Update FWaaS plugin for 7.0

- replaced deprecated parameters with actual ones
- updated metadata file for 7.0
- added fwaas package installation
- removed unused code

Change-Id: I699772297d2b67a65a2b8567ea364bee60177a2b
This commit is contained in:
Sergey Kolekonov 2015-08-12 17:51:46 +03:00
parent 0bd1ef153a
commit 7441540221
11 changed files with 45 additions and 115 deletions

View File

@ -4,7 +4,7 @@ FWaaS plugin
FWaaS (Firewall-as-a-Service) is a Neutron extension that introduces Firewall feature set.
This repo contains all necessary files to build FWaaS Fuel plugin.
Currently the only supported Fuel version is 6.1.
Supported Fuel version is 7.0.
Building the plugin
-------------------
@ -41,6 +41,8 @@ Deployment details
FWaaS deployment requires only adding a couple parameters in neutron.conf and
enabling FWaaS tab in Horizon.
Currently this plugin is not compatible with Neutron DVR.
Accessing FWaaS functionality
------------------------------

View File

@ -1,7 +0,0 @@
source 'https://rubygems.org'
puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 3.3']
gem 'puppet', puppetversion
gem 'puppetlabs_spec_helper', '>= 0.1.0'
gem 'puppet-lint', '>= 0.3.2'
gem 'facter', '>= 1.7.0'

View File

@ -1,18 +0,0 @@
require 'rubygems'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
desc "Validate manifests, templates, and ruby files"
task :validate do
Dir['manifests/**/*.pp'].each do |manifest|
sh "puppet parser validate --noop #{manifest}"
end
Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file|
sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/
end
Dir['templates/**/*.erb'].each do |template|
sh "erb -P -x -T '-' #{template} | ruby -c"
end
end

View File

@ -24,14 +24,14 @@ class fwaas::enable_in_neutron_config {
key_val_separator => '=',
path => '/etc/neutron/neutron.conf',
setting => 'service_plugins',
subsetting => 'neutron.services.firewall.',
subsetting => 'neutron_fwaas.services.firewall.',
subsetting_separator => ',',
value => 'fwaas_plugin.FirewallPlugin',
}
neutron_config {
'fwaas/enabled': value => 'True';
'fwaas/driver' : value => 'neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
'fwaas/driver' : value => 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
}
service { $fwaas::params::server_service:
@ -64,9 +64,35 @@ class fwaas::enable_in_dashboard {
class fwaas {
require fwaas::params
require fwaas::enable_in_neutron_config
require fwaas::enable_in_dashboard
include fwaas::params
include fwaas::enable_in_neutron_config
include fwaas::enable_in_dashboard
$primary_controller = hiera('primary_controller')
if $::fwaas::params::fwaas_package {
Package['neutron-fwaas'] -> Class[fwaas::enable_in_neutron_config]
package { 'neutron-fwaas':
ensure => present,
name => $::fwaas::params::fwaas_package,
}
}
if $primary_controller {
Package<| title == 'neutron-fwaas' |> -> Exec['neutron-db-sync']
exec { 'neutron-db-sync':
command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --service fwaas upgrade head',
path => '/usr/bin',
refreshonly => true,
tries => 10,
try_sleep => 10,
}
Neutron_config<||> ~> Exec['neutron-db-sync']
Ini_subsetting['add_fwaas_service_plugin'] ~> Exec['neutron-db-sync']
Exec['neutron-db-sync'] ~> Service[$fwaas::params::server_service]
}
if $fwaas::params::ha {

View File

@ -16,8 +16,7 @@
class fwaas::params {
$fuel_settings = parseyaml($astute_settings_yaml)
$ha = $fuel_settings['deployment_mode'] ? { 'ha_compact'=>true, default=>false }
$ha = hiera('deployment_mode') ? { 'ha_compact'=>true, default=>false }
$vpn_enabled = $::is_vpn_enabled ? { 'Started'=>true, default=>false }
$server_service = 'neutron-server'
@ -36,6 +35,7 @@ class fwaas::params {
if($::osfamily == 'Redhat') {
$server_package = 'openstack-neutron'
$fwaas_package = 'python-neutron-fwaas'
$dashboard_package = 'openstack-dashboard'
$dashboard_service = 'httpd'
@ -46,6 +46,7 @@ class fwaas::params {
} elsif($::osfamily == 'Debian') {
$server_package = 'neutron-server'
$fwaas_package = 'python-neutron-fwaas'
$dashboard_package = 'python-django-horizon'
$dashboard_service = 'apache2'

View File

@ -1,14 +0,0 @@
{
"name": "fwaas",
"version": "0.1.0",
"author": "Andrey Epifanov",
"summary": "Module to manage fwaas",
"license": "Apache 2.0",
"source": "",
"project_page": "https://github.com/Mirantis/fuel-plugins",
"issues_url": "aepifanov@mirantis.com",
"dependencies": [
{"name":"puppetlabs-stdlib","version_requirement":">= 1.0.0"}
]
}

View File

@ -1,21 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'spec_helper'
describe 'fwaas' do
context 'with defaults for all parameters' do
it { should contain_class('fwaas') }
end
end

View File

@ -1,15 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
require 'puppetlabs_spec_helper/module_spec_helper'

View File

@ -1,26 +0,0 @@
# Copyright 2015 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# The baseline for module testing used by Puppet Labs is that each manifest
# should have a corresponding test manifest that declares that class or defined
# type.
#
# Tests are then run by using puppet apply --noop (to check for compilation
# errors and view a log of events) or by fully applying the test in a virtual
# environment (to compare the resulting system state to the desired state).
#
# Learn more about module testing here:
# http://docs.puppetlabs.com/guides/tests_smoke.html
#
include fwaas

View File

@ -4,3 +4,5 @@ attributes:
restrictions:
- condition: cluster:net_provider != 'neutron'
action: hide
- condition: settings:neutron_advanced_configuration.neutron_dvr.value == true
message: "Neutron DVR must be disabled in order to use FWaaS plugin"

View File

@ -3,29 +3,29 @@ name: fwaas-plugin
# Human-readable name for your plugin
title: FWaaS plugin for Neutron
# Plugin version
version: 1.0.0
version: 1.1.0
# Description
description: Neutron extension that introduces FireWall feature set
# Required fuel version
fuel_version: ['6.1']
fuel_version: ['7.0']
# Specify license of your plugin
licenses: ['Apache License Version 2.0']
# Specify author or company name
authors: ['Andrey Epifanov']
authors: ['Andrey Epifanov, Sergey Kolekonov']
# A link to the plugin's page
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-vpnaas'
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-fwaas'
# Groups
groups: ['network']
# The plugin is compatible with releases in the list
releases:
- os: ubuntu
version: 2014.2-6.1
version: 2015.1-7.0
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/ubuntu
- os: centos
version: 2014.2-6.1
version: 2015.1-7.0
mode: ['ha', 'multinode']
deployment_scripts_path: deployment_scripts/
repository_path: repositories/centos