Add agents.l3 "radvd_user" configuration option

Based on new Neutron configuration option [1], it will allow to define the user to run the radvd daemon in the L3 agent. By default, the user will be "root", to solve the problem found in the related bug. [1] Ie9a6fbf04d453a3c1c0bddf9ecaa3d4d6467e8ff Change-Id: I8a1bff166ee78dca402457fd1498e5906380c9ed Closes-Bug: #1844688
2019-10-29 10:57:34 +00:00 · 2019-10-29 10:57:34 +00:00 · ab1049ae01
commit ab1049ae01
parent 29f5049be2
1 changed files with 9 additions and 0 deletions
--- a/manifests/agents/l3.pp
+++ b/manifests/agents/l3.pp
@ -87,6 +87,13 @@
 #   (optional) L3 agent extensions to enable.
 #   Defaults to $::os_service_default
 #
+# [*radvd_user*]
+#   (optional) The username passed to radvd, used to drop root privileges and
+#   change user ID to username and group ID to the primary group of username.
+#   If no user specified, the user executing the L3 agent will be passed. If
+#   "root" specified, because radvd is spawned as root, no "username" parameter
+#   will be passed.
+#
 class neutron::agents::l3 (
  $package_ensure                   = 'present',
  $enabled                          = true,
@ -107,6 +114,7 @@ class neutron::agents::l3 (
  $purge_config                     = false,
  $availability_zone                = $::os_service_default,
  $extensions                       = $::os_service_default,
+  $radvd_user                       = $::os_service_default,
 ) {

  include ::neutron::deps
@ -134,6 +142,7 @@ class neutron::agents::l3 (
    'DEFAULT/periodic_fuzzy_delay':             value => $periodic_fuzzy_delay;
    'DEFAULT/enable_metadata_proxy':            value => $enable_metadata_proxy;
    'DEFAULT/agent_mode':                       value => $agent_mode;
+    'DEFAULT/radvd_user':                       value => $radvd_user;
    'agent/availability_zone':                  value => $availability_zone;
    'agent/extensions':                         value => $extensions;
  }