- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/neutron/neutron.conf] and
template[/etc/neutron/metadata_agent.ini] to resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Update lbaas recipe to use v2 agent driver.
- Add recommended configuration settings to neutron.conf based in Stein
- Remove any resources that define the default action.
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Manage /etc/neutron/neutron_lbaas.conf so we can set service_provider
- Add some missing ChefSpec tests.
- Configure neutron_lbaas.conf on Ubuntu in a manner that allows it to properly
pull in the configuration via the --config-dir option. This is due to the fact
we need to set an additional [service_providers] service_provider line and we
can't do that with hashes.
- Remove FWaaS as it's unmaintained upstream.
With Mitaka, Neutron has learned to set proper MTU values for the DHCP
agent depending on the encapsulation type being used. So do not override
them any more from our side.
* added new logic to render plugin templates
* refactored recipe names to be more consistence
* moved version up to 13.0.0 for mitaka release
* removed suse as supported platform
* added verisionbumb for refactored os-identity and common
* adapted optimized endpoint logic
* added endpoint attributes to fit new endpoint logic
* adapted the specs (unit tests) to work again
* refactored attributes throughout all recipes that were connected to the
attributes used for the neutron.conf.erb template to adapt the new template
* removed some attributes that were set to non default values, since the
defaults from neutron cloud and should be used instead
* moved all attributes form attributes/default.rb that were used in
neutron.conf.erb to attributes/neutron_conf.rb
* refactored attributes to fit new template logic
* refactored recipes/default.rb to fit new template logic
* removed all attributes set to default values in attribtues/default and
* replaced static plugin logic and templates with new config logic, following
the same principles as for neutron.conf
* renamed recipes to fit attributes and actual service names
* added recipes for ml2_core_plugin, ml2_openvswitch and ml2_linuxbridge as well
as a recipe for the creation of all plugin configs (plugin_conf) like plugin.ini
Implements: blueprint cookbook-refactoring
- According to the bool attribute
neutron database slave_connection
- Add the slave_connection generated from db_uri function
Implements: blueprint sql-slave-connection-support
After the refact of nova authentication in neutron, it supports
three auth_plugin: password, v2password, v3password. Each
auth_plugin match a different auth_url. For example:
auth_plugin = password
auth_url = http://127.0.0.1:35357/
auth_plugin = v2password
auth_url = http://127.0.0.1:35357/v2.0
auth_plugin = v3password
auth_url = http://127.0.0.1:35357/v3
The auth_url should be set following the auth_plugin automatically.
Authenticating to nova using nova_admin_* options is deprecated.
This should be done using an auth plugin, like password:
region_name = RegionOne
project_domain_id = default
project_name = service
user_domain_id = default
password = passw0rd
username = nova
auth_url = http://127.0.0.1:35357
auth_plugin = password
For Kilo release, there are many deprecated group/name in conf files of openstack,
so we need to change the deprecated group/name to new group/name.
In my recent patch to move to identity_url, I mistakenly also
touched the nova_admin_auth_url which removed the v2.0 protocol
version from it. This prevents neutron from working properly
The default value of metadata_workers in metadata_agent.ini is half of the
number of CPU cores in the computer system. The value will be large only if
there are many CPU cores, which may not be necessary. It should be acceptable
to make this attribute configurable, which follows what has been done for
api_workers and rpc_workers in neutron.conf.
Oslo.message using rabbit_max_retries and rabbit_retry_interval to
define reconnect rabbitmq server times and interval when can not
connect to rabbitmq server.
Remove deprecated keys and use identity_uri via the new transform
Also, cleanup specs for endpoint testing to make sure Common is
Implements: blueprint identity-uri
Since we have no attribute overrides for api-paste.ini, no
need to have a template resource for it. Until we need to
have some attribute, removing this will take away burden of
keeping in sync with base openstack code.
Used the existing ovs conf as a partial template to simply include
in the ml2 conf. This keeps all the attributes the same.
A more detailed spec will have to be done after some refactoring
to allow for sections to be tested.
Please give this idea a try, it seems to allow me to setup neutron
on ubuntu with ml2. I'm working toward using this as a basis for
getting the repo aio_neutron test working.
a new attribute
A new attribute will be added which can used to set the custom
interface_driver in case if the plugin is neither ovs nor linuxbridge.
An additional attribute is added to set the ovs_use_veth value present
in case of ovs plugin to 'True' or 'False'.
Patches in base neutron allow for use of just the nova tenant name
instead of having to make an ugly cli call into keystone to get the
uuid. This is much much cleaner way to do it.
Kept the old admin_tenant_id attribute, added a new
admin_tenant_name one. This should come directly from the Compute
cookbook attribute, service_tenant_name, but since Network does
not depend upon Compute cookbook, I simply added the default here.
I don't think we want to introduce a depends between Network and
Compute, that would be a circular dependency.
Nova metadata api endpoint was missing from common endpoints.
This patch will be follow by one for compute and network to
make use of these new endpoint.
Parameterize l3_ha, max_l3_agents_per_router,
ha_vrrp_advert_int setting, so that user can deploy
a topology with neutron l3 agent HA enabled.
Add multi driver support to the recipe of vpn_agent,
by changing vpn_device_driver option from string to list.
And add a new option named vpn_device_driver_packages to
install package dependencies according vpn_device_driver.
When no auth_version value is provided, it still should explicitly
set auth_version to v2.0 as the default value.
This is also to be consistent with other components. The current
code does not have 'auth_version = v2.0' in the configuration file.
This commit adds nova_ca_certificates_file and
nova_api_insecure so that they can be configured.
It also makes the nova_url use the right scheme.
Covers all template plugins except midonet and metaplugin
(see https://bugs.launchpad.net/bugs/1380243). Obvious mistakes
have been corrected in some of the templates (trailing
whitespaces, cut&pasted attribute names, instance variables
instead of block variables and so on).
Implements: blueprint add-template-tests
This change adds some attributes into the cookbook so
that they are configurable. It mainly includes:
cafile, memcached_servers, memcache_security_strategy,
memcache_secret_key, insecure and hash_algorithms.
Add a recipe, related attribute/template, and unit tests to
to install, configure and start VPN service.
Stop L3 agent if VPN is enabled.
Implements: Blueprint neutron-vpnaas-enablement
Nowadays, there is no tunnel_types item in ovs_
neutron_plugin.ini.erb template. And user can not
assign value to this item by environment. Therefore,
the vxlan enablement will failure because of the item
default value is '' which will disable tunneling
support in the agent.
Fixes bug #1355663