Home OpenStack-Ansible Installation Guide
The OpenStack Networking Service, Neutron, includes a Firewall as a Service (FWaaS) offering. This service lets you configure a firewall that runs outside of your instances and filters traffic from the router.
The following procedure describes how to modify the /etc/openstack_deploy/user_variables.yml
file to enable FWaaS.
Override the default list of Neutron plugins to include
firewall
:neutron_plugin_base: - firewall - ...
The complete neutron_plugin_base, at the time of this writing, is as follows:
neutron_plugin_base: - router - firewall - lbaas - vpnaas - metering - qos
Execute the Neutron install playbook in order to update the configuration:
# cd /opt/openstack-ansible/playbooks # openstack-ansible os-neutron-install.yml
Execute the Horizon install playbook in order to update the Horizon configuration to show the FWaaS panels:
# cd /opt/openstack-ansible/playbooks # openstack-ansible os-horizon-install.yml
The FWaaS default configuration options may be changed through the conf override mechanism using the neutron_neutron_conf_overrides
dict.