FWaaS deployment does not actually enable any firewall driver if VPNaaS is also deployed
Bug #1310858 reported by
Adam Gandelman
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| devstack |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
With q-vpn and q-fwaas both in ENABLED_SERVICES, the FWAAS API extensions are deployed but no agent is actually configured with the FWaaS driver configuration. This results in non-functioning firewall creation, and a traceback in the neutron VPN agent log. I'm not exactly sure how this actually passes in the gate currently, but I believe it is related to the fact that we are not currently confirming firewall creation, only checking the API return code (LP: #1302942).
There is also a related Neutron Bug (LP: #1310857)
| description: | updated |
Revision history for this message
| Openstack Gerrit (openstack-gerrit) wrote Fix merged to devstack (master) | #1 |
| Changed in devstack: | |
| status: | New → Fix Released |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit cf1ef23b723f2f8
Author: Adam Gandelman <email address hidden>
Date: Mon Apr 21 17:09:52 2014 -0700
Also pass FWAAS conf to VPN agent if enabled
If q-vpn is enabled, the Neutron neutron-vpn-agent is started
instead of the neutron-l3-agent, but only neutron-l3-agent receives
the fwaas_driver config when q-fwaas is enabled. This ensures the FW driver
config is passed to either so that a properly configured agent is running
when the FWAAS extensions are enabled.
Closes-bug: #1310858
Change-Id: I237d2831a6b87a