Merge "Support vpnaas on kilo release"
This commit is contained in:
commit
756cf8c4ad
|
@ -389,7 +389,7 @@ default['openstack']['network']['l3']['ha']['ha_vrrp_advert_int'] = 2
|
|||
# VPN device drivers which vpn agent will use
|
||||
# vpn_device_driver_packages in platform-specific settings is used to get driver dependencies installed, default is openswan
|
||||
# vpn_device_driver_services in platform-specific settings is used to enable services required by vpn drivers, default is ipsec
|
||||
default['openstack']['network']['vpn']['vpn_device_driver'] = ['neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver']
|
||||
default['openstack']['network']['vpn']['vpn_device_driver'] = ['neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver']
|
||||
|
||||
# Status check interval for ipsec vpn
|
||||
default['openstack']['network']['vpn']['ipsec_status_check_interval'] = 60
|
||||
|
@ -1032,7 +1032,7 @@ when 'fedora', 'rhel' # :pragma-foodcritic: ~FC024 - won't fix this
|
|||
'neutron_client_packages' => ['python-neutronclient'],
|
||||
'neutron_dhcp_packages' => ['openstack-neutron', 'iproute'],
|
||||
'neutron_l3_packages' => ['openstack-neutron', 'iproute', 'radvd'],
|
||||
'neutron_vpn_packages' => ['openstack-neutron', 'iproute'],
|
||||
'neutron_vpn_packages' => ['python-neutron-vpnaas', 'iproute'],
|
||||
'vpn_device_driver_packages' => ['openswan'],
|
||||
'neutron_lb_packages' => ['python-neutron-lbaas', 'haproxy', 'iproute'],
|
||||
'neutron_openvswitch_packages' => ['openvswitch'],
|
||||
|
@ -1094,7 +1094,7 @@ when 'debian'
|
|||
'neutron_client_packages' => ['python-neutronclient', 'python-pyparsing'],
|
||||
'neutron_dhcp_packages' => ['neutron-dhcp-agent'],
|
||||
'neutron_l3_packages' => ['neutron-l3-agent', 'radvd'],
|
||||
'neutron_vpn_packages' => ['neutron-vpn-agent'],
|
||||
'neutron_vpn_packages' => ['python-neutron-vpnaas', 'neutron-vpn-agent'],
|
||||
'vpn_device_driver_packages' => ['openswan'],
|
||||
'neutron_lb_packages' => ['python-neutron-lbaas', 'neutron-lbaas-agent', 'haproxy'],
|
||||
'neutron_openvswitch_packages' => ['openvswitch-switch', 'openvswitch-datapath-dkms', 'bridge-utils'],
|
||||
|
|
|
@ -51,6 +51,15 @@ platform_options['neutron_vpn_packages'].each do |pkg|
|
|||
end
|
||||
end
|
||||
|
||||
bash 'migrate vpnaas database' do
|
||||
timeout node['openstack']['network']['dbsync_timeout']
|
||||
plugin_config_file = node['openstack']['network']['plugin_config_file']
|
||||
migrate_command = "neutron-db-manage --service vpnaas --config-file /etc/neutron/neutron.conf --config-file #{plugin_config_file}"
|
||||
code <<-EOF
|
||||
#{migrate_command} upgrade head
|
||||
EOF
|
||||
end
|
||||
|
||||
platform_options['vpn_device_driver_services'].each do |svc|
|
||||
service 'vpn-device-driver-service' do
|
||||
service_name svc
|
||||
|
@ -66,8 +75,8 @@ service 'neutron-vpn-agent' do
|
|||
subscribes :restart, 'template[/etc/neutron/neutron.conf]'
|
||||
end
|
||||
|
||||
template '/etc/neutron/vpn_agent.ini' do
|
||||
source 'vpn_agent.ini.erb'
|
||||
template '/etc/neutron/services/neutron-vpnaas/vpn_agent.ini' do
|
||||
source 'services/neutron-vpnaas/vpn_agent.ini.erb'
|
||||
owner node['openstack']['network']['platform']['user']
|
||||
group node['openstack']['network']['platform']['group']
|
||||
mode 00640
|
||||
|
|
|
@ -31,6 +31,12 @@ describe 'openstack-network::vpn_agent' do
|
|||
expect(chef_run).to upgrade_package('neutron-vpn-agent')
|
||||
end
|
||||
|
||||
it 'uses db upgrade head' do
|
||||
migrate_cmd = %r(neutron-db-manage --service vpnaas --config-file /etc/neutron/neutron.conf|
|
||||
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head)
|
||||
expect(chef_run).to run_bash('migrate vpnaas database').with(code: migrate_cmd)
|
||||
end
|
||||
|
||||
it 'starts ipsec on boot' do
|
||||
expect(chef_run).to enable_service('ipsec')
|
||||
end
|
||||
|
@ -44,7 +50,7 @@ describe 'openstack-network::vpn_agent' do
|
|||
end
|
||||
|
||||
describe 'vpn_agent.ini' do
|
||||
let(:file) { chef_run.template('/etc/neutron/vpn_agent.ini') }
|
||||
let(:file) { chef_run.template('/etc/neutron/services/neutron-vpnaas/vpn_agent.ini') }
|
||||
|
||||
it 'creates vpn_agent.ini' do
|
||||
expect(chef_run).to create_template(file.name).with(
|
||||
|
@ -56,25 +62,25 @@ describe 'openstack-network::vpn_agent' do
|
|||
|
||||
describe 'vpn_device_driver' do
|
||||
it 'renders one vpn_device_driver entry in vpn_agent.ini for default vpn_device_driver' do
|
||||
[/^vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver$/].each do |line|
|
||||
expect(chef_run).to render_file(file.name).with_content(line)
|
||||
[/^vpn_device_driver=neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('vpnagent', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'renders multi vpn_device_driver entries in vpn_agent.ini, when multi vpn_device_driver set' do
|
||||
chef_run.node.set['openstack']['network']['vpn']['vpn_device_driver'] = ['neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver',
|
||||
'neutron.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver']
|
||||
chef_run.node.set['openstack']['network']['vpn']['vpn_device_driver'] = ['neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver',
|
||||
'neutron_vpnaas.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver']
|
||||
chef_run.converge(described_recipe)
|
||||
[/^vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver$/,
|
||||
/^vpn_device_driver=neutron.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver$/].each do |line|
|
||||
expect(chef_run).to render_file(file.name).with_content(line)
|
||||
[/^vpn_device_driver=neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver$/,
|
||||
/^vpn_device_driver=neutron_vpnaas.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver$/].each do |line|
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('vpnagent', line)
|
||||
end
|
||||
end
|
||||
|
||||
it 'renders no setted vpn_device_driver entry in vpn_agent.ini, when no vpn_device_driver set' do
|
||||
chef_run.node.set['openstack']['network']['vpn']['vpn_device_driver'] = []
|
||||
chef_run.converge(described_recipe)
|
||||
expect(chef_run).to render_file(file.name).with_content(/^(?!vpn_device_driver)(.*)$/)
|
||||
expect(chef_run).to render_config_file(file.name).with_section_content('vpnagent', /^(?!vpn_device_driver)(.*)$/)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue