openstack
/
puppet-neutron
Code Issues Proposed changes

Merge "Allow disabling security groups on the OVS agent"

This commit is contained in:
Zuul 2018-01-26 17:57:14 +00:00 committed by Gerrit Code Review
parent de00e62822 158803bfff
commit 142369d1f2
3 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/agents/ml2/ovs.pp
View File

@ -140,6 +140,11 @@
# (optional) Enable or not DPDK with OVS # (optional) Enable or not DPDK with OVS
# Defaults to false. # Defaults to false.
# #
# [*enable_security_group*]
# (optional) Controls whether the agent supports security
# groups or not.
# Defaults to $::os_service_default
#
# [*minimize_polling*] # [*minimize_polling*]
# (optional) Minimize polling by monitoring ovsdb for interface # (optional) Minimize polling by monitoring ovsdb for interface
# changes. (boolean value) # changes. (boolean value)
@ -178,6 +183,7 @@ class neutron::agents::ml2::ovs (
$ovsdb_interface = $::os_service_default, $ovsdb_interface = $::os_service_default,
$purge_config = false, $purge_config = false,
$enable_dpdk = false, $enable_dpdk = false,
$enable_security_group = $::os_service_default,
$minimize_polling = $::os_service_default, $minimize_polling = $::os_service_default,
# DEPRECATED PARAMETERS # DEPRECATED PARAMETERS
$enable_tunneling = false, $enable_tunneling = false,
@ -281,6 +287,7 @@ class neutron::agents::ml2::ovs (
'ovs/vhostuser_socket_dir': value => $vhostuser_socket_dir; 'ovs/vhostuser_socket_dir': value => $vhostuser_socket_dir;
'ovs/ovsdb_interface': value => $ovsdb_interface; 'ovs/ovsdb_interface': value => $ovsdb_interface;
'ovs/of_interface': value => $of_interface; 'ovs/of_interface': value => $of_interface;
'securitygroup/enable_security_group': value => $enable_security_group;
} }
if $firewall_driver { if $firewall_driver {

5
releasenotes/notes/add-ovs-enable-security-group-e4d0cf2abd336216.yaml Normal file
View File

@ -0,0 +1,5 @@
---
features:
- |
Adds 'neutron::agents::ml2::ovs::enable_security_group' to permit disabling security groups
on the Neutron OVS agent.

12
spec/classes/neutron_agents_ml2_ovs_spec.rb
View File

@ -53,6 +53,8 @@ describe 'neutron::agents::ml2::ovs' do
is_expected.to contain_neutron_agent_ovs('ovs/integration_bridge').with_value(p[:integration_bridge]) is_expected.to contain_neutron_agent_ovs('ovs/integration_bridge').with_value(p[:integration_bridge])
is_expected.to contain_neutron_agent_ovs('securitygroup/firewall_driver').\ is_expected.to contain_neutron_agent_ovs('securitygroup/firewall_driver').\
with_value(p[:firewall_driver]) with_value(p[:firewall_driver])
is_expected.to contain_neutron_agent_ovs('securitygroup/enable_security_group').\
with_value(['<SERVICE DEFAULT>'])
is_expected.to contain_neutron_agent_ovs('ovs/tunnel_bridge').with_ensure('absent') is_expected.to contain_neutron_agent_ovs('ovs/tunnel_bridge').with_ensure('absent')
is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_ensure('absent') is_expected.to contain_neutron_agent_ovs('ovs/local_ip').with_ensure('absent')
is_expected.to contain_neutron_agent_ovs('ovs/int_peer_patch_port').with_ensure('absent') is_expected.to contain_neutron_agent_ovs('ovs/int_peer_patch_port').with_ensure('absent')
@ -99,6 +101,16 @@ describe 'neutron::agents::ml2::ovs' do
end end
end end
context 'when disabling security groups' do
before :each do
params.merge!(:enable_security_group => false)
end
it 'should disable securitygroups' do
is_expected.to contain_neutron_agent_ovs('securitygroup/enable_security_group').with_value('false')
end
end
context 'when enabling ARP responder' do context 'when enabling ARP responder' do
before :each do before :each do
params.merge!(:arp_responder => true) params.merge!(:arp_responder => true)