Fix deployment of FWAAS

In the last cycle, some changes have been done in the fwaas project
that requires changes in packstack.

- FIREWALL service_provider is required
- Now l3 agent loads fwaas via extension mechanism.
- A new version fwaasv2 exist whis is not used yet, so version 1 is specified.

Change-Id: I0c826333fb695e0fffc340f2fca806a29e2fde6e

packstack/plugins/neutron_350.py

@@ -615,6 +615,9 @@ def create_manifests(config, messages):
 
     if config['CONFIG_NEUTRON_FWAAS'] == 'y':
         service_plugins.append('firewall')
+        fwaas_sp = ('FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.'
+                    'OVSHybridIptablesFirewallDriver:default')
+        service_providers.append(fwaas_sp)
 
     if config['CONFIG_NEUTRON_VPNAAS'] == 'y':
         service_plugins.append('vpnaas')

packstack/puppet/modules/packstack/manifests/neutron/fwaas.pp

@@ -2,6 +2,7 @@ class packstack::neutron::fwaas ()
 {
     class { '::neutron::services::fwaas':
       enabled => true,
+      agent_version => 'v1',
       driver  => 'neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver',
     }
 }

packstack/puppet/modules/packstack/manifests/neutron/l3.pp

@@ -5,12 +5,20 @@ class packstack::neutron::l3 ()
         default => true
     }
 
+    $neutron_fwaas_enabled   = str2bool(hiera('CONFIG_NEUTRON_FWAAS'))
+    if $neutron_fwaas_enabled {
+      $extensions = 'fwaas'
+    } else {
+      $extensions = undef
+    }
+
     class { '::neutron::agents::l3':
       interface_driver        => hiera('CONFIG_NEUTRON_L3_INTERFACE_DRIVER'),
       external_network_bridge => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'),
       manage_service          => $start_l3_agent,
       enabled                 => $start_l3_agent,
       debug                   => hiera('CONFIG_DEBUG_MODE'),
+      extensions              => $extensions
     }
 
     if defined(Class['neutron::services::fwaas']) {