vpnaas: Improve driver/distributions coverage
The libreswan package is available in recent versions of Ubuntu and Debian thus we can use libreswan in these distributions. This change also adds support for StrongSwan driver. Change-Id: I961b7b0ecdcdab6fd4e8337bf83c831fc54b2acd
This commit is contained in:
parent
ef0137f4a7
commit
74cbf81623
@ -57,19 +57,23 @@ class neutron::agents::vpnaas (
|
||||
package { 'openswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::openswan_package,
|
||||
tag => ['neutron-support-package', 'openstack'],
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
/\.LibreSwan/: {
|
||||
if($facts['os']['family'] != 'Redhat') {
|
||||
fail("LibreSwan is not supported on osfamily ${facts['os']['family']}")
|
||||
} else {
|
||||
Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'libreswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::libreswan_package,
|
||||
tag => ['neutron-support-package', 'openstack'],
|
||||
}
|
||||
Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'libreswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::libreswan_package,
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
/\.StrongSwan/: {
|
||||
Package['strongswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'strongswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::strongswan_package,
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
default: {
|
||||
|
@ -56,6 +56,7 @@ class neutron::params {
|
||||
$bgp_dragent_package = 'openstack-neutron-bgp-dragent'
|
||||
$openswan_package = 'libreswan'
|
||||
$libreswan_package = 'libreswan'
|
||||
$strongswan_package = 'strongswan'
|
||||
$metadata_agent_package = false
|
||||
$l3_agent_package = false
|
||||
$neutron_wsgi_script_path = '/var/www/cgi-bin/neutron'
|
||||
@ -101,7 +102,8 @@ class neutron::params {
|
||||
$metering_agent_package = 'neutron-metering-agent'
|
||||
$vpnaas_agent_package = 'python3-neutron-vpnaas'
|
||||
$openswan_package = 'strongswan'
|
||||
$libreswan_package = false
|
||||
$libreswan_package = 'libreswan'
|
||||
$strongswan_package = 'strongswan'
|
||||
$metadata_agent_package = 'neutron-metadata-agent'
|
||||
$l3_agent_package = 'neutron-l3-agent'
|
||||
$l2gw_agent_package = 'neutron-l2gateway-agent'
|
||||
|
@ -29,88 +29,73 @@ describe 'neutron::agents::vpnaas' do
|
||||
{}
|
||||
end
|
||||
|
||||
let :default_params do
|
||||
{
|
||||
:package_ensure => 'present',
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver',
|
||||
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
|
||||
:purge_config => false,
|
||||
}
|
||||
end
|
||||
shared_examples 'neutron::agents::vpnaas' do
|
||||
context 'with defaults' do
|
||||
it { should contain_class('neutron::params') }
|
||||
|
||||
shared_examples 'neutron vpnaas agent' do
|
||||
let :p do
|
||||
default_params.merge(params)
|
||||
end
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver')
|
||||
should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value('<SERVICE DEFAULT>')
|
||||
should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(
|
||||
'neutron.agent.linux.interface.OVSInterfaceDriver')
|
||||
end
|
||||
|
||||
it { should contain_class('neutron::params') }
|
||||
|
||||
it_behaves_like 'openswan vpnaas_driver'
|
||||
|
||||
it 'passes purge to resource' do
|
||||
should contain_resources('neutron_vpnaas_agent_config').with({
|
||||
:purge => false
|
||||
})
|
||||
end
|
||||
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(p[:vpn_device_driver]);
|
||||
should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value('<SERVICE DEFAULT>');
|
||||
should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
|
||||
end
|
||||
|
||||
it 'installs neutron vpnaas agent package' do
|
||||
if platform_params.has_key?(:vpnaas_agent_package)
|
||||
it 'installs neutron vpnaas agent package' do
|
||||
should contain_package('neutron-vpnaas-agent').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:vpnaas_agent_package],
|
||||
:ensure => p[:package_ensure],
|
||||
:tag => ['openstack', 'neutron-package'],
|
||||
)
|
||||
should contain_package('neutron').that_requires('Anchor[neutron::install::begin]')
|
||||
should contain_package('neutron').that_notifies('Anchor[neutron::install::end]')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'openswan vpnaas_driver' do
|
||||
it 'installs openswan packages' do
|
||||
if platform_params.has_key?(:vpnaas_agent_package)
|
||||
should contain_package('openswan')
|
||||
end
|
||||
should contain_package('openswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:openswan_package]
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'neutron::agents::vpnaas on Debian' do
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
it 'installs openswan packages' do
|
||||
should contain_package('openswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:openswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
|
||||
it 'fails when configuring LibreSwan on Debian' do
|
||||
should raise_error(Puppet::Error, /LibreSwan is not supported on osfamily Debian/)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'neutron::agents::vpnaas on RedHat' do
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
context 'with libreswan vpnaas driver' do
|
||||
let :params do
|
||||
{
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures LibreSwan' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(params[:vpn_device_driver]);
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver')
|
||||
end
|
||||
|
||||
it 'installs libreswan packages' do
|
||||
should contain_package('libreswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:libreswan_package]
|
||||
:name => platform_params[:libreswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with strongswan vpnaas driver' do
|
||||
let :params do
|
||||
{
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver'
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver')
|
||||
end
|
||||
|
||||
it 'installs strongswan packages' do
|
||||
should contain_package('strongswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:strongswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
end
|
||||
@ -129,22 +114,21 @@ describe 'neutron::agents::vpnaas' do
|
||||
when 'Debian'
|
||||
{
|
||||
:openswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'neutron-vpn-agent'
|
||||
:libreswan_package => 'libreswan',
|
||||
:strongswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'python3-neutron-vpnaas'
|
||||
}
|
||||
when 'RedHat'
|
||||
{
|
||||
:openswan_package => 'libreswan',
|
||||
:libreswan_package => 'libreswan',
|
||||
:strongswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'openstack-neutron-vpnaas'
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like "neutron::agents::vpnaas on #{facts[:os]['family']}"
|
||||
|
||||
if facts[:os]['family'] == 'RedHat'
|
||||
it_behaves_like 'neutron vpnaas agent'
|
||||
end
|
||||
it_behaves_like 'neutron::agents::vpnaas'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user