neutron

[RFE][FWaaS v2] Does not work with core plugin non based on Neutron DB model

Bug #1702312 reported by Édouard Thuleau on 2017-07-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	Wishlist	Édouard Thuleau

Bug Description

The FWaaS v2 service plugin is extends the Neutron DB models and it is completely depend on it.
So if we used a core plugin not based on the Neutron DB model (like Contrail one), we cannot use that service plugin and implement a specific driver.

The service plugin must be more generic and also provide a plugable backend driver mechanism to authorize different drivers than ML2 with OVS.

Tags:

OpenStack Infra (hudson-openstack) on 2017-07-05

Changed in neutron:
assignee:	nobody → Édouard Thuleau (ethuleau)
status:	New → In Progress

Revision history for this message

Édouard Thuleau (ethuleau) wrote on 2017-10-13:

Some diagrams https://docs.google.com/presentation/d/1_9KkNgIbWYE6tucoym8N7J2xfcQ1XwN8Zuu-ALEUD3U/edit#slide=id.g27fa2ac987_0_0

Édouard Thuleau (ethuleau) on 2018-02-15

tags:	added: rfe
summary:	- [FWaaS v2] Does not work with core plugin non based on Neutron DB model + [RFE][FWaaS v2] Does not work with core plugin non based on Neutron DB + model

Édouard Thuleau (ethuleau) on 2018-03-08

Changed in neutron:
status:	In Progress → New
assignee:	Édouard Thuleau (ethuleau) → nobody

Miguel Lavalle (minsel) on 2018-03-08

Changed in neutron:
importance:	Undecided → Wishlist

Revision history for this message

Sridar Kandaswamy (skandasw) wrote on 2018-03-08:

Many thanks for the discussion in neutron-drivers. We have discussed this in the FWaaS meetings and we are good with moving forward.

More details in:

https://docs.google.com/presentation/d/1_9KkNgIbWYE6tucoym8N7J2xfcQ1XwN8Zuu-ALEUD3U/edit#slide=id.g27fa2ac987_0_0

referenced above as well.

Miguel Lavalle (minsel) on 2018-03-08

tags:

added: rfe-approved
removed: rfe

Revision history for this message

Édouard Thuleau (ethuleau) wrote on 2018-03-08:

https://review.openstack.org/#/c/480265/

Changed in neutron:
assignee:	nobody → Édouard Thuleau (ethuleau)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-05-18: Fix merged to neutron-fwaas (master)

Reviewed: https://review.openstack.org/480265
Committed: https://git.openstack.org/cgit/openstack/neutron-fwaas/commit/?id=9b353afde499f46ebec6e8c8529eab0a99a2023b
Submitter: Zuul
Branch: master

commit 9b353afde499f46ebec6e8c8529eab0a99a2023b
Author: Édouard Thuleau <email address hidden>
Date: Mon Jun 26 11:32:24 2017 +0200

Implements a plugable backend driver

    This patch removes all related DB code from the FWaaS service plugin v2
    and creates service driver interfaces that can be used by different
    backend drivers.

    The default backend driver still based on the Neutron DB model
    and agent RPC interface (for l3 and l2 agents) and was moved
    to 'service_drivers.agents.agents.FwaasAgentDriver'. It inherits from the
    firewall backend driver DB interface
    'service_drivers.driver_api.FwaasDriverDB' to maintain the DB. It
    is in charge to implement all RPC API and messages.

    If we need to implement a backend driver which depends on the Neutron DB
    but not on the agent RPC service, we just have to inherit from the DB
    interface and if we like to develop a backend driver which not depends
    on the Neutron DB model, we can inherit from the base driver interface
    'service_driver.driver_api.FwaasDriver'.

That patch only modifies the service plugin 'firewall_v2', it does not
modify the Firewall v1 service plugin.

    The backend DB driver provides an interface composed to a pre and post
    commit hooks for each FWaaSv2 API actions which permits to the driver to
    be warn anytimes. All that commit hooks methods does not do anything by
    default and the backend driver needs to overide needed hooks.
    The driver does not needs to implements all of them,

Closes-Bug: #1702312
Change-Id: I4ebd24f1b13eb823c4d63452fd37cace5bcf5481