aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-01-23 12:28:41 +0000
committerGerrit Code Review <review@openstack.org>2017-01-23 12:28:41 +0000
commit499bb5911e0d0fb3c2c2d569ff05e018f1bbe173 (patch)
tree1761430f6bbcb1b3c2042bad0c03c484f4f5c393
parentfe7b03b68655b2eeff3a47f8019f5ab7e1e9727d (diff)
parent8eb99b868b71909132c6fc43d0d18940cc7ea9a1 (diff)
Merge "Add haproxy firewall rules for galera and redis"
-rw-r--r--manifests/haproxy.pp18
1 files changed, 18 insertions, 0 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 2fa02c9..043e01e 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -1250,6 +1250,15 @@ class tripleo::haproxy (
server_names => hiera('mysql_node_names', $controller_hosts_names_real),
options => $mysql_member_options_real,
}
+ if hiera('manage_firewall', true) {
+ include ::tripleo::firewall
+ $mysql_firewall_rules = {
+ '100 mysql_haproxy' => {
+ 'dport' => 3306,
+ }
+ }
+ create_resources('tripleo::firewall::rule', $mysql_firewall_rules)
+ }
}
if $rabbitmq {
@@ -1326,6 +1335,15 @@ class tripleo::haproxy (
server_names => hiera('redis_node_names', $controller_hosts_names_real),
options => $haproxy_member_options,
}
+ if hiera('manage_firewall', true) {
+ include ::tripleo::firewall
+ $redis_firewall_rules = {
+ '100 redis_haproxy' => {
+ 'dport' => 6379,
+ }
+ }
+ create_resources('tripleo::firewall::rule', $redis_firewall_rules)
+ }
}
$midonet_cluster_vip = hiera('midonet_cluster_vip', $controller_virtual_ip)