Whitelist the infra hosts
Add the infra hosts to the haproxy global whitelist. This is needed so that these hosts can access the endpoints for nova metadata api as well as the apt-cacher-ng endpoint. Change-Id: I27eee08ab6f3b1e5ec3bd9afcebbabce181526ee
This commit is contained in:
parent
3ec7258163
commit
c742cb182a
@ -2,7 +2,10 @@
|
||||
|
||||
# Allow control node physical hosts to contact metadata endpoint
|
||||
# since the Neutron agents are no longer containerized.
|
||||
# Additionally, this is required to whitelist the bare-metal hosts
|
||||
# communication with the apt-cacher-ng endpoint
|
||||
haproxy_metal_networks:
|
||||
- "{{ cidr_networks.external }}"
|
||||
haproxy_nova_metadata_whitelist_networks: "{{ haproxy_whitelist_networks +
|
||||
haproxy_metal_networks }}"
|
||||
haproxy_whitelist_networks: "{{
|
||||
['192.168.0.0/16', '172.16.0.0/12', '10.0.0.0/8'] +
|
||||
haproxy_metal_networks }}"
|
||||
|
Loading…
Reference in New Issue
Block a user