FWaaS deployment does not actually enable any firewall driver if VPNaaS is also deployed
Bug #1310858 reported by
Adam Gandelman
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
devstack |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
With q-vpn and q-fwaas both in ENABLED_SERVICES, the FWAAS API extensions are deployed but no agent is actually configured with the FWaaS driver configuration. This results in non-functioning firewall creation, and a traceback in the neutron VPN agent log. I'm not exactly sure how this actually passes in the gate currently, but I believe it is related to the fact that we are not currently confirming firewall creation, only checking the API return code (LP: #1302942).
There is also a related Neutron Bug (LP: #1310857)
description: | updated |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/89448 /git.openstack. org/cgit/ openstack- dev/devstack/ commit/ ?id=cf1ef23b723 f2f859dfcc03022 60a13d0f426adb
Committed: https:/
Submitter: Jenkins
Branch: master
commit cf1ef23b723f2f8 59dfcc0302260a1 3d0f426adb
Author: Adam Gandelman <email address hidden>
Date: Mon Apr 21 17:09:52 2014 -0700
Also pass FWAAS conf to VPN agent if enabled
If q-vpn is enabled, the Neutron neutron-vpn-agent is started
instead of the neutron-l3-agent, but only neutron-l3-agent receives
the fwaas_driver config when q-fwaas is enabled. This ensures the FW driver
config is passed to either so that a properly configured agent is running
when the FWAAS extensions are enabled.
Closes-bug: #1310858
Change-Id: I237d2831a6b87a e46dfef047d3dc0 b85fa6423d3