diff options
author | Emilien Macchi <emilien@redhat.com> | 2015-06-12 15:20:17 -0400 |
---|---|---|
committer | Emilien Macchi <emilien@redhat.com> | 2015-11-19 16:47:28 +0100 |
commit | 4c9d0fc6da6ec156dfd4f4e8d371e1fa60274514 (patch) | |
tree | 2d2ccfe11282dae2392945a962067fb7e6be05a3 /overcloud-without-mergepy.yaml | |
parent | f6ff1a819190877093a90fb97ef7c9c8f6ce5164 (diff) |
Implement Advanced Firewalling support
Consume puppet-tripleo to create/manage IPtables from Heat templates.
This review put in place the logic to enable and setup firewall rules.
A known set of rules are applied. More to come.
Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22
Co-Authored-By: Yanis Guenane <yguenane@redhat.com>
Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
Diffstat (limited to 'overcloud-without-mergepy.yaml')
-rw-r--r-- | overcloud-without-mergepy.yaml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index f679c6bb..8efdc173 100644 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -457,6 +457,14 @@ parameters: type: string constraints: - allowed_values: [ 'basic', 'cadf' ] + ManageFirewall: + default: false + description: Whether to manage IPtables rules. + type: boolean + PurgeFirewallRules: + default: false + description: Whether IPtables rules should be purged before setting up the ones. + type: boolean MysqlInnodbBufferPoolSize: description: > Specifies the size of the buffer pool in megabytes. Setting to @@ -811,6 +819,8 @@ resources: ControllerExtraConfig: {get_param: controllerExtraConfig} Debug: {get_param: Debug} EnableFencing: {get_param: EnableFencing} + ManageFirewall: {get_param: ManageFirewall} + PurgeFirewallRules: {get_param: PurgeFirewallRules} EnableGalera: {get_param: EnableGalera} EnableCephStorage: {get_param: ControllerEnableCephStorage} EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} |