diff options
| author |   Jenkins <jenkins@review.openstack.org> | 2017-01-23 12:28:41 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <review@openstack.org> | 2017-01-23 12:28:41 +0000 |
| commit | 499bb5911e0d0fb3c2c2d569ff05e018f1bbe173 (patch) | |
| tree | 1761430f6bbcb1b3c2042bad0c03c484f4f5c393 /manifests | |
| parent | fe7b03b68655b2eeff3a47f8019f5ab7e1e9727d (diff) | |
| parent | 8eb99b868b71909132c6fc43d0d18940cc7ea9a1 (diff) | |
Merge "Add haproxy firewall rules for galera and redis"
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/haproxy.pp | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp index 2fa02c9..043e01e 100644 --- a/manifests/haproxy.pp +++ b/manifests/haproxy.pp @@ -1250,6 +1250,15 @@ class tripleo::haproxy ( server_names => hiera('mysql_node_names', $controller_hosts_names_real), options => $mysql_member_options_real, } + if hiera('manage_firewall', true) { + include ::tripleo::firewall + $mysql_firewall_rules = { + '100 mysql_haproxy' => { + 'dport' => 3306, + } + } + create_resources('tripleo::firewall::rule', $mysql_firewall_rules) + } } if $rabbitmq { @@ -1326,6 +1335,15 @@ class tripleo::haproxy ( server_names => hiera('redis_node_names', $controller_hosts_names_real), options => $haproxy_member_options, } + if hiera('manage_firewall', true) { + include ::tripleo::firewall + $redis_firewall_rules = { + '100 redis_haproxy' => { + 'dport' => 6379, + } + } + create_resources('tripleo::firewall::rule', $redis_firewall_rules) + } } $midonet_cluster_vip = hiera('midonet_cluster_vip', $controller_virtual_ip) |