stackforge/puppet-openstack
Code Issues Proposed changes

Add Quantum Firewall Driver as Top Scope Parameter

Browse Source 
Previously, firewall_driver was hard-coded to false.  This change
exposes the firewall_driver as a top-scope parameter called
quantum_firewall_driver.  quantum_ was added to firewall_driver
since Nova also has a firewall_driver that could be exposed to
the openstack::compute class in the future.

Users may want to configure Compute Nodes as the network gateway
for resiliency and scalabality purposes.  The change request will
support these deployments that also require Quantum security groups.

Defaults to false to disable the Quantum firewall driver and provide
backwards compatibility.

Change-Id: Ie449bccab2b028e5535561a418fa741f0ae1dea6
This commit is contained in:
danehans
2013-07-11 20:34:08 +00:00
parent 7377ff1860
commit 8482c1e1ca
2 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/compute.pp
View File

@@ -7,6 +7,10 @@
# Whether unmanaged nova.conf entries should be purged. # Whether unmanaged nova.conf entries should be purged.
# (optional) Defaults to false. # (optional) Defaults to false.
# #
# [quantum_firewall_driver]
# Driver used to implement Quantum firewalling.
# (optional) Defaults to false.
#
# === Examples # === Examples
# #
# class { 'openstack::nova::compute': # class { 'openstack::nova::compute':
@@ -48,6 +52,7 @@ class openstack::compute (
$keystone_host = '127.0.0.1', $keystone_host = '127.0.0.1',
$quantum_host = '127.0.0.1', $quantum_host = '127.0.0.1',
$ovs_local_ip = false, $ovs_local_ip = false,
$quantum_firewall_driver = false,
# Nova # Nova
$nova_admin_tenant_name = 'services', $nova_admin_tenant_name = 'services',
$nova_admin_user = 'nova', $nova_admin_user = 'nova',
@@ -196,7 +201,7 @@ class openstack::compute (
rabbit_password => $rabbit_password, rabbit_password => $rabbit_password,
# Quantum OVS # Quantum OVS
enable_ovs_agent => $enable_ovs_agent, enable_ovs_agent => $enable_ovs_agent,
firewall_driver => false, firewall_driver => $quantum_firewall_driver,
# Quantum L3 Agent # Quantum L3 Agent
enable_l3_agent => $enable_l3_agent, enable_l3_agent => $enable_l3_agent,
enable_dhcp_agent => $enable_dhcp_agent, enable_dhcp_agent => $enable_dhcp_agent,

15
spec/classes/openstack_compute_spec.rb
View File

@@ -241,12 +241,13 @@ describe 'openstack::compute' do
describe 'when configuring quantum' do describe 'when configuring quantum' do
before do before do
params.merge!( params.merge!(
:internal_address => '127.0.0.1', :internal_address => '127.0.0.1',
:public_interface => 'eth3', :public_interface => 'eth3',
:quantum => true, :quantum => true,
:keystone_host => '127.0.0.3', :keystone_host => '127.0.0.3',
:quantum_host => '127.0.0.2', :quantum_host => '127.0.0.2',
:quantum_user_password => 'quantum_user_password' :quantum_user_password => 'quantum_user_password',
:quantum_firewall_driver => false
) )
end end
@@ -258,7 +259,7 @@ describe 'openstack::compute' do
:rabbit_user => 'openstack', :rabbit_user => 'openstack',
:rabbit_password => params[:rabbit_password], :rabbit_password => params[:rabbit_password],
:enable_ovs_agent => true, :enable_ovs_agent => true,
:firewall_driver => false, :firewall_driver => params[:quantum_firewall_driver],
:enable_l3_agent => false, :enable_l3_agent => false,
:enable_dhcp_agent => false, :enable_dhcp_agent => false,
:auth_url => 'http://127.0.0.1:35357/v2.0', :auth_url => 'http://127.0.0.1:35357/v2.0',