From: Brent Eagles Date: Mon, 16 Jan 2017 20:42:54 +0000 (-0330) Subject: Conditionally set OVS agent firewall driver X-Git-Tag: opnfv-6.0.0~1225^2 X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=18e6dc96e5b11d1f3708aad9aacf0c699386791f;p=apex-tripleo-heat-templates.git Conditionally set OVS agent firewall driver Using an empty string to allow the default value in the puppet module no longer seems to work, resulting in the OVS agent configuration having an empty firewall driver configuration. This patch uses a heat template condition to set the hieradata only if something other than an empty string has been set. Change-Id: Ifef9ded1dbb719e75997474bf5ada909dbf40599 Related-Bug: #1656939 --- diff --git a/puppet/services/neutron-ovs-agent.yaml b/puppet/services/neutron-ovs-agent.yaml index 0eb16e6a..e24fae7c 100644 --- a/puppet/services/neutron-ovs-agent.yaml +++ b/puppet/services/neutron-ovs-agent.yaml @@ -70,6 +70,9 @@ parameters: tag: openstack.neutron.agent.openvswitch path: /var/log/neutron/openvswitch-agent.log +conditions: + no_firewall_driver: {equals : [{get_param: NeutronOVSFirewallDriver}, '']} + resources: NeutronBase: @@ -104,13 +107,17 @@ outputs: # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR neutron::agents::ml2::ovs::local_ip: {get_param: [ServiceNetMap, NeutronTenantNetwork]} - neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver} tripleo.neutron_ovs_agent.firewall_rules: '118 neutron vxlan networks': proto: 'udp' dport: 4789 '136 neutron gre networks': proto: 'gre' + - + if: + - no_firewall_driver + - {} + - neutron::agents::ml2::ovs::firewall_driver: {get_param: NeutronOVSFirewallDriver} step_config: | include ::tripleo::profile::base::neutron::ovs upgrade_tasks: