summaryrefslogtreecommitdiffstats
path: root/mcp/reclass
diff options
context:
space:
mode:
Diffstat (limited to 'mcp/reclass')
-rw-r--r--mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j242
1 files changed, 25 insertions, 17 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
index ee1d247ad..4b11478e4 100644
--- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
+++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2
@@ -148,21 +148,29 @@ parameters:
netmask: ${_param:opnfv_net_admin_mask}
type: eth
iptables:
+ schema:
+ epoch: 1
service:
- enabled: True
- chain:
- POSTROUTING:
- rules:
- - table: nat
- source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: MASQUERADE
- INPUT:
- rules:
- - table: filter
- source_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: ACCEPT
- INPUT:
- rules:
- - table: filter
- destination_network: '${_param:single_address}/${_param:opnfv_net_admin_mask}'
- jump: ACCEPT
+ v4:
+ enabled: true
+ persistent_config: /etc/iptables/rules.v4
+ v6:
+ enabled: false
+ tables:
+ v4:
+ filter:
+ chains:
+ INPUT:
+ ruleset:
+ 10:
+ rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ 11:
+ rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ nat:
+ chains:
+ POSTROUTING:
+ policy: ACCEPT
+ ruleset:
+ 10:
+ rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask}
+ action: MASQUERADE