openstack/kolla-ansible
Code Issues Proposed changes
669b312ea6
kolla-ansible/ansible/roles/neutron/templates/ml2_conf.ini.j2
Kuo-tung Kao 5d22ea34c0 let openvswitch_db listener localhost 
Openvswitch_db is not necessary to listener api_address.
Just let openvswitch_db listener localhost to avoid security issues.

Change-Id: If4912d90abae933a1ed9e2d14336b89b7c7179dd
Closes-Bug: #1712767
2017-08-24 16:43:47 +08:00

98 lines
3.0 KiB
Django/Jinja
Raw Blame History

# ml2_conf.ini
[ml2]
# Changing type_drivers after bootstrap can lead to database inconsistencies
type_drivers = {{ neutron_type_drivers }}
tenant_network_types = {{ neutron_tenant_network_types }}
{% if neutron_plugin_agent == "openvswitch" %}
{% if enable_hyperv | bool %}
mechanism_drivers = openvswitch,hyperv
{% else %}
mechanism_drivers = openvswitch,l2population
{% endif %}
{% elif neutron_plugin_agent == "linuxbridge" %}
mechanism_drivers = linuxbridge,l2population
{% elif neutron_plugin_agent == "opendaylight" %}
mechanism_drivers = {{ opendaylight_mechanism_driver }}
{% endif %}
{% if neutron_extension_drivers %}
extension_drivers = {{ neutron_extension_drivers|map(attribute='name')|join(',') }}
{% elif enable_hyperv | bool %}
extension_drivers = port_security
{% endif %}
{% if enable_opendaylight | bool %}
[ml2_odl]
url = {{ internal_protocol }}://{{ kolla_internal_vip_address }}:{{ opendaylight_haproxy_restconf_port }}/controller/nb/v2/neutron
username = admin
password = {{ opendaylight_password }}
port_binding_controller = {{ opendaylight_port_binding_type }}
{% endif %}
[ml2_type_vlan]
{% if enable_ironic | bool %}
network_vlan_ranges = physnet1
{% else %}
network_vlan_ranges =
{% endif %}
[ml2_type_flat]
{% if enable_ironic | bool %}
flat_networks = *
{% else %}
flat_networks = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}{% if not loop.last %},{% endif %}{% endfor %}
{% endif %}
{% if not enable_hyperv | bool %}
[ml2_type_vxlan]
vni_ranges = 1:1000
vxlan_group = 239.1.1.1
{% endif %}
[securitygroup]
{% if neutron_plugin_agent == "openvswitch" or neutron_plugin_agent == "opendaylight" %}
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
{% elif neutron_plugin_agent == "linuxbridge" %}
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
{% endif %}
{% if neutron_plugin_agent == "openvswitch" or neutron_plugin_agent == "opendaylight" %}
{% if not enable_hyperv | bool %}
[agent]
tunnel_types = vxlan
l2_population = true
arp_responder = true
{% endif %}
{% if enable_neutron_dvr | bool %}
enable_distributed_routing = True
{% endif %}
{% if neutron_agent_extensions %}
extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
{% endif %}
[ovs]
{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and computes_need_external_bridge ) %}
bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
{% endif %}
ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}
{% if enable_nova_fake | bool %}
integration_bridge = br-int-{{ item }}
{% endif %}
{% elif neutron_plugin_agent == "linuxbridge" %}
[linux_bridge]
physical_interface_mappings = physnet1:{{ neutron_external_interface }}
{% if not enable_hyperv | bool %}
[vxlan]
l2_population = true
{% endif %}
{% endif %}
{% if inventory_hostname in groups["network"] or inventory_hostname in groups["compute"] %}
local_ip = {{ tunnel_interface_address }}
{% endif %}
View Git Blame Copy Permalink