085856e318
This adds a new variable for the iptables role that allows us to indicate all members of an ansible inventory group should have iptables rules added. It also removes the unused zuul-executor-opendev group, and some unused variables related to the snmp rule. Also, collect the generated iptables rules for debugging. Change-Id: I48746a6527848a45a4debf62fd833527cc392398 Depends-On: https://review.opendev.org/728952
12 lines
412 B
YAML
12 lines
412 B
YAML
zookeeper_user: zookeeper
|
|
zookeeper_group: zookeeper
|
|
zookeeper_uid: 10001
|
|
zookeeper_gid: 10001
|
|
iptables_extra_allowed_groups:
|
|
- {'protocol': 'tcp', 'port': '2181', 'group': 'nodepool'}
|
|
- {'protocol': 'tcp', 'port': '2181', 'group': 'zuul'}
|
|
# Zookeeper election
|
|
- {'protocol': 'tcp', 'port': '2888', 'group': 'zookeeper'}
|
|
# Zookeeper leader
|
|
- {'protocol': 'tcp', 'port': '3888', 'group': 'zookeeper'}
|