openstack
/
puppet-nova
Code Issues Proposed changes

Deprecate neutron options and add alternatives 

Deprecates the neutron options that are currently deprecated
and adds two new parameters that can be used to change
the nova behaviour in the proper way.

See here that they are deprecated [1] [2].

[1] https://github.com/openstack/nova/blob/master/nova/conf/neutron.py#L35
[2] c6218428e9/releasenotes/notes/deprecate-more-nova-network-opts-a9f87c79f7d26438.yaml
[3] c6218428e9/releasenotes/notes/deprecate-nova-network-opts-b6da6af4497ef4ca.yaml

Change-Id: I2d56ac6d1bbfc2f5565485b05b161dd0e67c576b
This commit is contained in:
Tobias Urdin 2018-10-26 10:31:04 +02:00
parent 1296187b85
commit 6c22e040dc
3 changed files with 180 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
manifests/network/neutron.pp
View File

@ -12,14 +12,6 @@
# Name of the auth type to load (string value)
# Defaults to 'v3password'
#
# [*neutron_url*]
# (optional) URL for connecting to the Neutron networking service.
# Defaults to 'http://127.0.0.1:9696'
#
# [*neutron_url_timeout*]
# (optional) Timeout value for connecting to neutron in seconds.
# Defaults to '30'
#
# [*neutron_project_name*]
# (optional) Project name for connecting to Neutron network services in
# admin context through the OpenStack Identity service.
@ -30,21 +22,39 @@
# admin context through the OpenStack Identity service.
# Defaults to 'Default'
#
# [*neutron_username*]
# (optional) Username for connecting to Neutron network services in admin context
# through the OpenStack Identity service.
# Defaults to 'neutron'
#
# [*neutron_user_domain_name*]
# (optional) User Domain name for connecting to Neutron network services in
# admin context through the OpenStack Identity service.
# Defaults to 'Default'
#
# [*neutron_auth_url*]
# (optional) Points to the OpenStack Identity server IP and port.
# This is the Identity (keystone) admin API server IP and port value,
# and not the Identity service API IP and port.
# Defaults to 'http://127.0.0.1:5000/v3'
#
# [*neutron_valid_interfaces*]
# (optional) The endpoint type to lookup when talking to Neutron.
# Defaults to $::os_service_default
#
# [*neutron_endpoint_override*]
# (optional) Override the endpoint to use to talk to Neutron.
# Defaults to $::os_service_default
#
# [*neutron_timeout*]
# (optional) Timeout value for connecting to neutron in seconds.
# Defaults to '30'
#
# [*neutron_region_name*]
# (optional) Region name for connecting to neutron in admin context
# through the OpenStack Identity service.
# Defaults to 'RegionOne'
#
# [*neutron_username*]
# (optional) Username for connecting to Neutron network services in admin context
# through the OpenStack Identity service.
# Defaults to 'neutron'
#
# [*neutron_ovs_bridge*]
# (optional) Name of Integration Bridge used by Open vSwitch
# Defaults to 'br-int'
@ -53,12 +63,6 @@
# (optional) Number of seconds before querying neutron for extensions
# Defaults to '600'
#
# [*neutron_auth_url*]
# (optional) Points to the OpenStack Identity server IP and port.
# This is the Identity (keystone) admin API server IP and port value,
# and not the Identity service API IP and port.
# Defaults to 'http://127.0.0.1:5000/v3'
#
# [*vif_plugging_is_fatal*]
# (optional) Fail to boot instance if vif plugging fails.
# This prevents nova from booting an instance if vif plugging notification
@ -77,16 +81,24 @@
