The `action` attribute within the `firewall` type has been removed.
v7.0.0 of firwall module is introducing several changes, as described
in [1]. This commit is adjusting manifests to this change.
[1] 8ea5f45d00
Change-Id: I31a04a83e2844fa1ec53a27fccd15fb64cafacb0
This commit is contained in:
parent
f989cf07b6
commit
b00b07af7e
|
@ -11,7 +11,7 @@ define packstack::firewall (
|
||||||
) {
|
) {
|
||||||
$ip_version = lookup('CONFIG_IP_VERSION')
|
$ip_version = lookup('CONFIG_IP_VERSION')
|
||||||
|
|
||||||
$provider = $ip_version ? {
|
$protocol = $ip_version ? {
|
||||||
'ipv6' => 'ip6tables',
|
'ipv6' => 'ip6tables',
|
||||||
default => 'iptables',
|
default => 'iptables',
|
||||||
# TO-DO(mmagr): Add IPv6 support when hostnames are used
|
# TO-DO(mmagr): Add IPv6 support when hostnames are used
|
||||||
|
@ -34,9 +34,9 @@ define packstack::firewall (
|
||||||
firewall { "001 ${service_name} ${heading} ${title}":
|
firewall { "001 ${service_name} ${heading} ${title}":
|
||||||
chain => $chain,
|
chain => $chain,
|
||||||
proto => $proto,
|
proto => $proto,
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
source => $source,
|
source => $source,
|
||||||
provider => $provider,
|
protocol => $protocol,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -44,9 +44,9 @@ define packstack::firewall (
|
||||||
chain => $chain,
|
chain => $chain,
|
||||||
proto => $proto,
|
proto => $proto,
|
||||||
dport => $ports,
|
dport => $ports,
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
source => $source,
|
source => $source,
|
||||||
provider => $provider,
|
protocol => $protocol,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -67,7 +67,7 @@ class packstack::horizon ()
|
||||||
firewall { "001 horizon ${firewall_port} incoming":
|
firewall { "001 horizon ${firewall_port} incoming":
|
||||||
proto => 'tcp',
|
proto => 'tcp',
|
||||||
dport => [$firewall_port],
|
dport => [$firewall_port],
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
}
|
}
|
||||||
|
|
||||||
if str2bool($::selinux) {
|
if str2bool($::selinux) {
|
||||||
|
|
|
@ -14,6 +14,6 @@ class packstack::nova::vncproxy ()
|
||||||
firewall { '001 novncproxy incoming':
|
firewall { '001 novncproxy incoming':
|
||||||
proto => 'tcp',
|
proto => 'tcp',
|
||||||
dport => ['6080'],
|
dport => ['6080'],
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -43,14 +43,14 @@ class packstack::provision::bridge ()
|
||||||
if $public_bridge_name != '' {
|
if $public_bridge_name != '' {
|
||||||
firewall { '000 forward out':
|
firewall { '000 forward out':
|
||||||
chain => 'FORWARD',
|
chain => 'FORWARD',
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
outiface => $public_bridge_name,
|
outiface => $public_bridge_name,
|
||||||
proto => 'all',
|
proto => 'all',
|
||||||
}
|
}
|
||||||
|
|
||||||
firewall { '000 forward in':
|
firewall { '000 forward in':
|
||||||
chain => 'FORWARD',
|
chain => 'FORWARD',
|
||||||
action => 'accept',
|
jump => 'accept',
|
||||||
iniface => $public_bridge_name,
|
iniface => $public_bridge_name,
|
||||||
proto => 'all',
|
proto => 'all',
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue