Support Quantum security group
Adds Q_USE_SECGROUP flag for quantum security group
- Added has_quantum_plugin_security_group method for each plugin.
- Set NOVA_VIF_DRIVER to the hybrid VIF driver for plugins with
iptables based security group support.
- Specifying device_owner type on debug port in lib/quantum and
quantum-adv-test.sh. This change makes apply quantum security
group fro debug port
Change-Id: Ifd155798912247d85a9765ef73a2186b929237b4
diff --git a/lib/quantum b/lib/quantum
index 09cde64..efdd43d 100644
--- a/lib/quantum
+++ b/lib/quantum
@@ -181,6 +181,13 @@
# Hardcoding for 1 service plugin for now
source $TOP_DIR/lib/quantum_plugins/agent_loadbalancer
+# Use security group or not
+if has_quantum_plugin_security_group; then
+ Q_USE_SECGROUP=${Q_USE_SECGROUP:-True}
+else
+ Q_USE_SECGROUP=False
+fi
+
# Entry Points
# ------------
@@ -222,6 +229,11 @@
iniset $NOVA_CONF DEFAULT quantum_admin_tenant_name "$SERVICE_TENANT_NAME"
iniset $NOVA_CONF DEFAULT quantum_url "http://$Q_HOST:$Q_PORT"
+ if [[ "$Q_USE_SECGROUP" == "True" ]]; then
+ LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver
+ iniset $NOVA_CONF DEFAULT security_group_api quantum
+ fi
+
# set NOVA_VIF_DRIVER and optionally set options in nova_conf
quantum_plugin_create_nova_conf
@@ -646,9 +658,9 @@
function setup_quantum_debug() {
if [[ "$Q_USE_DEBUG_COMMAND" == "True" ]]; then
public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME`
- quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $public_net_id
+ quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $public_net_id
private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME`
- quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $private_net_id
+ quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $private_net_id
fi
}