#
### DEPRECATED PARAMS
#
# [*neutron_url*]
# (optional) URL for connecting to the Neutron networking service.
# Defaults to undef
#
# [*neutron_url_timeout*]
# (optional) Timeout value for connecting to neutron in seconds.
# Defaults to undef
#
# [*firewall_driver*]
# (optional) Firewall driver.
# This prevents nova from maintaining a firewall so it does not interfere
# with Neutron's. Set to 'nova.virt.firewall.IptablesFirewallDriver'
# to re-enable the Nova firewall.
# Defaults to 'nova.virt.firewall.NoopFirewallDriver'
# Defaults to undef
#
# [*dhcp_domain*]
# (optional) domain to use for building the hostnames
# Defaults to 'novalocal'
# Defaults to undef
#
class nova::network::neutron (
$neutron_password = false,
@ -96,8 +108,9 @@ class nova::network::neutron (
$neutron_username = 'neutron',
$neutron_user_domain_name = 'Default',
$neutron_auth_url = 'http://127.0.0.1:5000/v3',
$neutron_url = 'http://127.0.0.1:9696',
$neutron_url_timeout = '30',
$neutron_valid_interfaces = $::os_service_default,
$neutron_endpoint_override = $::os_service_default,
$neutron_timeout = '30',
$neutron_region_name = 'RegionOne',
$neutron_ovs_bridge = 'br-int',
$neutron_extension_sync_interval = '600',
@ -105,12 +118,23 @@ class nova::network::neutron (
$vif_plugging_timeout = '300',
$default_floating_pool = 'nova',
# DEPRECATED PARAMS
$firewall_driver = 'nova.virt.firewall.NoopFirewallDriver',
$dhcp_domain = 'novalocal',
$neutron_url = undef,
$neutron_url_timeout = undef,
$firewall_driver = undef,
$dhcp_domain = undef,
) {
include ::nova::deps
if $neutron_url {
warning('nova::network::neutron::neutron_url is deprecated, nova behaviour will be default to looking up \
the neutron endpoint in the keystone catalog, please use nova::network::neutron::neutron_endpoint_override to override')
}
if $neutron_url_timeout {
warning('nova::network::neutron::neutron_url_timeout is deprecated, please use neutron_timeout instead.')
}
if $firewall_driver {
warning('nova::network::neutron::firewall_driver is deprecated and will be removed in a future release')
}
@ -125,12 +149,17 @@ class nova::network::neutron (
'DEFAULT/firewall_driver': value => $firewall_driver;
}
nova_config {
'neutron/url': value => $neutron_url;
}
$neutron_timeout_real = pick($neutron_url_timeout, $neutron_timeout)
nova_config {
'DEFAULT/vif_plugging_is_fatal': value => $vif_plugging_is_fatal;
'DEFAULT/vif_plugging_timeout': value => $vif_plugging_timeout;
'neutron/default_floating_pool': value => $default_floating_pool;
'neutron/url': value => $neutron_url;
'neutron/timeout': value => $neutron_url_timeout;
'neutron/timeout': value => $neutron_timeout_real;
'neutron/project_name': value => $neutron_project_name;
'neutron/project_domain_name': value => $neutron_project_domain_name;
'neutron/region_name': value => $neutron_region_name;
@ -138,6 +167,8 @@ class nova::network::neutron (
'neutron/user_domain_name': value => $neutron_user_domain_name;
'neutron/password': value => $neutron_password, secret => true;
'neutron/auth_url': value => $neutron_auth_url;
'neutron/valid_interfaces': value => $neutron_valid_interfaces;
'neutron/endpoint_override': value => $neutron_endpoint_override;
'neutron/ovs_bridge': value => $neutron_ovs_bridge;
'neutron/extension_sync_interval': value => $neutron_extension_sync_interval;
'neutron/auth_type': value => $neutron_auth_type;

