diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 1f9c7b12d4..3b554c3f70 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -578,7 +578,6 @@ enable_horizon: "{{ enable_openstack_core | bool }}" enable_horizon_blazar: "{{ enable_blazar | bool }}" enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}" enable_horizon_designate: "{{ enable_designate | bool }}" -enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}" enable_horizon_freezer: "{{ enable_freezer | bool }}" enable_horizon_heat: "{{ enable_heat | bool }}" enable_horizon_ironic: "{{ enable_ironic | bool }}" @@ -626,7 +625,6 @@ enable_murano: "no" enable_neutron_vpnaas: "no" enable_neutron_sriov: "no" enable_neutron_dvr: "no" -enable_neutron_fwaas: "no" enable_neutron_qos: "no" enable_neutron_agent_ha: "no" enable_neutron_bgp_dragent: "no" diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml index 90fcc753d6..ec84c9f507 100644 --- a/ansible/roles/horizon/defaults/main.yml +++ b/ansible/roles/horizon/defaults/main.yml @@ -11,7 +11,6 @@ horizon_services: ENABLE_BLAZAR: "{{ 'yes' if enable_horizon_blazar | bool else 'no' }}" ENABLE_CLOUDKITTY: "{{ 'yes' if enable_horizon_cloudkitty | bool else 'no' }}" ENABLE_DESIGNATE: "{{ 'yes' if enable_horizon_designate | bool else 'no' }}" - ENABLE_FWAAS: "{{ 'yes' if enable_horizon_fwaas | bool else 'no' }}" ENABLE_FREEZER: "{{ 'yes' if enable_horizon_freezer | bool else 'no' }}" ENABLE_HEAT: "{{ 'yes' if enable_horizon_heat | bool else 'no' }}" ENABLE_IRONIC: "{{ 'yes' if enable_horizon_ironic | bool else 'no' }}" diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index 675fa7aa84..2a3faa697b 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -387,14 +387,12 @@ neutron_extension_drivers: "{{ extension_drivers | selectattr('enabled', 'equalt # Neutron upgrade #################### neutron_enable_rolling_upgrade: "yes" -neutron_rolling_upgrade_services: ["neutron", "neutron-fwaas", "neutron-vpnaas"] +neutron_rolling_upgrade_services: ["neutron", "neutron-vpnaas"] #################### # Service Plugins #################### service_plugins: - - name: "firewall_v2" - enabled: "{{ enable_neutron_fwaas | bool }}" - name: "flow_classifier" enabled: "{{ enable_neutron_sfc | bool }}" - name: "metering" @@ -443,8 +441,6 @@ agent_extensions: neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}" l3_agent_extensions: - - name: "fwaas_v2" - enabled: "{{ enable_neutron_fwaas | bool }}" - name: "vpnaas" enabled: "{{ enable_neutron_vpnaas | bool }}" - name: "port_forwarding" diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml index da1756b0b3..de8b1e7efe 100644 --- a/ansible/roles/neutron/tasks/config.yml +++ b/ansible/roles/neutron/tasks/config.yml @@ -263,27 +263,6 @@ notify: - "Restart {{ item.key }} container" -- name: Copying over fwaas_driver.ini - become: true - vars: - service_name: "{{ item.key }}" - services_need_fwaas_driver_ini: - - "neutron-server" - - "neutron-l3-agent" - merge_configs: - sources: - - "{{ role_path }}/templates/fwaas_driver.ini.j2" - - "{{ node_custom_config }}/neutron/fwaas_driver.ini" - dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini" - mode: "0660" - when: - - item.key in services_need_fwaas_driver_ini - - item.value.enabled | bool - - item.value.host_in_groups | bool - with_dict: "{{ neutron_services }}" - notify: - - "Restart {{ item.key }} container" - - name: Copying over metadata_agent.ini become: true vars: diff --git a/ansible/roles/neutron/templates/fwaas_driver.ini.j2 b/ansible/roles/neutron/templates/fwaas_driver.ini.j2 deleted file mode 100644 index 2432f7d850..0000000000 --- a/ansible/roles/neutron/templates/fwaas_driver.ini.j2 +++ /dev/null @@ -1,13 +0,0 @@ -{% if enable_neutron_fwaas | bool %} -[fwaas] -enabled = True -{% if neutron_plugin_agent == 'vmware_nsxv' %} -driver = vmware_nsxv_edge -{% else %} -agent_version = v2 -driver = iptables_v2 - -[service_providers] -service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default -{% endif %} -{% endif %} diff --git a/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 index 2c0bb70259..6960ae4bb4 100644 --- a/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 +++ b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 @@ -7,7 +7,6 @@ set -o errexit neutron-netns-cleanup \ --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/l3_agent.ini \ - --config-file /etc/neutron/fwaas_driver.ini \ --force --agent-type l3 {% endif %} @@ -15,4 +14,3 @@ neutron-l3-agent \ --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/neutron_vpnaas.conf \ --config-file /etc/neutron/l3_agent.ini \ - --config-file /etc/neutron/fwaas_driver.ini diff --git a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 index 81654edaab..5c1d79c330 100644 --- a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 +++ b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 @@ -19,12 +19,6 @@ "owner": "neutron", "perm": "0600" }, - { - "source": "{{ container_config_directory }}/fwaas_driver.ini", - "dest": "/etc/neutron/fwaas_driver.ini", - "owner": "neutron", - "perm": "0600" - }, { "source": "{{ container_config_directory }}/l3_agent.ini", "dest": "/etc/neutron/l3_agent.ini", diff --git a/ansible/roles/neutron/templates/neutron-server.json.j2 b/ansible/roles/neutron/templates/neutron-server.json.j2 index f4fc16bcf3..ba41a52f99 100644 --- a/ansible/roles/neutron/templates/neutron-server.json.j2 +++ b/ansible/roles/neutron/templates/neutron-server.json.j2 @@ -1,5 +1,5 @@ { - "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'ovn'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %} --config-file /etc/neutron/fwaas_driver.ini", + "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'ovn'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %}", "config_files": [ { "source": "{{ container_config_directory }}/neutron.conf", @@ -7,12 +7,6 @@ "owner": "neutron", "perm": "0600" }, - { - "source": "{{ container_config_directory }}/fwaas_driver.ini", - "dest": "/etc/neutron/fwaas_driver.ini", - "owner": "neutron", - "perm": "0600" - }, { "source": "{{ container_config_directory }}/neutron_vpnaas.conf", "dest": "/etc/neutron/neutron_vpnaas.conf", diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index b44e3f9f7d..8269402045 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -267,7 +267,6 @@ #enable_horizon_blazar: "{{ enable_blazar | bool }}" #enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}" #enable_horizon_designate: "{{ enable_designate | bool }}" -#enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}" #enable_horizon_freezer: "{{ enable_freezer | bool }}" #enable_horizon_heat: "{{ enable_heat | bool }}" #enable_horizon_ironic: "{{ enable_ironic | bool }}" @@ -316,7 +315,6 @@ #enable_neutron_vpnaas: "no" #enable_neutron_sriov: "no" #enable_neutron_dvr: "no" -#enable_neutron_fwaas: "no" #enable_neutron_qos: "no" #enable_neutron_agent_ha: "no" #enable_neutron_bgp_dragent: "no" diff --git a/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml b/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml new file mode 100644 index 0000000000..bf1704ffeb --- /dev/null +++ b/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml @@ -0,0 +1,5 @@ +--- +upgrade: + - | + The ``neutron-fwaas`` project is no longer maintained. This has been + retired and will be removed in the Victoria cycle.