diff --git a/manifests/network/neutron.pp b/manifests/network/neutron.pp index 86f2b4115..d8e1a531b 100644 --- a/manifests/network/neutron.pp +++ b/manifests/network/neutron.pp @@ -12,14 +12,6 @@ # Name of the auth type to load (string value) # Defaults to 'v3password' # -# [*neutron_url*] -# (optional) URL for connecting to the Neutron networking service. -# Defaults to 'http://127.0.0.1:9696' -# -# [*neutron_url_timeout*] -# (optional) Timeout value for connecting to neutron in seconds. -# Defaults to '30' -# # [*neutron_project_name*] # (optional) Project name for connecting to Neutron network services in # admin context through the OpenStack Identity service. @@ -30,21 +22,39 @@ # admin context through the OpenStack Identity service. # Defaults to 'Default' # +# [*neutron_username*] +# (optional) Username for connecting to Neutron network services in admin context +# through the OpenStack Identity service. +# Defaults to 'neutron' +# # [*neutron_user_domain_name*] # (optional) User Domain name for connecting to Neutron network services in # admin context through the OpenStack Identity service. # Defaults to 'Default' # +# [*neutron_auth_url*] +# (optional) Points to the OpenStack Identity server IP and port. +# This is the Identity (keystone) admin API server IP and port value, +# and not the Identity service API IP and port. +# Defaults to 'http://127.0.0.1:5000/v3' +# +# [*neutron_valid_interfaces*] +# (optional) The endpoint type to lookup when talking to Neutron. +# Defaults to $::os_service_default +# +# [*neutron_endpoint_override*] +# (optional) Override the endpoint to use to talk to Neutron. +# Defaults to $::os_service_default +# +# [*neutron_timeout*] +# (optional) Timeout value for connecting to neutron in seconds. +# Defaults to '30' +# # [*neutron_region_name*] # (optional) Region name for connecting to neutron in admin context # through the OpenStack Identity service. # Defaults to 'RegionOne' # -# [*neutron_username*] -# (optional) Username for connecting to Neutron network services in admin context -# through the OpenStack Identity service. -# Defaults to 'neutron' -# # [*neutron_ovs_bridge*] # (optional) Name of Integration Bridge used by Open vSwitch # Defaults to 'br-int' @@ -53,12 +63,6 @@ # (optional) Number of seconds before querying neutron for extensions # Defaults to '600' # -# [*neutron_auth_url*] -# (optional) Points to the OpenStack Identity server IP and port. -# This is the Identity (keystone) admin API server IP and port value, -# and not the Identity service API IP and port. -# Defaults to 'http://127.0.0.1:5000/v3' -# # [*vif_plugging_is_fatal*] # (optional) Fail to boot instance if vif plugging fails. # This prevents nova from booting an instance if vif plugging notification @@ -77,16 +81,24 @@ # ### DEPRECATED PARAMS # +# [*neutron_url*] +# (optional) URL for connecting to the Neutron networking service. +# Defaults to undef +# +# [*neutron_url_timeout*] +# (optional) Timeout value for connecting to neutron in seconds. +# Defaults to undef +# # [*firewall_driver*] # (optional) Firewall driver. # This prevents nova from maintaining a firewall so it does not interfere # with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver' # to re-enable the Nova firewall. -# Defaults to 'nova.virt.firewall.NoopFirewallDriver' +# Defaults to undef # # [*dhcp_domain*] # (optional) domain to use for building the hostnames -# Defaults to 'novalocal' +# Defaults to undef # class nova::network::neutron ( $neutron_password = false, @@ -96,8 +108,9 @@ class nova::network::neutron ( $neutron_username = 'neutron', $neutron_user_domain_name = 'Default', $neutron_auth_url = 'http://127.0.0.1:5000/v3', - $neutron_url = 'http://127.0.0.1:9696', - $neutron_url_timeout = '30', + $neutron_valid_interfaces = $::os_service_default, + $neutron_endpoint_override = $::os_service_default, + $neutron_timeout = '30', $neutron_region_name = 'RegionOne', $neutron_ovs_bridge = 'br-int', $neutron_extension_sync_interval = '600', @@ -105,12 +118,23 @@ class nova::network::neutron ( $vif_plugging_timeout = '300', $default_floating_pool = 'nova', # DEPRECATED PARAMS - $firewall_driver = 'nova.virt.firewall.NoopFirewallDriver', - $dhcp_domain = 'novalocal', + $neutron_url = undef, + $neutron_url_timeout = undef, + $firewall_driver = undef, + $dhcp_domain = undef, ) { include ::nova::deps + if $neutron_url { + warning('nova::network::neutron::neutron_url is deprecated, nova behaviour will be default to looking up \ + the neutron endpoint in the keystone catalog, please use nova::network::neutron::neutron_endpoint_override to override') + } + + if $neutron_url_timeout { + warning('nova::network::neutron::neutron_url_timeout is deprecated, please use neutron_timeout instead.') + } + if $firewall_driver { warning('nova::network::neutron::firewall_driver is deprecated and will be removed in a future release') } @@ -125,12 +149,17 @@ class nova::network::neutron ( 'DEFAULT/firewall_driver': value => $firewall_driver; } + nova_config { + 'neutron/url': value => $neutron_url; + } + + $neutron_timeout_real = pick($neutron_url_timeout, $neutron_timeout) + nova_config { 'DEFAULT/vif_plugging_is_fatal': value => $vif_plugging_is_fatal; 'DEFAULT/vif_plugging_timeout': value => $vif_plugging_timeout; 'neutron/default_floating_pool': value => $default_floating_pool; - 'neutron/url': value => $neutron_url; - 'neutron/timeout': value => $neutron_url_timeout; + 'neutron/timeout': value => $neutron_timeout_real; 'neutron/project_name': value => $neutron_project_name; 'neutron/project_domain_name': value => $neutron_project_domain_name; 'neutron/region_name': value => $neutron_region_name; @@ -138,6 +167,8 @@ class nova::network::neutron ( 'neutron/user_domain_name': value => $neutron_user_domain_name; 'neutron/password': value => $neutron_password, secret => true; 'neutron/auth_url': value => $neutron_auth_url; + 'neutron/valid_interfaces': value => $neutron_valid_interfaces; + 'neutron/endpoint_override': value => $neutron_endpoint_override; 'neutron/ovs_bridge': value => $neutron_ovs_bridge; 'neutron/extension_sync_interval': value => $neutron_extension_sync_interval; 'neutron/auth_type': value => $neutron_auth_type; diff --git a/releasenotes/notes/deprecated-neutron-options-c506d893a1529ed5.yaml b/releasenotes/notes/deprecated-neutron-options-c506d893a1529ed5.yaml new file mode 100644 index 000000000..c2323d45d --- /dev/null +++ b/releasenotes/notes/deprecated-neutron-options-c506d893a1529ed5.yaml @@ -0,0 +1,21 @@ +--- +deprecations: + - | + nova::network::neutron::neutron_url is deprecated and will be removed in a future + release. Nova will default to looking up the neutron endpoint in the keystone + catalog, you can override the endpoint type with neutron_endpoint_type or by + overriding the endpoint with the neutron_endpoint_override parameter. + - | + nova::network::neutron::neutron_url_timeout is deprecated, please use neutron_timeout + instead. +features: + - | + Added new parameter nova::network::neutron::neutron_timeout that replaces the current + neutron_url_timeout parameter. + - | + Added new parameter nova::network::neutron::neutron_valid_interfaces which can be used + to override the keystone catalog interface nova should lookup for the neutron endpoint. + - | + Added new parameter nova::network::neutron::neutron_endpoint_override that can be used + to force the endpoint nova should use to talk to neutron, otherwise it will be looked + up in the keystone endpoint catalog. diff --git a/spec/classes/nova_network_neutron_spec.rb b/spec/classes/nova_network_neutron_spec.rb index e583a353e..749dfa367 100644 --- a/spec/classes/nova_network_neutron_spec.rb +++ b/spec/classes/nova_network_neutron_spec.rb @@ -1,135 +1,130 @@ require 'spec_helper' describe 'nova::network::neutron' do - let :default_params do - { :neutron_auth_type => 'v3password', - :neutron_url => 'http://127.0.0.1:9696', - :neutron_url_timeout => '30', + { + :neutron_auth_type => 'v3password', + :neutron_timeout => '30', :neutron_project_name => 'services', :neutron_project_domain_name => 'Default', :neutron_region_name => 'RegionOne', :neutron_username => 'neutron', :neutron_user_domain_name => 'Default', :neutron_auth_url => 'http://127.0.0.1:5000/v3', + :neutron_valid_interfaces => '', + :neutron_endpoint_override => '', :neutron_ovs_bridge => 'br-int', :neutron_extension_sync_interval => '600', - :firewall_driver => 'nova.virt.firewall.NoopFirewallDriver', :vif_plugging_is_fatal => true, :vif_plugging_timeout => '300', - :dhcp_domain => 'novalocal', - :default_floating_pool => 'nova' + :default_floating_pool => 'nova', } end let :params do - { :neutron_password => 's3cr3t' } + { + :neutron_password => 's3cr3t' + } end - context 'with required parameters' do - it 'configures neutron endpoint in nova.conf' do - is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true) - is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(default_params[:dhcp_domain]) - is_expected.to contain_nova_config('neutron/default_floating_pool').with_value(default_params[:default_floating_pool]) - is_expected.to contain_nova_config('neutron/auth_type').with_value(default_params[:neutron_auth_type]) - is_expected.to contain_nova_config('neutron/url').with_value(default_params[:neutron_url]) - is_expected.to contain_nova_config('neutron/timeout').with_value(default_params[:neutron_url_timeout]) - is_expected.to contain_nova_config('neutron/project_name').with_value(default_params[:neutron_project_name]) - is_expected.to contain_nova_config('neutron/project_domain_name').with_value(default_params[:neutron_project_domain_name]) - is_expected.to contain_nova_config('neutron/region_name').with_value(default_params[:neutron_region_name]) - is_expected.to contain_nova_config('neutron/username').with_value(default_params[:neutron_username]) - is_expected.to contain_nova_config('neutron/user_domain_name').with_value(default_params[:neutron_user_domain_name]) - is_expected.to contain_nova_config('neutron/auth_url').with_value(default_params[:neutron_auth_url]) - is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval]) + shared_examples 'nova::network::neutron' do + context 'with required parameters' do + it 'configures neutron endpoint in nova.conf' do + should contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true) + should contain_nova_config('neutron/default_floating_pool').with_value(default_params[:default_floating_pool]) + should contain_nova_config('neutron/auth_type').with_value(default_params[:neutron_auth_type]) + should contain_nova_config('neutron/timeout').with_value(default_params[:neutron_timeout]) + should contain_nova_config('neutron/project_name').with_value(default_params[:neutron_project_name]) + should contain_nova_config('neutron/project_domain_name').with_value(default_params[:neutron_project_domain_name]) + should contain_nova_config('neutron/region_name').with_value(default_params[:neutron_region_name]) + should contain_nova_config('neutron/username').with_value(default_params[:neutron_username]) + should contain_nova_config('neutron/user_domain_name').with_value(default_params[:neutron_user_domain_name]) + should contain_nova_config('neutron/auth_url').with_value(default_params[:neutron_auth_url]) + should contain_nova_config('neutron/valid_interfaces').with_value(default_params[:neutron_valid_interfaces]) + should contain_nova_config('neutron/endpoint_override').with_value(default_params[:neutron_endpoint_override]) + should contain_nova_config('neutron/extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval]) + should contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge]) + end + + it 'configures neutron vif plugging events in nova.conf' do + should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(default_params[:vif_plugging_is_fatal]) + should contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(default_params[:vif_plugging_timeout]) + end end - it 'configures Nova to use Neutron Bridge Security Groups and Firewall' do - is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(default_params[:firewall_driver]) - is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge]) + + context 'when overriding class parameters' do + before do + params.merge!( + :neutron_timeout => '30', + :neutron_project_name => 'openstack', + :neutron_project_domain_name => 'openstack_domain', + :neutron_region_name => 'RegionTwo', + :neutron_username => 'neutron2', + :neutron_user_domain_name => 'neutron_domain', + :neutron_auth_url => 'http://10.0.0.1:5000/v2', + :neutron_valid_interfaces => 'public', + :neutron_endpoint_override => 'http://127.0.0.1:9696', + :neutron_ovs_bridge => 'br-int', + :neutron_extension_sync_interval => '600', + :vif_plugging_is_fatal => false, + :vif_plugging_timeout => '0', + :default_floating_pool => 'public' + ) + end + + it 'configures neutron endpoint in nova.conf' do + should contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true) + should contain_nova_config('neutron/default_floating_pool').with_value(params[:default_floating_pool]) + should contain_nova_config('neutron/timeout').with_value(params[:neutron_timeout]) + should contain_nova_config('neutron/project_name').with_value(params[:neutron_project_name]) + should contain_nova_config('neutron/project_domain_name').with_value(params[:neutron_project_domain_name]) + should contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name]) + should contain_nova_config('neutron/username').with_value(params[:neutron_username]) + should contain_nova_config('neutron/user_domain_name').with_value(params[:neutron_user_domain_name]) + should contain_nova_config('neutron/auth_url').with_value(params[:neutron_auth_url]) + should contain_nova_config('neutron/valid_interfaces').with_value(params[:neutron_valid_interfaces]) + should contain_nova_config('neutron/endpoint_override').with_value(params[:neutron_endpoint_override]) + should contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval]) + should contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge]) + end + + it 'configures neutron vif plugging events in nova.conf' do + should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal]) + should contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout]) + end end - it 'configures neutron vif plugging events in nova.conf' do - is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(default_params[:vif_plugging_is_fatal]) - is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(default_params[:vif_plugging_timeout]) + + context 'with deprecated class parameters' do + before do + params.merge!