Enable fwaas recipe again after refactoring

Change-Id: Id2b6035ca330c1bf1e89bdda237d84b785f6a212
This commit is contained in:
Jan Klare 2016-08-26 11:48:21 +02:00
parent 29e771a9f3
commit 0141794350
8 changed files with 66 additions and 33 deletions

View File

@ -1,18 +1,20 @@
# This configuration was generated by
# `rubocop --auto-gen-config`
# on 2016-02-19 12:46:00 +0100 using RuboCop version 0.34.2.
# on 2016-08-26 13:02:36 +0200 using RuboCop version 0.39.0.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
# versions of RuboCop, may require this file to be generated again.
# Offense count: 9
# Offense count: 10
# Configuration parameters: EnforcedStyle, SupportedStyles.
# SupportedStyles: nested, compact
Style/ClassAndModuleChildren:
Exclude:
- 'recipes/_bridge_config_example.rb'
- 'recipes/client.rb'
- 'recipes/default.rb'
- 'recipes/fwaas.rb'
- 'recipes/identity_registration.rb'
- 'recipes/l3_agent.rb'
- 'recipes/lbaas.rb'

View File

@ -141,6 +141,8 @@ end
# ============================= VPN Agent Configuration ====================
# vpn_device_driver_packages in platform-specific settings is used to get driver dependencies installed, default is strongswan
# vpn_device_driver_services in platform-specific settings is used to enable services required by vpn drivers, default is strongswan
# To enable 'vpnaas' as service_plugin, you need to add it to neutron.conf
# ['Default']['service_plugins']
# Set to true to enable vpnaas
default['openstack']['network_vpnaas']['enabled'] = false
# Custom the vpnaas config file path
@ -163,6 +165,8 @@ default['openstack']['network_vpnaas']['conf'].tap do |conf|
end
# ============================= LBaaS Agent Configuration ==================
# To enable 'lbaas' as service_plugin, you need to add it to neutron.conf
# ['Default']['service_plugins']
# Set to true to enable lbaas
default['openstack']['network_lbaas']['enabled'] = false
# Custom the lbaas config file path
@ -181,15 +185,17 @@ default['openstack']['network_lbaas']['conf'].tap do |conf|
end
# ============================= FWaaS Configuration ==================
# TODO(jklare) : check why the package is installed and if the configuration
# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas
# recipes and attributes)
# To enable 'firewall' as service_plugin, you need to add it to neutron.conf
# ['Default']['service_plugins']
# Set to True to enable firewall service
default['openstack']['network_fwaas']['enabled'] = false
# Firewall service driver with linux iptables
# default['openstack']['network']['fwaas']['driver'] = 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver'
default['openstack']['network_fwaas']['conf'].tap do |conf|
conf['fwaas']['driver'] =
'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver'
end
# Custom the fwaas config file path
# default['openstack']['network']['fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini'
default['openstack']['network_fwaas']['config_file'] = '/etc/neutron/fwaas_driver.ini'
# ============================= platform-specific settings ===========
default['openstack']['network']['platform'].tap do |platform|
platform['user'] = 'neutron'

View File

@ -1,24 +1,40 @@
# TODO(jklare) : check why the package is installed and if the configuration
# works at all (if so, this needs refactoring parallel to the lbaas and vpnaas
# recipes and attributes)
# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb----
# <%= node["openstack"]["network"]["custom_template_banner"] %>
# [fwaas]
# driver = <%= node['openstack']['network']['fwaas']['driver'] %>
# enabled = <%= node['openstack']['network']['fwaas']['enabled'] %>
# ---- moved from templates/default/services/neutron-fwaas/fwaas_driver.ini.erb----
# ---- moved from recipes/l3_agent----
# Encoding: utf-8
#
# Cookbook Name:: openstack-network
# Recipe:: fwaas
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
include_recipe 'openstack-network'
# Make Openstack object available in Chef::Recipe
class ::Chef::Recipe
include ::Openstack
end
node.default['openstack']['network_fwaas']['conf'].tap do |conf|
conf['fwaas']['enabled'] = true
end
# As the fwaas package will be installed anyway, configure its config-file attributes following environment.
# template node['openstack']['network']['fwaas']['config_file'] do
# source 'services/neutron-fwaas/fwaas_driver.ini.erb'
# user node['openstack']['network']['platform']['user']
# group node['openstack']['network']['platform']['group']
# mode 00640
# # Only restart vpn agent to avoid synchronization problem, when vpn agent is enabled.
# if node['openstack']['network']['enable_vpn']
# notifies :restart, 'service[neutron-vpn-agent]', :delayed
# else
# notifies :restart, 'service[neutron-l3-agent]', :immediately
# end
# end
# ---- moved from recipes/l3_agent----
service_conf = merge_config_options 'network_fwaas'
template node['openstack']['network_fwaas']['config_file'] do
source 'openstack-service.conf.erb'
cookbook 'openstack-common'
owner node['openstack']['network']['platform']['user']
group node['openstack']['network']['platform']['group']
mode 00640
variables(
service_config: service_conf
)
end

View File

@ -62,6 +62,9 @@ service 'neutron-l3-agent' do
action [:stop, :disable]
else
action [:enable, :start]
subscribes :restart, 'template[/etc/neutron/neutron.conf]'
subscribes :restart, [
'template[/etc/neutron/neutron.conf]',
"template[#{node['openstack']['network_fwaas']['config_file']}]"
]
end
end

View File

@ -1,7 +1,7 @@
# Encoding: utf-8
#
# Cookbook Name:: openstack-network
# Recipe:: balancer
# Recipe:: lbaas
#
# Copyright 2013, Mirantis IT
#

View File

@ -68,6 +68,7 @@ service 'neutron-vpn-agent' do
action [:enable, :start]
subscribes :restart, [
'template[/etc/neutron/neutron.conf]',
"template[#{node['openstack']['network_vpnaas']['config_file']}]"
"template[#{node['openstack']['network_vpnaas']['config_file']}]",
"template[#{node['openstack']['network_fwaas']['config_file']}]"
]
end

View File

@ -19,6 +19,7 @@ describe 'openstack-network::l3_agent' do
it 'subscribes the l3 agent service to neutron.conf' do
expect(chef_run.service('neutron-l3-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
end
%w(neutron-l3-agent radvd keepalived).each do |pkg|
it "upgrades #{pkg} package" do
expect(chef_run).to upgrade_package(pkg)

View File

@ -36,6 +36,10 @@ describe 'openstack-network::vpnaas' do
expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/neutron.conf]').delayed
end
it 'subscribes the vpn agent service to vpn_agent.ini' do
expect(chef_run.service('neutron-vpn-agent')).to subscribe_to('template[/etc/neutron/vpn_agent.ini]').delayed
end
describe 'vpn_agent.ini' do
let(:file) { chef_run.template('/etc/neutron/vpn_agent.ini') }