OpenStack Neutron OVS agent configured with Puppet
parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
description: |
Enable support for distributed routing in the OVS Agent.
type: boolean
+ NeutronEnableARPResponder:
+ default: false
+ description: |
+ Enable ARP responder feature in the OVS Agent.
+ type: boolean
+ MonitoringSubscriptionNeutronOvs:
+ default: 'overcloud-neutron-ovs-agent'
+ type: string
+ NeutronOVSFirewallDriver:
+ default: ''
+ description: |
+ Configure the classname of the firewall driver to use for implementing
+ security groups. Possible values depend on system configuration. Some
+ examples are: noop, openvswitch, iptables_hybrid. The default value of an
+ empty string will result in a default supported configuration.
+ type: string
+ NeutronOpenVswitchAgentLoggingSource:
+ type: json
+ default:
+ tag: openstack.neutron.agent.openvswitch
+ path: /var/log/neutron/openvswitch-agent.log
resources:
NeutronBase:
type: ./neutron-base.yaml
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
+ DefaultPasswords: {get_param: DefaultPasswords}
+ EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Neutron OVS agent service.
value:
service_name: neutron_ovs_agent
+ monitoring_subscription: {get_param: MonitoringSubscriptionNeutronOvs}
+ logging_source: {get_param: NeutronOpenVswitchAgentLoggingSource}
+ logging_groups:
+ - neutron
config_settings:
map_merge:
- get_attr: [NeutronBase, role_data, config_settings]
- neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
+ - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
+ neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
neutron::agents::ml2::ovs::bridge_mappings:
str_replace:
template: MAPPINGS
template: AGENT_EXTENSIONS
params:
AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
+ # NOTE: bind IP is found in Heat replacing the network name with the
+ # local node IP for the given network; replacement examples
+ # (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+ neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
+ tripleo.neutron_ovs_agent.firewall_rules:
+ '118 neutron vxlan networks':
+ proto: 'udp'
+ dport: 4789
+ '136 neutron gre networks':
+ proto: 'gre'
step_config: |
include ::tripleo::profile::base::neutron::ovs
Code Review / apex-tripleo-heat-templates.git / blobdiff