( + :neutron_url => 'http://10.0.0.1:9696', + :neutron_url_timeout => '30', + :firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver', + :dhcp_domain => 'foo', + ) + end + + it 'configures neutron endpoint in nova.conf' do + should contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain]) + should contain_nova_config('neutron/url').with_value(params[:neutron_url]) + should contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout]) + end + + it 'configures Nova to use Neutron Security Groups and Firewall' do + should contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver]) + end end end - context 'when overriding class parameters' do - before do - params.merge!( - :neutron_url => 'http://10.0.0.1:9696', - :neutron_url_timeout => '30', - :neutron_project_name => 'openstack', - :neutron_project_domain_name => 'openstack_domain', - :neutron_region_name => 'RegionTwo', - :neutron_username => 'neutron2', - :neutron_user_domain_name => 'neutron_domain', - :neutron_auth_url => 'http://10.0.0.1:5000/v2', - :firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver', - :neutron_ovs_bridge => 'br-int', - :neutron_extension_sync_interval => '600', - :vif_plugging_is_fatal => false, - :vif_plugging_timeout => '0', - :dhcp_domain => 'foo', - :default_floating_pool => 'public' - ) - end + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge(OSDefaults.get_facts()) + end - it 'configures neutron endpoint in nova.conf' do - is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true) - is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain]) - is_expected.to contain_nova_config('neutron/default_floating_pool').with_value(params[:default_floating_pool]) - is_expected.to contain_nova_config('neutron/url').with_value(params[:neutron_url]) - is_expected.to contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout]) - is_expected.to contain_nova_config('neutron/project_name').with_value(params[:neutron_project_name]) - is_expected.to contain_nova_config('neutron/project_domain_name').with_value(params[:neutron_project_domain_name]) - is_expected.to contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name]) - is_expected.to contain_nova_config('neutron/username').with_value(params[:neutron_username]) - is_expected.to contain_nova_config('neutron/user_domain_name').with_value(params[:neutron_user_domain_name]) - is_expected.to contain_nova_config('neutron/auth_url').with_value(params[:neutron_auth_url]) - is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval]) - end - it 'configures Nova to use Neutron Security Groups and Firewall' do - is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver]) - is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge]) - end - it 'configures neutron vif plugging events in nova.conf' do - is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal]) - is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout]) + it_behaves_like 'nova::network::neutron' end end - - context 'with deprecated class parameters' do - before do - params.merge!( - :neutron_url => 'http://10.0.0.1:9696', - :neutron_url_timeout => '30', - :neutron_region_name => 'RegionTwo', - :firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver', - :neutron_ovs_bridge => 'br-int', - :neutron_extension_sync_interval => '600', - :vif_plugging_is_fatal => false, - :vif_plugging_timeout => '0', - :dhcp_domain => 'foo', - ) - end - - it 'configures neutron endpoint in nova.conf' do - is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true) - is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain]) - is_expected.to contain_nova_config('neutron/url').with_value(params[:neutron_url]) - is_expected.to contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout]) - is_expected.to contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name]) - is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval]) - end - it 'configures Nova to use Neutron Security Groups and Firewall' do - is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver]) - is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge]) - end - it 'configures neutron vif plugging events in nova.conf' do - is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal]) - is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout]) - end - end - - - end