4e855db6b2
At the moment it's possible to deploy VPNaaS for non-OVN environemnts only. OVN implementation is slighly different and requires a standalone agent to run on gateway hosts, where OVN router is active. This agent spawns namespaces as used to do and talks through RPC with API. More detailed spec on the feature can be found here [1]. There's also configuration reference in progress of writing [2]. [1] https://opendev.org/openstack/neutron-specs/src/branch/master/specs/xena/vpnaas-ovn.rst [2] https://review.opendev.org/c/openstack/neutron-vpnaas/+/895651 Change-Id: Idb223ee0d8187f372682aafda1b8d6fd78cb71d1 Change-Id: Iad163ac7b032a97bd49164d94490b0f0deb83d90
23 lines
646 B
Django/Jinja
23 lines
646 B
Django/Jinja
# {{ ansible_managed }}
|
|
|
|
[DEFAULT]
|
|
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
|
|
|
|
[AGENT]
|
|
extensions = vpnaas
|
|
|
|
[vpnagent]
|
|
vpn_device_driver = {{ neutron_driver_vpnaas }}
|
|
|
|
[ovs]
|
|
ovsdb_connection = {{ neutron_ovsdb_manager_connection }}
|
|
ovsdb_connection_timeout = 180
|
|
|
|
[ovn]
|
|
ovn_sb_connection = {{ neutron_ovn_sb_connection }}
|
|
{% if neutron_ovn_ssl %}
|
|
ovn_sb_ca_cert = {{ [neutron_conf_version_dir, neutron_ovn_ssl_ca_cert] | join('/') }}
|
|
ovn_sb_certificate = {{ [neutron_conf_version_dir, neutron_ovn_ssl_cert] | join('/') }}
|
|
ovn_sb_private_key = {{ [neutron_conf_version_dir, neutron_ovn_ssl_key] | join('/') }}
|
|
{% endif %}
|