Add support for configuring the OVS firewall driver

author Brent Eagles <beagles@redhat.com>

Thu, 18 Aug 2016 21:33:30 +0000 (19:03 -0230)

committer Brent Eagles <beagles@redhat.com>

Thu, 8 Sep 2016 15:25:46 +0000 (12:55 -0230)
author Brent Eagles <beagles@redhat.com>
Thu, 18 Aug 2016 21:33:30 +0000 (19:03 -0230)
committer Brent Eagles <beagles@redhat.com>
Thu, 8 Sep 2016 15:25:46 +0000 (12:55 -0230)
diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml

index 36b609f..080cd1c 100644 (file)
--- a/puppet/services/neutron-ovs-agent.yaml
+++ b/puppet/services/neutron-ovs-agent.yaml
@@ -56,6 +56,14 @@ parameters:
    MonitoringSubscriptionNeutronOvs:
      default: 'overcloud-neutron-ovs-agent'
      type: string
+  NeutronOVSFirewallDriver:
+    default: ''
+    description: |
+      Configure the classname of the firewall driver to use for implementing
+      security groups. Possible values depend on system configuration. Some
+      examples are: noop, openvswitch, iptables_hybrid. The default value of an
+      empty string will result in a default supported configuration.
+    type: string
  
  resources:
  
@@ -100,5 +108,6 @@ outputs:
              # internal_api_uri -> [IP]
              # internal_api_subnet - > IP/CIDR
              neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]}
+            neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver}
        step_config: |
          include ::tripleo::profile::base::neutron::ovs
author	Brent Eagles <beagles@redhat.com>
	Thu, 18 Aug 2016 21:33:30 +0000 (19:03 -0230)
committer	Brent Eagles <beagles@redhat.com>
	Thu, 8 Sep 2016 15:25:46 +0000 (12:55 -0230)