openstack/puppet-nova
Code Issues Proposed changes

Revert "Deprecate firewall_driver option"

Browse Source 
It broke OVB jobs, let's revert it until we figure why.

This reverts commit b3ea24394c.

Change-Id: I8361ae0277db744cd38518217f89c6c4466e1fd4
Related-Bug: #1681029
This commit is contained in:
Emilien Macchi
2017-04-08 13:58:01 +00:00
parent b3ea24394c
commit d19c93c551
3 changed files with 19 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
manifests/network/neutron.pp
View File

@@ -59,6 +59,13 @@
# and not the Identity service API IP and port.
# Defaults to 'http://127.0.0.1:35357/v3'
#
# [*firewall_driver*]
# (optional) Firewall driver.
# This prevents nova from maintaining a firewall so it does not interfere
# with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver'
# to re-enable the Nova firewall.
# Defaults to 'nova.virt.firewall.NoopFirewallDriver'
#
# [*vif_plugging_is_fatal*]
# (optional) Fail to boot instance if vif plugging fails.
# This prevents nova from booting an instance if vif plugging notification
@@ -111,13 +118,6 @@
# (optional) Location of ca certicates file to use for neutronclient requests.
# Defaults to undef
#
# [*firewall_driver*]
# (optional) Firewall driver.
# This prevents nova from maintaining a firewall so it does not interfere
# with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver'
# to re-enable the Nova firewall.
# Defaults to undef
#
class nova::network::neutron (
$neutron_password = false,
$neutron_auth_type = 'v3password',
@@ -131,6 +131,7 @@ class nova::network::neutron (
$neutron_region_name = 'RegionOne',
$neutron_ovs_bridge = 'br-int',
$neutron_extension_sync_interval = '600',
$firewall_driver = 'nova.virt.firewall.NoopFirewallDriver',
$vif_plugging_is_fatal = true,
$vif_plugging_timeout = '300',
$dhcp_domain = 'novalocal',
@@ -143,7 +144,6 @@ class nova::network::neutron (
$neutron_default_tenant_id = undef,
$neutron_auth_plugin = undef,
$neutron_ca_certificates_file = undef,
$firewall_driver = undef,
) {
include ::nova::deps
@@ -210,12 +210,9 @@ class nova::network::neutron (
}
}
if $firewall_driver {
warning('firewall_driver parameter is deprecated, has no effect and will be removed in a future release.')
}
nova_config {
'DEFAULT/dhcp_domain': value => $dhcp_domain;
'DEFAULT/firewall_driver': value => $firewall_driver;
'DEFAULT/vif_plugging_is_fatal': value => $vif_plugging_is_fatal;
'DEFAULT/vif_plugging_timeout': value => $vif_plugging_timeout;
'neutron/url': value => $neutron_url;

4
releasenotes/notes/deprecate_firewall_driver_parameter-135a891356723df7.yaml
View File

@@ -1,4 +0,0 @@
---
deprecations:
- firewall_driver option is now deprecated for removal, the
parameter has no effect.

10
spec/classes/nova_network_neutron_spec.rb
View File

@@ -14,6 +14,7 @@ describe 'nova::network::neutron' do
:neutron_auth_url => 'http://127.0.0.1:35357/v3',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:firewall_driver => 'nova.virt.firewall.NoopFirewallDriver',
:vif_plugging_is_fatal => true,
:vif_plugging_timeout => '300',
:dhcp_domain => 'novalocal'
@@ -41,6 +42,7 @@ describe 'nova::network::neutron' do
is_expected.to contain_nova_config('neutron/default_tenant_id').with_ensure('absent')
end
it 'configures Nova to use Neutron Bridge Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(default_params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
@@ -60,6 +62,7 @@ describe 'nova::network::neutron' do
:neutron_username => 'neutron2',
:neutron_user_domain_name => 'neutron_domain',
:neutron_auth_url => 'http://10.0.0.1:35357/v2',
:firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:vif_plugging_is_fatal => false,
@@ -82,6 +85,9 @@ describe 'nova::network::neutron' do
is_expected.to contain_nova_config('neutron/auth_url').with_value(params[:neutron_auth_url])
is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval])
is_expected.to contain_nova_config('neutron/default_tenant_id').with_ensure('absent')
end
it 'configures Nova to use Neutron Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
@@ -100,6 +106,7 @@ describe 'nova::network::neutron' do
:neutron_region_name => 'RegionTwo',
:neutron_admin_username => 'neutron2',
:neutron_admin_auth_url => 'http://10.0.0.1:35357',
:firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:vif_plugging_is_fatal => false,
@@ -122,6 +129,9 @@ describe 'nova::network::neutron' do
is_expected.to contain_nova_config('neutron/auth_url').with_value(params[:neutron_admin_auth_url])
is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval])
is_expected.to contain_nova_config('neutron/auth_type').with_value(params[:neutron_auth_plugin])
end
it 'configures Nova to use Neutron Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do