Browse Source

Conditionally set OVS agent firewall driver

Using an empty string to allow the default value in the puppet module no
longer seems to work, resulting in the OVS agent configuration having an
empty firewall driver configuration. This patch uses a heat template
condition to set the hieradata only if something other than an empty
string has been set.

Change-Id: Ifef9ded1dbb719e75997474bf5ada909dbf40599
Related-Bug: #1656939
changes/47/420947/2
Brent Eagles 5 years ago
parent
commit
18e6dc96e5
  1. 9
      puppet/services/neutron-ovs-agent.yaml

9
puppet/services/neutron-ovs-agent.yaml

@ -70,6 +70,9 @@ parameters:
tag: openstack.neutron.agent.openvswitch
path: /var/log/neutron/openvswitch-agent.log
conditions:
no_firewall_driver: {equals : [{get_param: NeutronOVSFirewallDriver}, '']}
resources:
NeutronBase:
@ -104,13 +107,17 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
tripleo.neutron_ovs_agent.firewall_rules:
'118 neutron vxlan networks':
proto: 'udp'
dport: 4789
'136 neutron gre networks':
proto: 'gre'
-
if:
- no_firewall_driver
- {}
- neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
step_config: |
include ::tripleo::profile::base::neutron::ovs
upgrade_tasks:

Loading…
Cancel
Save