Update FWaaS plugin for 7.0
- replaced deprecated parameters with actual ones - updated metadata file for 7.0 - added fwaas package installation - removed unused code Change-Id: I699772297d2b67a65a2b8567ea364bee60177a2b
This commit is contained in:
parent
0bd1ef153a
commit
7441540221
|
@ -4,7 +4,7 @@ FWaaS plugin
|
|||
FWaaS (Firewall-as-a-Service) is a Neutron extension that introduces Firewall feature set.
|
||||
|
||||
This repo contains all necessary files to build FWaaS Fuel plugin.
|
||||
Currently the only supported Fuel version is 6.1.
|
||||
Supported Fuel version is 7.0.
|
||||
|
||||
Building the plugin
|
||||
-------------------
|
||||
|
@ -41,6 +41,8 @@ Deployment details
|
|||
FWaaS deployment requires only adding a couple parameters in neutron.conf and
|
||||
enabling FWaaS tab in Horizon.
|
||||
|
||||
Currently this plugin is not compatible with Neutron DVR.
|
||||
|
||||
Accessing FWaaS functionality
|
||||
------------------------------
|
||||
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
source 'https://rubygems.org'
|
||||
|
||||
puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 3.3']
|
||||
gem 'puppet', puppetversion
|
||||
gem 'puppetlabs_spec_helper', '>= 0.1.0'
|
||||
gem 'puppet-lint', '>= 0.3.2'
|
||||
gem 'facter', '>= 1.7.0'
|
|
@ -1,18 +0,0 @@
|
|||
require 'rubygems'
|
||||
require 'puppetlabs_spec_helper/rake_tasks'
|
||||
require 'puppet-lint/tasks/puppet-lint'
|
||||
PuppetLint.configuration.send('disable_80chars')
|
||||
PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
|
||||
|
||||
desc "Validate manifests, templates, and ruby files"
|
||||
task :validate do
|
||||
Dir['manifests/**/*.pp'].each do |manifest|
|
||||
sh "puppet parser validate --noop #{manifest}"
|
||||
end
|
||||
Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file|
|
||||
sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/
|
||||
end
|
||||
Dir['templates/**/*.erb'].each do |template|
|
||||
sh "erb -P -x -T '-' #{template} | ruby -c"
|
||||
end
|
||||
end
|
|
@ -24,14 +24,14 @@ class fwaas::enable_in_neutron_config {
|
|||
key_val_separator => '=',
|
||||
path => '/etc/neutron/neutron.conf',
|
||||
setting => 'service_plugins',
|
||||
subsetting => 'neutron.services.firewall.',
|
||||
subsetting => 'neutron_fwaas.services.firewall.',
|
||||
subsetting_separator => ',',
|
||||
value => 'fwaas_plugin.FirewallPlugin',
|
||||
}
|
||||
|
||||
neutron_config {
|
||||
'fwaas/enabled': value => 'True';
|
||||
'fwaas/driver' : value => 'neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
|
||||
'fwaas/driver' : value => 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver';
|
||||
}
|
||||
|
||||
service { $fwaas::params::server_service:
|
||||
|
@ -64,9 +64,35 @@ class fwaas::enable_in_dashboard {
|
|||
|
||||
class fwaas {
|
||||
|
||||
require fwaas::params
|
||||
require fwaas::enable_in_neutron_config
|
||||
require fwaas::enable_in_dashboard
|
||||
include fwaas::params
|
||||
include fwaas::enable_in_neutron_config
|
||||
include fwaas::enable_in_dashboard
|
||||
|
||||
$primary_controller = hiera('primary_controller')
|
||||
|
||||
if $::fwaas::params::fwaas_package {
|
||||
Package['neutron-fwaas'] -> Class[fwaas::enable_in_neutron_config]
|
||||
package { 'neutron-fwaas':
|
||||
ensure => present,
|
||||
name => $::fwaas::params::fwaas_package,
|
||||
}
|
||||
}
|
||||
|
||||
if $primary_controller {
|
||||
|
||||
Package<| title == 'neutron-fwaas' |> -> Exec['neutron-db-sync']
|
||||
|
||||
exec { 'neutron-db-sync':
|
||||
command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini --service fwaas upgrade head',
|
||||
path => '/usr/bin',
|
||||
refreshonly => true,
|
||||
tries => 10,
|
||||
try_sleep => 10,
|
||||
}
|
||||
Neutron_config<||> ~> Exec['neutron-db-sync']
|
||||
Ini_subsetting['add_fwaas_service_plugin'] ~> Exec['neutron-db-sync']
|
||||
Exec['neutron-db-sync'] ~> Service[$fwaas::params::server_service]
|
||||
}
|
||||
|
||||
if $fwaas::params::ha {
|
||||
|
||||
|
|
|
@ -16,8 +16,7 @@
|
|||
|
||||
class fwaas::params {
|
||||
|
||||
$fuel_settings = parseyaml($astute_settings_yaml)
