1 files changed, 36 insertions, 25 deletions

diff --git a/puppet/services/neutron-dhcp.yaml b/puppet/services/neutron-dhcp.yaml
index 80ccf1c2..513cb2d4 100644
--- a/puppet/services/neutron-dhcp.yaml
+++ b/puppet/services/neutron-dhcp.yaml
@@ -4,50 +4,61 @@ description: >
   OpenStack Neutron DHCP agent configured with Puppet
 
 parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
   EndpointMap:
     default: {}
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  NeutronEnableMetadataNetwork:
+    default: false
+    description: If True, DHCP provide metadata network. Requires either
+                 IsolatedMetadata or ForceMetadata parameters to also be True.
+    type: boolean
   NeutronEnableIsolatedMetadata:
-    default: 'False'
+    default: false
     description: If True, DHCP provide metadata route to VM.
-    type: string
-  NeutronDnsmasqOptions:
-    default: 'dhcp-option-force=26,%MTU%'
-    description: >
-      Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU
-      to be set to the value of NeutronTenantMtu, which should be set to account
-      for tunnel overhead.
-    type: string
-  NeutronTenantMtu:
-    description: >
-      The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
-      be at least 50 bytes smaller than the MTU on the physical network. This
-      value will be used to set the MTU on the virtual Ethernet device.
-      This value will be used to construct the NeutronDnsmasqOptions, since that
-      will determine the MTU that is assigned to the VM host through DHCP.
-    default: "1400"
-    type: string
+    type: boolean
+  NeutronEnableForceMetadata:
+    default: false
+    description: If True, DHCP always provides metadata route to VM.
+    type: boolean
 
 resources:
 
   NeutronBase:
     type: ./neutron-base.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
 
 outputs:
   role_data:
     description: Role data for the Neutron DHCP agent service.
     value:
+      service_name: neutron_dhcp
       config_settings:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
-          - neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
-            tripleo::profile::base::neutron::dhcp:
-              str_replace:
-                template: {get_param: NeutronDnsmasqOptions}
-                params:
-                  '%MTU%': {get_param: NeutronTenantMtu}
-            neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
+          - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
+            neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata}
+            neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork}
+            tripleo.neutron_dhcp.firewall_rules:
+              '115 neutron dhcp input':
+                proto: 'udp'
+                dport: 67
+              '116 neutron dhcp output':
+                proto: 'udp'
+                chain: 'OUTPUT'
+                dport: 68
       step_config: |
         include tripleo::profile::base::neutron::dhcp