Skip to content

Commit 2d5a32d

Browse files
cloudnullcloudnull
committed
feat: add VPNaaS and FWaaS
This change will add VPNaaS and FWaaS to our default neutron configuration. This will ensure that we have full OVN functionality for our end-users and give our consumers access to advanced features within the platform. Signed-off-by: Kevin Carter <[email protected]>
1 parent 5366e4f commit 2d5a32d

File tree

1 file changed

+23
-1
lines changed

1 file changed

+23
-1
lines changed

base-helm-configs/neutron/neutron-helm-overrides.yaml

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,8 @@ dependencies:
5353
jobs: null
5454
ovn_metadata:
5555
pod: []
56+
ovn_vpn_agent:
57+
pod: []
5658
ovs_agent:
5759
jobs: null
5860
rpc_server:
@@ -167,8 +169,21 @@ conf:
167169
router_scheduler_driver: neutron.scheduler.l3_agent_scheduler.AZLeastRoutersScheduler
168170
rpc_state_report_workers: 2
169171
rpc_workers: 2
170-
service_plugins: "ovn-router,qos,metering,trunk,segments"
172+
# NOTE(cloudnull): in 2025.1 we can add firewall_v2
173+
service_plugins: "ovn-router,ovn-vpnaas,qos,metering,trunk,segments"
174+
service_providers:
175+
service_provider:
176+
type: multistring
177+
values:
178+
- "VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ovn_ipsec.IPsecOvnVPNDriver:default"
179+
# - "FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.ovn.firewall_l3_driver.OVNFwaasDriver:default"
180+
fwaas:
181+
agent_version: v2
182+
driver: neutron_fwaas.services.firewall.service_drivers.ovn.firewall_l3_driver.OVNFwaasDriver
183+
# NOTE(cloudnull): in 2025.1 we can enable this
184+
enabled: False
171185
agent:
186+
extensions: vpnaas
172187
availability_zone: az1
173188
database:
174189
connection_debug: 0
@@ -225,11 +240,17 @@ conf:
225240
metadata_workers: 2
226241
ovs:
227242
ovsdb_connection: "tcp:127.0.0.1:6640"
243+
ovn_vpn_agent:
244+
ovs:
245+
ovsdb_connection: "tcp:127.0.0.1:6640"
228246
plugins:
229247
ml2_conf:
230248
agent:
231249
availability_zone: az1
250+
# NOTE(cloudnull): in 2025.1 we can add fwaas_v2
232251
extensions: "fip_qos,gateway_ip_qos"
252+
fwaas:
253+
firewall_l2_driver: noop
233254
ml2:
234255
extension_drivers: "port_security,qos"
235256
mechanism_drivers: ovn
@@ -322,6 +343,7 @@ manifests:
322343
daemonset_metadata_agent: false
323344
daemonset_ovn_metadata_agent: true
324345
daemonset_ovs_agent: false
346+
daemonset_ovn_vpn_agent: true
325347
ingress_server: false
326348
job_db_init: false
327349
job_rabbit_init: false

0 commit comments

Comments
 (0)