From 23cde5e487c14c06d752bb671b0b9751350c35bc Mon Sep 17 00:00:00 2001
From: Michael Polenchuk <mpolenchuk@mirantis.com>
Date: Fri, 11 Jan 2019 14:30:52 +0400
Subject: [odl] Set conntrack as netvirt nat mode

The conntrack-based SNAT uses the Linux netfilter framework to
do the NAPT and track the connection. The first packet in a traffic is
passed to the netfilter to be translated with the external IP. The
following packets will use the netfilter for further inbound and
outbound translation.

Change-Id: I1090b4fe041f8d9533aa4ce1964284a4a5c073ce
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
---
 .../files/netvirt-natservice-config.xml            | 23 ++++++++++++++++++++++
 .../opendaylight/server.sls                        | 11 +++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml

(limited to 'mcp/salt-formulas/salt-formula-opendaylight')

diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml
new file mode 100644
index 000000000..266689e5c
--- /dev/null
+++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/files/netvirt-natservice-config.xml
@@ -0,0 +1,23 @@
+{%- from "opendaylight/map.jinja" import server with context -%}
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements.  See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership.  The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License.  You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied.  See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<natservice-config xmlns="urn:opendaylight:netvirt:natservice:config">
+  <nat-mode>{{ server.netvirt_nat_mode }}</nat-mode>
+  <snat-punt-timeout>5</snat-punt-timeout>
+</natservice-config>
diff --git a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls
index e4ebecf87..e688575c8 100644
--- a/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls
+++ b/mcp/salt-formulas/salt-formula-opendaylight/opendaylight/server.sls
@@ -147,6 +147,17 @@ opendaylight:
       - service: opendaylight
 {%- endif %}
 
+{%- if server.netvirt_nat_mode is defined %}
+/opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml:
+  file.managed:
+  - source: salt://opendaylight/files/netvirt-natservice-config.xml
+  - makedirs: true
+  - watch_in:
+    - service: opendaylight
+  - use:
+    - file: /opt/opendaylight/etc/jetty.xml
+{%- endif %}
+
 {%- if server.dhcp.enabled %}
 /opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-dhcpservice-config.xml:
   file.managed:
-- 
cgit 1.2.3-korg