diff options
author | Tim Rozet <trozet@redhat.com> | 2016-11-11 13:59:06 -0500 |
---|---|---|
committer | Tim Rozet <trozet@redhat.com> | 2016-11-11 13:59:06 -0500 |
commit | a5cec52a6c07ce3940431be34dcc45bced5ade04 (patch) | |
tree | e842b8e2fce7126dc9ea37f05d8d0b70b9bc9264 /puppet | |
parent | b0ffc79452d64bf3996adb5b6a04628c4de1c8b7 (diff) |
Fixes missing OVS Firewall config with OpenDaylight
Currently OVS tunnel firewall rules are held within the neutron ovs
agent service heat template. That service is not used with ODL, so
consequently ODL was missing the VXLAN and GRE firewall rules and
traffic would not pass between nodes. This adds the missing rules to
the OpenDaylight OVS service.
Closes-Bug: 1641191
Change-Id: Icfd7db6a3e8fcdd02646fb7e413f40f26b03b994
Signed-off-by: Tim Rozet <trozet@redhat.com>
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/services/opendaylight-ovs.yaml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/opendaylight-ovs.yaml b/puppet/services/opendaylight-ovs.yaml index 268ca244..907ecddc 100644 --- a/puppet/services/opendaylight-ovs.yaml +++ b/puppet/services/opendaylight-ovs.yaml @@ -54,5 +54,11 @@ outputs: template: MAPPINGS params: MAPPINGS: {get_param: OpenDaylightProviderMappings} + tripleo.opendaylight_ovs.firewall_rules: + '118 neutron vxlan networks': + proto: 'udp' + dport: 4789 + '136 neutron gre networks': + proto: 'gre' step_config: | include tripleo::profile::base::neutron::plugins::ovs::opendaylight |