Set correct firewall_driver for Neutron ML2

firewall_driver should be explicitly set for both ML2 agents (ovs/lb) for security groups to work Change-Id: I7ab0672d6a819d11b2bd1df71724a8ff1e114fab Depends-on: I9819867251e3c35f252ddbbad1178bff1c585314
2016-04-01 17:55:01 +03:00 · 2016-04-01 17:55:01 +03:00 · c0cba189bd
commit c0cba189bd
parent aa98d797ce
1 changed files with 3 additions and 0 deletions
--- a/manifests/neutron.pp
+++ b/manifests/neutron.pp
@ -60,6 +60,7 @@ class openstack_integration::neutron (
        manage_vswitch   => false,
      }
      $external_network_bridge = 'br-ex'
+      $firewall_driver         = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
    }
    'linuxbridge': {
      exec { 'create_dummy_iface':
@ -74,6 +75,7 @@ class openstack_integration::neutron (
        physical_interface_mappings => ['external:loop0'],
      }
      $external_network_bridge = ''
+      $firewall_driver         = 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver'
    }
    default: {
      fail("Unsupported neutron driver (${driver})")
@ -116,6 +118,7 @@ class openstack_integration::neutron (
    type_drivers         => ['vxlan', 'flat'],
    tenant_network_types => ['vxlan', 'flat'],
    mechanism_drivers    => $driver,
+    firewall_driver      => $firewall_driver,
  }
  class { '::neutron::agents::metadata':
    debug            => true,