Re-enable ManageFirewall by default.

This default setting got lots in the composable roles/services patches.

Re-enable the ManageFirewall setting by default per what we did in
git commit 73c76b867ddc8a23a30b9a3cac4031189d4178c6.

We also fix a typo in neutron-api.yaml so that the firewall rules
matches to service_name. (otherwise it won't get loaded).

Also, drops the environments/manage-firewall.yaml which is
no longer needed if we enable firewall management by default.

Change-Id: Ie198e4efd190131d0722085b10ef77da9005bc1b
Closes-bug: 1629934

2 files changed, 3 insertions, 3 deletions

diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index 3b531ab3..af77dc05 100644
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -145,8 +145,8 @@ outputs:
             neutron::server::notifications::password: {get_param: NovaPassword}
             neutron::keystone::authtoken::project_name: 'service'
             neutron::server::sync_db: true
-            tripleo.neutron_server.firewall_rules:
-              '114 neutron server':
+            tripleo.neutron_api.firewall_rules:
+              '114 neutron api':
                 dport:
                   - 9696
                   - 13696
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index f6ec458f..7eb39905 100644
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -19,7 +19,7 @@ parameters:
                  via parameter_defaults in the resource registry.
     type: json
   ManageFirewall:
-    default: false
+    default: true
     description: Whether to manage IPtables rules.
     type: boolean
   PurgeFirewallRules: