Port for distributed serialization added

We allow connections to 8002 port in the admin network for incoming connections from distributed serialization workers. Distributed serialization workers should be installed and run on slave and bootstrap nodes. Change-Id: Idae764bde0b0dd482e6b08d69a97cd5d0717547d Implements: blueprint distributed-serialization (cherry picked from commit 97c9ca2c5f)
2017-02-15 18:53:45 +03:00 · 2017-02-15 18:53:45 +03:00 · e0c44beaec
parent 9f16ad761c
commit e0c44beaec
2 changed files with 31 additions and 19 deletions
--- a/deployment/puppet/fuel/manifests/iptables.pp
+++ b/deployment/puppet/fuel/manifests/iptables.pp
@ -2,25 +2,26 @@ class fuel::iptables (
  $network_address,
  $network_cidr,

-  $admin_iface           = $::fuel::params::admin_interface,
-  $ssh_port              = '22',
-  $ssh_network           = '0.0.0.0/0',
-  $ssh_rseconds          = 60,
-  $ssh_rhitcount         = 4,
-  $nailgun_web_port      = $::fuel::params::nailgun_port,
-  $nailgun_internal_port = $::fuel::params::nailgun_internal_port,
-  $nailgun_repo_port     = $::fuel::params::repo_port,
-  $postgres_port         = $::fuel::params::db_port,
-  $ostf_port             = $::fuel::params::ostf_port,
-  $rsync_port            = '873',
-  $rsyslog_port          = '514',
-  $ntp_port              = '123',
-  $rabbitmq_ports        = ['4369','5672','61613'],
-  $rabbitmq_admin_port   = '15672',
-  $fuelweb_port          = $::fuel::params::nailgun_ssl_port,
-  $keystone_port         = $::fuel::params::keystone_port,
-  $keystone_admin_port   = $::fuel::params::keystone_admin_port,
-  $chain                 = 'INPUT',
+  $admin_iface                = $::fuel::params::admin_interface,
+  $ssh_port                   = '22',
+  $ssh_network                = '0.0.0.0/0',
+  $ssh_rseconds               = 60,
+  $ssh_rhitcount              = 4,
+  $nailgun_web_port           = $::fuel::params::nailgun_port,
+  $nailgun_internal_port      = $::fuel::params::nailgun_internal_port,
+  $nailgun_serialization_port = $::fuel::params::nailgun_serialization_port,
+  $nailgun_repo_port          = $::fuel::params::repo_port,
+  $postgres_port              = $::fuel::params::db_port,
+  $ostf_port                  = $::fuel::params::ostf_port,
+  $rsync_port                 = '873',
+  $rsyslog_port               = '514',
+  $ntp_port                   = '123',
+  $rabbitmq_ports             = ['4369','5672','61613'],
+  $rabbitmq_admin_port        = '15672',
+  $fuelweb_port               = $::fuel::params::nailgun_ssl_port,
+  $keystone_port              = $::fuel::params::keystone_port,
+  $keystone_admin_port        = $::fuel::params::keystone_admin_port,
+  $chain                      = 'INPUT',
  ) inherits fuel::params {

  include ::provision::iptables
@ -184,6 +185,16 @@ class fuel::iptables (
    state   => ['NEW'],
  }

+  firewall { '065 nailgun_serialization_port':
+    chain   => $chain,
+    table   => 'filter',
+    dport   => $nailgun_serialization_port,
+    proto   => 'tcp',
+    iniface => $admin_iface,
+    action  => 'accept',
+    state   => ['NEW'],
+  }
+
  firewall { '070 nailgun_internal_block_ext':
    chain  => $chain,
    table  => 'filter',
--- a/deployment/puppet/fuel/manifests/params.pp
+++ b/deployment/puppet/fuel/manifests/params.pp
@ -120,6 +120,7 @@ class fuel::params {
  $nailgun_host                  = '127.0.0.1'
  $nailgun_port                  = '8000'
  $nailgun_internal_port         = '8001'
+  $nailgun_serialization_port    = '8002'
  $nailgun_ssl_port              = '8443'

  $ostf_host                     = '127.0.0.1'