Since at least version 9 (Stretch) Debian uses the same location for
this configuration file as RHEL and Fedora.
Co-authored-by: Marek Szuba <m.szuba@gsi.de>
Signed-off-by: Marek Szuba <m.szuba@gsi.de>
Change-Id: Ida3536eb6facf8c12d8d92c80ed2e7bb20a1781a
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/neutron/neutron.conf] and
template[/etc/neutron/metadata_agent.ini] to resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Update lbaas recipe to use v2 agent driver.
- Add recommended configuration settings to neutron.conf based in Stein
installation docs.
- Remove any resources that define the default action.
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Manage /etc/neutron/neutron_lbaas.conf so we can set service_provider
properly.
- Add some missing ChefSpec tests.
- Configure neutron_lbaas.conf on Ubuntu in a manner that allows it to properly
pull in the configuration via the --config-dir option. This is due to the fact
we need to set an additional [service_providers] service_provider line and we
can't do that with hashes.
- Remove FWaaS as it's unmaintained upstream.
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706151
Change-Id: Id29884766440d37fa18fd62f3f93eecc22224d51
Customer testing has show fwaas v2 to be rather buggy, revert to running
with fwaas v1 now. The fwaas project seems to be lacking maintainers
currently, see whether that situation improves until the next cycle.
Otherwise we may need to drop the service completely, as fwaas v1 has
been removed for Train.
Change-Id: I5d1af49a56a86a66a1d2509b4ca306b6e0cdf77c
- Change fwaas attributes to default to v2 instead of deprecated v1
- Drop the deprecated external_network_bridge attribute
- Fix some wordings in comments
Change-Id: Ib4e8c93356ce67d5a77b1260c1b6b9c2082ecbec
In earlier releases python-neutron-fwaas was pulled in as a dependency
of neutron-common automatically, now we need to install that package
explicitly.
Note that this requires the fwaas recipe to be executed also on the
controllers, while previously it only needed to be run on the network
nodes.
Change-Id: I84659e62ae110d79eb486eef7f86869584aba4ee
fog-openstack-1.x already appends "auth/tokens" so we no longer need to
do that. In addition, comment out endpoint type until this PR [1] gets
merged and released.
[1] https://github.com/fog/fog-openstack/pull/494
Depends-On: https://review.opendev.org/666176
Change-Id: Icc92d6c8eb868efbde904e6aeb9d36891ea8457a
Signed-off-by: Lance Albertson <lance@osuosl.org>
This patch removes the openstack_user resource with :grant_domain
action. A user is always created within a specific domain; such a
membership cannot be tacked on later. This resource gave the user the
role intended for their project for the domain (i.e., for the Default
domain instead of for the service project).
We add the domain_name attribute that creates the neutron user in the
desired domain. Note that this change needs a sufficiently recent
openstackclient cookbook -- otherwise the domain_name attribute is
ignored (which does not matter as long as the neutron user is to be
created in the Default domain).
Change-Id: I4b67565c9408c758acefc681dd756a1dca836ec3
This patch removes the role_name when using openstack_user's :create
action (it gets ignored by the target method).
Note that the spec test would still pass if only the line in
identity_registration.rb (but not the test) were changed, because the
code that actually does grant the role to the resource is executed right
after user creation and before any tests check the resource for the
existence of the role_name attribute. In other words: if the argument
were required in a call but only supplied in another call, the spec
tests would not catch it. Something to watch out for.
Change-Id: I9061b748281910bef3927757bdf22edfd36b7448
- Switched default linter to cookstyle
- Renamed rake tasks to better conform with Chef conventions
Change-Id: I5dd1971392fdf282d0f214dfce9dcbecc18542a8
- Corrections made to db_migration for Ocata
- Style and lint fixes for newer chefdk
- Rewrote metadata.rb for readability
- Added some defaults from the linuxbridge documentation for Ocata
in an attempt to get virtual networking functional out of the box
https://docs.openstack.org/ocata/install-guide-ubuntu/neutron-controller-install-option2.html
Change-Id: I16d6f892f325a80eb3eabd10110177246b63663f
- Now use cookbook-openstackclient to create endpoints role service and
user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- updated readme
- updated neutron-package dependencies for debian
Change-Id: I2d404a424bd79a6e9b282304e21591fa33a48981
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
Fix bug 1620842 - Using the right conf file for OVS
Removes a condition that is no longer needed
Closes-Bug: #1620842
Change-Id: Ideed42ca554d814d261e4aa448b21f011b442c78
* use StrongSwan driver instead of OpenSwan since xenial does not even provide
openswan packages anymore
* start and enable strongswan service (needs to be verified for centos)
* do not include ::l3_agent recipe in vpnaas recipe, since neutron-vpn-agent
fully replaces neutron-l3-agent
Change-Id: I81cd2e05273402e8db57f3ca5029fb4938bbfe29
This was incorrectly assuming the path used on Ubuntu/Debian. This correctly
points to the correct location that systemd uses.
