From 72a5e25b46e473b137b99d6d35d6c5aea4341830 Mon Sep 17 00:00:00 2001 From: Nobuto Murata Date: Fri, 15 Jul 2022 13:23:49 -0400 Subject: [PATCH] enable-ml2-port-security for Yoga+ Neutron's port security extension allows operators to turn on and off the port security on per port or per network basis. It brings flexibility to network port management and it's expected to be available where the extension is available, OVS/OVN deployments in mind. Let's turn it on for new deployments. Also, it's must-have for Octavia as per the charm deployment guide so make sure it's enabled in the Octavia overlay bundle. --- development/openstack-base-focal-yoga/bundle.yaml | 1 + development/openstack-base-jammy-yoga/bundle.yaml | 1 + development/openstack-telemetry-focal-yoga/bundle.yaml | 1 + development/openstack-telemetry-jammy-yoga/bundle.yaml | 1 + development/overlays/loadbalancer-octavia.yaml | 3 +++ stable/overlays/loadbalancer-octavia.yaml | 3 +++ 6 files changed, 10 insertions(+) diff --git a/development/openstack-base-focal-yoga/bundle.yaml b/development/openstack-base-focal-yoga/bundle.yaml index 52fa459c..ff3f3ce8 100644 --- a/development/openstack-base-focal-yoga/bundle.yaml +++ b/development/openstack-base-focal-yoga/bundle.yaml @@ -256,6 +256,7 @@ applications: channel: yoga/stable num_units: 1 options: + enable-ml2-port-security: true neutron-security-groups: true flat-network-providers: physnet1 openstack-origin: *openstack-origin diff --git a/development/openstack-base-jammy-yoga/bundle.yaml b/development/openstack-base-jammy-yoga/bundle.yaml index ac705f18..f142c391 100644 --- a/development/openstack-base-jammy-yoga/bundle.yaml +++ b/development/openstack-base-jammy-yoga/bundle.yaml @@ -263,6 +263,7 @@ applications: charm: ch:neutron-api num_units: 1 options: + enable-ml2-port-security: true neutron-security-groups: true flat-network-providers: physnet1 worker-multiplier: *worker-multiplier diff --git a/development/openstack-telemetry-focal-yoga/bundle.yaml b/development/openstack-telemetry-focal-yoga/bundle.yaml index 792e44ae..901272bf 100644 --- a/development/openstack-telemetry-focal-yoga/bundle.yaml +++ b/development/openstack-telemetry-focal-yoga/bundle.yaml @@ -333,6 +333,7 @@ applications: charm: ch:neutron-api num_units: 1 options: + enable-ml2-port-security: true neutron-security-groups: true flat-network-providers: physnet1 worker-multiplier: *worker-multiplier diff --git a/development/openstack-telemetry-jammy-yoga/bundle.yaml b/development/openstack-telemetry-jammy-yoga/bundle.yaml index a7fbb03b..d63151c0 100644 --- a/development/openstack-telemetry-jammy-yoga/bundle.yaml +++ b/development/openstack-telemetry-jammy-yoga/bundle.yaml @@ -333,6 +333,7 @@ applications: charm: ch:neutron-api num_units: 1 options: + enable-ml2-port-security: true neutron-security-groups: true flat-network-providers: physnet1 worker-multiplier: *worker-multiplier diff --git a/development/overlays/loadbalancer-octavia.yaml b/development/overlays/loadbalancer-octavia.yaml index 665f5123..fb4ef12c 100644 --- a/development/overlays/loadbalancer-octavia.yaml +++ b/development/overlays/loadbalancer-octavia.yaml @@ -13,6 +13,9 @@ applications: - lxd:1 barbican-vault: charm: cs:~openstack-charmers-next/barbican-vault + neutron-api: + options: + enable-ml2-port-security: true octavia: series: bionic charm: cs:~openstack-charmers-next/octavia diff --git a/stable/overlays/loadbalancer-octavia.yaml b/stable/overlays/loadbalancer-octavia.yaml index b982ed78..9fbb8816 100644 --- a/stable/overlays/loadbalancer-octavia.yaml +++ b/stable/overlays/loadbalancer-octavia.yaml @@ -11,6 +11,9 @@ applications: - lxd:1 barbican-vault: charm: cs:barbican-vault + neutron-api: + options: + enable-ml2-port-security: true octavia-ovn-chassis: charm: cs:ovn-chassis octavia-mysql-router: