Allow configuration of IP address filter regexs
Trove filters what IP addresses are exposed on the Trove API. This change allows the configuration of the Trove regular expressions to be used for filtering. There is a network label, black list and white list regular expressions that can be specified. The default is set to expose all addresses. Change-Id: I89aad1d7d38d3a96728c31241e8cf1fc483aba81
This commit is contained in:
parent
3413824166
commit
7a6e01d177
|
@ -77,3 +77,18 @@ options:
|
|||
description: |
|
||||
Nova config drive will be used with cloud-init to inject parameters and
|
||||
files into the database instances.
|
||||
trove-network-label-regex:
|
||||
default: ".*"
|
||||
type: string
|
||||
description: Regular expression to match neutron network labels to determine
|
||||
what IP addresses will be displayed by Trove.
|
||||
trove-ip-regex:
|
||||
default:
|
||||
type: string
|
||||
description: Regular expression to match individual IP addresses to determine
|
||||
if it will be displayed by Trove.
|
||||
trove-black-list-regex:
|
||||
default:
|
||||
type: string
|
||||
description: Regular expression to match individual IP addresses to determine
|
||||
if it should not be displayed by Trove.
|
||||
|
|
|
@ -58,6 +58,23 @@ os_region_name = {{ options.region }}
|
|||
# Service type to use when searching catalog.
|
||||
#neutron_service_type = network
|
||||
|
||||
# Config option for showing the IP address that nova doles out
|
||||
# For nova-network, set this to the appropriate network label defined in nova
|
||||
# For neutron, set this to .* since users can specify custom network labels
|
||||
# You can also optionally specify regex'es to match the actual IP addresses
|
||||
# ip_regex (white-list) is applied before black_list_regex in the filter chain
|
||||
#network_label_regex = ^private$
|
||||
#with neutron enabled
|
||||
network_label_regex = {{ options.trove_network_label_regex }}
|
||||
#ip_regex = ^(15.|123.)
|
||||
{% if options.trove_ip_regex %}
|
||||
ip_regex = {{ options.trove_ip_regex }}
|
||||
{% endif %}
|
||||
#black_list_regex = ^10.0.0.
|
||||
{% if options.trove_black_list_regex %}
|
||||
black_list_regex = {{ options.trove_black_list_regex }}
|
||||
{% endif %}
|
||||
|
||||
# Config options for enabling volume service
|
||||
trove_volume_support = {{ options.trove_volume_support }}
|
||||
#block_device_mapping = vdb
|
||||
|
|
|
@ -55,6 +55,23 @@ os_region_name = {{ options.region }}
|
|||
# Service type to use when searching catalog.
|
||||
#neutron_service_type = network
|
||||
|
||||
# Config option for showing the IP address that nova doles out
|
||||
# For nova-network, set this to the appropriate network label defined in nova
|
||||
# For neutron, set this to .* since users can specify custom network labels
|
||||
# You can also optionally specify regex'es to match the actual IP addresses
|
||||
# ip_regex (white-list) is applied before black_list_regex in the filter chain
|
||||
#network_label_regex = ^private$
|
||||
#with neutron enabled
|
||||
network_label_regex = {{ options.trove_network_label_regex }}
|
||||
#ip_regex = ^(15.|123.)
|
||||
{% if options.trove_ip_regex %}
|
||||
ip_regex = {{ options.trove_ip_regex }}
|
||||
{% endif %}
|
||||
#black_list_regex = ^10.0.0.
|
||||
{% if options.trove_black_list_regex %}
|
||||
black_list_regex = {{ options.trove_black_list_regex }}
|
||||
{% endif %}
|
||||
|
||||
# Config options for enabling volume service
|
||||
trove_volume_support = {{ options.trove_volume_support }}
|
||||
#block_device_mapping = vdb
|
||||
|
|
Loading…
Reference in New Issue