From eafc77d7fdc0f3f418941b3ac20a1dcc9180589b Mon Sep 17 00:00:00 2001
From: Tim Rozet <trozet@redhat.com>
Date: Tue, 24 Jul 2018 11:21:06 -0400
Subject: Open port 8101 on controllers for karaf

By default 8101 (karaf shell) is blocked on controllers. In Apex we
advertise in our user guide (and tools scripts) the ability to connect
to karaf shell. It is also required to run CSIT. This patch opens the
port when ODL is deployed.

Change-Id: Ib3ece41f19607bafc329d9de390cf774766a26cd
Signed-off-by: Tim Rozet <trozet@redhat.com>
---
 lib/ansible/playbooks/post_deploy_overcloud.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/lib/ansible/playbooks/post_deploy_overcloud.yml b/lib/ansible/playbooks/post_deploy_overcloud.yml
index 212d2cfa..372aea49 100644
--- a/lib/ansible/playbooks/post_deploy_overcloud.yml
+++ b/lib/ansible/playbooks/post_deploy_overcloud.yml
@@ -75,3 +75,18 @@
       when:
         - sdn == 'opendaylight'
         - "'controller' in ansible_hostname"
+    - name: Open port 8101 (karaf shell) for ODL
+      iptables:
+        chain: INPUT
+        action: insert
+        protocol: tcp
+        destination_port: 8101
+        jump: ACCEPT
+        rule_num: 1
+      become: yes
+      when:
+        - sdn == 'opendaylight'
+        - "'controller' in ansible_hostname"
+    - name: save iptables
+      command: service iptables save
+      become: yes
-- 
cgit 1.2.3-korg