1 # == Class: neutron::agents::ml2::linuxbridge
3 # Setups Linuxbridge Neutron agent for ML2 plugin.
8 # (optional) Package ensure state.
9 # Defaults to 'present'.
12 # (required) Whether or not to enable the agent.
16 # (optional) List of types of tunnels to use when utilizing tunnels.
17 # Supported tunnel types are: vxlan.
18 # Defaults to an empty list.
21 # (optional) Local IP address to use for VXLAN endpoints.
22 # Required when enabling tunneling.
26 # (optional) Multicast group for vxlan interface. If unset, disables VXLAN
27 # multicast mode. Should be an Multicast IP (v4 or v6) address.
28 # Default to '224.0.0.1'.
31 # (optional) TTL for vxlan interface protocol packets..
35 # (optional) TOS for vxlan interface protocol packets..
38 # [*polling_interval*]
39 # (optional) The number of seconds the agent will wait between
40 # polling for local device changes.
44 # (optional) Extension to use alongside ml2 plugin's l2population
45 # mechanism driver. It enables the plugin to populate VXLAN forwarding table.
48 # [*physical_interface_mappings*]
49 # (optional) List of <physical_network>:<physical_interface>
50 # tuples mapping physical network names to agent's node-specific physical
51 # network interfaces. Defaults to empty list.
54 # (optional) Firewall driver for realizing neutron security group function.
55 # Defaults to 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver'.
57 class neutron::agents::ml2::linuxbridge (
58 $package_ensure = 'present',
62 $vxlan_group = '224.0.0.1',
65 $polling_interval = 2,
66 $l2_population = false,
67 $physical_interface_mappings = [],
68 $firewall_driver = 'neutron.agent.linux.iptables_firewall.IptablesFirewallDriver'
71 validate_array($tunnel_types)
72 validate_array($physical_interface_mappings)
74 include neutron::params
76 Package['neutron-plugin-linuxbridge-agent'] -> Neutron_plugin_linuxbridge<||>
77 Neutron_plugin_linuxbridge<||> ~> Service['neutron-plugin-linuxbridge-agent']
79 if ('vxlan' in $tunnel_types) {
82 fail('The local_ip parameter is required when vxlan tunneling is enabled')
86 neutron_plugin_linuxbridge { 'vxlan/vxlan_group': value => $vxlan_group }
88 neutron_plugin_linuxbridge { 'vxlan/vxlan_group': ensure => absent }
92 neutron_plugin_linuxbridge { 'vxlan/vxlan_ttl': value => $vxlan_ttl }
94 neutron_plugin_linuxbridge { 'vxlan/vxlan_ttl': ensure => absent }
98 neutron_plugin_linuxbridge { 'vxlan/vxlan_tos': value => $vxlan_tos }
100 neutron_plugin_linuxbridge { 'vxlan/vxlan_tos': ensure => absent }
103 neutron_plugin_linuxbridge {
104 'vxlan/enable_vxlan': value => true;
105 'vxlan/local_ip': value => $local_ip;
106 'vxlan/l2_population': value => $l2_population;
109 neutron_plugin_linuxbridge {
110 'vxlan/enable_vxlan': value => false;
111 'vxlan/local_ip': ensure => absent;
112 'vxlan/vxlan_group': ensure => absent;
113 'vxlan/l2_population': ensure => absent;
117 neutron_plugin_linuxbridge {
118 'agent/polling_interval': value => $polling_interval;
119 'linux_bridge/physical_interface_mappings': value => join($physical_interface_mappings, ',');
122 if $firewall_driver {
123 neutron_plugin_linuxbridge { 'securitygroup/firewall_driver': value => $firewall_driver }
125 neutron_plugin_linuxbridge { 'securitygroup/firewall_driver': ensure => absent }
128 if $::neutron::params::linuxbridge_agent_package {
129 package { 'neutron-plugin-linuxbridge-agent':
130 ensure => $package_ensure,
131 name => $::neutron::params::linuxbridge_agent_package,
134 # Some platforms (RedHat) do not provide a separate
135 # neutron plugin linuxbridge agent package.
136 if ! defined(Package['neutron-plugin-linuxbridge-agent']) {
137 package { 'neutron-plugin-linuxbridge-agent':
138 ensure => $package_ensure,
139 name => $::neutron::params::linuxbridge_server_package,
145 $service_ensure = 'running'
147 $service_ensure = 'stopped'
150 service { 'neutron-plugin-linuxbridge-agent':
151 ensure => $service_ensure,
152 name => $::neutron::params::linuxbridge_agent_service,
154 require => Class['neutron']