kolla-ansible

Neutron Packet Logging - Native Firewall Driver

Bug #2025976 reported by Yusuf Güngör on 2023-07-05

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	kolla-ansible	New	Undecided	Unassigned

Bug Description

Hi, according to documentation for using Neutron Packet Logging the firewall driver must be set as openvswitch in openvswitch_agent.ini. This is tested by us and it is correct.

[security_group]
firewall_driver = openvswitch

https://docs.openstack.org/kolla-ansible/2023.1/reference/networking/neutron-extensions.html#neutron-logging-framework

kolla-ansible enable_neutron_packet_logging does not consider this change and firewall_driver is hard coded as "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewall" in ./roles/neutron/templates/openvswitch_agent.ini.j2 for kolla-ansible xena, yoga and zed releases.

[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Doc states the it should be overridden manually, why it is not overridden default by the value of enable_neutron_packet_logging variable?

See original description

Yusuf Güngör (yusuf2) on 2023-07-05

description:

updated

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.