From 2864150940bfb003e86bf103cb18b32bdb4a080b Mon Sep 17 00:00:00 2001
From: Huan Xie <huan.xie@citrix.com>
Date: Tue, 20 Sep 2016 06:49:50 +0000
Subject: [PATCH] Make neutron ml2 use ovs native interface

Neutron has changed to use ovs native interface by default, but when
the hypervisor is XenServer, we cannot use ovs native interface without
extra configurations in neutron-openvswitch-agent(q-agt) in compute
node.

This patch is to add the needed configurations automatically during
deployment, so user needn't to do it manually and restart q-agt.

Change-Id: Ibc69d3cdb4d75833f2ac16840c62bcacf460dd4f
---
 lib/neutron_plugins/openvswitch_agent | 5 +++++
 lib/nova_plugins/hypervisor-xenserver | 9 +++++++++
 2 files changed, 14 insertions(+)

diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent
index e27b8a634a..8860d7b0f2 100644
--- a/lib/neutron_plugins/openvswitch_agent
+++ b/lib/neutron_plugins/openvswitch_agent
@@ -95,6 +95,11 @@ function neutron_plugin_configure_plugin_agent {
         # XEN_INTEGRATION_BRIDGE is the integration bridge in dom0
         iniset /$Q_PLUGIN_CONF_FILE ovs integration_bridge $XEN_INTEGRATION_BRIDGE
 
+        # Set OVS native interface for ovs-agent in compute node
+        XEN_DOM0_IP=$(echo "$XENAPI_CONNECTION_URL" | cut -d "/" -f 3)
+        iniset /$Q_PLUGIN_CONF_FILE ovs ovsdb_connection tcp:$XEN_DOM0_IP:6640
+        iniset /$Q_PLUGIN_CONF_FILE ovs of_listen_address $HOST_IP
+
         # Set up domU's L2 agent:
 
         # Create a bridge "br-$VLAN_INTERFACE"
diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver
index a63e72e764..b053856348 100644
--- a/lib/nova_plugins/hypervisor-xenserver
+++ b/lib/nova_plugins/hypervisor-xenserver
@@ -93,6 +93,15 @@ CRONTAB
     if is_service_enabled neutron; then
         # Remove restriction on linux bridge in Dom0 when neutron is enabled
         $ssh_dom0 "rm -f /etc/modprobe.d/blacklist-bridge*"
+
+        count=`$ssh_dom0 "iptables -t filter -L XenServerDevstack |wc -l"`
+        if [ "$count" = "0" ]; then
+        {
+            echo "iptables -t filter --new XenServerDevstack"
+            echo "iptables -t filter -I INPUT -j XenServerDevstack"
+            echo "iptables -t filter -I XenServerDevstack -p tcp --dport 6640 -j ACCEPT"
+        } | $ssh_dom0
+        fi
     fi
 }