Home OpenStack-Ansible Installation Guide

Configuring the Network Firewall Service (Optional)

The OpenStack Networking Service, Neutron, includes a Firewall as a Service (FWaaS) offering. This service lets you configure a firewall that runs outside of your instances and filters traffic from the router.

The following procedure describes how to modify the /etc/openstack_deploy/user_variables.yml file to enable FWaaS.

Override the default list of Neutron plugins to include firewall:
```
neutron_plugin_base:
  - firewall
  - ...
```

The complete neutron_plugin_base, at the time of this writing, is as follows:

neutron_plugin_base:
   - router
   - firewall
   - lbaas
   - vpnaas
   - metering
   - qos

Execute the Neutron install playbook in order to update the configuration:

# cd /opt/openstack-ansible/playbooks
# openstack-ansible os-neutron-install.yml

Execute the Horizon install playbook in order to update the Horizon configuration to show the FWaaS panels:
```
# cd /opt/openstack-ansible/playbooks
# openstack-ansible os-horizon-install.yml
```

The FWaaS default configuration options may be changed through the conf override mechanism using the neutron_neutron_conf_overrides dict.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

configure-fwaas.rst

configure-fwaas.rst

Configuring the Network Firewall Service (Optional)

Files

configure-fwaas.rst

Latest commit

History

configure-fwaas.rst

File metadata and controls

Configuring the Network Firewall Service (Optional)