Skip to content
Snippets Groups Projects
Commit d5c66896 authored by Jenkins's avatar Jenkins Committed by Gerrit Code Review
Browse files

Merge "Fix fwaas options"

parents 00e3d2f8 865736c2
No related branches found
No related tags found
No related merge requests found
...@@ -268,7 +268,7 @@ service_plugins: ...@@ -268,7 +268,7 @@ service_plugins:
enabled: "{{ neutron_plugin_agent == 'sfc' }}" enabled: "{{ neutron_plugin_agent == 'sfc' }}"
- name: "lbaasv2" - name: "lbaasv2"
enabled: "{{ enable_neutron_lbaas | bool }}" enabled: "{{ enable_neutron_lbaas | bool }}"
- name: "neutron_fwaas.services.firewall.fwaas_plugin.FirewallPlugin" - name: "firewall"
enabled: "{{ enable_neutron_fwaas | bool }}" enabled: "{{ enable_neutron_fwaas | bool }}"
- name: "vpnaas" - name: "vpnaas"
enabled: "{{ enable_neutron_vpnaas | bool }}" enabled: "{{ enable_neutron_vpnaas | bool }}"
......
...@@ -183,6 +183,7 @@ ...@@ -183,6 +183,7 @@
vars: vars:
service_name: "{{ item.key }}" service_name: "{{ item.key }}"
services_need_fwaas_driver_ini: services_need_fwaas_driver_ini:
- "neutron-server"
- "neutron-l3-agent" - "neutron-l3-agent"
- "neutron-vpnaas-agent" - "neutron-vpnaas-agent"
merge_configs: merge_configs:
......
{% if enable_neutron_fwaas | bool %}
[service_providers]
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default
[fwaas] [fwaas]
driver = iptables
enabled = True
{% endif %}
...@@ -13,10 +13,6 @@ agent_mode = legacy ...@@ -13,10 +13,6 @@ agent_mode = legacy
ha_vrrp_health_check_interval = 5 ha_vrrp_health_check_interval = 5
{% endif %} {% endif %}
{% if enable_neutron_fwaas | bool %} {% if enable_neutron_fwaas | bool %}
[fwaas]
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
[agent] [agent]
extensions = fwaas extensions = fwaas
{% endif %} {% endif %}
......
{ {
"command": "neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_lbaas.conf --config-file /etc/neutron/neutron_vpnaas.conf {% if neutron_plugin_agent == 'vmware_nsxv' %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %}", "command": "neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_lbaas.conf --config-file /etc/neutron/neutron_vpnaas.conf --config-file /etc/neutron/fwaas_driver.ini {% if neutron_plugin_agent == 'vmware_nsxv' %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %}",
"config_files": [ "config_files": [
{ {
"source": "{{ container_config_directory }}/neutron.conf", "source": "{{ container_config_directory }}/neutron.conf",
...@@ -7,6 +7,12 @@ ...@@ -7,6 +7,12 @@
"owner": "neutron", "owner": "neutron",
"perm": "0600" "perm": "0600"
}, },
{
"source": "{{ container_config_directory }}/fwaas_driver.ini",
"dest": "/etc/neutron/fwaas_driver.ini",
"owner": "neutron",
"perm": "0600"
},
{ {
"source": "{{ container_config_directory }}/neutron_lbaas.conf", "source": "{{ container_config_directory }}/neutron_lbaas.conf",
"dest": "/etc/neutron/neutron_lbaas.conf", "dest": "/etc/neutron/neutron_lbaas.conf",
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment