aboutsummaryrefslogtreecommitdiffstats
path: root/deployed-server
diff options
context:
space:
mode:
authorJames Slagle <jslagle@redhat.com>2017-04-03 12:50:45 -0400
committerJames Slagle <jslagle@redhat.com>2017-04-03 12:52:45 -0400
commita216934f408439e77bf8346dafe30c4752c70946 (patch)
tree674725fb28fa6ea3c271e203c337bd0757cbc267 /deployed-server
parentb20bdcee038e4b3f8717768a33c5c2e66987c011 (diff)
Purge initial firewall for deployed-server's
We need to purge the initial firewall for deployed-server's, otherwise if you have a default REJECT rule, the pacemaker cluster will fail to initialize. This matches the behavior done when using images, see: Iddc21316a1a3d42a1a43cbb4b9c178adba8f8db3 I0dee5ff045fbfe7b55d078583e16b107eec534aa Change-Id: Ia83d17b609e4f737074482a980689cc57c3ad911 Closes-Bug: #1679234
Diffstat (limited to 'deployed-server')
-rw-r--r--deployed-server/deployed-server-bootstrap-centos.sh3
-rw-r--r--deployed-server/deployed-server-bootstrap-rhel.sh3
2 files changed, 6 insertions, 0 deletions
diff --git a/deployed-server/deployed-server-bootstrap-centos.sh b/deployed-server/deployed-server-bootstrap-centos.sh
index c86e771c..6f2bb124 100644
--- a/deployed-server/deployed-server-bootstrap-centos.sh
+++ b/deployed-server/deployed-server-bootstrap-centos.sh
@@ -15,3 +15,6 @@ ln -s -f /usr/share/openstack-puppet/modules/* /etc/puppet/modules
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
+
+echo '# empty ruleset created by deployed-server bootstrap' > /etc/sysconfig/iptables
+echo '# empty ruleset created by deployed-server bootstrap' > /etc/sysconfig/ip6tables
diff --git a/deployed-server/deployed-server-bootstrap-rhel.sh b/deployed-server/deployed-server-bootstrap-rhel.sh
index 10b4999b..9e9e9b3b 100644
--- a/deployed-server/deployed-server-bootstrap-rhel.sh
+++ b/deployed-server/deployed-server-bootstrap-rhel.sh
@@ -12,3 +12,6 @@ yum install -y \
openstack-selinux
ln -s -f /usr/share/openstack-puppet/modules/* /etc/puppet/modules
+
+echo '# empty ruleset created by deployed-server bootstrap' > /etc/sysconfig/iptables
+echo '# empty ruleset created by deployed-server bootstrap' > /etc/sysconfig/ip6tables