summaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
authorTim Rozet <trozet@redhat.com>2016-11-11 13:59:06 -0500
committerTim Rozet <trozet@redhat.com>2016-11-11 13:59:06 -0500
commita5cec52a6c07ce3940431be34dcc45bced5ade04 (patch)
treee842b8e2fce7126dc9ea37f05d8d0b70b9bc9264 /puppet/services
parentb0ffc79452d64bf3996adb5b6a04628c4de1c8b7 (diff)
Fixes missing OVS Firewall config with OpenDaylight
Currently OVS tunnel firewall rules are held within the neutron ovs agent service heat template. That service is not used with ODL, so consequently ODL was missing the VXLAN and GRE firewall rules and traffic would not pass between nodes. This adds the missing rules to the OpenDaylight OVS service. Closes-Bug: 1641191 Change-Id: Icfd7db6a3e8fcdd02646fb7e413f40f26b03b994 Signed-off-by: Tim Rozet <trozet@redhat.com>
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/opendaylight-ovs.yaml6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml
index 268ca244..907ecddc 100644
--- a/puppet/services/opendaylight-ovs.yaml
+++ b/puppet/services/opendaylight-ovs.yaml
@@ -54,5 +54,11 @@ outputs:
template: MAPPINGS
params:
MAPPINGS: {get_param: OpenDaylightProviderMappings}
+ tripleo.opendaylight_ovs.firewall_rules:
+ '118 neutron vxlan networks':
+ proto: 'udp'
+ dport: 4789
+ '136 neutron gre networks':
+ proto: 'gre'
step_config: |
include tripleo::profile::base::neutron::plugins::ovs::opendaylight