a5cec52a6c
Currently OVS tunnel firewall rules are held within the neutron ovs agent service heat template. That service is not used with ODL, so consequently ODL was missing the VXLAN and GRE firewall rules and traffic would not pass between nodes. This adds the missing rules to the OpenDaylight OVS service. Closes-Bug: 1641191 Change-Id: Icfd7db6a3e8fcdd02646fb7e413f40f26b03b994 Signed-off-by: Tim Rozet <trozet@redhat.com>
65 lines
2.2 KiB
YAML
65 lines
2.2 KiB
YAML
heat_template_version: 2016-04-08
|
|
|
|
description: >
|
|
OpenDaylight OVS Configuration.
|
|
|
|
parameters:
|
|
OpenDaylightPort:
|
|
default: 8081
|
|
description: Set opendaylight service port
|
|
type: number
|
|
OpenDaylightConnectionProtocol:
|
|
description: L7 protocol used for REST access
|
|
type: string
|
|
default: 'http'
|
|
OpenDaylightCheckURL:
|
|
description: URL postfix to verify ODL has finished starting up
|
|
type: string
|
|
default: 'restconf/operational/network-topology:network-topology/topology/netvirt:1'
|
|
OpenDaylightApiVirtualIP:
|
|
type: string
|
|
default: ''
|
|
OpenDaylightProviderMappings:
|
|
description: Mappings between logical networks and physical interfaces.
|
|
Required for VLAN deployments. For example physnet1 -> eth1.
|
|
type: comma_delimited_list
|
|
default: "datacentre:br-ex"
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the OpenDaylight service.
|
|
value:
|
|
service_name: opendaylight_ovs
|
|
config_settings:
|
|
opendaylight::odl_rest_port: {get_param: OpenDaylightPort}
|
|
opendaylight_check_url: {get_param: OpenDaylightCheckURL}
|
|
opendaylight::nb_connection_protocol: {get_param: OpenDaylightConnectionProtocol}
|
|
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
|
|
neutron::plugins::ovs::opendaylight::provider_mappings:
|
|
str_replace:
|
|
template: MAPPINGS
|
|
params:
|
|
MAPPINGS: {get_param: OpenDaylightProviderMappings}
|
|
tripleo.opendaylight_ovs.firewall_rules:
|
|
'118 neutron vxlan networks':
|
|
proto: 'udp'
|
|
dport: 4789
|
|
'136 neutron gre networks':
|
|
proto: 'gre'
|
|
step_config: |
|
|
include tripleo::profile::base::neutron::plugins::ovs::opendaylight
|