Enable security group support for OVS agent
The neutron OVS firewall_driver driver is currently set to noop since there is no suitable firewall driver packaged. The security group support for OVS agent is now enabled with the native "openvswitch" firewall driver, which is stateful and based on openflow + conntrack implementation. Change-Id: Ie49ea124b3dd1ad2c5d405274fa891d88c7e39bf Story: 2002944 Task: 22937 Signed-off-by: Kailun Qin <kailun.qin@intel.com>
This commit is contained in:
parent
617ca1de59
commit
95477fd0cc
|
@ -983,12 +983,14 @@ data:
|
|||
ovs_driver:
|
||||
vhost_user_enabled: true
|
||||
securitygroup:
|
||||
firewall_driver: noop
|
||||
firewall_driver: openvswitch
|
||||
openvswitch_agent:
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex
|
||||
securitygroup:
|
||||
firewall_driver: openvswitch
|
||||
source:
|
||||
type: tar
|
||||
location: http://172.17.0.1/helm_charts/neutron-0.1.0.tgz
|
||||
|
|
|
@ -263,9 +263,6 @@ class NeutronHelm(openstack.OpenstackBaseHelm):
|
|||
return {
|
||||
'agent': agent,
|
||||
'ovs': ovs,
|
||||
'securitygroup': {
|
||||
'firewall_driver': 'noop',
|
||||
},
|
||||
}
|
||||
|
||||
def _get_dynamic_sriov_agent_config(self, host):
|
||||
|
|
Loading…
Reference in New Issue