Add support for BGPVPN plugin

Introduce puppet classes to configure networking-bgpvpn service
  plugin

Implements: blueprint bgpvpn-service-integration

Change-Id: I317f3cc05381889a315a5886a1d49ebba8756482
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>

lib/puppet/provider/neutron_bgpvpn_service_config/openstackconfig.rb

@@ -0,0 +1,15 @@
+Puppet::Type.type(:neutron_bgpvpn_service_config).provide(
+  :openstackconfig,
+  :parent => Puppet::Type.type(:openstack_config).provider(:ruby)
+) do
+
+  def self.file_path
+    '/etc/neutron/networking_bgpvpn.conf'
+  end
+
+  # added for backwards compatibility with older versions of inifile
+  def file_path
+    self.class.file_path
+  end
+
+end

lib/puppet/type/neutron_bgpvpn_service_config.rb

@@ -0,0 +1,36 @@
+Puppet::Type.newtype(:neutron_bgpvpn_service_config) do
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    desc 'Section/setting name to manage from networking_bgpvpn.conf'
+    newvalues(/\S+\/\S+/)
+  end
+
+  newproperty(:value, :array_matching => :all) do
+    desc 'The value of the setting to be defined.'
+    def insync?(is)
+      return true if @should.empty?
+      return false unless is.is_a? Array
+      return false unless is.length == @should.length
+      return (
+        is & @should == is or
+        is & @should.map(&:to_s) == is
+      )
+    end
+
+    munge do |value|
+      value = value.to_s.strip
+      value.capitalize! if value =~ /^(true|false)$/i
+      value
+    end
+  end
+
+  newparam(:ensure_absent_val) do
+    desc 'A value that is specified as the value property will behave as if ensure => absent was specified'
+    defaultto('<SERVICE DEFAULT>')
+  end
+
+  autorequire(:package) do ['python-networking-bgpvpn'] end
+
+end

manifests/config.pp

@@ -27,6 +27,9 @@
 # [*api_config*]
 #   (optional) Manage configuration of api-paste.ini
 #
+# [*bgpvpn_service_config*]
+#   (optional) Manage configuration of networking_bgpvpn.conf
+#
 # [*l3_agent_config*]
 #   (optional) Manage configuration of l3_agent.ini
 #
@@ -81,6 +84,7 @@
 class neutron::config (
   $server_config                 = {},
   $api_config                    = {},
+  $bgpvpn_service_config         = {},
   $l3_agent_config               = {},
   $dhcp_agent_config             = {},
   $lbaas_agent_config            = {},
@@ -103,6 +107,7 @@ class neutron::config (
 
   validate_hash($server_config)
   validate_hash($api_config)
+  validate_hash($bgpvpn_service_config)
   validate_hash($l3_agent_config)
   validate_hash($dhcp_agent_config)
   validate_hash($lbaas_agent_config)
@@ -122,6 +127,7 @@ class neutron::config (
 
   create_resources('neutron_config', $server_config)
   create_resources('neutron_api_config', $api_config)
+  create_resources('neutron_bgpvpn_service_config', $bgpvpn_service_config)
   create_resources('neutron_l3_agent_config', $l3_agent_config)
   create_resources('neutron_dhcp_agent_config', $dhcp_agent_config)
   create_resources('neutron_lbaas_agent_config', $lbaas_agent_config)

manifests/deps.pp

@@ -38,6 +38,7 @@ class neutron::deps {
   Anchor['neutron::config::begin'] -> Neutron_agent_vpp<||> ~> Anchor['neutron::config::end']
   Anchor['neutron::config::begin'] -> Neutron_api_config<||> ~> Anchor['neutron::config::end']
   Anchor['neutron::config::begin'] -> Neutron_api_paste_ini<||> ~> Anchor['neutron::config::end']
+  Anchor['neutron::config::begin'] -> Neutron_bgpvpn_service_config<||> ~> Anchor['neutron::config::end']
   Anchor['neutron::config::begin'] -> Neutron_config<||> ~> Anchor['neutron::config::end']
   Anchor['neutron::config::begin'] -> Neutron_dhcp_agent_config<||> ~> Anchor['neutron::config::end']
   Anchor['neutron::config::begin'] -> Neutron_fwaas_service_config<||> ~> Anchor['neutron::config::end']

manifests/params.pp

@@ -29,6 +29,7 @@ class neutron::params {
   $vpnaas_agent_service        = 'neutron-vpn-agent'
   $l3_agent_service            = 'neutron-l3-agent'
   $metadata_agent_service      = 'neutron-metadata-agent'
+  $bgpvpn_plugin_package       = 'python-networking-bgpvpn'
 
   if($::osfamily == 'Redhat') {
     $nobody_user_group          = 'nobody'

manifests/services/bgpvpn.pp

@@ -0,0 +1,82 @@
+#
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Author: Ricardo Noriega <rnoriega@redhat.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: neutron::services::bgpvpn
+#
+# Configure BGPVPN Neutron API
+#
+# === Parameters:
+#
+# [*package_ensure*]
+#   Whether to install the bgpvpn service package
+#   Default to 'present'
+#
+# [*service_providers*]
+#   Array of allowed service types
+#
+# [*sync_db*]
+#   Whether 'bgpvpn-db-sync' should run to create and/or synchronize the
+#   database with networking-bgpvpn specific tables. Default to false
+#
+# [*purge_config*]
+#   (optional) Whether to set only the specified config options
+#   in the bgpvpn config.
+#   Default to false.
+#
+class neutron::services::bgpvpn (
+  $package_ensure    = 'present',
+  $service_providers = $::os_service_default,
+  $sync_db           = false,
+  $purge_config      = false,
+) {
+
+  include ::neutron::deps
+  include ::neutron::params
+
+  #This package just include the service API
+  ensure_resource( 'package', $::neutron::params::bgpvpn_plugin_package, {
+    ensure => $package_ensure,
+    name   => $::neutron::params::bgpvpn_plugin_package,
+    tag    => ['openstack', 'neutron-package'],
+  })
+
+  if !is_service_default($service_providers) {
+    # default value is uncommented setting, so we should not touch it at all
+    neutron_bgpvpn_service_config { 'service_providers/service_provider':
+      value => $service_providers,
+    }
+  }
+
+  resources { 'neutron_bgpvpn_service_config':
+    purge => $purge_config,
+  }
+
+  if $sync_db {
+    Package<| title == $::neutron::params::bgpvpn_plugin_package |> ~> Exec['bgpvpn-db-sync']
+    exec { 'bgpvpn-db-sync':
+      command     => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject networking-bgpvpn upgrade',
+      path        => '/usr/bin',
+      subscribe   => [
+        Anchor['neutron::install::end'],
+        Anchor['neutron::config::end'],
+        Anchor['neutron::dbsync::begin']
+      ],
+      notify      => Anchor['neutron::dbsync::end'],
+      refreshonly => true
+    }
+  }
+}

releasenotes/notes/bgpvpn-support-73886489d10d6301.yaml

@@ -0,0 +1,10 @@
+---
+prelude: >
+    BGP-based IP VPNs networks are widely used in the industry especially for
+    enterprises. This project aims at supporting inter-connection between
+    L3VPNs and Neutron resources, i.e. Networks, Routers and Ports.
+features:
+  - Add support for BGPVPN Neutron service plugin
+  - Add new type for BGPVPN Service config
+  - Add new provider for BGPVPN Service config
+  - Add spec and unit tests

spec/classes/neutron_services_bgpvpn_spec.rb

@@ -0,0 +1,77 @@
+# Copyright (C) 2017 Red Hat Inc.
+#
+# Author: Ricardo Noriega <rnoriega@redhat.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'spec_helper'
+
+describe 'neutron::services::bgpvpn' do
+
+  let :default_params do
+    { :package_ensure    => 'present',
+      :service_providers => '<SERVICE_DEFAULT>',
+      :sync_db           => true,
+    }
+  end
+
+  shared_examples_for 'neutron bgpvpn service plugin' do
+
+    context 'with default params' do
+      let :params do
+        default_params
+      end
+
+      it 'installs bgpvpn package' do
+        is_expected.to contain_package('python-networking-bgpvpn').with(
+          :ensure => params[:package_ensure],
+          :name   => platform_params[:bgpvpn_package_name],
+        )
+      end
+    end
+
+    context 'with multiple service providers' do
+      let :params do
+        default_params.merge(
+          { :service_providers => ['provider1', 'provider2'] }
+        )
+      end
+
+      it 'configures networking_bgpvpn.conf' do
+        is_expected.to contain_neutron_bgpvpn_service_config(
+          'service_providers/service_provider'
+        ).with_value(['provider1', 'provider2'])
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os   => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge(OSDefaults.get_facts())
+      end
+
+      let (:platform_params) do
+        case facts[:osfamily]
+        when 'RedHat'
+          { :bgpvpn_package_name => 'python-networking-bgpvpn' }
+        when 'Debian'
+          { :bgpvpn_package_name => 'python-networking-bgpvpn' }
+        end
+      end
+      it_configures 'neutron bgpvpn service plugin'
+    end
+  end
+end

spec/unit/provider/neutron_bgpvpn_service_config/openstackconfig_spec.rb

@@ -0,0 +1,74 @@
+$LOAD_PATH.push(
+  File.join(
+    File.dirname(__FILE__),
+    '..',
+    '..',
+    '..',
+    'fixtures',
+    'modules',
+    'inifile',
+    'lib')
+)
+$LOAD_PATH.push(
+  File.join(
+    File.dirname(__FILE__),
+    '..',
+    '..',
+    '..',
+    'fixtures',
+    'modules',
+    'openstacklib',
+    'lib')
+)
+
+require 'spec_helper'
+
+provider_class = Puppet::Type.type(:neutron_bgpvpn_service_config).provider(:openstackconfig)
+
+describe provider_class do
+
+  it 'should default to the default setting when no other one is specified' do
+    resource = Puppet::Type::Neutron_bgpvpn_service_config.new(
+      {
+        :name => 'DEFAULT/foo',
+        :value => 'bar'
+      }
+    )
+    provider = provider_class.new(resource)
+    expect(provider.section).to eq('DEFAULT')
+    expect(provider.setting).to eq('foo')
+    expect(provider.file_path).to eq('/etc/neutron/networking_bgpvpn.conf')
+  end
+
+  it 'should allow setting to be set explicitly' do
+    resource = Puppet::Type::Neutron_bgpvpn_service_config.new(
+      {
+        :name => 'dude/foo',
+        :value => 'bar'
+      }
+    )
+    provider = provider_class.new(resource)
+    expect(provider.section).to eq('dude')
+    expect(provider.setting).to eq('foo')
+    expect(provider.file_path).to eq('/etc/neutron/networking_bgpvpn.conf')
+  end
+
+  it 'should ensure absent when <SERVICE DEFAULT> is specified as a value' do
+    resource = Puppet::Type::Neutron_bgpvpn_service_config.new(
+      {:name => 'dude/foo', :value => '<SERVICE DEFAULT>'}
+    )
+    provider = provider_class.new(resource)
+    provider.exists?
+    expect(resource[:ensure]).to eq :absent
+  end
+
+  it 'should ensure absent when value matches ensure_absent_val' do
+    resource = Puppet::Type::Neutron_bgpvpn_service_config.new(
+      {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' }
+    )
+    provider = provider_class.new(resource)
+    provider.exists?
+    expect(resource[:ensure]).to eq :absent
+  end
+
+end

spec/unit/type/neutron_bgpvpn_service_config_spec.rb

@@ -0,0 +1,20 @@
+require 'puppet'
+require 'puppet/type/neutron_bgpvpn_service_config'
+
+describe 'Puppet::Type.type(:neutron_bgpvpn_service_config)' do
+
+  before :each do
+    @neutron_bgpvpn_service_config = Puppet::Type.type(:neutron_bgpvpn_service_config).new(:name => 'DEFAULT/foo', :value => 'bar')
+  end
+
+  it 'should autorequire the package that install the file' do
+    catalog = Puppet::Resource::Catalog.new
+    package = Puppet::Type.type(:package).new(:name => 'python-networking-bgpvpn')
+    catalog.add_resource package, @neutron_bgpvpn_service_config
+    dependency = @neutron_bgpvpn_service_config.autorequire
+    expect(dependency.size).to eq(1)
+    expect(dependency[0].target).to eq(@neutron_bgpvpn_service_config)
+    expect(dependency[0].source).to eq(package)
+  end
+
+end