diff options
author | Tom Barron <tpb@dyncloud.net> | 2016-11-09 14:01:23 -0500 |
---|---|---|
committer | Tom Barron <tpb@dyncloud.net> | 2016-11-09 14:09:44 -0500 |
commit | 96a458d52dc691fa3bb25154d5da61edebd7f849 (patch) | |
tree | afb9b636834d6eb39c34e9ce63b4867e816550fe | |
parent | f754c57ee15968b88598c1019c7ef046b5307f9c (diff) |
Add firewall rules for manila api service
When the manila api service is deployed
on a different role than the controller the
iptables rules on that role fail to ACCEPT
tcp at the manila API ports.
Add tripleo.manila_api.firewall_rules to
the relevant puppet services module.
Change-Id: I1c5459f5ba989657fd99fd72c7ac9f8781cc7206
Closes-Bug: #1640568
-rw-r--r-- | puppet/services/manila-api.yaml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/puppet/services/manila-api.yaml b/puppet/services/manila-api.yaml index 5f4ab6ba..b4b3d480 100644 --- a/puppet/services/manila-api.yaml +++ b/puppet/services/manila-api.yaml @@ -51,6 +51,11 @@ outputs: manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } manila::keystone::authtoken::project_name: 'service' + tripleo.manila_api.firewall_rules: + '150 manila': + dport: + - 8786 + - 13786 # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): |