From a48e5dc4bd3514cc24cd75c72ea998ad9afe5321 Mon Sep 17 00:00:00 2001 From: Yalei Wang Date: Fri, 6 Mar 2015 17:05:11 +0800 Subject: [PATCH] add the port_sec as default neutron/ml2 extension driver Neutron ML2 plugin introduces the first extension driver port_security, this patch add it to be a default extension driver as a example. And also, if not set it by default, networks like public/private which are created after the neutron-db-manage's update, will not include the port-sec value. Change-Id: I3035317c83d22804855517434bd8578719ce0436 Partially Implements: blueprint ml2-ovs-portsecurity --- doc/source/guides/neutron.rst | 5 +++++ lib/neutron_plugins/ml2 | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst index 3030c7b5f2..b0a89070fb 100644 --- a/doc/source/guides/neutron.rst +++ b/doc/source/guides/neutron.rst @@ -131,6 +131,11 @@ In this configuration we are defining FLOATING_RANGE to be a subnet that exists in the private RFC1918 address space - however in in a real setup FLOATING_RANGE would be a public IP address range. +Note that extension drivers for the ML2 plugin is set by +`Q_ML2_PLUGIN_EXT_DRIVERS`, and it includes 'port_security' by default. If you +want to remove all the extension drivers (even 'port_security'), set +`Q_ML2_PLUGIN_EXT_DRIVERS` to blank. + Neutron Networking with Open vSwitch and Provider Networks ========================================================== diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2 index 88537774b7..2733f1f513 100644 --- a/lib/neutron_plugins/ml2 +++ b/lib/neutron_plugins/ml2 @@ -31,6 +31,9 @@ Q_ML2_PLUGIN_GRE_TYPE_OPTIONS=${Q_ML2_PLUGIN_GRE_TYPE_OPTIONS:-tunnel_id_ranges= Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-vni_ranges=1001:2000} # Default VLAN TypeDriver options Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-} +# List of extension drivers to load, use '-' instead of ':-' to allow people to +# explicitly override this to blank +Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security} # L3 Plugin to load for ML2 ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-neutron.services.l3_router.l3_router_plugin.L3RouterPlugin} @@ -113,6 +116,8 @@ function neutron_plugin_configure_service { populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS + populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 extension_drivers=$Q_ML2_PLUGIN_EXT_DRIVERS + populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 $Q_SRV_EXTRA_OPTS populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2_type_gre $Q_ML2_PLUGIN_GRE_TYPE_OPTIONS