From 5195d7f8910f7d1ce0895caa133b028a727f8622 Mon Sep 17 00:00:00 2001
From: Dan Prince <dprince@redhat.com>
Date: Wed, 20 Jul 2016 10:48:23 -0400
Subject: Composable firewall rules

Split out the firewall rules in puppet/hieradata/controller.yaml
into the composable services

Depends-On: Id370362ab57347b75b1ab25afda877885b047263
Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
---
 puppet/hieradata/controller.yaml | 122 ---------------------------------------
 1 file changed, 122 deletions(-)

(limited to 'puppet/hieradata/controller.yaml')

diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 072c7c0d..3ec656dc 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -184,129 +184,7 @@ tripleo::haproxy::horizon: true
 controller_classes: []
 # firewall
 tripleo::firewall::firewall_rules:
-  '101 mongodb_config':
-    dport: 27019
-  '102 mongodb_sharding':
-    dport: 27018
-  '103 mongod':
-    dport: 27017
-  '104 mysql galera':
-    dport:
-      - 873
-      - 3306
-      - 4444
-      - 4567
-      - 4568
-      - 9200
-  '105 ntp':
-    dport: 123
-    proto: udp
-  '106 vrrp':
-    proto: vrrp
-  '107 haproxy stats':
-    dport: 1993
-  '108 redis':
-    dport:
-      - 6379
-      - 26379
-  '109 rabbitmq':
-    dport:
-      - 4369
-      - 5672
-      - 35672
-  '110 ceph':
-    dport:
-      - 6789
-      - '6800-6810'
-  '111 keystone':
-    dport:
-      - 5000
-      - 13000
-      - 35357
-      - 13357
-  '112 glance':
-    dport:
-      - 9292
-      - 9191
-      - 13292
-  '113 nova':
-    dport:
-      - 6080
-      - 13080
-      - 8773
-      - 3773
-      - 8774
-      - 13774
-      - 8775
-  '114 neutron server':
-    dport:
-      - 9696
-      - 13696
-  '115 neutron dhcp input':
-    proto: 'udp'
-    dport: 67
-  '116 neutron dhcp output':
-    proto: 'udp'
-    chain: 'OUTPUT'
-    dport: 68
-  '118 neutron vxlan networks':
-    proto: 'udp'
-    dport: 4789
-  '119 cinder':
-    dport:
-      - 8776
-      - 13776
-  '120 iscsi initiator':
-    dport: 3260
-  '121 memcached':
-    dport: 11211
-  '122 swift proxy':
-    dport:
-      - 8080
-      - 13808
-  '123 swift storage':
-    dport:
-      - 873
-      - 6000
-      - 6001
-      - 6002
-  '124 ceilometer':
-    dport:
-      - 8777
-      - 13777
-  '125 heat':
-    dport:
-      - 8000
-      - 13800
-      - 8003
-      - 13003
-      - 8004
-      - 13004
-  '126 horizon':
-    dport:
-      - 80
-      - 443
-  '127 snmp':
-    dport: 161
-    proto: 'udp'
   '128 aodh':
     dport:
       - 8042
       - 13042
-  '129 gnocchi-api':
-    dport:
-      - 8041
-      - 13041
-  '130 pacemaker tcp':
-    proto: 'tcp'
-    dport:
-      - 2224
-      - 3121
-      - 21064
-  '131 pacemaker udp':
-    proto: 'udp'
-    dport: 5405
-  '132 sahara':
-    dport:
-      - 8386
-      - 13386
-- 
cgit 1.2.3-korg