vpnaas: Improve driver/distributions coverage
The libreswan package is available in recent versions of Ubuntu and Debian thus we can use libreswan in these distributions. This change also adds support for StrongSwan driver. Change-Id: I961b7b0ecdcdab6fd4e8337bf83c831fc54b2acd
This commit is contained in:
parent
ef0137f4a7
commit
74cbf81623
@ -57,20 +57,24 @@ class neutron::agents::vpnaas (
|
||||
package { 'openswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::openswan_package,
|
||||
tag => ['neutron-support-package', 'openstack'],
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
/\.LibreSwan/: {
|
||||
if($facts['os']['family'] != 'Redhat') {
|
||||
fail("LibreSwan is not supported on osfamily ${facts['os']['family']}")
|
||||
} else {
|
||||
Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'libreswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::libreswan_package,
|
||||
tag => ['neutron-support-package', 'openstack'],
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
/\.StrongSwan/: {
|
||||
Package['strongswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'strongswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::strongswan_package,
|
||||
tag => ['openstack', 'neutron-support-package'],
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported vpn_device_driver ${vpn_device_driver}")
|
||||
|
@ -56,6 +56,7 @@ class neutron::params {
|
||||
$bgp_dragent_package = 'openstack-neutron-bgp-dragent'
|
||||
$openswan_package = 'libreswan'
|
||||
$libreswan_package = 'libreswan'
|
||||
$strongswan_package = 'strongswan'
|
||||
$metadata_agent_package = false
|
||||
$l3_agent_package = false
|
||||
$neutron_wsgi_script_path = '/var/www/cgi-bin/neutron'
|
||||
@ -101,7 +102,8 @@ class neutron::params {
|
||||
$metering_agent_package = 'neutron-metering-agent'
|
||||
$vpnaas_agent_package = 'python3-neutron-vpnaas'
|
||||
$openswan_package = 'strongswan'
|
||||
$libreswan_package = false
|
||||
$libreswan_package = 'libreswan'
|
||||
$strongswan_package = 'strongswan'
|
||||
$metadata_agent_package = 'neutron-metadata-agent'
|
||||
$l3_agent_package = 'neutron-l3-agent'
|
||||
$l2gw_agent_package = 'neutron-l2gateway-agent'
|
||||
|
@ -29,88 +29,73 @@ describe 'neutron::agents::vpnaas' do
|
||||
{}
|
||||
end
|
||||
|
||||
let :default_params do
|
||||
{
|
||||
:package_ensure => 'present',
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver',
|
||||
:interface_driver => 'neutron.agent.linux.interface.OVSInterfaceDriver',
|
||||
:purge_config => false,
|
||||
}
|
||||
end
|
||||
|
||||
shared_examples 'neutron vpnaas agent' do
|
||||
let :p do
|
||||
default_params.merge(params)
|
||||
end
|
||||
|
||||
shared_examples 'neutron::agents::vpnaas' do
|
||||
context 'with defaults' do
|
||||
it { should contain_class('neutron::params') }
|
||||
|
||||
it_behaves_like 'openswan vpnaas_driver'
|
||||
|
||||
it 'passes purge to resource' do
|
||||
should contain_resources('neutron_vpnaas_agent_config').with({
|
||||
:purge => false
|
||||
})
|
||||
end
|
||||
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(p[:vpn_device_driver]);
|
||||
should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value('<SERVICE DEFAULT>');
|
||||
should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(p[:interface_driver]);
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver')
|
||||
should contain_neutron_vpnaas_agent_config('ipsec/ipsec_status_check_interval').with_value('<SERVICE DEFAULT>')
|
||||
should contain_neutron_vpnaas_agent_config('DEFAULT/interface_driver').with_value(
|
||||
'neutron.agent.linux.interface.OVSInterfaceDriver')
|
||||
end
|
||||
|
||||
it 'installs neutron vpnaas agent package' do
|
||||
if platform_params.has_key?(:vpnaas_agent_package)
|
||||
should contain_package('neutron-vpnaas-agent').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:vpnaas_agent_package],
|
||||
:ensure => p[:package_ensure],
|
||||
:tag => ['openstack', 'neutron-package'],
|
||||
)
|
||||
should contain_package('neutron').that_requires('Anchor[neutron::install::begin]')
|
||||
should contain_package('neutron').that_notifies('Anchor[neutron::install::end]')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'openswan vpnaas_driver' do
|
||||
it 'installs openswan packages' do
|
||||
if platform_params.has_key?(:vpnaas_agent_package)
|
||||
should contain_package('openswan')
|
||||
end
|
||||
should contain_package('openswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:openswan_package]
|
||||
:name => platform_params[:openswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'neutron::agents::vpnaas on Debian' do
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
context 'with libreswan vpnaas driver' do
|
||||
let :params do
|
||||
{
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
)
|
||||
}
|
||||
end
|
||||
|
||||
it 'fails when configuring LibreSwan on Debian' do
|
||||
should raise_error(Puppet::Error, /LibreSwan is not supported on osfamily Debian/)
|
||||
end
|
||||
end
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver')
|
||||
end
|
||||
|
||||
shared_examples 'neutron::agents::vpnaas on RedHat' do
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
)
|
||||
end
|
||||
|
||||
it 'configures LibreSwan' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(params[:vpn_device_driver]);
|
||||
it 'installs libreswan packages' do
|
||||
should contain_package('libreswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:libreswan_package]
|
||||
:name => platform_params[:libreswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with strongswan vpnaas driver' do
|
||||
let :params do
|
||||
{
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver'
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures vpnaas_agent.ini' do
|
||||
should contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(
|
||||
'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver')
|
||||
end
|
||||
|
||||
it 'installs strongswan packages' do
|
||||
should contain_package('strongswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:strongswan_package],
|
||||
:tag => ['openstack', 'neutron-support-package'],
|
||||
)
|
||||
end
|
||||
end
|
||||
@ -129,22 +114,21 @@ describe 'neutron::agents::vpnaas' do
|
||||
when 'Debian'
|
||||
{
|
||||
:openswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'neutron-vpn-agent'
|
||||
:libreswan_package => 'libreswan',
|
||||
:strongswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'python3-neutron-vpnaas'
|
||||
}
|
||||
when 'RedHat'
|
||||
{
|
||||
:openswan_package => 'libreswan',
|
||||
:libreswan_package => 'libreswan',
|
||||
:strongswan_package => 'strongswan',
|
||||
:vpnaas_agent_package => 'openstack-neutron-vpnaas'
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like "neutron::agents::vpnaas on #{facts[:os]['family']}"
|
||||
|
||||
if facts[:os]['family'] == 'RedHat'
|
||||
it_behaves_like 'neutron vpnaas agent'
|
||||
end
|
||||
it_behaves_like 'neutron::agents::vpnaas'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user