DevStack plugin for fwaas

Start by just running the cookiecutter code - documented at [1]. Then scrape out the fwaas/firewall code from DevStack and stick it where it looks like it should be in the plugin. [1]: http://git.openstack.org/cgit/openstack-dev/devstack-plugin-cookiecutter/tree/README.rst Related-Change: Ic60cd1fa90c19dfac00be583e2ddc5633dbb68a3 Co-Authored-By: Nate Johnston <Nate_Johnston@cable.comcast.com> Co-Authored-By: German Eichberger <german.eichberger@hp.com> Co-Authored-By: Kyle Mestery <mestery@mestery.com> Change-Id: If6c6e032689392fecc8c24517666128c8c103a7b Signed-of-by: Kyle Mestery <mestery@mestery.com>
2016-06-23 18:24:28 +00:00 · 2016-06-23 18:24:28 +00:00 · e70a782008
parent b26f9f46af
commit e70a782008
4 changed files with 145 additions and 0 deletions
--- a/TESTING.rst
+++ b/TESTING.rst
@ -6,3 +6,7 @@ the latest up to date instructions for how to test Neutron, and will
 be applicable to neutron-fwaas as well:

 `Neutron TESTING.rst <http://git.openstack.org/cgit/openstack/neutron/tree/TESTING.rst>`_
+
+For instructions on how to use FWaaS with devstack, look at:
+
+`Neutron-FWaaS DevStack <http://git.openstack.org/cgit/openstack/neutron-fwaas/tree/devstack/README.rst>`_
--- a/devstack/README.rst
+++ b/devstack/README.rst
@ -0,0 +1,28 @@
+neutron-fwaas in DevStack
+=========================
+
+This is setup as a DevStack plugin.  For more information on DevStack plugins,
+see the `DevStack Plugins documentation
+<http://docs.openstack.org/developer/devstack/plugins.html>`_.
+
+This was created using the `devstack-plugin-cookiecutter
+<https://github.com/openstack-dev/devstack-plugin-cookiecutter>`_ tool.
+
+How to run FWaaS in DevStack
+=========================
+
+Add the following to the localrc section of your local.conf:
+
+.. code-block:: none
+   [[local|localrc]]
+   enable_plugin neutron-fwaas http://git.openstack.org/openstack/neutron-fwaas
+   enable_service q-fwaas
+
+To check a specific patchset that is currently under development, use a form
+like the below example, which is checking out change 214350 patch set 14 for
+testing.
+
+.. code-block:: none
+   [[local|localrc]]
+   enable_plugin neutron-fwaas https://review.openstack.org/p/openstack/neutron-fwaas refs/changes/50/214350/14
+   enable_service q-fwaas
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@ -0,0 +1,109 @@
+#!/bin/bash
+
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+# Dependencies:
+#
+# ``functions`` file
+# ``DEST`` must be defined
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+function pre_install_fwaas() {
+    # Install OS packages if necessary with "install_package ...".
+    :
+    neutron_fwaas_configure_common
+}
+
+function install_fwaas() {
+    # Install the service.
+    :
+    setup_develop $DEST/neutron-fwaas
+}
+
+function configure_fwaas() {
+    neutron_fwaas_configure_driver
+}
+
+function init_fwaas() {
+    # Initialize and start the service.
+    :
+}
+
+function shutdown_fwaas() {
+    # Shut the service down.
+    :
+}
+
+function cleanup_fwaas() {
+    # Cleanup the service.
+    :
+}
+
+function neutron_fwaas_configure_common {
+    _neutron_service_plugin_class_add $FWAAS_PLUGIN
+}
+
+function neutron_fwaas_configure_driver {
+    # Uses oslo config generator to generate FWaaS sample configuration files
+    (cd $NEUTRON_FWAAS_DIR && exec ./tools/generate_config_file_samples.sh)
+
+    cp $NEUTRON_FWAAS_DIR/etc/$FWAAS_DRIVER_CONF_FILENAME.sample $FWAAS_CONF_FILE
+
+    iniset_multiline $FWAAS_CONF_FILE fwaas enabled True
+    iniset_multiline $FWAAS_CONF_FILE fwaas driver $FWAAS_DRIVER
+    #iniset $NEUTRON_CONF DEFAULT service_plugins $Q_SERVICE_PLUGIN_CLASSES
+}
+
+# check for service enabled
+if is_service_enabled q-svc && is_service_enabled q-fwaas; then
+
+    if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
+        # Set up system services
+        echo_summary "Configuring system services q-fwaas"
+        pre_install_fwaas
+
+    elif [[ "$1" == "stack" && "$2" == "install" ]]; then
+        # Perform installation of service source
+        echo_summary "Installing q-fwaas"
+        install_fwaas
+
+    elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+        # Configure after the other layer 1 and 2 services have been configured
+        echo_summary "Configuring q-fwaas"
+        configure_fwaas
+
+    elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+        # Initialize and start the q-fwaas service
+        echo_summary "Initializing q-fwaas"
+        init_fwaas
+    fi
+
+    if [[ "$1" == "unstack" ]]; then
+        # Shut down q-fwaas services
+        # no-op
+        shutdown_fwaas
+    fi
+
+    if [[ "$1" == "clean" ]]; then
+        # Remove state and transient data
+        # Remember clean.sh first calls unstack.sh
+        # no-op
+        cleanup_fwaas
+    fi
+fi
+
+# Restore xtrace
+$XTRACE
--- a/devstack/settings
+++ b/devstack/settings
@ -0,0 +1,4 @@
+FWAAS_DRIVER=${FWAAS_DRIVER:-iptables}
+FWAAS_PLUGIN=${FWAAS_PLUGIN:-firewall}
+FWAAS_DRIVER_CONF_FILENAME=${FWAAS_DRIVER_CONF_FILENAME:-fwaas_driver.ini}
+FWAAS_CONF_FILE=${Q_FWAAS_CONF_FILE:-$NEUTRON_CONF_DIR/$FWAAS_DRIVER_CONF_FILENAME}