summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2016-09-10 02:54:07 +0000
committerGerrit Code Review <review@openstack.org>2016-09-10 02:54:07 +0000
commit58235d0e92a87d351dcd302a24648f595330815d (patch)
treea91e23ffe086b7477a21b0b3ae1695e1d386acd3
parenta5bac3a956e51e5ba44e3cc61f64a0d77f2ba14f (diff)
parent866ed11712d8e2e7d664abf1b0b572e2c240357c (diff)
Merge "Add support for configuring the OVS firewall driver"
-rw-r--r--puppet/services/neutron-ovs-agent.yaml9
1 files changed, 9 insertions, 0 deletions
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 36b609fc..080cd1c3 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -56,6 +56,14 @@ parameters:
MonitoringSubscriptionNeutronOvs:
default: 'overcloud-neutron-ovs-agent'
type: string
+ NeutronOVSFirewallDriver:
+ default: ''
+ description: |
+ Configure the classname of the firewall driver to use for implementing
+ security groups. Possible values depend on system configuration. Some
+ examples are: noop, openvswitch, iptables_hybrid. The default value of an
+ empty string will result in a default supported configuration.
+ type: string
resources:
@@ -100,5 +108,6 @@ outputs:
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+ neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
step_config: |
include ::tripleo::profile::base::neutron::ovs