|
||||
$ha = $fuel_settings['deployment_mode'] ? { 'ha_compact'=>true, default=>false }
|
||||
$ha = hiera('deployment_mode') ? { 'ha_compact'=>true, default=>false }
|
||||
$vpn_enabled = $::is_vpn_enabled ? { 'Started'=>true, default=>false }
|
||||
|
||||
$server_service = 'neutron-server'
|
||||
|
@ -36,6 +35,7 @@ class fwaas::params {
|
|||
|
||||
if($::osfamily == 'Redhat') {
|
||||
$server_package = 'openstack-neutron'
|
||||
$fwaas_package = 'python-neutron-fwaas'
|
||||
|
||||
$dashboard_package = 'openstack-dashboard'
|
||||
$dashboard_service = 'httpd'
|
||||
|
@ -46,6 +46,7 @@ class fwaas::params {
|
|||
} elsif($::osfamily == 'Debian') {
|
||||
|
||||
$server_package = 'neutron-server'
|
||||
$fwaas_package = 'python-neutron-fwaas'
|
||||
|
||||
$dashboard_package = 'python-django-horizon'
|
||||
$dashboard_service = 'apache2'
|
||||
|
|
|
@ -1,14 +0,0 @@
|
|||
{
|
||||
"name": "fwaas",
|
||||
"version": "0.1.0",
|
||||
"author": "Andrey Epifanov",
|
||||
"summary": "Module to manage fwaas",
|
||||
"license": "Apache 2.0",
|
||||
"source": "",
|
||||
"project_page": "https://github.com/Mirantis/fuel-plugins",
|
||||
"issues_url": "aepifanov@mirantis.com",
|
||||
"dependencies": [
|
||||
{"name":"puppetlabs-stdlib","version_requirement":">= 1.0.0"}
|
||||
]
|
||||
}
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
# Copyright 2015 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
require 'spec_helper'
|
||||
describe 'fwaas' do
|
||||
|
||||
context 'with defaults for all parameters' do
|
||||
it { should contain_class('fwaas') }
|
||||
end
|
||||
end
|
|
@ -1,15 +0,0 @@
|
|||
# Copyright 2015 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
require 'puppetlabs_spec_helper/module_spec_helper'
|
|
@ -1,26 +0,0 @@
|
|||
# Copyright 2015 Mirantis, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# The baseline for module testing used by Puppet Labs is that each manifest
|
||||
# should have a corresponding test manifest that declares that class or defined
|
||||
# type.
|
||||
#
|
||||
# Tests are then run by using puppet apply --noop (to check for compilation
|
||||
# errors and view a log of events) or by fully applying the test in a virtual
|
||||
# environment (to compare the resulting system state to the desired state).
|
||||
#
|
||||
# Learn more about module testing here:
|
||||
# http://docs.puppetlabs.com/guides/tests_smoke.html
|
||||
#
|
||||
include fwaas
|
|
@ -4,3 +4,5 @@ attributes:
|
|||
restrictions:
|
||||
- condition: cluster:net_provider != 'neutron'
|
||||
action: hide
|
||||
- condition: settings:neutron_advanced_configuration.neutron_dvr.value == true
|
||||
message: "Neutron DVR must be disabled in order to use FWaaS plugin"
|
||||
|
|
|
@ -3,29 +3,29 @@ name: fwaas-plugin
|
|||
# Human-readable name for your plugin
|
||||
title: FWaaS plugin for Neutron
|
||||
# Plugin version
|
||||
version: 1.0.0
|
||||
version: 1.1.0
|
||||
# Description
|
||||
description: Neutron extension that introduces FireWall feature set
|
||||
# Required fuel version
|
||||
fuel_version: ['6.1']
|
||||
fuel_version: ['7.0']
|
||||
# Specify license of your plugin
|
||||
licenses: ['Apache License Version 2.0']
|
||||
# Specify author or company name
|
||||
authors: ['Andrey Epifanov']
|
||||
authors: ['Andrey Epifanov, Sergey Kolekonov']
|
||||
# A link to the plugin's page
|
||||
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-vpnaas'
|
||||
homepage: 'https://github.com/stackforge/fuel-plugin-neutron-fwaas'
|
||||
# Groups
|
||||
groups: ['network']
|
||||
|
||||
# The plugin is compatible with releases in the list
|
||||
releases:
|
||||
- os: ubuntu
|
||||
version: 2014.2-6.1
|
||||
version: 2015.1-7.0
|
||||
mode: ['ha', 'multinode']
|
||||
deployment_scripts_path: deployment_scripts/
|
||||
repository_path: repositories/ubuntu
|
||||
- os: centos
|
||||
version: 2014.2-6.1
|
||||
version: 2015.1-7.0
|
||||
mode: ['ha', 'multinode']
|
||||
deployment_scripts_path: deployment_scripts/
|
||||
repository_path: repositories/centos
|
||||
|
|
Loading…
Reference in New Issue