James Denton 41bd86b7bd Enable functional deployment of FWaaS v2
This patch updates various vars and templates to enable a functioning
deployment of FWaaS v2 on an Open vSwitch-based OSA cloud. A test is
also included for verification.

Change-Id: Ibfa2cbafd19f6870139c4ea3e9dfc80cf8c574e1
Closes-Bug: #1811070
2019-02-14 11:22:29 -05:00

61 lines
1.3 KiB
Django/Jinja

# {{ ansible_managed }}
# General
[DEFAULT]
debug = {{ debug }}
# Drivers
interface_driver = {{ neutron_plugins[neutron_plugin_type].driver_interface }}
agent_mode = {{ neutron_plugins[neutron_plugin_type].l3_agent_mode }}
# Conventional failover
allow_automatic_l3agent_failover = True
# HA failover
ha_confs_path = {{ neutron_system_home_folder }}/ha_confs
ha_vrrp_advert_int = 2
ha_vrrp_auth_password = {{ neutron_ha_vrrp_auth_password }}
ha_vrrp_auth_type = {{ neutron_ha_vrrp_auth_type }}
# Metadata
enable_metadata_proxy = True
# L3 plugins
{% set l3_agent_plugins = [] %}
{% if neutron_fwaas | bool %}
# FWaaS
{% set _ = l3_agent_plugins.append("fwaas") %}
[fwaas]
enabled = true
driver = iptables
agent_version = v1
{% endif %}
{% if neutron_fwaas_v2 | bool %}
# FWaaS v2
{% set _ = l3_agent_plugins.append("fwaas_v2") %}
[fwaas]
enabled = true
driver = {{ neutron_driver_fwaasv2 }}
agent_version = v2
firewall_l2_driver = noop
{% endif %}
{% if neutron_vpnaas | bool %}
# VPNaaS
{% set _ = l3_agent_plugins.append("vpnaas") %}
[vpnagent]
vpn_device_driver = {{ neutron_driver_vpnaas }}
{% endif %}
{% if neutron_port_forwarding|bool %}
{% set _ = l3_agent_plugins.append("port_forwarding") %}
{% endif %}
{% if l3_agent_plugins|length > 0 %}
[AGENT]
extensions = {{ l3_agent_plugins | join(',') }}
{% endif %}