diff --git a/manifests/agents/vpnaas.pp b/manifests/agents/vpnaas.pp index 4c46f1475..9946facf9 100644 --- a/manifests/agents/vpnaas.pp +++ b/manifests/agents/vpnaas.pp @@ -57,19 +57,23 @@ class neutron::agents::vpnaas ( package { 'openswan': ensure => present, name => $::neutron::params::openswan_package, - tag => ['neutron-support-package', 'openstack'], + tag => ['openstack', 'neutron-support-package'], } } /\.LibreSwan/: { - if($facts['os']['family'] != 'Redhat') { - fail("LibreSwan is not supported on osfamily ${facts['os']['family']}") - } else { - Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |> - package { 'libreswan': - ensure => present, - name => $::neutron::params::libreswan_package, - tag => ['neutron-support-package', 'openstack'], - } + Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |> + package { 'libreswan': + ensure => present, + name => $::neutron::params::libreswan_package, + tag => ['openstack', 'neutron-support-package'], + } + } + /\.StrongSwan/: { + Package['strongswan'] -> Package<| title == 'neutron-vpnaas-agent' |> + package { 'strongswan': + ensure => present, + name => $::neutron::params::strongswan_package, + tag => ['openstack', 'neutron-support-package'], } } default: { diff --git a/manifests/params.pp b/manifests/params.pp index 2bf285dd2..c3ec2b508 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -56,6 +56,7 @@ class neutron::params { $bgp_dragent_package = 'openstack-neutron-bgp-dragent' $openswan_package = 'libreswan' $libreswan_package = 'libreswan' + $strongswan_package = 'strongswan' $metadata_agent_package = false $l3_agent_package = false $neutron_wsgi_script_path = '/var/www/cgi-bin/neutron' @@ -101,7 +102,8 @@ class neutron::params { $metering_agent_package = 'neutron-metering-agent' $vpnaas_agent_package = 'python3-neutron-vpnaas' $openswan_package = 'strongswan' - $libreswan_package = false + $libreswan_package = 'libreswan' + $strongswan_package = 'strongswan' $metadata_agent_package = 'neutron-metadata-agent' $l3_agent_package = 'neutron-l3-agent' $l2gw_agent_package = 'neutron-l2gateway-agent' diff --git a/spec/classes/neutron_agents_vpnaas_spec.rb b/spec/classes/neutron_agents_vpnaas_spec.rb index 487a0a97f..95b9acb2a 100644 --- a/spec/classes/neutron_agents_vpnaas_spec.rb +++ b/spec/classes/neutron_agents_vpnaas_spec.rb @@ -29,88 +29,73 @@ describe 'neutron::agents::vpnaas' do {} end - let :default_params do - { - :package_ensure => 'present', - :vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver', - :interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver', - :purge_config => false, - } - end + shared_examples 'neutron::agents::vpnaas' do + context 'with defaults' do + it { should contain_class('neutron::params') } - shared_examples 'neutron vpnaas agent' do - let :p do - default_params.merge(params) - end + it 'configures vpnaas_agent.ini' do + should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value( + 'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver') + should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value('') + should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value( + 'neutron.agent.linux.interface.OVSInterfaceDriver') + end - it { should contain_class('neutron::params') } - - it_behaves_like 'openswan vpnaas_driver' - - it 'passes purge to resource' do - should contain_resources('neutron_vpnaas_agent_config').with({ - :purge => false - }) - end - - it 'configures vpnaas_agent.ini' do - should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(p[:vpn_device_driver]); - should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value(''); - should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]); - end - - it 'installs neutron vpnaas agent package' do - if platform_params.has_key?(:vpnaas_agent_package) + it 'installs neutron vpnaas agent package' do should contain_package('neutron-vpnaas-agent').with( + :ensure => 'present', :name => platform_params[:vpnaas_agent_package], - :ensure => p[:package_ensure], :tag => ['openstack', 'neutron-package'], ) - should contain_package('neutron').that_requires('Anchor[neutron::install::begin]') - should contain_package('neutron').that_notifies('Anchor[neutron::install::end]') end - end - end - shared_examples 'openswan vpnaas_driver' do - it 'installs openswan packages' do - if platform_params.has_key?(:vpnaas_agent_package) - should contain_package('openswan') - end - should contain_package('openswan').with( - :ensure => 'present', - :name => platform_params[:openswan_package] - ) - end - end - - shared_examples 'neutron::agents::vpnaas on Debian' do - context 'when configuring the LibreSwan driver' do - before do - params.merge!( - :vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver' + it 'installs openswan packages' do + should contain_package('openswan').with( + :ensure => 'present', + :name => platform_params[:openswan_package], + :tag => ['openstack', 'neutron-support-package'], ) end - - it 'fails when configuring LibreSwan on Debian' do - should raise_error(Puppet::Error, /LibreSwan is not supported on osfamily Debian/) - end end - end - shared_examples 'neutron::agents::vpnaas on RedHat' do - context 'when configuring the LibreSwan driver' do - before do - params.merge!( + context 'with libreswan vpnaas driver' do + let :params do + { :vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver' - ) + } end - it 'configures LibreSwan' do - should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(params[:vpn_device_driver]); + it 'configures vpnaas_agent.ini' do + should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value( + 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver') + end + + it 'installs libreswan packages' do should contain_package('libreswan').with( :ensure => 'present', - :name => platform_params[:libreswan_package] + :name => platform_params[:libreswan_package], + :tag => ['openstack', 'neutron-support-package'], + ) + end + end + + context 'with strongswan vpnaas driver' do + let :params do + { + :vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver' + } + end + + it 'configures vpnaas_agent.ini' do + should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value( + 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver') + end + + it 'installs strongswan packages' do + should contain_package('strongswan').with( + :ensure => 'present', + :name => platform_params[:strongswan_package], + :tag => ['openstack', 'neutron-support-package'], ) end end @@ -129,22 +114,21 @@ describe 'neutron::agents::vpnaas' do when 'Debian' { :openswan_package => 'strongswan', - :vpnaas_agent_package => 'neutron-vpn-agent' + :libreswan_package => 'libreswan', + :strongswan_package => 'strongswan', + :vpnaas_agent_package => 'python3-neutron-vpnaas' } when 'RedHat' { :openswan_package => 'libreswan', :libreswan_package => 'libreswan', + :strongswan_package => 'strongswan', :vpnaas_agent_package => 'openstack-neutron-vpnaas' } end end - it_behaves_like "neutron::agents::vpnaas on #{facts[:os]['family']}" - - if facts[:os]['family'] == 'RedHat' - it_behaves_like 'neutron vpnaas agent' - end + it_behaves_like 'neutron::agents::vpnaas' end end end