MonitoringSubscriptionNeutronOvs:
default: 'overcloud-neutron-ovs-agent'
type: string
+ NeutronOVSFirewallDriver:
+ default: ''
+ description: |
+ Configure the classname of the firewall driver to use for implementing
+ security groups. Possible values depend on system configuration. Some
+ examples are: noop, openvswitch, iptables_hybrid. The default value of an
+ empty string will result in a default supported configuration.
+ type: string
+ NeutronOpenVswitchAgentLoggingSource:
+ type: json
+ default:
+ tag: openstack.neutron.agent.openvswitch
+ path: /var/log/neutron/openvswitch-agent.log
resources:
value:
service_name: neutron_ovs_agent
monitoring_subscription: {get_param: MonitoringSubscriptionNeutronOvs}
+ logging_source: {get_param: NeutronOpenVswitchAgentLoggingSource}
+ logging_groups:
+ - neutron
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+ neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
+ tripleo.neutron_ovs_agent.firewall_rules:
+ '118 neutron vxlan networks':
+ proto: 'udp'
+ dport: 4789
+ '136 neutron gre networks':
+ proto: 'gre'
step_config: |
include ::tripleo::profile::base::neutron::ovs
Code Review / apex-tripleo-heat-templates.git / blobdiff