openstack
/
neutron-fwaas
Code Issues Proposed changes
neutron-fwaas/devstack
History
Édouard Thuleau 9b353afde4 Implements a plugable backend driver 
This patch removes all related DB code from the FWaaS service plugin v2
and creates service driver interfaces that can be used by different
backend drivers.

The default backend driver still based on the Neutron DB model
and agent RPC interface (for l3 and l2 agents) and was moved
to 'service_drivers.agents.agents.FwaasAgentDriver'. It inherits from the
firewall backend driver DB interface
'service_drivers.driver_api.FwaasDriverDB' to maintain the DB. It
is in charge to implement all RPC API and messages.

If we need to implement a backend driver which depends on the Neutron DB
but not on the agent RPC service, we just have to inherit from the DB
interface and if we like to develop a backend driver which not depends
on the Neutron DB model, we can inherit from the base driver interface
'service_driver.driver_api.FwaasDriver'.

That patch only modifies the service plugin 'firewall_v2', it does not
modify the Firewall v1 service plugin.

The backend DB driver provides an interface composed to a pre and post
commit hooks for each FWaaSv2 API actions which permits to the driver to
be warn anytimes. All that commit hooks methods does not do anything by
default and the backend driver needs to overide needed hooks.
The driver does not needs to implements all of them,

Closes-Bug: #1702312
Change-Id: I4ebd24f1b13eb823c4d63452fd37cace5bcf5481
 		2018-04-26 17:15:46 +02:00
..
lib Add devstack plugin support for fwaas v2 2016-09-23 19:38:29 +00:00
README.rst Add doc8 to pep8 check for neutron-fwaas project 2017-12-20 03:48:10 +00:00
plugin.sh Implements a plugable backend driver 2018-04-26 17:15:46 +02:00
settings Implements a plugable backend driver 2018-04-26 17:15:46 +02:00

README.rst

neutron-fwaas in DevStack

This is setup as a DevStack plugin. For more information on DevStack plugins, see the DevStack Plugins documentation.

Please note that the old 'q-fwaas' keyword still exists, and will run FWaaS V1. This default will be changed during the Ocata cycle. The introduction of two new keywords, 'q-fwaas-v1' and 'q-fwaas-v2' allow you to explicitly select the version you with to run.

How to run FWaaS V2 in DevStack

Add the following to the localrc section of your local.conf to configure FWaaS v2.

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
enable_service q-fwaas-v2

To check a specific patchset that is currently under development, use a form like the below example, which is checking out change 214350 patch set 14 for testing.

[[local|localrc]]
enable_plugin neutron-fwaas https://review.openstack.org/p/openstack/neutron-fwaas refs/changes/50/214350/14
enable_service q-fwaas-v2

How to run FWaaS V1 in DevStack

Add the following to the localrc section of your local.conf to configure FWaaS v1.

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
enable_service q-fwaas-v1

To check a specific patchset that is currently under development, use a form like the below example, which is checking out change 214350 patch set 14 for testing.

[[local|localrc]]
enable_plugin neutron-fwaas https://review.openstack.org/p/openstack/neutron-fwaas refs/changes/50/214350/14
enable_service q-fwaas-v1