diff options
author | Emilien Macchi <emilien@redhat.com> | 2015-06-12 15:20:17 -0400 |
---|---|---|
committer | Emilien Macchi <emilien@redhat.com> | 2015-11-19 16:47:28 +0100 |
commit | 4c9d0fc6da6ec156dfd4f4e8d371e1fa60274514 (patch) | |
tree | 2d2ccfe11282dae2392945a962067fb7e6be05a3 /puppet/manifests | |
parent | f6ff1a819190877093a90fb97ef7c9c8f6ce5164 (diff) |
Implement Advanced Firewalling support
Consume puppet-tripleo to create/manage IPtables from Heat templates.
This review put in place the logic to enable and setup firewall rules.
A known set of rules are applied. More to come.
Change-Id: Ib79c23fb27fe3fc03bf223e6922d896cb33dad22
Co-Authored-By: Yanis Guenane <yguenane@redhat.com>
Depends-On: I144c60db2a568a94dce5b51257f1d10980173325
Diffstat (limited to 'puppet/manifests')
-rw-r--r-- | puppet/manifests/overcloud_cephstorage.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_compute.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_object.pp | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_volume.pp | 1 |
6 files changed, 6 insertions, 0 deletions
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp index 51f5e88d..7f8970cc 100644 --- a/puppet/manifests/overcloud_cephstorage.pp +++ b/puppet/manifests/overcloud_cephstorage.pp @@ -14,6 +14,7 @@ # under the License. include ::tripleo::packages +include ::tripleo::firewall create_resources(sysctl::value, hiera('sysctl_settings'), {}) diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp index cd41cc79..58182346 100644 --- a/puppet/manifests/overcloud_compute.pp +++ b/puppet/manifests/overcloud_compute.pp @@ -14,6 +14,7 @@ # under the License. include ::tripleo::packages +include ::tripleo::firewall create_resources(sysctl::value, hiera('sysctl_settings'), {}) diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 570c43ba..f758c55a 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -14,6 +14,7 @@ # under the License. include ::tripleo::packages +include ::tripleo::firewall if hiera('step') >= 1 { diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 2a3f1f92..95b7992c 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -19,6 +19,7 @@ Pcmk_resource <| |> { } include ::tripleo::packages +include ::tripleo::firewall if $::hostname == downcase(hiera('bootstrap_nodeid')) { $pacemaker_master = true diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp index 5f0b4c82..1eabddf1 100644 --- a/puppet/manifests/overcloud_object.pp +++ b/puppet/manifests/overcloud_object.pp @@ -14,6 +14,7 @@ # under the License. include ::tripleo::packages +include ::tripleo::firewall create_resources(sysctl::value, hiera('sysctl_settings'), {}) diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp index 7f24959a..2bdd8a9c 100644 --- a/puppet/manifests/overcloud_volume.pp +++ b/puppet/manifests/overcloud_volume.pp @@ -14,6 +14,7 @@ # under the License. include ::tripleo::packages +include ::tripleo::firewall create_resources(sysctl::value, hiera('sysctl_settings'), {}) |