Browse code
Turn off Nova firewall driver when using Neutron
As referenced in the OpenStack documentation, the firewall_driver in
nova.conf should be set to nova.virt.firewall.NoopFirewallDriver, "so
that nova-compute does not perform iptables-based filtering itself".
Without this change, the driver gets set to
nova.virt.libvirt.firewall.IptablesFirewallDriver, which seems to
make networking unusable.
Change-Id: Id9cce0f5f4efe719683aaf3284b128188b61b919
Closes-bug: #1246888
Jeff Peeler authored on 2013/11/01 05:21:52Showing 1 changed files
| ... | ... |
@@ -272,6 +272,7 @@ function create_nova_conf_neutron() {
|
| 272 | 272 |
|
| 273 | 273 |
if [[ "$Q_USE_SECGROUP" == "True" ]]; then |
| 274 | 274 |
LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver |
| 275 |
+ iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER |
|
| 275 | 276 |
iniset $NOVA_CONF DEFAULT security_group_api neutron |
| 276 | 277 |
fi |
| 277 | 278 |
|