Clean up pxe_filter related deprecations
This removes deprecated [iptables]manage_firewall and code. Other deprecation markers relate to [firewall] are removed as well. Change-Id: I449e16975b05a331b08dd160e0dec4a7c3cf6734 Story: #1665666 Task: #11358
This commit is contained in:
Kaifeng Wang
parent
292c168d9e
commit
ec8eacdebf
@ -17,29 +17,14 @@ from ironic_inspector.common.i18n import _
|
||||
|
||||
|
||||
_OPTS = [
|
||||
cfg.BoolOpt('manage_firewall',
|
||||
default=True,
|
||||
# NOTE(milan) this filter driver will be replaced by
|
||||
# a dnsmasq filter driver
|
||||
deprecated_for_removal=True,
|
||||
deprecated_group='firewall',
|
||||
help=_('Whether to manage firewall rules for PXE port. '
|
||||
'This configuration option was deprecated in favor of '
|
||||
'the ``driver`` option in the ``pxe_filter`` section. '
|
||||
'Please, use the ``noop`` filter driver to disable the '
|
||||
'firewall filtering or the ``iptables`` filter driver '
|
||||
'to enable it.')),
|
||||
cfg.StrOpt('dnsmasq_interface',
|
||||
default='br-ctlplane',
|
||||
deprecated_group='firewall',
|
||||
help=_('Interface on which dnsmasq listens, the default is for '
|
||||
'VM\'s.')),
|
||||
cfg.StrOpt('firewall_chain',
|
||||
default='ironic-inspector',
|
||||
deprecated_group='firewall',
|
||||
help=_('iptables chain name to use.')),
|
||||
cfg.ListOpt('ethoib_interfaces',
|
||||
deprecated_group='firewall',
|
||||
default=[],
|
||||
help=_('List of Etherent Over InfiniBand interfaces '
|
||||
'on the Inspector host which are used for physical '
|
||||
|
||||
@ -18,10 +18,10 @@ from ironic_inspector.common.i18n import _
|
||||
|
||||
_OPTS = [
|
||||
cfg.StrOpt('driver', default='iptables',
|
||||
help=_('PXE boot filter driver to use, such as iptables')),
|
||||
help=_('PXE boot filter driver to use, possible filters are: '
|
||||
'"iptables", "dnsmasq" and "noop". Set "noop " to '
|
||||
'disable the firewall filtering.')),
|
||||
cfg.IntOpt('sync_period', default=15, min=0,
|
||||
deprecated_name='firewall_update_period',
|
||||
deprecated_group='firewall',
|
||||
help=_('Amount of time in seconds, after which repeat periodic '
|
||||
'update of the filter.')),
|
||||
]
|
||||
|
||||
@ -218,10 +218,6 @@ def _driver_manager():
|
||||
global _DRIVER_MANAGER
|
||||
|
||||
name = CONF.pxe_filter.driver
|
||||
# FIXME(milan): to be removed after the transition period of deprecating
|
||||
# the firewall option group
|
||||
if name == 'iptables' and not CONF.iptables.manage_firewall:
|
||||
name = 'noop'
|
||||
|
||||
if _DRIVER_MANAGER is None:
|
||||
_DRIVER_MANAGER = stevedore.driver.DriverManager(
|
||||
|
||||
@ -63,20 +63,6 @@ class TestDriverManager(test_base.BaseTest):
|
||||
self.stevedore_driver_mock.assert_not_called()
|
||||
self.assertIs(pxe_filter._DRIVER_MANAGER, driver_manager)
|
||||
|
||||
def test_manage_firewall(self):
|
||||
# FIXME(milan): to be removed after the transition period of
|
||||
# deprecating the firewall option group
|
||||
# NOTE(milan) the default filter driver is iptables
|
||||
# this should revert it to noop
|
||||
CONF.set_override('manage_firewall', False, 'iptables')
|
||||
driver_manager = pxe_filter._driver_manager()
|
||||
self.stevedore_driver_mock.assert_called_once_with(
|
||||
pxe_filter._STEVEDORE_DRIVER_NAMESPACE,
|
||||
name='noop',
|
||||
invoke_on_load=True)
|
||||
self.assertIsNotNone(driver_manager)
|
||||
self.assertIs(pxe_filter._DRIVER_MANAGER, driver_manager)
|
||||
|
||||
|
||||
class TestDriverManagerLoading(test_base.BaseTest):
|
||||
def setUp(self):
|
||||
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
other:
|
||||
- |
|
||||
The deprecated configuration option ``[iptables]manage_firewall`` was
|
||||
removed, use ``[pxe_filter]driver`` to set filtering driver.
|
||||
Loading…
Reference in New Issue
Block a user