aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTim Rozet <trozet@redhat.com>2016-12-20 15:56:00 -0500
committerTim Rozet <trozet@redhat.com>2016-12-20 15:56:00 -0500
commit22ba81cf9dd8b2690c3e8c0eee5a70dcb37e10c4 (patch)
treeee30db901d5be955dc7be039947604762123fbb7
parentb9cab21630a79d57594a7b5cedf28439df794047 (diff)
Adds missing firewall rules for OpenDaylight API service
Custom role deployments were not working when ODL API was on a different node due to firewall rules blocking traffic. This patch adds the missing rules for the REST communication to ODL (8081 by default), OVSDB connection (6640), and OpenFlow protocol (6653). Closes-Bug: 1651476 Depends-On: I1f2af2793d040fda17bf73252afe59434d99f31f Change-Id: Ic0119c783d01e864c49fa06a66fdd68c059a726b Signed-off-by: Tim Rozet <trozet@redhat.com>
-rw-r--r--puppet/services/opendaylight-api.yaml6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/opendaylight-api.yaml b/puppet/services/opendaylight-api.yaml
index 253d63ef..7e6963b6 100644
--- a/puppet/services/opendaylight-api.yaml
+++ b/puppet/services/opendaylight-api.yaml
@@ -60,5 +60,11 @@ outputs:
opendaylight::extra_features: {get_param: OpenDaylightFeatures}
opendaylight::enable_dhcp: {get_param: OpenDaylightEnableDHCP}
opendaylight::odl_bind_ip: {get_param: [ServiceNetMap, OpendaylightApiNetwork]}
+ tripleo.opendaylight_api.firewall_rules:
+ '137 opendaylight api':
+ dport:
+ - {get_param: OpenDaylightPort}
+ - 6640
+ - 6653
step_config: |
include tripleo::profile::base::neutron::opendaylight