Ensure FORWARD is ACCEPT by default
Newer versions of docker have switched to updating the FORWARD chain to be DROP by default. This causes issues with the deployment. Update the FORWARD chains to be ACCEPT by default. Depends-On: Ib75f97748540b9162d76c9c189d3ca7e082b3784 Closes-Bug: #1750194 Change-Id: I93be7138e6a61cf3aadf19f53097d67469befc17
This commit is contained in:
parent
a903c10542
commit
da31c6e5ba
|
@ -894,6 +894,19 @@ nova::notify_on_state_change: 'vm_state'
|
|||
|
||||
# Firewall
|
||||
tripleo::firewall::manage_firewall: true
|
||||
# Docker switches FORWARD to DROP by default which causes issues on the
|
||||
# undercloud. We are already included a REJECT rule in so switch these back
|
||||
# to ACCEPT.
|
||||
# https://bugs.launchpad.net/tripleo/+bug/1750194
|
||||
tripleo::firewall::firewall_chains:
|
||||
'FORWARD:filter:IPv4':
|
||||
ensure: present
|
||||
policy: accept
|
||||
purge: false
|
||||
'FORWARD:filter:IPv6':
|
||||
ensure: present
|
||||
policy: accept
|
||||
purge: false
|
||||
tripleo::firewall::firewall_rules:
|
||||
'105 ntp':
|
||||
dport: 123
|
||||
|
|
Loading…
Reference in New Issue