21
releasenotes/notes/deprecated-neutron-options-c506d893a1529ed5.yaml Normal file
View File

@ -0,0 +1,21 @@
---
deprecations:
- |
nova::network::neutron::neutron_url is deprecated and will be removed in a future
release. Nova will default to looking up the neutron endpoint in the keystone
catalog, you can override the endpoint type with neutron_endpoint_type or by
overriding the endpoint with the neutron_endpoint_override parameter.
- |
nova::network::neutron::neutron_url_timeout is deprecated, please use neutron_timeout
instead.
features:
- |
Added new parameter nova::network::neutron::neutron_timeout that replaces the current
neutron_url_timeout parameter.
- |
Added new parameter nova::network::neutron::neutron_valid_interfaces which can be used
to override the keystone catalog interface nova should lookup for the neutron endpoint.
- |
Added new parameter nova::network::neutron::neutron_endpoint_override that can be used
to force the endpoint nova should use to talk to neutron, otherwise it will be looked
up in the keystone endpoint catalog.

207
spec/classes/nova_network_neutron_spec.rb
View File

@ -1,135 +1,130 @@
require 'spec_helper'
describe 'nova::network::neutron' do
let :default_params do
{ :neutron_auth_type => 'v3password',
:neutron_url => 'http://127.0.0.1:9696',
:neutron_url_timeout => '30',
{
:neutron_auth_type => 'v3password',
:neutron_timeout => '30',
:neutron_project_name => 'services',
:neutron_project_domain_name => 'Default',
:neutron_region_name => 'RegionOne',
:neutron_username => 'neutron',
:neutron_user_domain_name => 'Default',
:neutron_auth_url => 'http://127.0.0.1:5000/v3',
:neutron_valid_interfaces => '<SERVICE DEFAULT>',
:neutron_endpoint_override => '<SERVICE DEFAULT>',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:firewall_driver => 'nova.virt.firewall.NoopFirewallDriver',
:vif_plugging_is_fatal => true,
:vif_plugging_timeout => '300',
:dhcp_domain => 'novalocal',
:default_floating_pool => 'nova'
:default_floating_pool => 'nova',
}
end
let :params do
{ :neutron_password => 's3cr3t' }
{
:neutron_password => 's3cr3t'
}
end
context 'with required parameters' do
it 'configures neutron endpoint in nova.conf' do
is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true)
is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(default_params[:dhcp_domain])
is_expected.to contain_nova_config('neutron/default_floating_pool').with_value(default_params[:default_floating_pool])
is_expected.to contain_nova_config('neutron/auth_type').with_value(default_params[:neutron_auth_type])
is_expected.to contain_nova_config('neutron/url').with_value(default_params[:neutron_url])
is_expected.to contain_nova_config('neutron/timeout').with_value(default_params[:neutron_url_timeout])
is_expected.to contain_nova_config('neutron/project_name').with_value(default_params[:neutron_project_name])
is_expected.to contain_nova_config('neutron/project_domain_name').with_value(default_params[:neutron_project_domain_name])
is_expected.to contain_nova_config('neutron/region_name').with_value(default_params[:neutron_region_name])
is_expected.to contain_nova_config('neutron/username').with_value(default_params[:neutron_username])
is_expected.to contain_nova_config('neutron/user_domain_name').with_value(default_params[:neutron_user_domain_name])
is_expected.to contain_nova_config('neutron/auth_url').with_value(default_params[:neutron_auth_url])
is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval])
shared_examples 'nova::network::neutron' do
context 'with required parameters' do
it 'configures neutron endpoint in nova.conf' do
should contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true)
should contain_nova_config('neutron/default_floating_pool').with_value(default_params[:default_floating_pool])
should contain_nova_config('neutron/auth_type').with_value(default_params[:neutron_auth_type])
should contain_nova_config('neutron/timeout').with_value(default_params[:neutron_timeout])
should contain_nova_config('neutron/project_name').with_value(default_params[:neutron_project_name])
should contain_nova_config('neutron/project_domain_name').with_value(default_params[:neutron_project_domain_name])
should contain_nova_config('neutron/region_name').with_value(default_params[:neutron_region_name])
should contain_nova_config('neutron/username').with_value(default_params[:neutron_username])
should contain_nova_config('neutron/user_domain_name').with_value(default_params[:neutron_user_domain_name])
should contain_nova_config('neutron/auth_url').with_value(default_params[:neutron_auth_url])
should contain_nova_config('neutron/valid_interfaces').with_value(default_params[:neutron_valid_interfaces])
should contain_nova_config('neutron/endpoint_override').with_value(default_params[:neutron_endpoint_override])
should contain_nova_config('neutron/extension_sync_interval').with_value(default_params[:neutron_extension_sync_interval])
should contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(default_params[:vif_plugging_is_fatal])
should contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(default_params[:vif_plugging_timeout])
end
end
it 'configures Nova to use Neutron Bridge Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(default_params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(default_params[:neutron_ovs_bridge])
context 'when overriding class parameters' do
before do
params.merge!(
:neutron_timeout => '30',
:neutron_project_name => 'openstack',
:neutron_project_domain_name => 'openstack_domain',
:neutron_region_name => 'RegionTwo',
:neutron_username => 'neutron2',
:neutron_user_domain_name => 'neutron_domain',
:neutron_auth_url => 'http://10.0.0.1:5000/v2',
:neutron_valid_interfaces => 'public',
:neutron_endpoint_override => 'http://127.0.0.1:9696',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:vif_plugging_is_fatal => false,
