Update FWaaS plugin for 7.0
- replaced deprecated parameters with actual ones - updated metadata file for 7.0 - added fwaas package installation - removed unused code Change-Id: I699772297d2b67a65a2b8567ea364bee60177a2b
This commit is contained in:
parent
0bd1ef153a
commit
7441540221
@ -4,7 +4,7 @@ FWaaS plugin
|
|||||||
FWaaS (Firewall-as-a-Service) is a Neutron extension that introduces Firewall feature set.
|
FWaaS (Firewall-as-a-Service) is a Neutron extension that introduces Firewall feature set.
|
||||||
|
|
||||||
This repo contains all necessary files to build FWaaS Fuel plugin.
|
This repo contains all necessary files to build FWaaS Fuel plugin.
|
||||||
Currently the only supported Fuel version is 6.1.
|
Supported Fuel version is 7.0.
|
||||||
|
|
||||||
Building the plugin
|
Building the plugin
|
||||||
-------------------
|
-------------------
|
||||||
@ -41,6 +41,8 @@ Deployment details
|
|||||||
FWaaS deployment requires only adding a couple parameters in neutron.conf and
|
FWaaS deployment requires only adding a couple parameters in neutron.conf and
|
||||||
enabling FWaaS tab in Horizon.
|
enabling FWaaS tab in Horizon.
|
||||||
|
|
||||||
|
Currently this plugin is not compatible with Neutron DVR.
|
||||||
|
|
||||||
Accessing FWaaS functionality
|
Accessing FWaaS functionality
|
||||||
------------------------------
|
------------------------------
|
||||||
|
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
source 'https://rubygems.org'
|
|
||||||
|
|
||||||
puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 3.3']
|
|
||||||
gem 'puppet', puppetversion
|
|
||||||
gem 'puppetlabs_spec_helper', '>= 0.1.0'
|
|
||||||
gem 'puppet-lint', '>= 0.3.2'
|
|
||||||
gem 'facter', '>= 1.7.0'
|
|
@ -1,18 +0,0 @@
|
|||||||
require 'rubygems'
|
|
||||||
require 'puppetlabs_spec_helper/rake_tasks'
|
|
||||||
require 'puppet-lint/tasks/puppet-lint'
|
|
||||||
PuppetLint.configuration.send('disable_80chars')
|
|
||||||
PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
|
|
||||||
|
|
||||||
desc "Validate manifests, templates, and ruby files"
|
|
||||||
task :validate do
|
|
||||||
Dir['manifests/**/*.pp'].each do |manifest|
|
|
||||||
sh "puppet parser validate --noop #{manifest}"
|
|
||||||
end
|
|
||||||
Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file|
|
|
||||||
sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/
|
|
||||||
end
|
|
||||||
Dir['templates/**/*.erb'].each do |template|
|
|
||||||
sh "erb -P -x -T '-' #{template} | ruby -c"
|
|
||||||
end
|
|
||||||
end
|
|
@ -24,14 +24,14 @@ class fwaas::enable_in_neutron_config {
|
|||||||
key_val_separator => '=',
|
key_val_separator => '=',
|
||||||
path => '/etc/neutron/neutron.conf',
|
path => '/etc/neutron/neutron.conf',
|
||||||
setting => 'service_plugins',
|
setting => 'service_plugins',
|
||||||
subsetting => 'neutron.services.firewall.',
|
subsetting => 'neutron_fwaas.services.firewall.',
|
||||||
subsetting_separator => ',',
|
subsetting_separator => ',',
|
||||||
value => 'fwaas_plugin.FirewallPlugin',
|
value => 'fwaas_plugin.FirewallPlugin',
|
||||||
}
|
}
|
||||||
|
|
||||||
neutron_config {
|
neutron_config {
|
||||||
'fwaas/enabled': value => 'True';
|
'fwaas/enabled': value => 'True';
|
||||||
'fwaas/driver' : value => 'neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
|
'fwaas/driver' : value => 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
|
||||||
}
|
}
|
||||||
|
|
||||||
service { $fwaas::params::server_service:
|
service { $fwaas::params::server_service:
|
||||||
@ -64,9 +64,35 @@ class fwaas::enable_in_dashboard {
|
|||||||
|
|
||||||
class fwaas {
|
class fwaas {
|
||||||
|
|
||||||
require fwaas::params
|
include fwaas::params
|
||||||