Change-Id: I425f4dc565f7c6d5b27422f1023b428e91f71d7a
Signed-off-by: Lance Albertson <lance@osuosl.org>
These defaults are based on upstream documentation [1] and should work in most
environments. In addition, add RHEL chefspec tests and also test the config file
contents.
Without a default config of any kind, the plugin_config recipe fails due to an
empty attribute.
[1] http://docs.openstack.org/mitaka/install-guide-rdo/neutron.html
Change-Id: I037e51f40db5f73c8b9a3f6289287e82fb73f8a6
Signed-off-by: Lance Albertson <lance@osuosl.org>
The --service option to neutron-db-manage is deprecated and will be
removed soon. Use --subproject instead.
Related-Bug: #1501380
Change-Id: Idf3cbd65a49c676a0f90c0e49684e738e16e659b
- minor adaptions to demo recipe to allow multi node scenario with working
overlay network on vagrant from openstack-chef-repo
Change-Id: Idc605fed9066abbfbc1d6cd67805bf2a1aa1c31c
Change Id350abd82df48c1e00e4b2bb8bc944658ddd85e6 replaced auth_plugin
with auth_type but missed one occurance in the default receipe.
Change-Id: I395b48616ea57167558df7c6a0dda30c01d724b1
* added recipe metering_agent following the structure of the other neutron
agents recipes
* added minimal viable config options to default attributes
* added specs
Change-Id: I5f7d8b8a650497b4bcfff5f2b02b0669df656732
* currently if lbaas or vpnaas is enable, the neutron-server recipe will
install the same packages as the node where lbaas-agent or vpnaas-agent is
running on, while it just needs the python modules
* added attributes for definiton of python_dependencies for lbaas and vpnaas
to allow neutron-server to have the modules without installing the full
agent/service-packages
Change-Id: I1be325b7f246fa0628aed2d2a360acd604dd864a
* removed the creation of ovs bridges (except br-int) from all recipes,
since this can not be done in a sufficient generic way or only with a lot of
case switches to cope with all possible network setups
* added an example recipe to create all default ovs bridges from the
networking guide for legacy ovs setups (we should also create one for dvr later)
* splittet recipe ml2_openvswitch into seperate recipes for ml2_openvswitch config,
openvswitch_agent and openvswitch to allow bridge creation from wrapper recipe inbetween
and seperate configs from package installation
Change-Id: I6383575862ba110b3f3b5cba227288dc026fce77
* endpoint type (admin, internal, public) and service (identitiy, network etc.)
was switched during refactoring, this patch reverts this unintended switching
* edited bind_service service type from public,internal,admin to 'all'
for default binding to just one service
Change-Id: I9bf230ba53d23ce11a32acaea2410572eaeb6123
Depends-On: Iec485deaf415e4187a323435cce2b6bbadfc5d42
Depends-On: Ia5bddfc5e2fd77cd6e9e855c680b079f78fc1c3f
* added new logic to render plugin templates
* refactored recipe names to be more consistence
* moved version up to 13.0.0 for mitaka release
* removed suse as supported platform
* added verisionbumb for refactored os-identity and common
* adapted optimized endpoint logic
* added endpoint attributes to fit new endpoint logic
* adapted the specs (unit tests) to work again
* refactored attributes throughout all recipes that were connected to the
attributes used for the neutron.conf.erb template to adapt the new template
attribute syntax
* removed some attributes that were set to non default values, since the
defaults from neutron cloud and should be used instead
* moved all attributes form attributes/default.rb that were used in
neutron.conf.erb to attributes/neutron_conf.rb
* refactored attributes to fit new template logic
* refactored recipes/default.rb to fit new template logic
* removed all attributes set to default values in attribtues/default and
template
* replaced static plugin logic and templates with new config logic, following
the same principles as for neutron.conf
* renamed recipes to fit attributes and actual service names
* added recipes for ml2_core_plugin, ml2_openvswitch and ml2_linuxbridge as well
as a recipe for the creation of all plugin configs (plugin_conf) like plugin.ini
Change-Id: I9cc1b5cc069987ac83e064322c2291772505ff5f
Implements: blueprint cookbook-refactoring
Depends-On: I0547182085eed91d05384fdd7734408a839a9a2c
Depends-On: I3262b2e6f792f37c32a446e6567790b82bdd4613
Remove dup in attributes
Incorrect service resource name reference
iproute package in wrong spec
White space cleanup
Change-Id: I269012e141bee21d1122dec300ba2a80b3d31780
- According to the bool attribute
node['openstack']['endpoints']['db']['enabled_slave'], enable/disable
neutron database slave_connection
- Add the slave_connection generated from db_uri function
Implements: blueprint sql-slave-connection-support
Change-Id: I19fc7fb4ab4a62fcdea77c9c4d18135fb2f49d41
Ghanshyam Mann