[Devstack]: open firewall for ironic api on provision net
For grenade job we need to open firewall on provision network IP on subnode. This needed for grenade job to setup redirect from primary node to subnode. Change-Id: I026121121059768aa74389add7eee6e63fdb214d
This commit is contained in:
parent
7f1639e77e
commit
13eff665f0
|
@ -1612,6 +1612,8 @@ function configure_iptables {
|
|||
# nodes boot from TFTP and callback to the API server listening on $HOST_IP
|
||||
sudo iptables -I INPUT -d $IRONIC_TFTPSERVER_IP -p udp --dport 69 -j ACCEPT || true
|
||||
sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true
|
||||
sudo iptables -I INPUT -d $IRONIC_HTTP_SERVER -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true
|
||||
sudo iptables -I FORWARD -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true
|
||||
if is_deployed_by_agent; then
|
||||
# agent ramdisk gets instance image from swift
|
||||
sudo iptables -I INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true
|
||||
|
|
Loading…
Reference in New Issue