openstack/puppet-openstack-integration
Code Issues Proposed changes

Set correct firewall_driver for Neutron ML2

Browse Source 
firewall_driver should be explicitly set for both ML2 agents (ovs/lb) for
security groups to work

Change-Id: I7ab0672d6a819d11b2bd1df71724a8ff1e114fab
Depends-on: I9819867251e3c35f252ddbbad1178bff1c585314
This commit is contained in:
Sergey Kolekonov 2016-04-01 17:55:01 +03:00
parent aa98d797ce
commit c0cba189bd
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
manifests/neutron.pp
View File

@ -60,6 +60,7 @@ class openstack_integration::neutron (
manage_vswitch => false, manage_vswitch => false,
} }
$external_network_bridge = 'br-ex' $external_network_bridge = 'br-ex'
$firewall_driver = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
} }
'linuxbridge': { 'linuxbridge': {
exec { 'create_dummy_iface': exec { 'create_dummy_iface':
@ -74,6 +75,7 @@ class openstack_integration::neutron (
physical_interface_mappings => ['external:loop0'], physical_interface_mappings => ['external:loop0'],
} }
$external_network_bridge = '' $external_network_bridge = ''
$firewall_driver = 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver'
} }
default: { default: {
fail("Unsupported neutron driver (${driver})") fail("Unsupported neutron driver (${driver})")
@ -116,6 +118,7 @@ class openstack_integration::neutron (
type_drivers => ['vxlan', 'flat'], type_drivers => ['vxlan', 'flat'],
tenant_network_types => ['vxlan', 'flat'], tenant_network_types => ['vxlan', 'flat'],
mechanism_drivers => $driver, mechanism_drivers => $driver,
firewall_driver => $firewall_driver,
} }
class { '::neutron::agents::metadata': class { '::neutron::agents::metadata':
debug => true, debug => true,