iptables_extra_allowed_hosts:
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nb01.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nb02.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nb03.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nb04.opendev.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nl01.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nl02.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nl03.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'nl04.openstack.org'}
  - {'protocol': 'tcp', 'port': '2181', 'hostname': 'zuul01.openstack.org'}
  # Zookeeper election
  - {'protocol': 'tcp', 'port': '2888', 'hostname': 'zk01.openstack.org'}
  - {'protocol': 'tcp', 'port': '2888', 'hostname': 'zk02.openstack.org'}
  - {'protocol': 'tcp', 'port': '2888', 'hostname': 'zk03.openstack.org'}
  # Zookeeper leader
  - {'protocol': 'tcp', 'port': '3888', 'hostname': 'zk01.openstack.org'}
  - {'protocol': 'tcp', 'port': '3888', 'hostname': 'zk02.openstack.org'}
  - {'protocol': 'tcp', 'port': '3888', 'hostname': 'zk03.openstack.org'}