summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/manifests/overcloud_cephstorage.pp2
-rw-r--r--puppet/manifests/overcloud_compute.pp2
-rw-r--r--puppet/manifests/overcloud_controller.pp2
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp2
-rw-r--r--puppet/manifests/overcloud_object.pp2
-rw-r--r--puppet/manifests/overcloud_volume.pp2
-rw-r--r--puppet/services/tripleo-firewall.yaml19
7 files changed, 19 insertions, 12 deletions
diff --git a/puppet/manifests/overcloud_cephstorage.pp b/puppet/manifests/overcloud_cephstorage.pp
index 39b7aca2..2653badf 100644
--- a/puppet/manifests/overcloud_cephstorage.pp
+++ b/puppet/manifests/overcloud_cephstorage.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('ceph_classes', [])
}
diff --git a/puppet/manifests/overcloud_compute.pp b/puppet/manifests/overcloud_compute.pp
index b8f75c9c..f96c193c 100644
--- a/puppet/manifests/overcloud_compute.pp
+++ b/puppet/manifests/overcloud_compute.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('compute_classes', [])
}
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp
index 6290cac3..25bdbfb2 100644
--- a/puppet/manifests/overcloud_controller.pp
+++ b/puppet/manifests/overcloud_controller.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('controller_classes', [])
}
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index ea6130c2..d329d5fc 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('controller_classes', [])
}
diff --git a/puppet/manifests/overcloud_object.pp b/puppet/manifests/overcloud_object.pp
index 428ba0f2..414a06ba 100644
--- a/puppet/manifests/overcloud_object.pp
+++ b/puppet/manifests/overcloud_object.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('object_classes', [])
}
diff --git a/puppet/manifests/overcloud_volume.pp b/puppet/manifests/overcloud_volume.pp
index 821474dc..e1cdadd5 100644
--- a/puppet/manifests/overcloud_volume.pp
+++ b/puppet/manifests/overcloud_volume.pp
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-include ::tripleo::firewall
-
if hiera('step') >= 4 {
hiera_include('volume_classes', [])
}
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
new file mode 100644
index 00000000..bd87eee8
--- /dev/null
+++ b/puppet/services/tripleo-firewall.yaml
@@ -0,0 +1,19 @@
+heat_template_version: 2016-04-08
+
+description: >
+ TripleO Firewall settings
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+outputs:
+ role_data:
+ description: Role data for the TripleO firewall settings
+ value:
+ service_name: tripleo_firewall
+ step_config: |
+ include ::tripleo::firewall