Added Neutron FWaaS

This provides Neutron Firewall as a Service feature on L3 agents. It's off by default, use answer file or interactive option to enable it. Note: Horizon's corresponding flag needs to be switched Separately [RFE] - https://bugzilla.redhat.com/show_bug.cgi?id=1098765 Change-Id: I054b020424808d98718c2f8a16078d2a357a6f32
2014-05-21 15:00:44 +10:00
parent 0b2ee2e491
commit b3db196da1
3 changed files with 31 additions and 0 deletions
--- a/docs/packstack.rst
+++ b/docs/packstack.rst
@@ -418,6 +418,9 @@ Neutron Config Parameters
 **CONFIG_NEUTRON_METADATA_PW**
    A comma separated list of IP addresses on which to install Neutron metadata agent.

+**CONFIG_NEUTRON_FWAAS**
+    Whether to configure neutron Firewall as a Service.
+
 **CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE**
    The type of network to allocate for tenant networks (eg. vlan, local, gre).

--- a/packstack/plugins/neutron_350.py
+++ b/packstack/plugins/neutron_350.py
@@ -125,6 +125,19 @@ def initConfig(controller):
             "USE_DEFAULT": False,
             "NEED_CONFIRM": False,
             "CONDITION": False},
+
+            {"CMD_OPTION": "neutron-fwaas",
+             "USAGE": ("Whether to configure neutron Firewall as a Service"),
+             "PROMPT": "Would you like to configure neutron FWaaS?",
+             "OPTION_LIST": ["y", "n"],
+             "VALIDATORS": [validators.validate_options],
+             "DEFAULT_VALUE": "n",
+             "MASK_INPUT": False,
+             "LOOSE_VALIDATION": True,
+             "CONF_NAME": "CONFIG_NEUTRON_FWAAS",
+             "USE_DEFAULT": False,
+             "NEED_CONFIRM": False,
+             "CONDITION": False},
        ],

        "NEUTRON_LB_PLUGIN": [
@@ -703,10 +716,17 @@ def create_manifests(config, messages):
        service_plugins.append(
            'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
        )
+
    if config['CONFIG_NEUTRON_METERING_AGENT_INSTALL'] == 'y':
        service_plugins.append(
            'neutron.services.metering.metering_plugin.MeteringPlugin'
        )
+
+    if config['CONFIG_NEUTRON_FWAAS']:
+        service_plugins.append(
+            'neutron.services.firewall.fwaas_plugin.FirewallPlugin'
+        )
+
    config['SERVICE_PLUGINS'] = (str(service_plugins) if service_plugins
                                 else 'undef')

@@ -794,6 +814,11 @@ def create_l3_manifests(config, messages):
            manifestdata = getManifestTemplate('neutron_ovs_bridge.pp')
            appendManifestFile(manifestfile, manifestdata + '\n')

+        if config['CONFIG_NEUTRON_FWAAS']:
+            manifestfile = "%s_neutron_fwaas.pp" % (host,)
+            manifestdata = getManifestTemplate("neutron_fwaas.pp")
+            appendManifestFile(manifestfile, manifestdata + '\n')
+

 def create_dhcp_manifests(config, messages):
    global network_hosts
--- a/packstack/puppet/templates/neutron_fwaas.pp
+++ b/packstack/puppet/templates/neutron_fwaas.pp
@@ -0,0 +1,3 @@
+class { 'neutron::services::fwaas':
+  enabled => true,
+}