Enable functional deployment of FWaaS v2
This patch updates various vars and templates to enable a functioning deployment of FWaaS v2 on an Open vSwitch-based OSA cloud. A test is also included for verification. Change-Id: Ibfa2cbafd19f6870139c4ea3e9dfc80cf8c574e1 Closes-Bug: #1811070
This commit is contained in:
parent
93733eb7d6
commit
41bd86b7bd
@ -227,6 +227,9 @@ neutron_quota_security_group: 10
|
||||
neutron_quota_security_group_rule: 100
|
||||
neutron_quota_subnet: 100
|
||||
neutron_quota_vip: 10
|
||||
neutron_quota_firewall: 10
|
||||
neutron_quota_firewall_policy: 10
|
||||
neutron_quota_firewall_rule: 100
|
||||
|
||||
###
|
||||
### DB (Galera) integration
|
||||
@ -445,6 +448,13 @@ neutron_octavia_request_poll_timeout: 100
|
||||
# Use the Octavia proxy
|
||||
neutron_octavia_proxy_plugin: False
|
||||
|
||||
###
|
||||
### FWaaS Configuration
|
||||
###
|
||||
|
||||
neutron_driver_fwaasv2: iptables_v2
|
||||
neutron_fwaasv2_service_provider: FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
|
||||
|
||||
###
|
||||
### VPNaaS Configuration
|
||||
###
|
||||
|
@ -38,8 +38,9 @@ agent_version = v1
|
||||
{% set _ = l3_agent_plugins.append("fwaas_v2") %}
|
||||
[fwaas]
|
||||
enabled = true
|
||||
driver = iptables_v2
|
||||
driver = {{ neutron_driver_fwaasv2 }}
|
||||
agent_version = v2
|
||||
firewall_l2_driver = noop
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_vpnaas | bool %}
|
||||
|
@ -163,6 +163,9 @@ quota_security_group = {{ neutron_quota_security_group }}
|
||||
quota_security_group_rule = {{ neutron_quota_security_group_rule }}
|
||||
quota_subnet = {{ neutron_quota_subnet }}
|
||||
quota_vip = {{ neutron_quota_vip }}
|
||||
quota_firewall = {{ neutron_quota_firewall }}
|
||||
quota_firewall_policy = {{ neutron_quota_firewall_policy }}
|
||||
quota_firewall_rule = {{ neutron_quota_firewall_rule }}
|
||||
|
||||
# Keystone authentication
|
||||
[keystone_authtoken]
|
||||
@ -200,9 +203,12 @@ pool_timeout = {{ neutron_db_pool_timeout }}
|
||||
service_provider = {{ service_provider }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if neutron_vpnaas| bool %}
|
||||
{% if neutron_vpnaas | bool %}
|
||||
service_provider = {{ neutron_vpnaas_service_provider }}
|
||||
{% endif %}
|
||||
{% if neutron_fwaas_v2 | bool %}
|
||||
service_provider = {{ neutron_fwaasv2_service_provider }}
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_lbaasv2 | bool %}
|
||||
{% if neutron_lbaas_octavia | bool %}
|
||||
|
30
tests/neutron-overrides-ovs-fwaasv2.yml
Normal file
30
tests/neutron-overrides-ovs-fwaasv2.yml
Normal file
@ -0,0 +1,30 @@
|
||||
---
|
||||
openstack_host_specific_kernel_modules:
|
||||
- name: "openvswitch"
|
||||
pattern: "CONFIG_OPENVSWITCH"
|
||||
|
||||
tempest_run: yes
|
||||
|
||||
tempest_plugins:
|
||||
- name: neutron
|
||||
repo: https://git.openstack.org/openstack/neutron
|
||||
branch: master
|
||||
- name: neutron-plugins
|
||||
repo: https://git.openstack.org/openstack/neutron-tempest-plugin
|
||||
branch: master
|
||||
- name: neutron-fwaas
|
||||
repo: https://git.openstack.org/openstack/neutron-fwaas
|
||||
branch: master
|
||||
|
||||
tempest_test_whitelist:
|
||||
- "neutron_tempest_plugin.api.test_networks*"
|
||||
- "neutron_fwaas.tests.tempest_plugin.tests.api.test_fwaasv2_extensions*"
|
||||
- "neutron_fwaas.tests.tempest_plugin.tests.api.v2_base*"
|
||||
|
||||
tempest_network_ping_gateway: False
|
||||
|
||||
neutron_plugin_type: ml2.ovs
|
||||
neutron_local_ip: "{{ ansible_host }}"
|
||||
neutron_plugin_base:
|
||||
- router
|
||||
- firewall_v2
|
10
tox.ini
10
tox.ini
@ -175,6 +175,16 @@ setenv =
|
||||
commands =
|
||||
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
||||
|
||||
|
||||
[testenv:ovs-fwaasv2]
|
||||
setenv =
|
||||
{[testenv]setenv}
|
||||
ANSIBLE_INVENTORY={toxinidir}/tests/ovs_inventory
|
||||
ANSIBLE_OVERRIDES={toxinidir}/tests/neutron-overrides-ovs-fwaasv2.yml
|
||||
commands =
|
||||
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
||||
|
||||
|
||||
[testenv:linters]
|
||||
basepython = python3
|
||||
commands =
|
||||
|
@ -66,3 +66,9 @@
|
||||
parent: openstack-ansible-functional-ubuntu-xenial
|
||||
vars:
|
||||
tox_env: opendaylight-bgpvpn
|
||||
|
||||
- job:
|
||||
name: openstack-ansible-ovs-fwaasv2-ubuntu-bionic
|
||||
parent: openstack-ansible-functional-ubuntu-bionic
|
||||
vars:
|
||||
tox_env: ovs-fwaasv2
|
||||
|
@ -33,6 +33,8 @@
|
||||
voting: false
|
||||
- openstack-ansible-opendaylight-bgpvpn-ubuntu-xenial:
|
||||
voting: false
|
||||
- openstack-ansible-ovs-fwaasv2-ubuntu-bionic:
|
||||
voting: false
|
||||
gate:
|
||||
jobs:
|
||||
- openstack-ansible-ovs-ubuntu-xenial
|
||||
|
Loading…
Reference in New Issue
Block a user