From be83863a17c2b27af87f1ba409690d36c0ed23cd Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Thu, 18 Jan 2024 11:14:49 +0900 Subject: [PATCH] Add support for Taas (Tap-as-a-Service) This introduces support for the Tap-as-a-Service plugin[1]. [1] https://opendev.org/openstack/tap-as-a-service Change-Id: I8b4dfd6cd02d61cb4ef07e117af39c44420e93a4 --- .../openstackconfig.rb | 10 ++ .../type/neutron_taas_service_config.rb | 40 ++++++++ manifests/agents/taas.pp | 49 ++++++++++ manifests/config.pp | 5 + manifests/params.pp | 6 +- manifests/services/taas.pp | 80 +++++++++++++++ releasenotes/notes/taas-5703e994f8c316ce.yaml | 4 + spec/acceptance/99_neutron_config_spec.rb | 22 +++++ spec/classes/neutron_agents_taas_spec.rb | 69 +++++++++++++ spec/classes/neutron_config_spec.rb | 7 ++ spec/classes/neutron_services_taas_spec.rb | 98 +++++++++++++++++++ 11 files changed, 388 insertions(+), 2 deletions(-) create mode 100644 lib/puppet/provider/neutron_taas_service_config/openstackconfig.rb create mode 100644 lib/puppet/type/neutron_taas_service_config.rb create mode 100644 manifests/agents/taas.pp create mode 100644 manifests/services/taas.pp create mode 100644 releasenotes/notes/taas-5703e994f8c316ce.yaml create mode 100644 spec/classes/neutron_agents_taas_spec.rb create mode 100644 spec/classes/neutron_services_taas_spec.rb diff --git a/lib/puppet/provider/neutron_taas_service_config/openstackconfig.rb b/lib/puppet/provider/neutron_taas_service_config/openstackconfig.rb new file mode 100644 index 000000000..2b5cebde8 --- /dev/null +++ b/lib/puppet/provider/neutron_taas_service_config/openstackconfig.rb @@ -0,0 +1,10 @@ +Puppet::Type.type(:neutron_taas_service_config).provide( + :openstackconfig, + :parent => Puppet::Type.type(:openstack_config).provider(:ruby) +) do + + def self.file_path + '/etc/neutron/taas_plugin.ini' + end + +end diff --git a/lib/puppet/type/neutron_taas_service_config.rb b/lib/puppet/type/neutron_taas_service_config.rb new file mode 100644 index 000000000..59add624d --- /dev/null +++ b/lib/puppet/type/neutron_taas_service_config.rb @@ -0,0 +1,40 @@ +Puppet::Type.newtype(:neutron_taas_service_config) do + + ensurable + + newparam(:name, :namevar => true) do + desc 'Section/setting name to manage from taas_plugin.ini' + newvalues(/\S+\/\S+/) + end + + newproperty(:value, :array_matching => :all) do + desc 'The value of the setting to be defined.' + def insync?(is) + return true if @should.empty? + return false unless is.is_a? Array + return false unless is.length == @should.length + # we don't care about the order of items in array, hence + # it is necessary to override insync + return ( + is & @should == is or + is & @should.map(&:to_s) == is + ) + end + + munge do |value| + value = value.to_s.strip + value.capitalize! if value =~ /^(true|false)$/i + value + end + end + + newparam(:ensure_absent_val) do + desc 'A value that is specified as the value property will behave as if ensure => absent was specified' + defaultto('') + end + + autorequire(:anchor) do + ['neutron::install::end'] + end + +end diff --git a/manifests/agents/taas.pp b/manifests/agents/taas.pp new file mode 100644 index 000000000..b77fcb966 --- /dev/null +++ b/manifests/agents/taas.pp @@ -0,0 +1,49 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: neutron::agents:taas +# +# Setups Neutron TaaS agent. +# +# === Parameters +# +# [*package_ensure*] +# (optional) Ensure state for package. Defaults to 'present'. +# +# [*vlan_range_start*] +# (optional) Starting rantge of TAAS VLAN IDs. +# Defaults to $facts['os_service_default']. +# +# [*vlan_range_end*] +# (optional) End rantge of TAAS VLAN IDs. +# Defaults to $facts['os_service_default']. +# +class neutron::agents::taas ( + $package_ensure = present, + $vlan_range_start = $facts['os_service_default'], + $vlan_range_end = $facts['os_service_default'], +) { + + include neutron::deps + include neutron::params + + neutron_plugin_ml2 { + 'taas/vlan_range_start': value => $vlan_range_start; + 'taas/vlan_range_end': value => $vlan_range_end; + } + + ensure_packages( 'neutron-taas', { + 'ensure' => $package_ensure, + 'name' => $::neutron::params::taas_package, + 'tag' => ['openstack', 'neutron-package'], + }) +} diff --git a/manifests/config.pp