From 37a8eaff4c8516ed58c7b9789d5b8bd33948c155 Mon Sep 17 00:00:00 2001 From: lokesh-jain Date: Mon, 3 Apr 2017 16:32:53 -0400 Subject: Addition of firewall rules for Nuage Added VxLAN and metadata agent firewall rules to neutron-compute-plugin for Nuage. Removed a deprecated parameter 'OSControllerIp' as well. Change-Id: If10c300db48c66b9ebeaf74b5f5fee9132e75366 (cherry picked from commit d5309c9443cbfe50ba5e7c15f025393a58b0804c) --- environments/neutron-nuage-config.yaml | 1 - puppet/services/neutron-compute-plugin-nuage.yaml | 10 ++++++++++ puppet/services/neutron-plugin-nuage.yaml | 7 +------ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/environments/neutron-nuage-config.yaml b/environments/neutron-nuage-config.yaml index 74899246..601554a1 100644 --- a/environments/neutron-nuage-config.yaml +++ b/environments/neutron-nuage-config.yaml @@ -10,7 +10,6 @@ resource_registry: OS::TripleO::Services::ComputeNeutronCorePlugin: ../puppet/services/neutron-compute-plugin-nuage.yaml parameter_defaults: - NeutronNuageOSControllerIp: '0.0.0.0' NeutronNuageNetPartitionName: 'default_name' NeutronNuageVSDIp: '0.0.0.0:0' NeutronNuageVSDUsername: 'username' diff --git a/puppet/services/neutron-compute-plugin-nuage.yaml b/puppet/services/neutron-compute-plugin-nuage.yaml index 04431e28..ea717690 100644 --- a/puppet/services/neutron-compute-plugin-nuage.yaml +++ b/puppet/services/neutron-compute-plugin-nuage.yaml @@ -22,6 +22,10 @@ parameters: description: The password for the nova service account, used by nova-api. type: string hidden: true + NuageMetadataPort: + description: TCP Port to listen for metadata server requests + type: string + default: '9697' outputs: role_data: @@ -32,5 +36,11 @@ outputs: tripleo::profile::base::neutron::agents::nuage::nova_os_tenant_name: 'service' tripleo::profile::base::neutron::agents::nuage::nova_os_password: {get_param: NovaPassword} tripleo::profile::base::neutron::agents::nuage::nova_auth_ip: {get_param: [EndpointMap, KeystoneInternal, host]} + tripleo.neutron_compute_plugin_nuage.firewall_rules: + '118 neutron vxlan networks': + proto: 'udp' + dport: 4789 + '100 metadata agent': + dport: {get_param: NuageMetadataPort} step_config: | include ::tripleo::profile::base::neutron::agents::nuage diff --git a/puppet/services/neutron-plugin-nuage.yaml b/puppet/services/neutron-plugin-nuage.yaml index e09cd704..6229a3f1 100644 --- a/puppet/services/neutron-plugin-nuage.yaml +++ b/puppet/services/neutron-plugin-nuage.yaml @@ -19,10 +19,6 @@ parameters: via parameter_defaults in the resource registry. type: json # Config specific parameters, to be provided via parameter_defaults - NeutronNuageOSControllerIp: - description: IP address of the OpenStack Controller - type: string - NeutronNuageNetPartitionName: description: Specifies the title that you will see on the VSD type: string @@ -76,8 +72,7 @@ outputs: config_settings: map_merge: - get_attr: [NeutronBase, role_data, config_settings] - - neutron::plugins::nuage::nuage_oscontroller_ip: {get_param: NeutronNuageOSControllerIp} - neutron::plugins::nuage::nuage_net_partition_name: {get_param: NeutronNuageNetPartitionName} + - neutron::plugins::nuage::nuage_net_partition_name: {get_param: NeutronNuageNetPartitionName} neutron::plugins::nuage::nuage_vsd_ip: {get_param: NeutronNuageVSDIp} neutron::plugins::nuage::nuage_vsd_username: {get_param: NeutronNuageVSDUsername} neutron::plugins::nuage::nuage_vsd_password: {get_param: NeutronNuageVSDPassword} -- cgit 1.2.3-korg