summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-12-17 19:17:59 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2018-12-17 19:17:59 +0100
commit59163643073370c58a201b45c0e1dd5556e2b0f6 (patch)
tree952d89ceea3d2c5eb86ec41a7542071446e6481b
parent512968e7b23a077b7396e494624c94468afe9e38 (diff)
[mas01] Fix iptables pillar compatibility format
Sync our reclass pillar data for mas01's iptables with latest formula changes [1]. [1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-rw-r--r--mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j242
1 files changed, 25 insertions, 17 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
index ee1d247ad..4b11478e4 100644
--- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
+++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
@@ -148,21 +148,29 @@ parameters:
netmask: ${_param:opnfv_net_admin_mask}
type: eth
iptables:
+ schema:
+ epoch: 1
service:
- enabled: True
- chain:
- POSTROUTING:
- rules:
- - table: nat
- source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: MASQUERADE
- INPUT:
- rules:
- - table: filter
- source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: ACCEPT
- INPUT:
- rules:
- - table: filter
- destination_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: ACCEPT
+ v4:
+ enabled: true
+ persistent_config: /etc/iptables/rules.v4
+ v6:
+ enabled: false
+ tables:
+ v4:
+ filter:
+ chains:
+ INPUT:
+ ruleset:
+ 10:
+ rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ 11:
+ rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ nat:
+ chains:
+ POSTROUTING:
+ policy: ACCEPT
+ ruleset:
+ 10:
+ rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ action: MASQUERADE