:vif_plugging_timeout => '0',
:default_floating_pool => 'public'
)
end
it 'configures neutron endpoint in nova.conf' do
should contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true)
should contain_nova_config('neutron/default_floating_pool').with_value(params[:default_floating_pool])
should contain_nova_config('neutron/timeout').with_value(params[:neutron_timeout])
should contain_nova_config('neutron/project_name').with_value(params[:neutron_project_name])
should contain_nova_config('neutron/project_domain_name').with_value(params[:neutron_project_domain_name])
should contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name])
should contain_nova_config('neutron/username').with_value(params[:neutron_username])
should contain_nova_config('neutron/user_domain_name').with_value(params[:neutron_user_domain_name])
should contain_nova_config('neutron/auth_url').with_value(params[:neutron_auth_url])
should contain_nova_config('neutron/valid_interfaces').with_value(params[:neutron_valid_interfaces])
should contain_nova_config('neutron/endpoint_override').with_value(params[:neutron_endpoint_override])
should contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval])
should contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
should contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal])
should contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout])
end
end
it 'configures neutron vif plugging events in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(default_params[:vif_plugging_is_fatal])
is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(default_params[:vif_plugging_timeout])
context 'with deprecated class parameters' do
before do
params.merge!(
:neutron_url => 'http://10.0.0.1:9696',
:neutron_url_timeout => '30',
:firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver',
:dhcp_domain => 'foo',
)
end
it 'configures neutron endpoint in nova.conf' do
should contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain])
should contain_nova_config('neutron/url').with_value(params[:neutron_url])
should contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout])
end
it 'configures Nova to use Neutron Security Groups and Firewall' do
should contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver])
end
end
end
context 'when overriding class parameters' do
before do
params.merge!(
:neutron_url => 'http://10.0.0.1:9696',
:neutron_url_timeout => '30',
:neutron_project_name => 'openstack',
:neutron_project_domain_name => 'openstack_domain',
:neutron_region_name => 'RegionTwo',
:neutron_username => 'neutron2',
:neutron_user_domain_name => 'neutron_domain',
:neutron_auth_url => 'http://10.0.0.1:5000/v2',
:firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:vif_plugging_is_fatal => false,
:vif_plugging_timeout => '0',
:dhcp_domain => 'foo',
:default_floating_pool => 'public'
)
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge(OSDefaults.get_facts())
end
it 'configures neutron endpoint in nova.conf' do
is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true)
is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain])
is_expected.to contain_nova_config('neutron/default_floating_pool').with_value(params[:default_floating_pool])
is_expected.to contain_nova_config('neutron/url').with_value(params[:neutron_url])
is_expected.to contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout])
is_expected.to contain_nova_config('neutron/project_name').with_value(params[:neutron_project_name])
is_expected.to contain_nova_config('neutron/project_domain_name').with_value(params[:neutron_project_domain_name])
is_expected.to contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name])
is_expected.to contain_nova_config('neutron/username').with_value(params[:neutron_username])
is_expected.to contain_nova_config('neutron/user_domain_name').with_value(params[:neutron_user_domain_name])
is_expected.to contain_nova_config('neutron/auth_url').with_value(params[:neutron_auth_url])
is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval])
end
it 'configures Nova to use Neutron Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal])
is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout])
it_behaves_like 'nova::network::neutron'
end
end
context 'with deprecated class parameters' do
before do
params.merge!(
:neutron_url => 'http://10.0.0.1:9696',
:neutron_url_timeout => '30',
:neutron_region_name => 'RegionTwo',
:firewall_driver => 'nova.virt.firewall.IptablesFirewallDriver',
:neutron_ovs_bridge => 'br-int',
:neutron_extension_sync_interval => '600',
:vif_plugging_is_fatal => false,
:vif_plugging_timeout => '0',
:dhcp_domain => 'foo',
)
end
it 'configures neutron endpoint in nova.conf' do
is_expected.to contain_nova_config('neutron/password').with_value(params[:neutron_password]).with_secret(true)
is_expected.to contain_nova_config('DEFAULT/dhcp_domain').with_value(params[:dhcp_domain])
is_expected.to contain_nova_config('neutron/url').with_value(params[:neutron_url])
is_expected.to contain_nova_config('neutron/timeout').with_value(params[:neutron_url_timeout])
is_expected.to contain_nova_config('neutron/region_name').with_value(params[:neutron_region_name])
is_expected.to contain_nova_config('neutron/extension_sync_interval').with_value(params[:neutron_extension_sync_interval])
end
it 'configures Nova to use Neutron Security Groups and Firewall' do
is_expected.to contain_nova_config('DEFAULT/firewall_driver').with_value(params[:firewall_driver])
is_expected.to contain_nova_config('neutron/ovs_bridge').with_value(params[:neutron_ovs_bridge])
end
it 'configures neutron vif plugging events in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/vif_plugging_is_fatal').with_value(params[:vif_plugging_is_fatal])
is_expected.to contain_nova_config('DEFAULT/vif_plugging_timeout').with_value(params[:vif_plugging_timeout])
end
end
end