Merge "Deprecate firewal_driver option in the Neutron's ML2 config"
This commit is contained in:
commit
239ff107a6
|
@ -93,10 +93,6 @@
|
|||
# It should be false when you use nova security group.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*firewall_driver*]
|
||||
# (optional) Firewall driver for realizing neutron security group function.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*package_ensure*]
|
||||
# (optional) Ensure state for package.
|
||||
# Defaults to 'present'.
|
||||
|
@ -127,6 +123,12 @@
|
|||
# are 4 and 6.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*firewall_driver*]
|
||||
# (optional) Firewall driver for realizing neutron security group function.
|
||||
# Defaults to undef
|
||||
#
|
||||
class neutron::plugins::ml2 (
|
||||
$type_drivers = ['local', 'flat', 'vlan', 'gre', 'vxlan', 'geneve'],
|
||||
$extension_drivers = $::os_service_default,
|
||||
|
@ -138,24 +140,27 @@ class neutron::plugins::ml2 (
|
|||
$vxlan_group = '224.0.0.1',
|
||||
$vni_ranges = '10:100',
|
||||
$enable_security_group = $::os_service_default,
|
||||
$firewall_driver = $::os_service_default,
|
||||
$package_ensure = 'present',
|
||||
$physical_network_mtus = $::os_service_default,
|
||||
$path_mtu = 0,
|
||||
$purge_config = false,
|
||||
$max_header_size = $::os_service_default,
|
||||
$overlay_ip_version = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$firewall_driver = undef,
|
||||
) {
|
||||
|
||||
include neutron::deps
|
||||
include neutron::params
|
||||
|
||||
if ! $mechanism_drivers {
|
||||
warning('Without networking mechanism driver, ml2 will not communicate with L2 agents')
|
||||
if $firewall_driver != undef {
|
||||
warning('Using "firewall_driver" option in the ml2 plugin is deprecated \
|
||||
and have no any effect. This option should be set in the L2 agent. \
|
||||
It will be removed in the future releases.')
|
||||
}
|
||||
|
||||
if !is_service_default($enable_security_group) and $enable_security_group and is_service_default($firewall_driver) {
|
||||
warning('Security groups will not work without properly set firewall_driver')
|
||||
if ! $mechanism_drivers {
|
||||
warning('Without networking mechanism driver, ml2 will not communicate with L2 agents')
|
||||
}
|
||||
|
||||
# lint:ignore:only_variable_string
|
||||
|
@ -218,7 +223,6 @@ class neutron::plugins::ml2 (
|
|||
'ml2/extension_drivers': value => join(any2array($extension_drivers), ',');
|
||||
'ml2/overlay_ip_version': value => $overlay_ip_version;
|
||||
'securitygroup/enable_security_group': value => $enable_security_group;
|
||||
'securitygroup/firewall_driver': value => $firewall_driver;
|
||||
}
|
||||
|
||||
if is_service_default($physical_network_mtus) {
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
deprecations:
|
||||
- |
|
||||
Usage of config option ``firewall_driver`` in the ``neutron::plugins::ml2``
|
||||
class is now deprecated and has no effect on the deployment.
|
||||
Config option ``firewall_driver`` should be set in the classes for agents'
|
||||
configuration like ``neutron::agents::ml2::ovs`` instead.
|
||||
Usage of this option in the Neutron server was there just for backward
|
||||
compatibility with old agents which can't report what driver they are using.
|
||||
Since Newton all Neutron drivers are reporting that in heartbeat messages and
|
||||
there is no need to keep configure this in the neutron server's side.
|
|
@ -73,7 +73,6 @@ describe 'neutron::plugins::ml2' do
|
|||
should contain_neutron_plugin_ml2('ml2/path_mtu').with_value(p[:path_mtu])
|
||||
should contain_neutron_plugin_ml2('ml2/physical_network_mtus').with_ensure('absent')
|
||||
should contain_neutron_plugin_ml2('ml2/overlay_ip_version').with_value('<SERVICE DEFAULT>')
|
||||
should contain_neutron_plugin_ml2('securitygroup/firewall_driver').with_value('<SERVICE DEFAULT>')
|
||||
should contain_neutron_plugin_ml2('securitygroup/enable_security_group').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
|
||||
|
@ -100,12 +99,10 @@ describe 'neutron::plugins::ml2' do
|
|||
before :each do
|
||||
params.merge!(
|
||||
:enable_security_group => true,
|
||||
:firewall_driver => 'iptables_hybrid',
|
||||
)
|
||||
end
|
||||
it 'configures enable_security_group and firewall_driver options' do
|
||||
should contain_neutron_plugin_ml2('securitygroup/enable_security_group').with_value('true')
|
||||
should contain_neutron_plugin_ml2('securitygroup/firewall_driver').with_value('iptables_hybrid')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue