2 files changed, 20 insertions, 3 deletions

diff --git a/lib/ansible/playbooks/configure_undercloud.yml b/lib/ansible/playbooks/configure_undercloud.yml
index 493cd1a1..545d32ad 100644
--- a/lib/ansible/playbooks/configure_undercloud.yml
+++ b/lib/ansible/playbooks/configure_undercloud.yml
@@ -168,12 +168,22 @@
             jump: ACCEPT
             source: "{{ nat_cidr }}"
             ctstate: ESTABLISHED,RELATED
-        - name: Undercloud NAT - Save iptables
-          shell: service iptables save
       become: yes
       when:
         - not nat_network_ipv6
         - nat
+    - name: Allow SSH in iptables
+      iptables:
+        action: insert
+        chain: INPUT
+        rule_num: 1
+        protocol: tcp
+        destination_port: 22
+        jump: ACCEPT
+      become: yes
+    - name: Undercloud NAT - Save iptables
+      shell: service iptables save
+      become: yes
     - name: fetch storage environment file
       fetch:
         src: /usr/share/openstack-tripleo-heat-templates/environments/storage-environment.yaml
diff --git a/lib/ansible/playbooks/deploy_overcloud.yml b/lib/ansible/playbooks/deploy_overcloud.yml
index 44470da2..9a405814 100644
--- a/lib/ansible/playbooks/deploy_overcloud.yml
+++ b/lib/ansible/playbooks/deploy_overcloud.yml
@@ -78,7 +78,13 @@
         ruby -e '
         require "yaml"
         data = YAML.load(File.read("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml"))
-        data[1]["networks"].push("External")
+        if data[1]["networks"].is_a?(Array)
+          data[1]["networks"].push("External")
+        elsif data[1]["networks"].is_a?(Hash)
+          data[1]["networks"].merge!("External"=> { "subnet" => "external_subnet" })
+        else
+          raise "Unable to determine data to modify in roles_data.yaml"
+        end
         data[1]["default_route_networks"] = Array.new(["External"])
         File.open("/usr/share/openstack-tripleo-heat-templates/roles_data.yaml", "w") { |f| f.write(data.to_yaml) }
         '
@@ -115,6 +121,7 @@
       shell: >
         /usr/share/openstack-tripleo-heat-templates/tools/merge-new-params-nic-config-script.py
         -n /home/stack/network_data.yaml -t /home/stack/nics/{{ item }}.yaml --discard-comments True
+        --role-name Controller
       become: yes
       become_user: stack
       with_items: