openstack/devstack
Code Issues Proposed changes

add the port_sec as default neutron/ml2 extension driver

Browse Source 
Neutron ML2 plugin introduces the first extension driver port_security, this
patch add it to be a default extension driver as a example. And also, if not
set it by default, networks like public/private which are created after the
neutron-db-manage's update, will not include the port-sec value.

Change-Id: I3035317c83d22804855517434bd8578719ce0436
Partially Implements: blueprint ml2-ovs-portsecurity
This commit is contained in:
Yalei Wang 2015-03-06 17:05:11 +08:00
parent c9e842871b
commit a48e5dc4bd
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/source/guides/neutron.rst
View File

@ -131,6 +131,11 @@ In this configuration we are defining FLOATING_RANGE to be a
subnet that exists in the private RFC1918 address space - however in subnet that exists in the private RFC1918 address space - however in
in a real setup FLOATING_RANGE would be a public IP address range. in a real setup FLOATING_RANGE would be a public IP address range.
Note that extension drivers for the ML2 plugin is set by
`Q_ML2_PLUGIN_EXT_DRIVERS`, and it includes 'port_security' by default. If you
want to remove all the extension drivers (even 'port_security'), set
`Q_ML2_PLUGIN_EXT_DRIVERS` to blank.
Neutron Networking with Open vSwitch and Provider Networks Neutron Networking with Open vSwitch and Provider Networks
========================================================== ==========================================================

5
lib/neutron_plugins/ml2
View File

@ -31,6 +31,9 @@ Q_ML2_PLUGIN_GRE_TYPE_OPTIONS=${Q_ML2_PLUGIN_GRE_TYPE_OPTIONS:-tunnel_id_ranges=
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-vni_ranges=1001:2000} Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-vni_ranges=1001:2000}
# Default VLAN TypeDriver options # Default VLAN TypeDriver options
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-} Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-}
# List of extension drivers to load, use '-' instead of ':-' to allow people to
# explicitly override this to blank
Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security}
# L3 Plugin to load for ML2 # L3 Plugin to load for ML2
ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-neutron.services.l3_router.l3_router_plugin.L3RouterPlugin} ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-neutron.services.l3_router.l3_router_plugin.L3RouterPlugin}
@ -113,6 +116,8 @@ function neutron_plugin_configure_service {
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 extension_drivers=$Q_ML2_PLUGIN_EXT_DRIVERS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 $Q_SRV_EXTRA_OPTS populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 $Q_SRV_EXTRA_OPTS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2_type_gre $Q_ML2_PLUGIN_GRE_TYPE_OPTIONS populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2_type_gre $Q_ML2_PLUGIN_GRE_TYPE_OPTIONS