DevStack plugin for fwaas
Start by just running the cookiecutter code - documented at [1]. Then scrape out the fwaas/firewall code from DevStack and stick it where it looks like it should be in the plugin. [1]: http://git.openstack.org/cgit/openstack-dev/devstack-plugin-cookiecutter/tree/README.rst Related-Change: Ic60cd1fa90c19dfac00be583e2ddc5633dbb68a3 Co-Authored-By: Nate Johnston <Nate_Johnston@cable.comcast.com> Co-Authored-By: German Eichberger <german.eichberger@hp.com> Co-Authored-By: Kyle Mestery <mestery@mestery.com> Change-Id: If6c6e032689392fecc8c24517666128c8c103a7b Signed-of-by: Kyle Mestery <mestery@mestery.com>
This commit is contained in:
parent
b26f9f46af
commit
e70a782008
|
@ -6,3 +6,7 @@ the latest up to date instructions for how to test Neutron, and will
|
||||||
be applicable to neutron-fwaas as well:
|
be applicable to neutron-fwaas as well:
|
||||||
|
|
||||||
`Neutron TESTING.rst <http://git.openstack.org/cgit/openstack/neutron/tree/TESTING.rst>`_
|
`Neutron TESTING.rst <http://git.openstack.org/cgit/openstack/neutron/tree/TESTING.rst>`_
|
||||||
|
|
||||||
|
For instructions on how to use FWaaS with devstack, look at:
|
||||||
|
|
||||||
|
`Neutron-FWaaS DevStack <http://git.openstack.org/cgit/openstack/neutron-fwaas/tree/devstack/README.rst>`_
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
neutron-fwaas in DevStack
|
||||||
|
=========================
|
||||||
|
|
||||||
|
This is setup as a DevStack plugin. For more information on DevStack plugins,
|
||||||
|
see the `DevStack Plugins documentation
|
||||||
|
<http://docs.openstack.org/developer/devstack/plugins.html>`_.
|
||||||
|
|
||||||
|
This was created using the `devstack-plugin-cookiecutter
|
||||||
|
<https://github.com/openstack-dev/devstack-plugin-cookiecutter>`_ tool.
|
||||||
|
|
||||||
|
How to run FWaaS in DevStack
|
||||||
|
=========================
|
||||||
|
|
||||||
|
Add the following to the localrc section of your local.conf:
|
||||||
|
|
||||||
|
.. code-block:: none
|
||||||
|
[[local|localrc]]
|
||||||
|
enable_plugin neutron-fwaas http://git.openstack.org/openstack/neutron-fwaas
|
||||||
|
enable_service q-fwaas
|
||||||
|
|
||||||
|
To check a specific patchset that is currently under development, use a form
|
||||||
|
like the below example, which is checking out change 214350 patch set 14 for
|
||||||
|
testing.
|
||||||
|
|
||||||
|
.. code-block:: none
|
||||||
|
[[local|localrc]]
|
||||||
|
enable_plugin neutron-fwaas https://review.openstack.org/p/openstack/neutron-fwaas refs/changes/50/214350/14
|
||||||
|
enable_service q-fwaas
|
|
@ -0,0 +1,109 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
# Dependencies:
|
||||||
|
#
|
||||||
|
# ``functions`` file
|
||||||
|
# ``DEST`` must be defined
|
||||||
|
|
||||||
|
# Save trace setting
|
||||||
|
XTRACE=$(set +o | grep xtrace)
|
||||||
|
set +o xtrace
|
||||||
|
|
||||||
|
function pre_install_fwaas() {
|
||||||
|
# Install OS packages if necessary with "install_package ...".
|
||||||
|
:
