GitList

Browse code

tempest: set network-feature-enabled.port_security

Sets the port_security feature flag in tempest.conf
if the port_security extension is enabled, which it's not
by default in neutron but is set by default in devstack.

This adds global variable for setting the port_security
extension in ml2.conf and in tempest.conf so we only have
to set this in one place.

Depends-On: I1efd5c838aa0d73cc6e8864e3041eea25850198d

Change-Id: I6334b200e42edd785f74cfb41520627393039619
Related-Bug: #1624082

Matt Riedemann authored on 2016/09/16 09:33:22
Showing 4 changed files

lib/neutron index 53fc5fc..415344e 100644
lib/neutron_plugins/ml2 index 7e80209..e429714 100644
lib/tempest index 6ffc927..0d01843 100644
stackrc index c419ef4..ea8b044 100644

lib/neutron

History View file @ c9c9d31

@@ -162,7 +162,9 @@ function configure_neutron_new {
                              iniset $NEUTRON_CORE_PLUGIN_CONF ml2 type_drivers vxlan
                              iniset $NEUTRON_CORE_PLUGIN_CONF ml2 mechanism_drivers openvswitch,linuxbridge
                              iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_vxlan vni_ranges 1001:2000
                     -        iniset $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers port_security
                     +        if [[ "$NEUTRON_PORT_SECURITY" = "True" ]]; then
                     +            iniset $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers port_security
                     +        fi
                          fi
                          # Neutron OVS or LB agent

lib/neutron_plugins/ml2

History View file @ c9c9d31

@@ -35,7 +35,11 @@ Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-}
                      Q_ML2_PLUGIN_GENEVE_TYPE_OPTIONS=${Q_ML2_PLUGIN_GENEVE_TYPE_OPTIONS:-vni_ranges=$TENANT_TUNNEL_RANGES}
                      # List of extension drivers to load, use '-' instead of ':-' to allow people to
                      # explicitly override this to blank
                     -Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security}
                     +if [[ "$NEUTRON_PORT_SECURITY" = "True" ]]; then
                     +    Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security}
                     +else
                     +    Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS:-}
                     +fi
                      # L3 Plugin to load for ML2
                      # For some flat network environment, they not want to extend L3 plugin.

lib/tempest

History View file @ c9c9d31

@@ -387,6 +387,7 @@ function configure_tempest {
                          iniset $TEMPEST_CONFIG network default_network "$FIXED_RANGE"
                          iniset $TEMPEST_CONFIG network-feature-enabled ipv6 "$IPV6_ENABLED"
                          iniset $TEMPEST_CONFIG network-feature-enabled ipv6_subnet_attributes "$IPV6_SUBNET_ATTRIBUTES_ENABLED"
                     +    iniset $TEMPEST_CONFIG network-feature-enabled port_security $NEUTRON_PORT_SECURITY
                          # Orchestration Tests
                          if is_service_enabled heat; then

stackrc

History View file @ c9c9d31

@@ -778,6 +778,9 @@ fi
                      HOST_IPV6=$(get_default_host_ip "" "" "$HOST_IP_IFACE" "$HOST_IPV6" "inet6")
                     +# Whether or not the port_security extension should be enabled for Neutron.
                     +NEUTRON_PORT_SECURITY=$(trueorfalse True NEUTRON_PORT_SECURITY)
+                    +
                      # SERVICE IP version
                      # This is the IP version that services should be listening on, as well
                      # as using to register their endpoints with keystone.