diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-05-18 00:13:41 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-05-18 00:13:41 +0000 |
commit | 2b0d2ab35a992529a528636a4d22137cc5227a7b (patch) | |
tree | df3a687abe11aec2bbd07ae934120d67ec90f56d /manifests | |
parent | 02305f9e3a30286337dab94f1ce87704361ab956 (diff) | |
parent | 05e696c62d02ef64180d611413ae10f0418c002a (diff) |
Merge "Handle duplicate/invalid entries in migration SSH inbound addresses"
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/profile/base/nova.pp | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp index 6065e62..d786940 100644 --- a/manifests/profile/base/nova.pp +++ b/manifests/profile/base/nova.pp @@ -129,6 +129,10 @@ class tripleo::profile::base::nova ( $memcache_servers = suffix(hiera('memcached_node_ips'), ':11211') } + validate_array($migration_ssh_localaddrs) + $migration_ssh_localaddrs.each |$x| { validate_ip_address($x) } + $migration_ssh_localaddrs_real = unique($migration_ssh_localaddrs) + if $step >= 4 or ($step >= 3 and $sync_db) { $oslomsg_use_ssl_real = sprintf('%s', bool2num(str2bool($oslomsg_use_ssl))) include ::nova::config @@ -183,10 +187,10 @@ class tripleo::profile::base::nova ( # Nova SSH tunnel setup (cold-migration) # Server side - if !empty($migration_ssh_localaddrs) { - $allow_type = sprintf('LocalAddress %s User', join($migration_ssh_localaddrs,',')) + if !empty($migration_ssh_localaddrs_real) { + $allow_type = sprintf('LocalAddress %s User', join($migration_ssh_localaddrs_real,',')) $deny_type = 'LocalAddress' - $deny_name = sprintf('!%s', join($migration_ssh_localaddrs,',!')) + $deny_name = sprintf('!%s', join($migration_ssh_localaddrs_real,',!')) ssh::server::match_block { 'nova_migration deny': name => $deny_name, |