn agent service to vpn_agent.ini' do
expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/vpn_agent.ini]').delayed
end
describe 'vpn_agent.ini' do describe 'vpn_agent.ini' do
let(:file) { chef_run.template('/etc/neutron/vpn_agent.ini') } let(:file) { chef_run.template('/etc/neutron/vpn_agent.ini') }