Allow pacemaker ports in firewall

This is required to allow ha deployments with ManageFirewall: True These are the ports documented in [1]. 1: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Configuring_the_Red_Hat_High_Availability_Add-On_with_Pacemaker/index.html#s1-firewalls-HAAR Change-Id: I446cc0ed863df15e28fa8ec1f5e2a06c5c03af8c Closes-Bug: 1594470 (cherry picked from commit a4c9e1b9f6) (cherry picked from commit f45b6f4bda)
2016-06-15 17:25:18 -05:00 · 2016-06-15 17:25:18 -05:00 · 5678fb1621
parent f3454aa201
commit 5678fb1621
1 changed files with 9 additions and 0 deletions
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@ -247,3 +247,12 @@ tripleo::firewall::firewall_rules:
  '127 snmp':
    port: 161
    proto: 'udp'
+  '130 pacemaker tcp':
+    proto: 'tcp'
+    dport:
+      - 2224
+      - 3121
+      - 21064
+  '131 pacemaker udp':
+    proto: 'udp'
+    dport: 5405