openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/releasenotes/notes
History
Emilien Macchi 78b8c3b3f5 Restrict SNMP to internal network 
Add a parameter, SnmpdIpSubnet, which can be an IP/MASK that will be
used to secure with IPtables the source network authorized to reach
SNMP service on the host.
If SnmpdIpSubnet is left empty (default) the parameter will be set to
SnmpdNetwork.

Also change the IPtables id, 127 was used by Horizon, so let's switch
SNMP to 124. No impact on users.

Note: in this backport we also change the heat_template_version for SNMP
service so we support "conditions".

Change-Id: I46fce28926cb5a881f7384948480266712ae75e3
Depends-On: Ib203161b9676dcfaaf46eec2bddf767ec49282f7
Closes-Bug: #1749324
(cherry picked from commit 43155ed146)
 		2018-02-20 20:32:01 +00:00
..
add-hostgroup-default-for-host-parameter-02e3d48de1f69765.yaml manila: set "host" to "hostgroup" 2017-10-09 13:29:31 +00:00
drop-ceilometer-from-swift-pipeline-6ee079b9c7b919f8.yaml Remove ceilometer from swift middleware pipeline 2017-07-24 18:19:46 -04:00
enable-arp_accept-6296b0113bc56b10.yaml Enable arp_accept for all interfaces 2017-05-30 10:39:58 -07:00
expose-metric-processing-delay-0c098d7ec0af0728.yaml Expose metric delay processing metric 2017-06-09 15:33:31 +00:00
fix-glance-api-network-4f9d7c20475a5994.yaml Fixes incorrect glance api network 2017-06-26 08:41:36 -04:00
fix-neutron_admin_auth_url-c88224251d8eb807.yaml manila: set "neutron_admin_auth_url" correctly 2017-09-07 01:44:33 +00:00
fix-rpm-deploy-artifact-urls-03d5694073ad159d.yaml Fix rpms being installed via DeployArtifactURLs 2017-08-15 13:02:30 +00:00
kernel-extra-aa48704056be72cd.yaml kernel: allow to override modules & sysctl settings 2018-01-11 18:56:25 +00:00
leave-satellite-repo-enabled-8b60528bd5450c7b.yaml Don't disable satellite repo after registration 2017-08-18 23:25:28 +00:00
migration_over_ssh-003e2a92f5f5374d.yaml Add migration SSH tunneling support 2017-06-06 21:38:09 +01:00
rhsm_proxy_verify-548f104c97cf5f90.yaml RHSM: when using proxy, test its connectivity first 2017-11-02 21:48:24 +00:00
sat-tools-0d0f0c53de9d34a5.yaml Upgrade rhel_reg_sat_repo to 6.2 2017-11-02 01:01:40 +00:00
sat_capsule-bb59fad44c17f97f.yaml Support for Satellite Capsule in rhel-registration 2017-10-19 03:31:20 +00:00
snmp_firewall-ab17f60ba1ec71d2.yaml Restrict SNMP to internal network 2018-02-20 20:32:01 +00:00
snmp_listen-2364188f73d43b14.yaml snmp: add SnmpdBindHost parameter 2017-10-08 05:09:00 +00:00
ssh_known_hosts-287563590632d1aa.yaml SSH known_hosts config 2017-05-19 21:09:30 +00:00
sshd-service-extensions-0c4d0879942a2052.yaml SSHD Service extensions 2017-08-18 04:27:31 +00:00
token-flush-twice-a-day-d4b00a2953a6b383.yaml Run token flush cron job hourly by default 2017-07-17 18:51:33 +00:00
unset-ceph-default-min-size-0297620ed99dab5b.yaml Remove osd_pool_default_min_size to allow Ceph cluster to do the right thing by default 2017-12-19 09:50:43 +01:00
update-interfaces-first-f3c214ee9bdc1587.yaml Reconfigure interfaces before updating openvswitch 2017-06-15 17:36:03 +00:00
workaround-unset-fqdn-for-rhel-reg-be9c4620146096be.yaml Workaround for RHEL registration as "localhost" 2017-08-18 16:29:21 -07:00