Add support for Taas (Tap-as-a-Service)

This introduces support for the Tap-as-a-Service plugin[1].

[1] https://opendev.org/openstack/tap-as-a-service

Change-Id: I8b4dfd6cd02d61cb4ef07e117af39c44420e93a4

lib/puppet/provider/neutron_taas_service_config/openstackconfig.rb

@@ -0,0 +1,10 @@
+Puppet::Type.type(:neutron_taas_service_config).provide(
+  :openstackconfig,
+  :parent => Puppet::Type.type(:openstack_config).provider(:ruby)
+) do
+
+  def self.file_path
+    '/etc/neutron/taas_plugin.ini'
+  end
+
+end

lib/puppet/type/neutron_taas_service_config.rb

@@ -0,0 +1,40 @@
+Puppet::Type.newtype(:neutron_taas_service_config) do
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    desc 'Section/setting name to manage from taas_plugin.ini'
+    newvalues(/\S+\/\S+/)
+  end
+
+  newproperty(:value, :array_matching => :all) do
+    desc 'The value of the setting to be defined.'
+    def insync?(is)
+      return true if @should.empty?
+      return false unless is.is_a? Array
+      return false unless is.length == @should.length
+      # we don't care about the order of items in array, hence
+      # it is necessary to override insync
+      return (
+        is & @should == is or
+        is & @should.map(&:to_s) == is
+      )
+    end
+
+    munge do |value|
+      value = value.to_s.strip
+      value.capitalize! if value =~ /^(true|false)$/i
+      value
+    end
+  end
+
+  newparam(:ensure_absent_val) do
+    desc 'A value that is specified as the value property will behave as if ensure => absent was specified'
+    defaultto('<SERVICE DEFAULT>')
+  end
+
+  autorequire(:anchor) do
+    ['neutron::install::end']
+  end
+
+end

manifests/agents/taas.pp

@@ -0,0 +1,49 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: neutron::agents:taas
+#
+# Setups Neutron TaaS agent.
+#
+# === Parameters
+#
+# [*package_ensure*]
+#   (optional) Ensure state for package. Defaults to 'present'.
+#
+# [*vlan_range_start*]
+#   (optional) Starting rantge of TAAS VLAN IDs.
+#   Defaults to $facts['os_service_default'].
+#
+# [*vlan_range_end*]
+#   (optional) End rantge of TAAS VLAN IDs.
+#   Defaults to $facts['os_service_default'].
+#
+class neutron::agents::taas (
+  $package_ensure   = present,
+  $vlan_range_start = $facts['os_service_default'],
+  $vlan_range_end   = $facts['os_service_default'],
+) {
+
+  include neutron::deps
+  include neutron::params
+
+  neutron_plugin_ml2 {
+    'taas/vlan_range_start': value => $vlan_range_start;
+    'taas/vlan_range_end':   value => $vlan_range_end;
+  }
+
+  ensure_packages( 'neutron-taas', {
+    'ensure' => $package_ensure,
+    'name'   => $::neutron::params::taas_package,
+    'tag'    => ['openstack', 'neutron-package'],
+  })
+}

manifests/config.pp

@@ -75,6 +75,9 @@
 # [*vpnaas_service_config*]
 #   (optional) Manage configuration of neutron_vpnaas.conf
 #
+# [*taas_service_config*]
+#   (optional) Manage configuration of taas_plugin.ini
+#
 # [*bgp_dragent_config*]
 #   (optional) Manage configuration of bgp_dragent.ini
 #
@@ -114,6 +117,7 @@ class neutron::config (
   Hash $metering_agent_config         = {},
   Hash $vpnaas_agent_config           = {},
   Hash $vpnaas_service_config         = {},
+  Hash $taas_service_config           = {},
   Hash $bgp_dragent_config            = {},
   Hash $plugin_ml2_config             = {},
   # DEPRECATED PARAMETERS
@@ -161,6 +165,7 @@ class neutron::config (
   create_resources('neutron_metering_agent_config', $metering_agent_config)
   create_resources('neutron_vpnaas_agent_config', $vpnaas_agent_config)
   create_resources('neutron_vpnaas_service_config', $vpnaas_service_config)
+  create_resources('neutron_taas_service_config', $taas_service_config)
   create_resources('neutron_bgp_dragent_config', $bgp_dragent_config)
   create_resources('neutron_plugin_opencontrail', $plugin_opencontrail_config_real)
   create_resources('neutron_plugin_ml2', $plugin_ml2_config)

manifests/params.pp

@@ -45,6 +45,9 @@ class neutron::params {
       $dhcp_agent_package                 = undef
       $metering_agent_package             = 'openstack-neutron-metering-agent'
       $vpnaas_agent_package               = 'openstack-neutron-vpnaas'
+      $libreswan_package                  = 'libreswan'
+      $strongswan_package                 = 'strongswan'
+      $taas_package                       = 'python3-tap-as-a-service'
       $l2gw_agent_package                 = 'openstack-neutron-l2gw-agent'
       $l2gw_package                       = 'python3-networking-l2gw'
       $ovn_metadata_agent_package         = 'openstack-neutron-ovn-metadata-agent'
@@ -54,8 +57,6 @@ class neutron::params {
       $bagpipe_bgp_package                = 'openstack-bagpipe-bgp'
       $bagpipe_bgp_service                = 'bagpipe-bgp'
       $bgpvpn_bagpipe_package             = 'python3-networking-bagpipe'
-      $libreswan_package                  = 'libreswan'
-      $strongswan_package                 = 'strongswan'
       $metadata_agent_package             = undef
       $l3_agent_package                   = undef
       $neutron_wsgi_script_path           = '/var/www/cgi-bin/neutron'
@@ -105,6 +106,7 @@ class neutron::params {
       $vpnaas_agent_package               = 'python3-neutron-vpnaas'
       $libreswan_package                  = 'libreswan'
       $strongswan_package                 = 'strongswan'
+      $taas_package                       = 'python3-neutron-taas'
       $metadata_agent_package             = 'neutron-metadata-agent'
       $l3_agent_package                   = 'neutron-l3-agent'
       $l2gw_agent_package                 = 'neutron-l2gateway-agent'

manifests/services/taas.pp

@@ -0,0 +1,80 @@
+# This class installs and configures taas Neutron Plugin.
+#
+# === Parameters
+#
+# [*package_ensure*]
+#   (optional) Ensure state for package.
+#   Defaults to 'present'.
+#
+# [*service_providers*]
+#   (optional) Array of allowed service types includes taas
+#   Must be in form: <service_type>:<name>:<driver>[:default]
+#   Defaults to $facts['os_service_default']
+#
+# [*quota_tap_service*]
+#   (optional) Number of Tap Service instances allowed per tenant.
+#   Defaults to $facts['os_service_default']
+#
+# [*quota_tap_flow*]
+#   (optional) Number of Tap flows allowed per tenant.
+#   Defaults to $facts['os_service_default']
+#
+# [*sync_db*]
+#   Whether 'neutron-db-manage' should run to create and/or synchronize the
+#   database with neutron-taas specific tables.
+#   Default to false
+#
+# [*purge_config*]
+#   (optional) Whether to set only the specified config options
+#   in the taas config.
+#   Defaults to false.
+#
+class neutron::services::taas (
+  $package_ensure       = 'present',
+  $service_providers    = $facts['os_service_default'],
+  $quota_tap_service    = $facts['os_service_default'],
+  $quota_tap_flow       = $facts['os_service_default'],
+  Boolean $sync_db      = false,
+  Boolean $purge_config = false,
+) {
+
+  include neutron::deps
+  include neutron::params
+
+  ensure_packages( 'neutron-taas', {
+    'ensure' => $package_ensure,
+    'name'   => $::neutron::params::taas_package,
+    'tag'    => ['openstack', 'neutron-package'],
+  })
+
+  resources { 'neutron_taas_service_config':
+    purge => $purge_config,
+  }
+
+  if is_service_default($service_providers) {
+    $service_providers_real = 'TAAS:TAAS:neutron_taas.services.taas.service_drivers.taas_rpc.TaasRpcDriver:default'
+  } else {
+    $service_providers_real = $service_providers
+  }
+
+  neutron_taas_service_config {
+    'service_providers/service_provider': value => $service_providers_real;
+    'quotas/quota_tap_service':           value => $quota_tap_service;
+    'quotas/quota_tap_flow':              value => $quota_tap_flow;
+  }
+
+  if $sync_db {
+    exec { 'taas-db-sync':
+      command     => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject tap-as-a-service upgrade head',
+      path        => '/usr/bin',
+      user        => $::neutron::params::user,
+      subscribe   => [
+        Anchor['neutron::install::end'],
+        Anchor['neutron::config::end'],
+        Anchor['neutron::dbsync::begin']
+      ],
+      notify      => Anchor['neutron::dbsync::end'],
+      refreshonly => true
+    }
+  }
+}

releasenotes/notes/taas-5703e994f8c316ce.yaml

@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    This module now supports installation of the Tap-as-a-Service plugin.

spec/acceptance/99_neutron_config_spec.rb

@@ -13,6 +13,7 @@ describe 'basic neutron_config resource' do
                      '/etc/neutron/plugins/ml2/ml2_conf.ini',
                      '/etc/neutron/vpn_agent.ini',
                      '/etc/neutron/neutron_vpnaas.conf',
+                     '/etc/neutron/taas_plugin.ini',
                      '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini',
                      '/etc/neutron/plugins/ml2/linuxbridge_agent.ini',
                      '/etc/neutron/plugins/ml2/openvswitch_agent.ini',
@@ -33,6 +34,7 @@ describe 'basic neutron_config resource' do
   File <||> -> Neutron_l2gw_service_config <||>
   File <||> -> Neutron_vpnaas_agent_config <||>
   File <||> -> Neutron_vpnaas_service_config <||>
+  File <||> -> Neutron_taas_service_config <||>
   File <||> -> Neutron_plugin_opencontrail <||>
   File <||> -> Neutron_agent_linuxbridge <||>
   File <||> -> Neutron_agent_ovs <||>
@@ -58,6 +60,7 @@ describe 'basic neutron_config resource' do
                      '/etc/neutron/plugins/ml2/ml2_conf.ini',
                      '/etc/neutron/vpn_agent.ini',
                      '/etc/neutron/neutron_vpnaas.conf',
+                     '/etc/neutron/taas_plugin.ini',
                      '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini',
                      '/etc/neutron/plugins/ml2/linuxbridge_agent.ini',
                      '/etc/neutron/plugins/ml2/openvswitch_agent.ini',
@@ -234,6 +237,24 @@ describe 'basic neutron_config resource' do
     ensure_absent_val => 'toto',
   }
 
+  neutron_taas_service_config { 'DEFAULT/thisshouldexist' :
+    value => 'foo',
+  }
+
+  neutron_taas_service_config { 'DEFAULT/thisshouldnotexist' :
+    value => '<SERVICE DEFAULT>',
+  }
+
+  neutron_taas_service_config { 'DEFAULT/thisshouldexist2' :
+    value             => '<SERVICE DEFAULT>',
+    ensure_absent_val => 'toto',
+  }
+
+  neutron_taas_service_config { 'DEFAULT/thisshouldnotexist2' :
+    value             => 'toto',
+    ensure_absent_val => 'toto',
+  }
+
   neutron_plugin_opencontrail { 'DEFAULT/thisshouldexist' :
     value => 'foo',
   }
@@ -389,6 +410,7 @@ describe 'basic neutron_config resource' do
                     'neutron_plugin_ml2',
                     'neutron_vpnaas_agent_config',
                     'neutron_vpnaas_service_config',
+                    'neutron_taas_service_config',
                     'neutron_plugin_opencontrail',
                     'neutron_agent_linuxbridge',
                     'neutron_agent_ovs',

spec/classes/neutron_agents_taas_spec.rb

@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe 'neutron::agents::taas' do
+  let :pre_condition do
+    "class { 'neutron': }"
+  end
+
+  let :params do
+    {}
+  end
+
+  shared_examples 'neutron::agents::taas' do
+    context 'with defaults' do
+      it { should contain_class('neutron::params') }
+
+      it 'configures taas_plugin.ini' do
+        should contain_neutron_plugin_ml2('taas/vlan_range_start').with_value('<SERVICE DEFAULT>')
+        should contain_neutron_plugin_ml2('taas/vlan_range_end').with_value('<SERVICE DEFAULT>')
+      end
+
+      it 'installs neutron taas package' do
+        should contain_package('neutron-taas').with(
+          :ensure => 'installed',
+          :name   => platform_params[:taas_package],
+          :tag    => ['openstack', 'neutron-package'],
+        )
+      end
+    end
+
+    context 'with parameters' do
+      let :params do
+        {
+          :vlan_range_start => 1,
+          :vlan_range_end   => 100,
+        }
+      end
+
+      it 'configures taas_plugin.ini' do
+        should contain_neutron_plugin_ml2('taas/vlan_range_start').with_value(1)
+        should contain_neutron_plugin_ml2('taas/vlan_range_end').with_value(100)
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      let (:platform_params) do
+        case facts[:os]['family']
+        when 'Debian'
+          {
+            :taas_package => 'python3-neutron-taas'
+          }
+        when 'RedHat'
+          {
+            :taas_package => 'python3-tap-as-a-service'
+          }
+        end
+      end
+
+      it_behaves_like 'neutron::agents::taas'
+    end
+  end
+end

spec/classes/neutron_config_spec.rb

@@ -67,6 +67,7 @@ describe 'neutron::config' do
         :metering_agent_config    => config_hash,
         :vpnaas_agent_config      => config_hash,
         :vpnaas_service_config    => config_hash,
+        :taas_service_config      => config_hash,
         :l2gw_agent_config        => config_hash,
         :bgp_dragent_config       => config_hash,
       }
@@ -138,6 +139,12 @@ describe 'neutron::config' do
       should contain_neutron_vpnaas_service_config('DEFAULT/baz').with_ensure('absent')
     end
 
+    it 'configures arbitrary taas_service_config configurations' do
+      should contain_neutron_taas_service_config('DEFAULT/foo').with_value('fooValue')
+      should contain_neutron_taas_service_config('DEFAULT/bar').with_value('barValue')
+      should contain_neutron_taas_service_config('DEFAULT/baz').with_ensure('absent')
+    end
+
     it 'configures arbitrary l2gw_agent_config configurations' do
       should contain_neutron_l2gw_agent_config('DEFAULT/foo').with_value('fooValue')
       should contain_neutron_l2gw_agent_config('DEFAULT/bar').with_value('barValue')

spec/classes/neutron_services_taas_spec.rb

@@ -0,0 +1,98 @@
+require 'spec_helper'
+
+describe 'neutron::services::taas' do
+
+  shared_examples 'neutron taas service plugin' do
+    context 'with default params' do
+      it 'installs taas package' do
+        should contain_package('neutron-taas').with(
+          :ensure => 'installed',
+          :name   => platform_params[:taas_package_name]
+        )
+      end
+
+      it 'configures taas_plugin.ini' do
+        should contain_neutron_taas_service_config(
+          'service_providers/service_provider'
+        ).with_value(
+          'TAAS:TAAS:neutron_taas.services.taas.service_drivers.taas_rpc.TaasRpcDriver:default'
+        )
+        should contain_neutron_taas_service_config('quotas/quota_tap_service').with_value('<SERVICE DEFAULT>')
+        should contain_neutron_taas_service_config('quotas/quota_tap_flow').with_value('<SERVICE DEFAULT>')
+      end
+
+      it 'does not run neutron-db-manage' do
+        should_not contain_exec('taas-db-sync')
+      end
+    end
+
+    context 'with parameters' do
+      let :params do
+        {
+          :quota_tap_service => 1,
+          :quota_tap_flow    => 10,
+        }
+      end
+      it 'configures taas_plugin.ini' do
+        should contain_neutron_taas_service_config('quotas/quota_tap_service').with_value(1)
+        should contain_neutron_taas_service_config('quotas/quota_tap_flow').with_value(10)
+      end
+    end
+
+    context 'with db sync enabled' do
+      let :params do
+        {
+          :sync_db => true
+        }
+      end
+
+      it 'runs neutron-db-manage' do
+        should contain_exec('taas-db-sync').with(
+          :command     => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject tap-as-a-service upgrade head',
+          :path        => '/usr/bin',
+          :user        => 'neutron',
+          :subscribe   => ['Anchor[neutron::install::end]',
+                           'Anchor[neutron::config::end]',
+                           'Anchor[neutron::dbsync::begin]'
+                           ],
+          :notify      => 'Anchor[neutron::dbsync::end]',
+          :refreshonly => 'true',
+        )
+      end
+    end
+
+    context 'with multiple service providers' do
+      let :params do
+        {
+          :service_providers => ['provider1', 'provider2']
+        }
+      end
+
+      it 'configures taas_plugin.ini' do
+        should contain_neutron_taas_service_config(
+          'service_providers/service_provider'
+        ).with_value(['provider1', 'provider2'])
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os   => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge(OSDefaults.get_facts())
+      end
+
+      let (:platform_params) do
+        case facts[:os]['family']
+        when 'Debian'
+          { :taas_package_name => 'python3-neutron-taas' }
+        when 'RedHat'
+          { :taas_package_name => 'python3-tap-as-a-service' }
+        end
+      end
+      it_behaves_like 'neutron taas service plugin'
+    end
+  end
+end