Kevin Carter 6b7e78e104 Add ability to configure Neutron FWaaS

This patch adds a release note, documentation and an automated
determination of whether the Horizon panel for FWaaS should be
enabled.

Re-Implementation-Of: https://review.openstack.org/#/c/275894/9

Depends-On: I682171333328e42895ec1a4d2d0cc5d2b2fcdcd9
Depends-On: Ic046cc9815f7b9c86a52fd75e7c796ecacc9e083
Change-Id: Iabfaa3d755bc2badae85325e3c6d477f4f2d620c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>

2016-03-17 08:56:51 -05:00

1.6 KiB

Raw Blame History

Home OpenStack-Ansible Installation Guide

Configuring the Network Firewall Service (Optional)

The OpenStack Networking Service, Neutron, includes a Firewall as a Service (FWaaS) offering. This service lets you configure a firewall that runs outside of your instances and filters traffic from the router.

The following procedure describes how to modify the /etc/openstack_deploy/user_variables.yml file to enable FWaaS.

Override the default list of Neutron plugins to include firewall:
```
neutron_plugin_base:
  - firewall
  - ...
```

The complete neutron_plugin_base, at the time of this writing, is as follows:

neutron_plugin_base:
   - router
   - firewall
   - lbaas
   - vpnaas
   - metering
   - qos

Execute the Neutron install playbook in order to update the configuration:

# cd /opt/openstack-ansible/playbooks
# openstack-ansible os-neutron-install.yml

Execute the Horizon install playbook in order to update the Horizon configuration to show the FWaaS panels:
```
# cd /opt/openstack-ansible/playbooks
# openstack-ansible os-horizon-install.yml
```

The FWaaS default configuration options may be changed through the conf override mechanism using the neutron_neutron_conf_overrides dict.

1.6 KiB Raw Blame History

Configuring the Network Firewall Service (Optional)

1.6 KiB

Raw Blame History