Automatically generate neutron VPNaaS configuration files

This adds a new tox environment, genconfig, which generates sample neutron VPNaaS configuration file using oslo-config-generator. Updates to some configuration option help messages to reflect useful details that were missing in the code but were present in config files. DocImpact: Update the docs that VPNaaS no longer includes static example configuration files. Instead, use tools/generate_config_file_samples.sh to generate them and the files generated now end with .sample extension. Partially-Implements: blueprint autogen-neutron-conf-file Change-Id: I4a6094b8218dfd320d05bfb1e3bc121e8930c551 Partial-bug: #1199963
2015-12-04 09:10:04 +00:00 · 2015-12-04 09:10:04 +00:00 · 5c8941eeed
parent f7ed0ebd89
commit 5c8941eeed
13 changed files with 125 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,6 +6,7 @@ cover/
 covhtml/
 dist/
 doc/build
+etc/*.sample
 *.DS_Store
 *.pyc
 neutron.egg-info/
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@ -20,7 +20,7 @@ function neutron_agent_vpnaas_install_agent_packages {
 }

 function neutron_vpnaas_configure_common {
-    cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf $NEUTRON_VPNAAS_CONF
+    cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf.sample $NEUTRON_VPNAAS_CONF
    _neutron_service_plugin_class_add $VPN_PLUGIN
    _neutron_deploy_rootwrap_filters $NEUTRON_VPNAAS_DIR
    inicomment $NEUTRON_VPNAAS_CONF service_providers service_provider
@ -31,7 +31,7 @@ function neutron_vpnaas_configure_common {

 function neutron_vpnaas_configure_agent {
    local conf_file=${1:-$Q_VPN_CONF_FILE}
-    cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini $conf_file
+    cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini.sample $conf_file
    if [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then
        if is_fedora; then
            iniset_multiline $conf_file vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.fedora_strongswan_ipsec.FedoraStrongSwanDriver
@ -69,6 +69,11 @@ function neutron_vpnaas_stop {
    stop_process neutron-vpnaas
 }

+function neutron_vpnaas_generate_config_files {
+    # Uses oslo config generator to generate VPNaaS sample configuration files
+    (cd $NEUTRON_VPNAAS_DIR && exec sudo ./tools/generate_config_file_samples.sh)
+}
+
 # Main plugin processing

 # NOP for pre-install step
@ -79,6 +84,7 @@ if [[ "$1" == "stack" && "$2" == "install" ]]; then

 elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
    echo_summary "Configuring neutron-vpnaas"
+    neutron_vpnaas_generate_config_files
    neutron_vpnaas_configure_common
    neutron_vpnaas_configure_agent

--- a/etc/README.txt
+++ b/etc/README.txt
@ -0,0 +1,9 @@
+To generate the sample neutron VPNaaS configuration files, run the following
+command from the top level of the neutron VPNaaS directory:
+
+tox -e genconfig
+
+If a 'tox' environment is unavailable, then you can run the following script
+instead to generate the configuration files:
+
+./tools/generate_config_file_samples.sh
--- a/etc/oslo-config-generator/neutron_vpnaas.conf
+++ b/etc/oslo-config-generator/neutron_vpnaas.conf
@ -0,0 +1,5 @@
+[DEFAULT]
+output_file = etc/neutron_vpnaas.conf.sample
+wrap_width = 79
+
+namespace = neutron.vpnaas
--- a/etc/oslo-config-generator/vpn_agent.ini
+++ b/etc/oslo-config-generator/vpn_agent.ini
@ -0,0 +1,5 @@
+[DEFAULT]
+output_file = etc/vpn_agent.ini.sample
+wrap_width = 79
+
+namespace = neutron.vpnaas.agent
--- a/neutron_vpnaas/opts.py
+++ b/neutron_vpnaas/opts.py
@ -0,0 +1,38 @@
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License. You may obtain
+#  a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#  License for the specific language governing permissions and limitations
+#  under the License.
+
+import neutron.services.provider_configuration
+
+import neutron_vpnaas.services.vpn.agent
+import neutron_vpnaas.services.vpn.device_drivers.ipsec
+import neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec
+
+
+def list_agent_opts():
+    return [
+        ('vpnagent',
+         neutron_vpnaas.services.vpn.agent.vpn_agent_opts),
+        ('ipsec',
+         neutron_vpnaas.services.vpn.device_drivers.ipsec.ipsec_opts),
+        ('strongswan',
+         neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.
+         strongswan_opts),
+        ('pluto',
+         neutron_vpnaas.services.vpn.device_drivers.ipsec.pluto_opts)
+    ]
+
+
+def list_opts():
+    return [
+        ('service_providers',
+         neutron.services.provider_configuration.serviceprovider_opts)
+    ]
--- a/neutron_vpnaas/services/vpn/agent.py
+++ b/neutron_vpnaas/services/vpn/agent.py
@ -25,6 +25,18 @@ vpn_agent_opts = [
        'vpn_device_driver',
        default=['neutron_vpnaas.services.vpn.device_drivers.'
                 'ipsec.OpenSwanDriver'],
+        sample_default=['neutron_vpnaas.services.vpn.device_drivers.ipsec.'
+                       'OpenSwanDriver, '
+                       'neutron_vpnaas.services.vpn.device_drivers.'
+                       'cisco_ipsec.CiscoCsrIPsecDriver, '
+                       'neutron_vpnaas.services.vpn.device_drivers.'
+                       'vyatta_ipsec.VyattaIPSecDriver, '
+                       'neutron_vpnaas.services.vpn.device_drivers.'
+                       'strongswan_ipsec.StrongSwanDriver, '
+                       'neutron_vpnaas.services.vpn.device_drivers.'
+                       'fedora_strongswan_ipsec.FedoraStrongSwanDriver, '
+                       'neutron_vpnaas.services.vpn.device_drivers.'
+                       'libreswan_ipsec.LibreSwanDriver'],
        help=_("The vpn device drivers Neutron will use")),
 ]
 cfg.CONF.register_opts(vpn_agent_opts, 'vpnagent')
--- a/neutron_vpnaas/services/vpn/device_drivers/ipsec.py
+++ b/neutron_vpnaas/services/vpn/device_drivers/ipsec.py
@ -56,7 +56,9 @@ ipsec_opts = [
                default=False,
                help=_("Enable detail logging for ipsec pluto process. "
                       "If the flag set to True, the detailed logging will "
-                       "be written into config_base_dir/<pid>/log.")),
+                       "be written into config_base_dir/<pid>/log. "
+                       "Note: This setting applies to OpenSwan and LibreSwan "
+                       "only. StrongSwan logs to syslog.")),
 ]
 cfg.CONF.register_opts(ipsec_opts, 'ipsec')

--- a/releasenotes/notes/config-file-generation-0dcf19f5d8baaf5d.yaml
+++ b/releasenotes/notes/config-file-generation-0dcf19f5d8baaf5d.yaml
@ -0,0 +1,7 @@
+---
+prelude: >
+    Generation of sample Neutron VPNaaS configuration files.
+features:
+  - Neutron VPNaaS no longer includes static example configuration files.
+    Instead, use tools/generate_config_file_samples.sh to generate them.
+    The files are generated with a .sample extension.
--- a/setup.cfg
+++ b/setup.cfg
@ -40,6 +40,9 @@ device_drivers =
    neutron.services.vpn.device_drivers.vyatta_ipsec.VyattaIPsecDriver = neutron_vpnaas.services.vpn.device_drivers.vyatta_ipsec:VyattaIPsecDriver
 neutron.db.alembic_migrations =
    neutron-vpnaas = neutron_vpnaas.db.migration:alembic_migrations
+oslo.config.opts =
+    neutron.vpnaas = neutron_vpnaas.opts:list_opts
+    neutron.vpnaas.agent = neutron_vpnaas.opts:list_agent_opts

 [build_sphinx]
 all_files = 1
--- a/tools/configure_for_vpn_func_testing.sh
+++ b/tools/configure_for_vpn_func_testing.sh
@ -41,6 +41,7 @@ function _install_vpn_package {
 function _configure_vpn_ini_file {
    echo_summary "Configuring VPN ini file"
    local temp_ini=$(mktemp)
+    neutron_vpnaas_generate_config_files
    neutron_vpnaas_configure_agent $temp_ini
    sudo install -d -o $STACK_USER /etc/neutron/
    sudo install -m 644 -o $STACK_USER $temp_ini $Q_VPN_CONF_FILE
@ -52,6 +53,7 @@ function configure_host_for_vpn_func_testing {
    if [ "$IS_GATE" == "True" ]; then
        configure_host_for_func_testing
    fi
+    sudo pip install --force oslo.config==3.0.0 # req for oslo-config-generator
    _install_vpn_package
    _configure_vpn_ini_file
 }
--- a/tools/generate_config_file_samples.sh
+++ b/tools/generate_config_file_samples.sh
@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+set -e
+
+GEN_CMD=oslo-config-generator
+
+if ! type "$GEN_CMD" > /dev/null; then
+    echo "ERROR: $GEN_CMD not installed on the system."
+    exit 1
+fi
+
+for file in etc/oslo-config-generator/*; do
+    $GEN_CMD --config-file=$file
+done
+
+set -x
--- a/tox.ini
+++ b/tox.ini
@ -72,6 +72,7 @@ commands =
  pylint --rcfile=.pylintrc --output-format=colorized {posargs:neutron_vpnaas}
  {toxinidir}/tools/check_unit_test_structure.sh
  neutron-db-manage --subproject neutron-vpnaas --database-connection sqlite:// check_migration
+  {[testenv:genconfig]commands}
 whitelist_externals = sh

 [testenv:pep8-constraints]
@ -136,3 +137,6 @@ exclude = .venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,build,to
 [hacking]
 import_exceptions = neutron_vpnaas._i18n
 local-check-factory = neutron.hacking.checks.factory
+
+[testenv:genconfig]
+commands = {toxinidir}/tools/generate_config_file_samples.sh