diff options
author | Brent Eagles <beagles@redhat.com> | 2016-08-18 19:03:30 -0230 |
---|---|---|
committer | Brent Eagles <beagles@redhat.com> | 2016-09-08 12:55:46 -0230 |
commit | 866ed11712d8e2e7d664abf1b0b572e2c240357c (patch) | |
tree | 12267387cf85337dc64a015836b0a7ec0396a428 /puppet | |
parent | 6480942f4b2fbe49a9ea1a73bcbdb0878271e84e (diff) |
Add support for configuring the OVS firewall driver
This patch introduces a parameter to allow customizing the Neutron
OpenvSwitch agent's firewall driver configuration.
Closes-Bug: 1618507
Change-Id: I595c392f7a1afe2164bf562224d9eda9b3dfa982
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/services/neutron-ovs-agent.yaml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 36b609fc..080cd1c3 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -56,6 +56,14 @@ parameters: MonitoringSubscriptionNeutronOvs: default: 'overcloud-neutron-ovs-agent' type: string + NeutronOVSFirewallDriver: + default: '' + description: | + Configure the classname of the firewall driver to use for implementing + security groups. Possible values depend on system configuration. Some + examples are: noop, openvswitch, iptables_hybrid. The default value of an + empty string will result in a default supported configuration. + type: string resources: @@ -100,5 +108,6 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} + neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver} step_config: | include ::tripleo::profile::base::neutron::ovs |