Add support for configuring the OVS firewall driver
This patch introduces a parameter to allow customizing the Neutron OpenvSwitch agent's firewall driver configuration. Closes-Bug: 1618507 Change-Id: I595c392f7a1afe2164bf562224d9eda9b3dfa982
This commit is contained in:
parent
6480942f4b
commit
866ed11712
|
@ -56,6 +56,14 @@ parameters:
|
||||||
MonitoringSubscriptionNeutronOvs:
|
MonitoringSubscriptionNeutronOvs:
|
||||||
default: 'overcloud-neutron-ovs-agent'
|
default: 'overcloud-neutron-ovs-agent'
|
||||||
type: string
|
type: string
|
||||||
|
NeutronOVSFirewallDriver:
|
||||||
|
default: ''
|
||||||
|
description: |
|
||||||
|
Configure the classname of the firewall driver to use for implementing
|
||||||
|
security groups. Possible values depend on system configuration. Some
|
||||||
|
examples are: noop, openvswitch, iptables_hybrid. The default value of an
|
||||||
|
empty string will result in a default supported configuration.
|
||||||
|
type: string
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
|
@ -100,5 +108,6 @@ outputs:
|
||||||
# internal_api_uri -> [IP]
|
# internal_api_uri -> [IP]
|
||||||
# internal_api_subnet - > IP/CIDR
|
# internal_api_subnet - > IP/CIDR
|
||||||
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
|
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
|
||||||
|
neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::neutron::ovs
|
include ::tripleo::profile::base::neutron::ovs
|
||||||
|
|
Loading…
Reference in New Issue