b/manifests/config.pp index 6e2fc0f76..4497f0d5e 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -75,6 +75,9 @@ # [*vpnaas_service_config*] # (optional) Manage configuration of neutron_vpnaas.conf # +# [*taas_service_config*] +# (optional) Manage configuration of taas_plugin.ini +# # [*bgp_dragent_config*] # (optional) Manage configuration of bgp_dragent.ini # @@ -114,6 +117,7 @@ class neutron::config ( Hash $metering_agent_config = {}, Hash $vpnaas_agent_config = {}, Hash $vpnaas_service_config = {}, + Hash $taas_service_config = {}, Hash $bgp_dragent_config = {}, Hash $plugin_ml2_config = {}, # DEPRECATED PARAMETERS @@ -161,6 +165,7 @@ class neutron::config ( create_resources('neutron_metering_agent_config', $metering_agent_config) create_resources('neutron_vpnaas_agent_config', $vpnaas_agent_config) create_resources('neutron_vpnaas_service_config', $vpnaas_service_config) + create_resources('neutron_taas_service_config', $taas_service_config) create_resources('neutron_bgp_dragent_config', $bgp_dragent_config) create_resources('neutron_plugin_opencontrail', $plugin_opencontrail_config_real) create_resources('neutron_plugin_ml2', $plugin_ml2_config) diff --git a/manifests/params.pp b/manifests/params.pp index 2dcfed6f9..98b7234e7 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -45,6 +45,9 @@ class neutron::params { $dhcp_agent_package = undef $metering_agent_package = 'openstack-neutron-metering-agent' $vpnaas_agent_package = 'openstack-neutron-vpnaas' + $libreswan_package = 'libreswan' + $strongswan_package = 'strongswan' + $taas_package = 'python3-tap-as-a-service' $l2gw_agent_package = 'openstack-neutron-l2gw-agent' $l2gw_package = 'python3-networking-l2gw' $ovn_metadata_agent_package = 'openstack-neutron-ovn-metadata-agent' @@ -54,8 +57,6 @@ class neutron::params { $bagpipe_bgp_package = 'openstack-bagpipe-bgp' $bagpipe_bgp_service = 'bagpipe-bgp' $bgpvpn_bagpipe_package = 'python3-networking-bagpipe' - $libreswan_package = 'libreswan' - $strongswan_package = 'strongswan' $metadata_agent_package = undef $l3_agent_package = undef $neutron_wsgi_script_path = '/var/www/cgi-bin/neutron' @@ -105,6 +106,7 @@ class neutron::params { $vpnaas_agent_package = 'python3-neutron-vpnaas' $libreswan_package = 'libreswan' $strongswan_package = 'strongswan' + $taas_package = 'python3-neutron-taas' $metadata_agent_package = 'neutron-metadata-agent' $l3_agent_package = 'neutron-l3-agent' $l2gw_agent_package = 'neutron-l2gateway-agent' diff --git a/manifests/services/taas.pp b/manifests/services/taas.pp new file mode 100644 index 000000000..361acd41c --- /dev/null +++ b/manifests/services/taas.pp @@ -0,0 +1,80 @@ +# This class installs and configures taas Neutron Plugin. +# +# === Parameters +# +# [*package_ensure*] +# (optional) Ensure state for package. +# Defaults to 'present'. +# +# [*service_providers*] +# (optional) Array of allowed service types includes taas +# Must be in form: ::[:default] +# Defaults to $facts['os_service_default'] +# +# [*quota_tap_service*] +# (optional) Number of Tap Service instances allowed per tenant. +# Defaults to $facts['os_service_default'] +# +# [*quota_tap_flow*] +# (optional) Number of Tap flows allowed per tenant. +# Defaults to $facts['os_service_default'] +# +# [*sync_db*] +# Whether 'neutron-db-manage' should run to create and/or synchronize the +# database with neutron-taas specific tables. +# Default to false +# +# [*purge_config*] +# (optional) Whether to set only the specified config options +# in the taas config. +# Defaults to false. +# +class neutron::services::taas ( + $package_ensure = 'present', + $service_providers = $facts['os_service_default'], + $quota_tap_service = $facts['os_service_default'], + $quota_tap_flow = $facts['os_service_default'], + Boolean $sync_db = false, + Boolean $purge_config = false, +) { + + include neutron::deps + include neutron::params + + ensure_packages( 'neutron-taas', { + 'ensure' => $package_ensure, + 'name' => $::neutron::params::taas_package, + 'tag' => ['openstack', 'neutron-package'], + }) + + resources { 'neutron_taas_service_config': + purge => $purge_config, + } + + if is_service_default($service_providers) { + $service_providers_real = 'TAAS:TAAS:neutron_taas.services.taas.service_drivers.taas_rpc.TaasRpcDriver:default' + } else { + $service_providers_real = $service_providers + } + + neutron_taas_service_config { + 'service_providers/service_provider': value => $service_providers_real; + 'quotas/quota_tap_service': value => $quota_tap_service; + 'quotas/quota_tap_flow': value => $quota_tap_flow; + } + + if $sync_db { + exec { 'taas-db-sync': + command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject tap-as-a-service upgrade head', + path => '/usr/bin', + user => $::neutron::params::user, + subscribe => [ + Anchor['neutron::install::end'], + Anchor['neutron::config::end'], + Anchor['neutron::dbsync::begin'] + ], + notify => Anchor['neutron::dbsync::end'], + refreshonly => true + } + } +} diff --git a/releasenotes/notes/taas-5703e994f8c316ce.yaml b/releasenotes/notes/taas-5703e994f8c316ce.yaml new file mode 100644 index 000000000..35c17ddb3 --- /dev/null +++ b/releasenotes/notes/taas-5703e994f8c316ce.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + This module now supports installation of the Tap-as-a-Service plugin. diff --git a/spec/acceptance/99_neutron_config_spec.rb b/spec/acceptance/99_neutron_config_spec.rb index c8cec7711..40048ca27 100644 --- a/spec/acceptance/99_neutron_config_spec.rb +++ b/spec/acceptance/99_neutron_config_spec.rb @@ -13,6 +13,7 @@ describe 'basic neutron_config resource' do '/etc/neutron/plugins/ml2/ml2_conf.ini', '/etc/neutron/vpn_agent.ini', '/etc/neutron/neutron_vpnaas.conf', + '/etc/neutron/taas_plugin.ini', '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini', '/etc/neutron/plugins/ml2/linuxbridge_agent.ini', '/etc/neutron/plugins/ml2/openvswitch_agent.ini', @@ -33,6 +34,7 @@ describe 'basic neutron_config resource' do File <||> -> Neutron_l2gw_service_config <||> File <||> -> Neutron_vpnaas_agent_config <||> File <||> -> Neutron_vpnaas_service_config <||> + File <||> -> Neutron_taas_service_config <||> File <||> -> Neutron_plugin_opencontrail <||> File <||> -> Neutron_agent_linuxbridge <||> File <||> -> Neutron_agent_ovs <||> @@ -58,6 +60,7 @@ describe 'basic neutron_config resource' do '/etc/neutron/plugins/ml2/ml2_conf.ini', '/etc/neutron/vpn_agent.ini', '/etc/neutron/neutron_vpnaas.conf', + '/etc/neutron/taas_plugin.ini', '/etc/neutron/plugins/opencontrail/ContrailPlugin.ini', '/etc/neutron/plugins/ml2/linuxbridge_agent.ini', '/etc/neutron/plugins/ml2/openvswitch_agent.ini', @@ -234,6 +237,24 @@ describe 'basic neutron_config resource' do ensure_absent_val => 'toto', } + neutron_taas_service_config { 'DEFAULT/thisshouldexist' : + value => 'foo', + } + + neutron_taas_service_config { 'DEFAULT/thisshouldnotexist' : + value => '', + } + + neutron_taas_service_config { 'DEFAULT/thisshouldexist2' : + value => '', + ensure_absent_val => 'toto', + } + + neutron_taas_service_config { 'DEFAULT/thisshouldnotexist2' : + value => 'toto', + ensure_absent_val => 'toto', + } + neutron_plugin_opencontrail { 'DEFAULT/thisshouldexist' : value => 'foo', } @@ -389,6 +410,7 @@ describe 'basic neutron_config resource' do 'neutron_plugin_ml2', 'neutron_vpnaas_agent_config', 'neutron_vpnaas_service_config', + 'neutron_taas_service_config', 'neutron_plugin_opencontrail', 'neutron_agent_linuxbridge', 'neutron_agent_ovs', diff --git a/spec/classes/neutron_agents_taas_spec.rb b/spec/classes/neutron_agents_taas_spec.rb new file mode 100644 index 000000000..2dc81fd30 --- /dev/null +++ b/spec/classes/neutron_agents_taas_spec.rb @@ -0,0 +1,69 @@ +require 'spec_helper' + +describe 'neutron::agents::taas' do + let :pre_condition do + "class { 'neutron': }" + end + + let :params do + {} + end + + shared_examples 'neutron::agents::taas' do + context 'with defaults' do + it { should contain_class('neutron::params') } + + it 'configures taas_plugin.ini' do + should contain_neutron_plugin_ml2('taas/vlan_range_start').with_value('') + should contain_neutron_plugin_ml2('taas/vlan_range_end').with_value('') + end + + it 'installs neutron taas package' do + should contain_package('neutron-taas').with( + :ensure => 'installed', + :name => platform_params[:taas_package], + :tag => ['openstack', 'neutron-package'], + ) + end + end + + context 'with parameters' do + let :params do + { + :vlan_range_start => 1, + :vlan_range_end => 100, + } + end + + it 'configures taas_plugin.ini' do + should contain_neutron_plugin_ml2('taas/vlan_range_start').with_value(1) + should contain_neutron_plugin_ml2('taas/vlan_range_end').with_value(100) + end + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts()) + end + + let (:platform_params) do + case facts[:os]['family'] + when 'Debian' + { + :taas_package => 'python3-neutron-taas' + } + when 'RedHat' + { + :taas_package => 'python3-tap-as-a-service' + } + end + end + + it_behaves_like 'neutron::agents::taas' + end + end +end diff --git a/spec/classes/neutron_config_spec.rb b/spec/classes/neutron_config_spec.rb index a18573c24..6d26fb289 100644 --- a/spec/classes/neutron_config_spec.rb +++ b/spec/classes/neutron_config_spec.rb @@ -67,6 +67,7 @@ describe 'neutron::config' do :metering_agent_config => config_hash, :vpnaas_agent_config => config_hash, :vpnaas_service_config => config_hash, + :taas_service_config => config_hash, :l2gw_agent_config => config_hash, :bgp_dragent_config => config_hash, } @@ -138,6 +139,12 @@ describe 'neutron::config' do should contain_neutron_vpnaas_service_config('DEFAULT/baz').with_ensure('absent') end + it 'configures arbitrary taas_service_config configurations' do + should contain_neutron_taas_service_config('DEFAULT/foo').with_value('fooValue') + should contain_neutron_taas_service_config('DEFAULT/bar').with_value('barValue') + should contain_neutron_taas_service_config('DEFAULT/baz').with_ensure('absent') + end + it 'configures arbitrary l2gw_agent_config configurations' do should contain_neutron_l2gw_agent_config('DEFAULT/foo').with_value('fooValue') should contain_neutron_l2gw_agent_config('DEFAULT/bar').with_value('barValue') diff --git a/spec/classes/neutron_services_taas_spec.rb b/spec/classes/neutron_services_taas_spec.rb new file mode 100644 index 000000000..da7dd19ed --- /dev/null +++ b/spec/classes/neutron_services_taas_spec.rb @@ -0,0 +1,98 @@ +require 'spec_helper' + +describe 'neutron::services::taas' do + + shared_examples 'neutron taas service plugin' do + context 'with default params' do + it 'installs taas package' do + should contain_package('neutron-taas').with( + :ensure => 'installed', + :name => platform_params[:taas_package_name] + ) + end + + it 'configures taas_plugin.ini' do + should contain_neutron_taas_service_config( + 'service_providers/service_provider' + ).with_value( + 'TAAS:TAAS:neutron_taas.services.taas.service_drivers.taas_rpc.TaasRpcDriver:default' + ) + should contain_neutron_taas_service_config('quotas/quota_tap_service').with_value('') + should contain_neutron_taas_service_config('quotas/quota_tap_flow').with_value('') + end + + it 'does not run neutron-db-manage' do + should_not contain_exec('taas-db-sync') + end + end + + context 'with parameters' do + let :params do + { + :quota_tap_service => 1, + :quota_tap_flow => 10, + } + end + it 'configures taas_plugin.ini' do + should contain_neutron_taas_service_config('quotas/quota_tap_service').with_value(1) + should contain_neutron_taas_service_config('quotas/quota_tap_flow').with_value(10) + end + end + + context 'with db sync enabled' do + let :params do + { + :sync_db => true + } + end + + it 'runs neutron-db-manage' do + should contain_exec('taas-db-sync').with( + :command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject tap-as-a-service upgrade head', + :path => '/usr/bin', + :user => 'neutron', + :subscribe => ['Anchor[neutron::install::end]', + 'Anchor[neutron::config::end]', + 'Anchor[neutron::dbsync::begin]' + ], + :notify => 'Anchor[neutron::dbsync::end]', + :refreshonly => 'true', + ) + end + end + + context 'with multiple service providers' do + let :params do + { + :service_providers => ['provider1', 'provider2'] + } + end + + it 'configures taas_plugin.ini' do + should contain_neutron_taas_service_config( + 'service_providers/service_provider' + ).with_value(['provider1', 'provider2']) + end + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge(OSDefaults.get_facts()) + end + + let (:platform_params) do + case facts[:os]['family'] + when 'Debian' + { :taas_package_name => 'python3-neutron-taas' } + when 'RedHat' + { :taas_package_name => 'python3-tap-as-a-service' } + end + end + it_behaves_like 'neutron taas service plugin' + end + end +end