From 30acfc6d14bb42db822352426cc2d4e337717c72 Mon Sep 17 00:00:00 2001 From: Slawek Kaplonski Date: Thu, 24 Nov 2022 14:12:08 +0100 Subject: [PATCH] [neutron] Don't configure firewall_driver for core ML2 plugin In the past firewall_driver setting was configured for ML2 plugin because it was used in the neutron.agent.securitygroups_rpc.is_firewall_enabled() function but currently it's not needed anymore as there is other config option "enable_security_group" for that. Related-bug: #1996748 Change-Id: I9b09c6afb3f1f1c33d1bdfea52ba6f4c0d0cf2dc --- lib/neutron_plugins/ml2 | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2 index fa61f1ea30..46edacdc54 100644 --- a/lib/neutron_plugins/ml2 +++ b/lib/neutron_plugins/ml2 @@ -111,18 +111,7 @@ function neutron_plugin_configure_service { fi fi fi - # REVISIT(rkukura): Setting firewall_driver here for - # neutron.agent.securitygroups_rpc.is_firewall_enabled() which is - # used in the server, in case no L2 agent is configured on the - # server's node. If an L2 agent is configured, this will get - # overridden with the correct driver. The ml2 plugin should - # instead use its own config variable to indicate whether security - # groups is enabled, and that will need to be set here instead. - if [[ "$Q_USE_SECGROUP" == "True" ]]; then - iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.not.a.real.FirewallDriver - else - iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver - fi + populate_ml2_config /$Q_PLUGIN_CONF_FILE securitygroup enable_security_group=$Q_USE_SECGROUP populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 mechanism_drivers=$Q_ML2_PLUGIN_MECHANISM_DRIVERS if [[ "$Q_ML2_PLUGIN_MECHANISM_DRIVERS" == *"linuxbridge"* ]]; then