commit e6f2ee508a44b1008ac226b86a68e22dc5ea7ac5
author Jiajun Liu <iamljj@gmail.com> Tue May 14 09:48:15 2013 +0000
committer Jiajun Liu <iamljj@gmail.com> Thu May 23 02:40:01 2013 +0000
tree 8fbf92727fe02bb3c8e0d7c039b1b9629ec5c39a
parent ad573f8543d5c0b98177ffc141423ff937962173

add firewall driver if we use quantum security group

fixes bug 1179820

we must set firewall driver if we want to use quantum security group because
quantum will disable security group if we do not change the default firewall
driver. Currently devstack will not change the default firewall driver
if we just running quantum server on a node which will cause nova unable to
security group information.

Change-Id: Ie274325decbf252630a237ed3d6ee3136eb259fe

lib/quantum_plugins/linuxbridge

diff --git a/lib/quantum_plugins/linuxbridge b/lib/quantum_plugins/linuxbridge
index 324e255..cc4040b 100644
--- a/lib/quantum_plugins/linuxbridge
+++ b/lib/quantum_plugins/linuxbridge
@@ -74,6 +74,11 @@
     if [[ "$LB_VLAN_RANGES" != "" ]]; then
         iniset /$Q_PLUGIN_CONF_FILE VLANS network_vlan_ranges $LB_VLAN_RANGES
     fi
+    if [[ "$Q_USE_SECGROUP" == "True" ]]; then
+        iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.linux.iptables_firewall.IptablesFirewallDriver
+    else
+        iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.firewall.NoopFirewallDriver
+    fi
 }
 
 function quantum_plugin_setup_interface_driver() {

lib/quantum_plugins/nec

diff --git a/lib/quantum_plugins/nec b/lib/quantum_plugins/nec
index f61f50b..158c4c7 100644
--- a/lib/quantum_plugins/nec
+++ b/lib/quantum_plugins/nec
@@ -84,6 +84,8 @@
     iniset /$Q_PLUGIN_CONF_FILE OFC driver $OFC_DRIVER
     iniset /$Q_PLUGIN_CONF_FILE OFC api_retry_max OFC_RETRY_MAX
     iniset /$Q_PLUGIN_CONF_FILE OFC api_retry_interval OFC_RETRY_INTERVAL
+
+    _quantum_ovs_base_configure_firewall_driver
 }
 
 function quantum_plugin_setup_interface_driver() {

lib/quantum_plugins/openvswitch

diff --git a/lib/quantum_plugins/openvswitch b/lib/quantum_plugins/openvswitch
index ab16483..f56c09e 100644
--- a/lib/quantum_plugins/openvswitch
+++ b/lib/quantum_plugins/openvswitch
@@ -133,6 +133,8 @@
     if [[ $OVS_ENABLE_TUNNELING = "True" ]]; then
         iniset /$Q_PLUGIN_CONF_FILE OVS enable_tunneling True
     fi
+
+    _quantum_ovs_base_configure_firewall_driver
 }
 
 function quantum_plugin_setup_interface_driver() {

lib/quantum_plugins/ryu

diff --git a/lib/quantum_plugins/ryu b/lib/quantum_plugins/ryu
index 1139232..3dc9f12 100644
--- a/lib/quantum_plugins/ryu
+++ b/lib/quantum_plugins/ryu
@@ -58,6 +58,8 @@
 
 function quantum_plugin_configure_service() {
     iniset /$Q_PLUGIN_CONF_FILE OVS openflow_rest_api $RYU_API_HOST:$RYU_API_PORT
+
+    _quantum_ovs_base_configure_firewall_driver
 }
 
 function quantum_plugin_setup_interface_driver() {