|
||||||
|
neutron_fwaas_configure_common
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_fwaas() {
|
||||||
|
# Install the service.
|
||||||
|
:
|
||||||
|
setup_develop $DEST/neutron-fwaas
|
||||||
|
}
|
||||||
|
|
||||||
|
function configure_fwaas() {
|
||||||
|
neutron_fwaas_configure_driver
|
||||||
|
}
|
||||||
|
|
||||||
|
function init_fwaas() {
|
||||||
|
# Initialize and start the service.
|
||||||
|
:
|
||||||
|
}
|
||||||
|
|
||||||
|
function shutdown_fwaas() {
|
||||||
|
# Shut the service down.
|
||||||
|
:
|
||||||
|
}
|
||||||
|
|
||||||
|
function cleanup_fwaas() {
|
||||||
|
# Cleanup the service.
|
||||||
|
:
|
||||||
|
}
|
||||||
|
|
||||||
|
function neutron_fwaas_configure_common {
|
||||||
|
_neutron_service_plugin_class_add $FWAAS_PLUGIN
|
||||||
|
}
|
||||||
|
|
||||||
|
function neutron_fwaas_configure_driver {
|
||||||
|
# Uses oslo config generator to generate FWaaS sample configuration files
|
||||||
|
(cd $NEUTRON_FWAAS_DIR && exec ./tools/generate_config_file_samples.sh)
|
||||||
|
|
||||||
|
cp $NEUTRON_FWAAS_DIR/etc/$FWAAS_DRIVER_CONF_FILENAME.sample $FWAAS_CONF_FILE
|
||||||
|
|
||||||
|
iniset_multiline $FWAAS_CONF_FILE fwaas enabled True
|
||||||
|
iniset_multiline $FWAAS_CONF_FILE fwaas driver $FWAAS_DRIVER
|
||||||
|
#iniset $NEUTRON_CONF DEFAULT service_plugins $Q_SERVICE_PLUGIN_CLASSES
|
||||||
|
}
|
||||||
|
|
||||||
|
# check for service enabled
|
||||||
|
if is_service_enabled q-svc && is_service_enabled q-fwaas; then
|
||||||
|
|
||||||
|
if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
|
||||||
|
# Set up system services
|
||||||
|
echo_summary "Configuring system services q-fwaas"
|
||||||
|
pre_install_fwaas
|
||||||
|
|
||||||
|
elif [[ "$1" == "stack" && "$2" == "install" ]]; then
|
||||||
|
# Perform installation of service source
|
||||||
|
echo_summary "Installing q-fwaas"
|
||||||
|
install_fwaas
|
||||||
|
|
||||||
|
elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
|
||||||
|
# Configure after the other layer 1 and 2 services have been configured
|
||||||
|
echo_summary "Configuring q-fwaas"
|
||||||
|
configure_fwaas
|
||||||
|
|
||||||
|
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
|
||||||
|
# Initialize and start the q-fwaas service
|
||||||
|
echo_summary "Initializing q-fwaas"
|
||||||
|
init_fwaas
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ "$1" == "unstack" ]]; then
|
||||||
|
# Shut down q-fwaas services
|
||||||
|
# no-op
|
||||||
|
shutdown_fwaas
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ "$1" == "clean" ]]; then
|
||||||
|
# Remove state and transient data
|
||||||
|
# Remember clean.sh first calls unstack.sh
|
||||||
|
# no-op
|
||||||
|
cleanup_fwaas
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Restore xtrace
|
||||||
|
$XTRACE
|
|
@ -0,0 +1,4 @@
|
||||||
|
FWAAS_DRIVER=${FWAAS_DRIVER:-iptables}
|
||||||
|
FWAAS_PLUGIN=${FWAAS_PLUGIN:-firewall}
|
||||||
|
FWAAS_DRIVER_CONF_FILENAME=${FWAAS_DRIVER_CONF_FILENAME:-fwaas_driver.ini}
|
||||||
|
FWAAS_CONF_FILE=${Q_FWAAS_CONF_FILE:-$NEUTRON_CONF_DIR/$FWAAS_DRIVER_CONF_FILENAME}
|
Loading…
Reference in New Issue