diff options
| author |   Michael Polenchuk <mpolenchuk@mirantis.com> | 2018-08-15 14:07:32 +0400 |
|---|---|---|
| committer | Michael Polenchuk <mpolenchuk@mirantis.com> | 2018-08-15 14:07:32 +0400 |
| commit | 8de9c24300817b9d0ce4f2bfb2ab63643d895a1a (patch) | |
| tree | bfb0e10b7a670241ac2514761d98416d6cfcb386 | |
| parent | 01afa0457ebb04ff5457ecbd0c0dc33adfbc091c (diff) | |
Turn off default apache ports
Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 files changed, 14 insertions, 3 deletions
diff --git a/mcp/config/states/openstack_ha b/mcp/config/states/openstack_ha index 12d6ae656..d7d8cbd45 100755 --- a/mcp/config/states/openstack_ha +++ b/mcp/config/states/openstack_ha @@ -68,7 +68,7 @@ salt -I 'aodh:server' state.sls aodh -b 1 salt -I 'ceilometer:server' state.sls ceilometer salt -I 'ceilometer:agent' state.sls ceilometer -salt -I 'horizon:server' state.sls horizon +salt -I 'horizon:server' state.sls apache,horizon salt -I 'nginx:server' state.sls nginx cluster_public_host=$(salt -C 'I@nginx:server and *01*' --out=yaml \ diff --git a/mcp/config/states/openstack_noha b/mcp/config/states/openstack_noha index 02530236a..9a42d4813 100755 --- a/mcp/config/states/openstack_noha +++ b/mcp/config/states/openstack_noha @@ -56,4 +56,4 @@ salt -I 'aodh:server' state.sls aodh salt -I 'ceilometer:server' state.sls ceilometer salt -I 'ceilometer:agent' state.sls ceilometer -salt -I 'horizon:server' state.sls horizon +salt -I 'horizon:server' state.sls apache,horizon diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 index 33c74fda6..f9fe73aee 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_control.yml.j2 @@ -23,6 +23,7 @@ classes: - system.barbican.server.cluster - system.apache.server.site.barbican - service.barbican.server.plugin.simple_crypto + - system.apache.server.single - system.bind.server.single - system.haproxy.proxy.listen.openstack.placement - system.glusterfs.client.cluster @@ -125,7 +126,7 @@ parameters: apache: server: bind: - ~ports: ~ + listen_default_ports: false # sync from common-ha kvm role glusterfs: server: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 index d7ccff532..c23b50993 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_proxy.yml.j2 @@ -14,6 +14,7 @@ classes: - system.nginx.server.proxy.openstack_web - system.nginx.server.proxy.openstack.aodh - system.nginx.server.proxy.openstack.ceilometer + - system.apache.server.single - system.horizon.server.single - system.salt.minion.cert.proxy - system.sphinx.server.doc.reclass @@ -93,3 +94,7 @@ parameters: vrrp_scripts: check_pidof: args: 'nginx' + apache: + server: + bind: + listen_default_ports: false diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 index c55ea0049..9a9144ca7 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_telemetry.yml.j2 @@ -69,6 +69,8 @@ parameters: - python-memcache apache: server: + bind: + listen_default_ports: false ~modules: - rewrite {%- if conf.MCP_VCP %} {#- wsgi module will be enabled by a different class inherited later #} diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml index 0eeff7c05..8ba9c6966 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_control.yml @@ -60,6 +60,7 @@ classes: - system.apache.server.site.gnocchi - system.apache.server.site.panko - system.apache.server.site.barbican + - system.apache.server.single - system.horizon.server.single - service.haproxy.proxy.single - cluster.mcp-common-noha.haproxy_openstack_api @@ -174,6 +175,8 @@ parameters: root_helper_daemon: false apache: server: + bind: + listen_default_ports: false site: gnocchi: &wsgi_threads wsgi: |