summaryrefslogtreecommitdiffstats
path: root/manifests
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-05-18 00:13:41 +0000
committerGerrit Code Review <review@openstack.org>2017-05-18 00:13:41 +0000
commit2b0d2ab35a992529a528636a4d22137cc5227a7b (patch)
treedf3a687abe11aec2bbd07ae934120d67ec90f56d /manifests
parent02305f9e3a30286337dab94f1ce87704361ab956 (diff)
parent05e696c62d02ef64180d611413ae10f0418c002a (diff)
Merge "Handle duplicate/invalid entries in migration SSH inbound addresses"
Diffstat (limited to 'manifests')
-rw-r--r--manifests/profile/base/nova.pp10
1 files changed, 7 insertions, 3 deletions
diff --git a/manifests/profile/base/nova.pp b/manifests/profile/base/nova.pp
index 6065e62..d786940 100644
--- a/manifests/profile/base/nova.pp
+++ b/manifests/profile/base/nova.pp
@@ -129,6 +129,10 @@ class tripleo::profile::base::nova (
$memcache_servers = suffix(hiera('memcached_node_ips'), ':11211')
}
+ validate_array($migration_ssh_localaddrs)
+ $migration_ssh_localaddrs.each |$x| { validate_ip_address($x) }
+ $migration_ssh_localaddrs_real = unique($migration_ssh_localaddrs)
+
if $step >= 4 or ($step >= 3 and $sync_db) {
$oslomsg_use_ssl_real = sprintf('%s', bool2num(str2bool($oslomsg_use_ssl)))
include ::nova::config
@@ -183,10 +187,10 @@ class tripleo::profile::base::nova (
# Nova SSH tunnel setup (cold-migration)
# Server side
- if !empty($migration_ssh_localaddrs) {
- $allow_type = sprintf('LocalAddress %s User', join($migration_ssh_localaddrs,','))
+ if !empty($migration_ssh_localaddrs_real) {
+ $allow_type = sprintf('LocalAddress %s User', join($migration_ssh_localaddrs_real,','))
$deny_type = 'LocalAddress'
- $deny_name = sprintf('!%s', join($migration_ssh_localaddrs,',!'))
+ $deny_name = sprintf('!%s', join($migration_ssh_localaddrs_real,',!'))
ssh::server::match_block { 'nova_migration deny':
name => $deny_name,