Merge "deploy composable firewall rules for HAproxy"

author: Jenkins <jenkins@review.openstack.org> 2016-07-21 17:06:21 +0000
committer: Gerrit Code Review <review@openstack.org> 2016-07-21 17:06:21 +0000
commit: e2fe8ce79906c105e793752df8f32560fbce602c (patch)
tree: 86e39ed1cccc5e94a890d75fbf9dcd7b26c7116a /manifests
parent: 7ad8bab7ade264c470cbc675bb59c919693aa9cc (diff)
parent: 71f2a53cb9e1385b22e3a47524fcc5531743ec90 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/manifests/haproxy/endpoint.pp b/manifests/haproxy/endpoint.pp
index 94bfcff..ac6cb6c 100644
--- a/manifests/haproxy/endpoint.pp
+++ b/manifests/haproxy/endpoint.pp
@@ -117,4 +117,16 @@ define tripleo::haproxy::endpoint (
     server_names      => $server_names,
     options           => $member_options,
   }
+  if hiera('manage_firewall', true) {
+    include ::tripleo::firewall
+    $firewall_rules = {
+      "100 ${name}_haproxy"     => {
+        'dport' => $service_port,
+      },
+      "100 ${name}_haproxy_ssl" => {
+        'dport' => $public_ssl_port,
+      },
+    }
+    create_resources('tripleo::firewall::rule', $firewall_rules)
+  }
 }
author	Jenkins <jenkins@review.openstack.org>	2016-07-21 17:06:21 +0000
committer	Gerrit Code Review <review@openstack.org>	2016-07-21 17:06:21 +0000
commit	e2fe8ce79906c105e793752df8f32560fbce602c (patch)
tree	86e39ed1cccc5e94a890d75fbf9dcd7b26c7116a /manifests
parent	7ad8bab7ade264c470cbc675bb59c919693aa9cc (diff)
parent	71f2a53cb9e1385b22e3a47524fcc5531743ec90 (diff)