require fwaas::enable_in_neutron_config
|
include fwaas::enable_in_neutron_config
|
||||||
require fwaas::enable_in_dashboard
|
include fwaas::enable_in_dashboard
|
||||||
|
|
||||||
|
$primary_controller = hiera('primary_controller')
|
||||||
|
|
||||||
|
if $::fwaas::params::fwaas_package {
|
||||||
|
Package['neutron-fwaas'] -> Class[fwaas::enable_in_neutron_config]
|
||||||
|
package { 'neutron-fwaas':
|
||||||
|
ensure => present,
|
||||||
|
name => $::fwaas::params::fwaas_package,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if $primary_controller {
|
||||||
|
|
||||||
|
Package<| title == 'neutron-fwaas' |> -> Exec['neutron-db-sync']
|
||||||
|
|
||||||
|
exec { 'neutron-db-sync':
|
||||||
|
command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --service fwaas upgrade head',
|
||||||
|
path => '/usr/bin',
|
||||||
|
refreshonly => true,
|
||||||
|
tries => 10,
|
||||||
|
try_sleep => 10,
|
||||||
|
}
|
||||||
|
Neutron_config<||> ~> Exec['neutron-db-sync']
|
||||||
|
Ini_subsetting['add_fwaas_service_plugin'] ~> Exec['neutron-db-sync']
|
||||||
|
Exec['neutron-db-sync'] ~> Service[$fwaas::params::server_service]
|
||||||
|
}
|
||||||
|
|
||||||
if $fwaas::params::ha {
|
if $fwaas::params::ha {
|
||||||
|
|
||||||
|
@ -16,8 +16,7 @@
|
|||||||
|
|
||||||
class fwaas::params {
|
class fwaas::params {
|
||||||
|
|
||||||
$fuel_settings = parseyaml($astute_settings_yaml)
|
$ha = hiera('deployment_mode') ? { 'ha_compact'=>true, default=>false }
|
||||||
$ha = $fuel_settings['deployment_mode'] ? { 'ha_compact'=>true, default=>false }
|
|
||||||
$vpn_enabled = $::is_vpn_enabled ? { 'Started'=>true, default=>false }
|
$vpn_enabled = $::is_vpn_enabled ? { 'Started'=>true, default=>false }
|
||||||
|
|
||||||
$server_service = 'neutron-server'
|
$server_service = 'neutron-server'
|
||||||
@ -36,6 +35,7 @@ class fwaas::params {
|
|||||||
|
|
||||||
if($::osfamily == 'Redhat') {
|
if($::osfamily == 'Redhat') {
|
||||||
$server_package = 'openstack-neutron'
|
$server_package = 'openstack-neutron'
|
||||||
|
$fwaas_package = 'python-neutron-fwaas'
|
||||||
|
|
||||||
$dashboard_package = 'openstack-dashboard'
|
$dashboard_package = 'openstack-dashboard'
|
||||||
$dashboard_service = 'httpd'
|
$dashboard_service = 'httpd'
|
||||||
@ -46,6 +46,7 @@ class fwaas::params {
|
|||||||
} elsif($::osfamily == 'Debian') {
|
} elsif($::osfamily == 'Debian') {
|
||||||
|
|
||||||
$server_package = 'neutron-server'
|
$server_package = 'neutron-server'
|
||||||
|
$fwaas_package = 'python-neutron-fwaas'
|
||||||
|
|
||||||
$dashboard_package = 'python-django-horizon'
|
$dashboard_package = 'python-django-horizon'
|
||||||
$dashboard_service = 'apache2'
|
$dashboard_service = 'apache2'
|
||||||
|
@ -1,14 +0,0 @@
|
|||||||
{
|
|
||||||
"name": "fwaas",
|
|
||||||
"version": "0.1.0",
|
|
||||||
"author": "Andrey Epifanov",
|
|
||||||
"summary": "Module to manage fwaas",
|
|
||||||
"license": "Apache 2.0",
|
|
||||||
"source": "",
|
|
||||||
"project_page": "https://github.com/Mirantis/fuel-plugins",
|
|
||||||
"issues_url": "aepifanov@mirantis.com",
|
|
||||||
"dependencies": [
|
|
||||||
{"name":"puppetlabs-stdlib","version_requirement":">= 1.0.0"}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,21 +0,0 @@
|
|||||||
# Copyright 2015 Mirantis, Inc.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
require 'spec_helper'
|
|
||||||
describe 'fwaas' do
|
|
||||||
|
|
||||||
context 'with defaults for all parameters' do
|
|
||||||
it { should contain_class('fwaas') }
|
|
||||||
end
|
|
||||||
end
|
|
@ -1,15 +0,0 @@
|
|||||||
# Copyright 2015 Mirantis, Inc.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
require 'puppetlabs_spec_helper/module_spec_helper'
|
|
@ -1,26 +0,0 @@
|
|||||||
# Copyright 2015 Mirantis, Inc.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
# The baseline for module testing used by Puppet Labs is that each manifest
|
|
||||||
# should have a corresponding test manifest that declares that class or defined
|
|
||||||
# type.
|
|
||||||
#
|
|
||||||
# Tests are then run by using puppet apply --noop (to check for compilation
|
|
||||||
# errors and view a log of events) or by fully applying the test in a virtual
|
|
||||||
# environment (to compare the resulting system state to the desired state).
|
|
||||||
#
|
|
||||||
# Learn more about module testing here:
|
|
||||||
# http://docs.puppetlabs.com/guides/tests_smoke.html
|
|
||||||
#
|
|
||||||
include fwaas
|
|
@ -4,3 +4,5 @@ attributes:
|
|||||||
restrictions:
|
restrictions:
|
||||||
- condition: cluster:net_provider != 'neutron'
|
- condition: cluster:net_provider != 'neutron'
|
||||||
action: hide
|
action: hide
|
||||||
|
- condition: settings:neutron_advanced_configuration.neutron_dvr.value == true
|
||||||
|
message: "Neutron DVR must be disabled in order to use FWaaS plugin"
|
||||||
|
@ -3,29 +3,29 @@ name: fwaas-plugin
|
|||||||
# Human-readable name for your plugin
|
# Human-readable name for your plugin
|
||||||
title: FWaaS plugin for Neutron
|
title: FWaaS plugin for Neutron
|
||||||
# Plugin version
|
# Plugin version
|
||||||
version: 1.0.0
|
version: 1.1.0
|
||||||
# Description
|
# Description
|
||||||
description: Neutron extension that introduces FireWall feature set
|
description: Neutron extension that introduces FireWall feature set
|
||||||
# Required fuel version
|
# Required fuel version
|
||||||
fuel_version: ['6.1']
|
fuel_version: ['7.0']
|
||||||
# Specify license of your plugin
|
# Specify license of your plugin
|
||||||
licenses: ['Apache License Version 2.0']
|
licenses: ['Apache License Version 2.0']
|
||||||
# Specify author or company name
|
# Specify author or company name
|
||||||
authors: ['Andrey Epifanov']
|
authors: ['Andrey Epifanov, Sergey Kolekonov']
|
||||||
# A link to the plugin's page
|
# A link to the plugin's page
|
||||||
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-vpnaas'
|
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-fwaas'
|
||||||
# Groups
|
# Groups
|
||||||
groups: ['network']
|
groups: ['network']
|
||||||
|
|
||||||
# The plugin is compatible with releases in the list
|
# The plugin is compatible with releases in the list
|
||||||
releases:
|
releases:
|
||||||
- os: ubuntu
|
- os: ubuntu
|
||||||
version: 2014.2-6.1
|
version: 2015.1-7.0
|
||||||
mode: ['ha', 'multinode']
|
mode: ['ha', 'multinode']
|
||||||
deployment_scripts_path: deployment_scripts/
|
deployment_scripts_path: deployment_scripts/
|
||||||
repository_path: repositories/ubuntu
|
repository_path: repositories/ubuntu
|
||||||
- os: centos
|
- os: centos
|
||||||
version: 2014.2-6.1
|
version: 2015.1-7.0
|
||||||
mode: ['ha', 'multinode']
|
mode: ['ha', 'multinode']
|
||||||
deployment_scripts_path: deployment_scripts/
|
deployment_scripts_path: deployment_scripts/
|
||||||
repository_path: repositories/centos
|
repository_path: repositories/centos
|
||||||
|
Loading…
Reference in New Issue
Block a user