From 1c7ca296643074a41a526a9979253af1d4c5d057 Mon Sep 17 00:00:00 2001
From: gugug <gu.jin@99cloud.net>
Date: Wed, 17 Jun 2020 13:23:29 +0800
Subject: [PATCH] Remove the neutron-fwaas roles since it retired
Depends-On: I561504160e5548c54d1af31821c3366ab34cf0ec
Change-Id: I15e5c0e0a956ee181873cf002229532a15ff959d
Co-Authored-By: jacky06 <zhang.min@99cloud.net>
---
ansible/group_vars/all.yml | 2 --
ansible/roles/horizon/defaults/main.yml | 1 -
ansible/roles/neutron/defaults/main.yml | 6 +-----
ansible/roles/neutron/tasks/config.yml | 21 -------------------
.../neutron/templates/fwaas_driver.ini.j2 | 13 ------------
.../templates/neutron-l3-agent-wrapper.sh.j2 | 2 --
.../templates/neutron-l3-agent.json.j2 | 6 ------
.../neutron/templates/neutron-server.json.j2 | 8 +------
etc/kolla/globals.yml | 2 --
...remove-neutron-fwaas-0g6a327ae69e2117.yaml | 5 +++++
10 files changed, 7 insertions(+), 59 deletions(-)
delete mode 100644 ansible/roles/neutron/templates/fwaas_driver.ini.j2
create mode 100644 releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 940cae3a7..9203d6706 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -577,7 +577,6 @@ enable_horizon: "{{ enable_openstack_core | bool }}"
enable_horizon_blazar: "{{ enable_blazar | bool }}"
enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}"
enable_horizon_designate: "{{ enable_designate | bool }}"
-enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
enable_horizon_freezer: "{{ enable_freezer | bool }}"
enable_horizon_heat: "{{ enable_heat | bool }}"
enable_horizon_ironic: "{{ enable_ironic | bool }}"
@@ -625,7 +624,6 @@ enable_murano: "no"
enable_neutron_vpnaas: "no"
enable_neutron_sriov: "no"
enable_neutron_dvr: "no"
-enable_neutron_fwaas: "no"
enable_neutron_qos: "no"
enable_neutron_agent_ha: "no"
enable_neutron_bgp_dragent: "no"
diff --git a/ansible/roles/horizon/defaults/main.yml b/ansible/roles/horizon/defaults/main.yml
index 90fcc753d..ec84c9f50 100644
--- a/ansible/roles/horizon/defaults/main.yml
+++ b/ansible/roles/horizon/defaults/main.yml
@@ -11,7 +11,6 @@ horizon_services:
ENABLE_BLAZAR: "{{ 'yes' if enable_horizon_blazar | bool else 'no' }}"
ENABLE_CLOUDKITTY: "{{ 'yes' if enable_horizon_cloudkitty | bool else 'no' }}"
ENABLE_DESIGNATE: "{{ 'yes' if enable_horizon_designate | bool else 'no' }}"
- ENABLE_FWAAS: "{{ 'yes' if enable_horizon_fwaas | bool else 'no' }}"
ENABLE_FREEZER: "{{ 'yes' if enable_horizon_freezer | bool else 'no' }}"
ENABLE_HEAT: "{{ 'yes' if enable_horizon_heat | bool else 'no' }}"
ENABLE_IRONIC: "{{ 'yes' if enable_horizon_ironic | bool else 'no' }}"
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index 70c2268e3..59e39ee99 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -387,14 +387,12 @@ neutron_extension_drivers: "{{ extension_drivers | selectattr('enabled', 'equalt
# Neutron upgrade
####################
neutron_enable_rolling_upgrade: "yes"
-neutron_rolling_upgrade_services: ["neutron", "neutron-fwaas", "neutron-vpnaas"]
+neutron_rolling_upgrade_services: ["neutron", "neutron-vpnaas"]
####################
# Service Plugins
####################
service_plugins:
- - name: "firewall_v2"
- enabled: "{{ enable_neutron_fwaas | bool }}"
- name: "flow_classifier"
enabled: "{{ enable_neutron_sfc | bool }}"
- name: "metering"
@@ -443,8 +441,6 @@ agent_extensions:
neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}"
l3_agent_extensions:
- - name: "fwaas_v2"
- enabled: "{{ enable_neutron_fwaas | bool }}"
- name: "vpnaas"
enabled: "{{ enable_neutron_vpnaas | bool }}"
- name: "port_forwarding"
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index da1756b0b..de8b1e7ef 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -263,27 +263,6 @@
notify:
- "Restart {{ item.key }} container"
-- name: Copying over fwaas_driver.ini
- become: true
- vars:
- service_name: "{{ item.key }}"
- services_need_fwaas_driver_ini:
- - "neutron-server"
- - "neutron-l3-agent"
- merge_configs:
- sources:
- - "{{ role_path }}/templates/fwaas_driver.ini.j2"
- - "{{ node_custom_config }}/neutron/fwaas_driver.ini"
- dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini"
- mode: "0660"
- when:
- - item.key in services_need_fwaas_driver_ini
- - item.value.enabled | bool
- - item.value.host_in_groups | bool
- with_dict: "{{ neutron_services }}"
- notify:
- - "Restart {{ item.key }} container"
-
- name: Copying over metadata_agent.ini
become: true
vars:
diff --git a/ansible/roles/neutron/templates/fwaas_driver.ini.j2 b/ansible/roles/neutron/templates/fwaas_driver.ini.j2
deleted file mode 100644
index 2432f7d85..000000000
--- a/ansible/roles/neutron/templates/fwaas_driver.ini.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-{% if enable_neutron_fwaas | bool %}
-[fwaas]
-enabled = True
-{% if neutron_plugin_agent == 'vmware_nsxv' %}
-driver = vmware_nsxv_edge
-{% else %}
-agent_version = v2
-driver = iptables_v2
-
-[service_providers]
-service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
-{% endif %}
-{% endif %}
diff --git a/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
index 2c0bb7025..6960ae4bb 100644
--- a/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
+++ b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
@@ -7,7 +7,6 @@ set -o errexit
neutron-netns-cleanup \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/l3_agent.ini \
- --config-file /etc/neutron/fwaas_driver.ini \
--force --agent-type l3
{% endif %}
@@ -15,4 +14,3 @@ neutron-l3-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/neutron_vpnaas.conf \
--config-file /etc/neutron/l3_agent.ini \
- --config-file /etc/neutron/fwaas_driver.ini
diff --git a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
index 81654edaa..5c1d79c33 100644
--- a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
+++ b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
@@ -19,12 +19,6 @@
"owner": "neutron",
"perm": "0600"
},
- {
- "source": "{{ container_config_directory }}/fwaas_driver.ini",
- "dest": "/etc/neutron/fwaas_driver.ini",
- "owner": "neutron",
- "perm": "0600"
- },
{
"source": "{{ container_config_directory }}/l3_agent.ini",
"dest": "/etc/neutron/l3_agent.ini",
diff --git a/ansible/roles/neutron/templates/neutron-server.json.j2 b/ansible/roles/neutron/templates/neutron-server.json.j2
index f4fc16bcf..ba41a52f9 100644
--- a/ansible/roles/neutron/templates/neutron-server.json.j2
+++ b/ansible/roles/neutron/templates/neutron-server.json.j2
@@ -1,5 +1,5 @@
{
- "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'ovn'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %} --config-file /etc/neutron/fwaas_driver.ini",
+ "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'ovn'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %}",
"config_files": [
{
"source": "{{ container_config_directory }}/neutron.conf",
@@ -7,12 +7,6 @@
"owner": "neutron",
"perm": "0600"
},
- {
- "source": "{{ container_config_directory }}/fwaas_driver.ini",
- "dest": "/etc/neutron/fwaas_driver.ini",
- "owner": "neutron",
- "perm": "0600"
- },
{
"source": "{{ container_config_directory }}/neutron_vpnaas.conf",
"dest": "/etc/neutron/neutron_vpnaas.conf",
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index b616b6233..6e480f37d 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -267,7 +267,6 @@
#enable_horizon_blazar: "{{ enable_blazar | bool }}"
#enable_horizon_cloudkitty: "{{ enable_cloudkitty | bool }}"
#enable_horizon_designate: "{{ enable_designate | bool }}"
-#enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
#enable_horizon_freezer: "{{ enable_freezer | bool }}"
#enable_horizon_heat: "{{ enable_heat | bool }}"
#enable_horizon_ironic: "{{ enable_ironic | bool }}"
@@ -316,7 +315,6 @@
#enable_neutron_vpnaas: "no"
#enable_neutron_sriov: "no"
#enable_neutron_dvr: "no"
-#enable_neutron_fwaas: "no"
#enable_neutron_qos: "no"
#enable_neutron_agent_ha: "no"
#enable_neutron_bgp_dragent: "no"
diff --git a/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml b/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml
new file mode 100644
index 000000000..bf1704ffe
--- /dev/null
+++ b/releasenotes/notes/remove-neutron-fwaas-0g6a327ae69e2117.yaml
@@ -0,0 +1,5 @@
+---
+upgrade:
+ - |
+ The ``neutron-fwaas`` project is no longer maintained. This has been
+ retired and will be removed in the Victoria cycle.
--
GitLab