Support Quantum security group
Adds Q_USE_SECGROUP flag for quantum security group
- Added has_quantum_plugin_security_group method for each plugin.
- Set NOVA_VIF_DRIVER to the hybrid VIF driver for plugins with
iptables based security group support.
- Specifying device_owner type on debug port in lib/quantum and
quantum-adv-test.sh. This change makes apply quantum security
group fro debug port
Change-Id: Ifd155798912247d85a9765ef73a2186b929237b4
diff --git a/lib/quantum_plugins/linuxbridge b/lib/quantum_plugins/linuxbridge
index 11bc585..324e255 100644
--- a/lib/quantum_plugins/linuxbridge
+++ b/lib/quantum_plugins/linuxbridge
@@ -48,6 +48,11 @@
if [[ "$LB_INTERFACE_MAPPINGS" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE LINUX_BRIDGE physical_interface_mappings $LB_INTERFACE_MAPPINGS
fi
+ if [[ "$Q_USE_SECGROUP" == "True" ]]; then
+ iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.linux.iptables_firewall.IptablesFirewallDriver
+ else
+ iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.firewall.NoopFirewallDriver
+ fi
AGENT_BINARY="$QUANTUM_DIR/bin/quantum-linuxbridge-agent"
}
@@ -76,5 +81,10 @@
iniset $conf_file DEFAULT interface_driver quantum.agent.linux.interface.BridgeInterfaceDriver
}
+function has_quantum_plugin_security_group() {
+ # 0 means True here
+ return 0
+}
+
# Restore xtrace
$MY_XTRACE