Port for distributed serialization added
We allow connections to 8002 port in the admin network for incoming connections from distributed serialization workers. Distributed serialization workers should be installed and run on slave and bootstrap nodes. Change-Id: Idae764bde0b0dd482e6b08d69a97cd5d0717547d Implements: blueprint distributed-serialization
This commit is contained in:
parent
10a537440c
commit
97c9ca2c5f
|
@ -2,25 +2,26 @@ class fuel::iptables (
|
|||
$network_address,
|
||||
$network_cidr,
|
||||
|
||||
$admin_iface = $::fuel::params::admin_interface,
|
||||
$ssh_port = '22',
|
||||
$ssh_network = '0.0.0.0/0',
|
||||
$ssh_rseconds = 60,
|
||||
$ssh_rhitcount = 4,
|
||||
$nailgun_web_port = $::fuel::params::nailgun_port,
|
||||
$nailgun_internal_port = $::fuel::params::nailgun_internal_port,
|
||||
$nailgun_repo_port = $::fuel::params::repo_port,
|
||||
$postgres_port = $::fuel::params::db_port,
|
||||
$ostf_port = $::fuel::params::ostf_port,
|
||||
$rsync_port = '873',
|
||||
$rsyslog_port = '514',
|
||||
$ntp_port = '123',
|
||||
$rabbitmq_ports = ['4369','5672','61613'],
|
||||
$rabbitmq_admin_port = '15672',
|
||||
$fuelweb_port = $::fuel::params::nailgun_ssl_port,
|
||||
$keystone_port = $::fuel::params::keystone_port,
|
||||
$keystone_admin_port = $::fuel::params::keystone_admin_port,
|
||||
$chain = 'INPUT',
|
||||
$admin_iface = $::fuel::params::admin_interface,
|
||||
$ssh_port = '22',
|
||||
$ssh_network = '0.0.0.0/0',
|
||||
$ssh_rseconds = 60,
|
||||
$ssh_rhitcount = 4,
|
||||
$nailgun_web_port = $::fuel::params::nailgun_port,
|
||||
$nailgun_internal_port = $::fuel::params::nailgun_internal_port,
|
||||
$nailgun_serialization_port = $::fuel::params::nailgun_serialization_port,
|
||||
$nailgun_repo_port = $::fuel::params::repo_port,
|
||||
$postgres_port = $::fuel::params::db_port,
|
||||
$ostf_port = $::fuel::params::ostf_port,
|
||||
$rsync_port = '873',
|
||||
$rsyslog_port = '514',
|
||||
$ntp_port = '123',
|
||||
$rabbitmq_ports = ['4369','5672','61613'],
|
||||
$rabbitmq_admin_port = '15672',
|
||||
$fuelweb_port = $::fuel::params::nailgun_ssl_port,
|
||||
$keystone_port = $::fuel::params::keystone_port,
|
||||
$keystone_admin_port = $::fuel::params::keystone_admin_port,
|
||||
$chain = 'INPUT',
|
||||
) inherits fuel::params {
|
||||
|
||||
#Enable cobbler's iptables rules even if Cobbler not called
|
||||
|
@ -185,6 +186,16 @@ class fuel::iptables (
|
|||
state => ['NEW'],
|
||||
}
|
||||
|
||||
firewall { '065 nailgun_serialization_port':
|
||||
chain => $chain,
|
||||
table => 'filter',
|
||||
dport => $nailgun_serialization_port,
|
||||
proto => 'tcp',
|
||||
iniface => $admin_iface,
|
||||
action => 'accept',
|
||||
state => ['NEW'],
|
||||
}
|
||||
|
||||
firewall { '070 nailgun_internal_block_ext':
|
||||
chain => $chain,
|
||||
table => 'filter',
|
||||
|
|
|
@ -120,6 +120,7 @@ class fuel::params {
|
|||
$nailgun_host = '127.0.0.1'
|
||||
$nailgun_port = '8000'
|
||||
$nailgun_internal_port = '8001'
|
||||
$nailgun_serialization_port = '8002'
|
||||
$nailgun_ssl_port = '8443'
|
||||
|
||||
$ostf_host = '127.0.0.1'
|
||||
|
|
Loading…
Reference in New Issue