Support the LibreSwan driver in Red Hat platforms
Currently, the libreswan package is supported by puppet-neutron as part of the openswan driver. However, there is a specific libreswan driver, which is required when using it (see https://bugs.launchpad.net/neutron/+bug/1444017 for details). Adding support for the LibreSwan driver in puppet-neutron, only for Red Hat platforms as it does not seem to be supported in Debian/Ubuntu. Change-Id: I9628e485d301734f9d739c1d03d6da9f7887c61d
This commit is contained in:
Javier Pena
parent
8ceda15976
commit
f6c48bb76c
|
|
@ -68,6 +68,17 @@ class neutron::agents::vpnaas (
|
|||
name => $::neutron::params::openswan_package,
|
||||
}
|
||||
}
|
||||
/\.LibreSwan/: {
|
||||
if($::osfamily != 'Redhat') {
|
||||
fail("LibreSwan is not supported on osfamily ${::osfamily}")
|
||||
} else {
|
||||
Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |>
|
||||
package { 'libreswan':
|
||||
ensure => present,
|
||||
name => $::neutron::params::libreswan_package,
|
||||
}
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported vpn_device_driver ${vpn_device_driver}")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -65,6 +65,7 @@ class neutron::params {
|
|||
} else {
|
||||
$openswan_package = 'openswan'
|
||||
}
|
||||
$libreswan_package = 'libreswan'
|
||||
|
||||
$l3_agent_package = false
|
||||
$l3_agent_service = 'neutron-l3-agent'
|
||||
|
|
@ -151,6 +152,7 @@ class neutron::params {
|
|||
$vpnaas_agent_service = 'neutron-vpn-agent'
|
||||
|
||||
$openswan_package = 'openswan'
|
||||
$libreswan_package = false
|
||||
|
||||
$metadata_agent_package = 'neutron-metadata-agent'
|
||||
$metadata_agent_service = 'neutron-metadata-agent'
|
||||
|
|
|
|||
|
|
@ -133,6 +133,18 @@ describe 'neutron::agents::vpnaas' do
|
|||
it 'configures subscription to neutron-vpnaas-agent package' do
|
||||
is_expected.to contain_service('neutron-vpnaas-service').that_subscribes_to('Package[neutron-vpnaas-agent]')
|
||||
end
|
||||
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
)
|
||||
end
|
||||
|
||||
it 'fails when configuring LibreSwan on Debian' do
|
||||
is_expected.to raise_error(Puppet::Error, /LibreSwan is not supported on osfamily Debian/)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'on RedHat 6 platforms' do
|
||||
|
|
@ -162,10 +174,27 @@ describe 'neutron::agents::vpnaas' do
|
|||
|
||||
let :platform_params do
|
||||
{ :openswan_package => 'libreswan',
|
||||
:libreswan_package => 'libreswan',
|
||||
:vpnaas_agent_package => 'openstack-neutron-vpnaas',
|
||||
:vpnaas_agent_service => 'neutron-vpn-agent'}
|
||||
end
|
||||
|
||||
it_configures 'neutron vpnaas agent'
|
||||
|
||||
context 'when configuring the LibreSwan driver' do
|
||||
before do
|
||||
params.merge!(
|
||||
:vpn_device_driver => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
)
|
||||
end
|
||||
|
||||
it 'configures LibreSwan' do
|
||||
is_expected.to contain_neutron_vpnaas_agent_config('vpnagent/vpn_device_driver').with_value(params[:vpn_device_driver]);
|
||||
is_expected.to contain_package('libreswan').with(
|
||||
:ensure => 'present',
|
||||
:name => platform_params[:libreswan_package]
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue