X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fneutron-ovs-agent.yaml;h=e2b90b7b7b5437d751cc94fef56c250f2be21d77;hb=2a6df57475642792264e3e069359167ee6a81b0a;hp=1b19f90fc6b94e932bac3d572f951c368a0435d5;hpb=f9000048e5d120e5a47eaad44318f8b884b5ba7d;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml
index 1b19f90f..e2b90b7b 100644
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -53,6 +53,22 @@ parameters:
     description: |
       Enable ARP responder feature in the OVS Agent.
     type: boolean
+  MonitoringSubscriptionNeutronOvs:
+    default: 'overcloud-neutron-ovs-agent'
+    type: string
+  NeutronOVSFirewallDriver:
+    default: ''
+    description: |
+      Configure the classname of the firewall driver to use for implementing
+      security groups. Possible values depend on system configuration. Some
+      examples are: noop, openvswitch, iptables_hybrid. The default value of an
+      empty string will result in a default supported configuration.
+    type: string
+  NeutronOpenVswitchAgentLoggingSource:
+    type: json
+    default:
+      tag: openstack.neutron.agent.openvswitch
+      path: /var/log/neutron/openvswitch-agent.log
 
 resources:
 
@@ -68,27 +84,19 @@ outputs:
     description: Role data for the Neutron OVS agent service.
     value:
       service_name: neutron_ovs_agent
+      monitoring_subscription: {get_param: MonitoringSubscriptionNeutronOvs}
+      logging_source: {get_param: NeutronOpenVswitchAgentLoggingSource}
+      logging_groups:
+        - neutron
       config_settings:
         map_merge:
           - get_attr: [NeutronBase, role_data, config_settings]
-            neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
+          - neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
             neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
             neutron::agents::ml2::ovs::arp_responder: {get_param: NeutronEnableARPResponder}
-            neutron::agents::ml2::ovs::bridge_mappings:
-              str_replace:
-                template: MAPPINGS
-                params:
-                  MAPPINGS: {get_param: NeutronBridgeMappings}
-            neutron::agents::ml2::ovs::tunnel_types:
-              str_replace:
-                template: TYPES
-                params:
-                  TYPES: {get_param: NeutronTunnelTypes}
-            neutron::agents::ml2::ovs::extensions:
-              str_replace:
-                template: AGENT_EXTENSIONS
-                params:
-                  AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
+            neutron::agents::ml2::ovs::bridge_mappings: {get_param: NeutronBridgeMappings}
+            neutron::agents::ml2::ovs::tunnel_types: {get_param: NeutronTunnelTypes}
+            neutron::agents::ml2::ovs::extensions: {get_param: NeutronAgentExtensions}
             # NOTE: bind IP is found in Heat replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):
@@ -96,5 +104,12 @@ outputs:
             # internal_api_uri -> [IP]
             # internal_api_subnet - > IP/CIDR
             neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+            neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
+            tripleo.neutron_ovs_agent.firewall_rules:
+              '118 neutron vxlan networks':
+                proto: 'udp'
+                dport: 4789
+              '136 neutron gre networks':
+                proto: 'gre'
       step_config: |
         include ::tripleo::profile::base::neutron::ovs