Do the disable a different way

This commit is contained in:
James Page 2014-06-02 16:48:02 +01:00
parent e5d76e6845
commit a079c29178
2 changed files with 5 additions and 4 deletions

View File

@ -48,9 +48,6 @@ def _neutron_security_groups():
Inspects current cloud-compute relation and determine if nova-c-c has
instructed us to use neutron security groups.
'''
# NOTE(jamespage) support override of neutron security via config
if config('disable-neutron-security-groups') is not None:
return not config('disable-neutron-security-groups')
for rid in relation_ids('cloud-compute'):
for unit in related_units(rid):
groups = [
@ -233,6 +230,10 @@ class CloudComputeContext(context.OSContextGenerator):
neutron_ctxt['neutron_security_groups'] = _neutron_security_groups()
# NOTE(jamespage) support override of neutron security via config
if config('disable-neutron-security-groups') is not None:
neutron_ctxt['disable_neutron_security_groups'] = config('disable-neutron-security-groups')
ks_url = '%s://%s:%s/v2.0' % (neutron_ctxt['auth_protocol'],
neutron_ctxt['keystone_host'],
neutron_ctxt['auth_port'])

View File

@ -22,7 +22,7 @@ local_ip = {{ local_ip }}
tunnel_types = gre
[securitygroup]
{% if neutron_security_groups -%}
{% if neutron_security_groups and not disable_neutron_security_groups -%}
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
{% else -%}