diff options
| author |   Michele Baldessari <michele@acksyn.org> | 2017-07-21 10:41:41 +0200 |
|---|---|---|
| committer | Michele Baldessari <michele@acksyn.org> | 2017-07-21 12:17:23 +0200 |
| commit | fb901792ead26635fb2a791faee9fc99d91cfe5e (patch) | |
| tree | abdbeb08788b2e093f3dcebd9539995203bd3868 | |
| parent | fdd4352375c24c189d028f34cc66b3b1f2d474ee (diff) | |
Open up firewall for the control-ports in the bundles
This is required when the bundles run on pacemaker remote nodes
otherwise the cluster won't be able to connect to the control-ports
of each bundle. The only services that need this are rabbit, redis and
galera because those run pacemaker_remote inside the container
(A/P resources and haproxy do not)
Change-Id: I6a56d79319ef3d14973a0586dcda4d523adda7aa
Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com>
| -rw-r--r-- | docker/services/pacemaker/database/mysql.yaml | 11 | ||||
| -rw-r--r-- | docker/services/pacemaker/database/redis.yaml | 8 | ||||
| -rw-r--r-- | docker/services/pacemaker/rabbitmq.yaml | 8 |
3 files changed, 26 insertions, 1 deletions
diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml index f38cccfc..86dcd30b 100644 --- a/docker/services/pacemaker/database/mysql.yaml +++ b/docker/services/pacemaker/database/mysql.yaml @@ -65,6 +65,17 @@ outputs: map_merge: - {get_attr: [MysqlPuppetBase, role_data, config_settings]} - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage} + tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123 + tripleo.mysql.firewall_rules: + '104 mysql galera-bundle': + dport: + - 873 + - 3123 + - 3306 + - 4444 + - 4567 + - 4568 + - 9200 step_config: "" # BEGIN DOCKER SETTINGS # puppet_config: diff --git a/docker/services/pacemaker/database/redis.yaml b/docker/services/pacemaker/database/redis.yaml index e124b045..087a5803 100644 --- a/docker/services/pacemaker/database/redis.yaml +++ b/docker/services/pacemaker/database/redis.yaml @@ -61,7 +61,13 @@ outputs: redis::notify_service: false redis::managed_by_cluster_manager: true tripleo::profile::pacemaker::database::redis_bundle::redis_docker_image: &redis_image {get_param: DockerRedisImage} - + tripleo::profile::pacemaker::database::redis_bundle::control_port: 3124 + tripleo.redis.firewall_rules: + '108 redis-bundle': + dport: + - 3124 + - 6379 + - 26379 step_config: "" service_config_settings: {get_attr: [RedisBase, role_data, service_config_settings]} # BEGIN DOCKER SETTINGS diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml index 19af94b2..a2b635f7 100644 --- a/docker/services/pacemaker/rabbitmq.yaml +++ b/docker/services/pacemaker/rabbitmq.yaml @@ -63,6 +63,14 @@ outputs: - {get_attr: [RabbitmqBase, role_data, config_settings]} - rabbitmq::service_manage: false tripleo::profile::pacemaker::rabbitmq_bundle::rabbitmq_docker_image: &rabbitmq_image {get_param: DockerRabbitmqImage} + tripleo::profile::pacemaker::rabbitmq_bundle::control_port: 3122 + tripleo.rabbitmq.firewall_rules: + '109 rabbitmq-bundle': + dport: + - 3122 + - 4369 + - 5672 + - 25672 step_config: &step_config get_attr: [RabbitmqBase, role_data, step_config] service_config_settings: {get_attr: [RabbitmqBase, role_data, service_config_settings]} |