From dfc70104d1f9980ca5095d50be70d34ebe1e1a64 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Tue, 7 Nov 2023 01:47:14 +0900 Subject: [PATCH] vpnaas: Do not install wrong backend package for OpenSwan driver Currently the neutron::agents::vpnaas class installs LibreSwan (in CentOS) or strongSwan (in Debian or Ubuntu) for the OpenSwan driver but the OpenSwan driver only works with OpenSwan which is no longer shipped. (That's why they developed different drivers for different libraries). This change drops installation of the wrong package and also deprecates support for OpenSwan driver. Change-Id: I158dd3411900241950ead9635bba4583eebcb983 --- manifests/agents/vpnaas.pp | 8 ++------ manifests/params.pp | 2 -- ...recate-vpnaas-openswan-driver-299a9173641152c2.yaml | 4 ++++ spec/classes/neutron_agents_vpnaas_spec.rb | 10 ---------- 4 files changed, 6 insertions(+), 18 deletions(-) create mode 100644 releasenotes/notes/deprecate-vpnaas-openswan-driver-299a9173641152c2.yaml diff --git a/manifests/agents/vpnaas.pp b/manifests/agents/vpnaas.pp index 9946facf9..5a0779265 100644 --- a/manifests/agents/vpnaas.pp +++ b/manifests/agents/vpnaas.pp @@ -53,12 +53,8 @@ class neutron::agents::vpnaas ( case $vpn_device_driver { /\.OpenSwan/: { - Package['openswan'] -> Package<| title == 'neutron-vpnaas-agent' |> - package { 'openswan': - ensure => present, - name => $::neutron::params::openswan_package, - tag => ['openstack', 'neutron-support-package'], - } + warning("Support for OpenSwan has been deprecated, because of lack of \ +openswan package in distributions") } /\.LibreSwan/: { Package['libreswan'] -> Package<| title == 'neutron-vpnaas-agent' |> diff --git a/manifests/params.pp b/manifests/params.pp index c3ec2b508..01004bad3 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -54,7 +54,6 @@ class neutron::params { $ovn_agent_package = 'openstack-neutron-ovn-agent' $dynamic_routing_package = 'python3-neutron-dynamic-routing' $bgp_dragent_package = 'openstack-neutron-bgp-dragent' - $openswan_package = 'libreswan' $libreswan_package = 'libreswan' $strongswan_package = 'strongswan' $metadata_agent_package = false @@ -101,7 +100,6 @@ class neutron::params { $dhcp_agent_package = 'neutron-dhcp-agent' $metering_agent_package = 'neutron-metering-agent' $vpnaas_agent_package = 'python3-neutron-vpnaas' - $openswan_package = 'strongswan' $libreswan_package = 'libreswan' $strongswan_package = 'strongswan' $metadata_agent_package = 'neutron-metadata-agent' diff --git a/releasenotes/notes/deprecate-vpnaas-openswan-driver-299a9173641152c2.yaml b/releasenotes/notes/deprecate-vpnaas-openswan-driver-299a9173641152c2.yaml new file mode 100644 index 000000000..810b16fe9 --- /dev/null +++ b/releasenotes/notes/deprecate-vpnaas-openswan-driver-299a9173641152c2.yaml @@ -0,0 +1,4 @@ +--- +deprecations: + - | + Support for OpenSwan VPNaaS driver has been derecated. diff --git a/spec/classes/neutron_agents_vpnaas_spec.rb b/spec/classes/neutron_agents_vpnaas_spec.rb index 95b9acb2a..4c4eb505a 100644 --- a/spec/classes/neutron_agents_vpnaas_spec.rb +++ b/spec/classes/neutron_agents_vpnaas_spec.rb @@ -48,14 +48,6 @@ describe 'neutron::agents::vpnaas' do :tag => ['openstack', 'neutron-package'], ) end - - it 'installs openswan packages' do - should contain_package('openswan').with( - :ensure => 'present', - :name => platform_params[:openswan_package], - :tag => ['openstack', 'neutron-support-package'], - ) - end end context 'with libreswan vpnaas driver' do @@ -113,14 +105,12 @@ describe 'neutron::agents::vpnaas' do case facts[:os]['family'] when 'Debian' { - :openswan_package => 'strongswan', :libreswan_package => 'libreswan', :strongswan_package => 'strongswan', :vpnaas_agent_package => 'python3-neutron-vpnaas' } when 'RedHat' { - :openswan_package => 'libreswan', :libreswan_package => 'libreswan', :strongswan_package => 'strongswan', :vpnaas_agent_package => 'openstack-neutron-vpnaas'