diff --git a/README.md b/README.md index 4a3e832e5..7d7f781e4 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,7 @@ scenario](#all-in-one). | ceph rgw | | | | X | | | | vitrage | X | | | | | | | watcher | | | | X | | | +| vpnaas | | | | X | | | | bgpvpn-api | | | | X | | | | bgp-dr | | | | X | | | | redis | X | X | X | | | | diff --git a/fixtures/scenario004.pp b/fixtures/scenario004.pp index 11d296f5a..9bbf51983 100644 --- a/fixtures/scenario004.pp +++ b/fixtures/scenario004.pp @@ -28,11 +28,14 @@ if $facts['os']['name'] == 'Ubuntu' { $l2gw_enabled = false # FIXME(ykarel) Disable bgp_dragent until Ubuntu python3 stein(with stein packages) jobs are ready $bgp_dragent_enabled = false + # TODO(tkajinam): Enable this along with the other plugins + $vpnaas_enabled = false } else { $ipv6 = true $bgpvpn_enabled = true $l2gw_enabled = true $bgp_dragent_enabled = true + $vpnaas_enabled = true } include openstack_integration @@ -53,6 +56,7 @@ class { 'openstack_integration::glance': backend => 'swift', } class { 'openstack_integration::neutron': + vpnaas_enabled => $vpnaas_enabled, bgpvpn_enabled => $bgpvpn_enabled, l2gw_enabled => $l2gw_enabled, bgp_dragent_enabled => $bgp_dragent_enabled, @@ -82,6 +86,7 @@ include openstack_integration::provision class { 'openstack_integration::tempest': horizon => true, watcher => true, + vpnaas => $vpnaas_enabled, bgpvpn => $bgpvpn_enabled, l2gw => $l2gw_enabled, l2gw_switch => 'cell08-5930-01::FortyGigE1/0/1|100', diff --git a/manifests/neutron.pp b/manifests/neutron.pp index 72499baf3..e49516887 100644 --- a/manifests/neutron.pp +++ b/manifests/neutron.pp @@ -9,9 +9,12 @@ # (optional) Flag to enable metering agent # Defaults to false. # +# [*vpnaas_enabled*] +# (optional) Flag to enable VPNaaS. +# Defaults to false. +# # [*bgpvpn_enabled*] -# (optional) Flag to enable BGPVPN -# API extensions. +# (optional) Flag to enable BGPVPN API extensions. # Defaults to false. # # [*l2gw_enabled*] @@ -33,6 +36,7 @@ class openstack_integration::neutron ( $driver = 'openvswitch', $metering_enabled = false, + $vpnaas_enabled = false, $bgpvpn_enabled = false, $l2gw_enabled = false, $bgp_dragent_enabled = false, @@ -147,10 +151,15 @@ class openstack_integration::neutron ( true => 'metering', default => undef, } + $vpaaas_plugin = $vpnaas_enabled ? { + true => 'vpnaas', + default => undef, + } $bgpvpn_plugin = $bgpvpn_enabled ? { true => 'bgpvpn', default => undef, } + if $l2gw_enabled { if ($facts['os']['name'] == 'Ubuntu') { class { 'neutron::services::l2gw': } @@ -167,15 +176,22 @@ class openstack_integration::neutron ( $providers_list = undef } $l2gw_plugin = $l2gw_enabled ? { - true => 'networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin', + true => 'l2gw', default => undef, } $bgp_dr_plugin = $bgp_dragent_enabled ? { - true => 'neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin', + true => 'bgp', default => undef, } - $plugins_list = delete_undef_values(['router', 'qos', 'trunk', $metering_plugin, $bgpvpn_plugin, $l2gw_plugin, $bgp_dr_plugin]) + $plugins_list = delete_undef_values([ + 'router', 'qos', 'trunk', + $metering_plugin, + $vpaaas_plugin, + $bgpvpn_plugin, + $l2gw_plugin, + $bgp_dr_plugin + ]) } if $driver == 'linuxbridge' { @@ -379,6 +395,28 @@ class openstack_integration::neutron ( debug => true, } } + if $vpnaas_enabled { + $vpn_device_driver = $facts['os']['family'] ? { + 'Debian' => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver', + default => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver' + } + $service_provider_name = $facts['os']['family'] ? { + 'Debian' => 'strongswan', + default => 'openswan' + } + + class { 'neutron::services::vpnaas': + service_providers => join([ + 'VPN', + $service_provider_name, + 'neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver', + 'default' + ], ':') + } + class { 'neutron::agents::vpnaas': + vpn_device_driver => $vpn_device_driver, + } + } } if $baremetal_enabled { diff --git a/manifests/tempest.pp b/manifests/tempest.pp index 6a69ebed7..d9c2eadfc 100644 --- a/manifests/tempest.pp +++ b/manifests/tempest.pp @@ -108,6 +108,10 @@ # (optional) Define if Vitrage needs to be tested. # Default to false. # +# [*vpnaas*] +# (optional) Define if Neutron VPNaaS needs to be tested. +# Default to false. +# # [*watcher*] # (optional) Define if Watcher needs to be tested. # Default to false. @@ -180,6 +184,7 @@ class openstack_integration::tempest ( $trove = false, $watcher = false, $vitrage = false, + $vpnaas = false, $zaqar = false, $reseller_admin_role = 'ResellerAdmin', $attach_encrypted_volume = false, @@ -255,6 +260,10 @@ class openstack_integration::tempest ( true => ['bgpvpn'], default => [], } + $neutron_vpnaas_extensions = $vpnaas ? { + true => ['vpnaas'], + default => [], + } $neutron_api_extensions_real = sort( $neutron_base_extensions + @@ -262,7 +271,8 @@ class openstack_integration::tempest ( $neutron_l3_extensions + $neutron_metering_extensions + $neutron_l2gw_extensions + - $neutron_bgpvpn_extensions + $neutron_bgpvpn_extensions + + $neutron_vpnaas_extensions ) }