openstack/kayobe
Code Issues Proposed changes

Support for firewalld ZONE option in network interfaces configuration

Browse Source 
Change-Id: Id21616b5c03922002cd7c99d6df7976a502b4e3c
Story: 2008369
Task: 41279
This commit is contained in:
Bartosz Bezak 2020-11-18 14:30:32 +01:00
parent 074024d63f
commit d10d95f949
4 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ansible/filter_plugins/networks.py
View File

@ -137,6 +137,7 @@ net_physical_network = _make_attr_filter('physical_network')
net_bootproto = _make_attr_filter('bootproto')
net_defroute = _make_attr_filter('defroute')
net_ethtool_opts = _make_attr_filter('ethtool_opts')
net_zone = _make_attr_filter('zone')
@jinja2.contextfilter
@ -216,6 +217,7 @@ def net_interface_obj(context, name, inventory_hostname=None):
bootproto = net_bootproto(context, name, inventory_hostname)
defroute = net_defroute(context, name, inventory_hostname)
ethtool_opts = net_ethtool_opts(context, name, inventory_hostname)
zone = net_zone(context, name, inventory_hostname)
vip_address = net_vip_address(context, name, inventory_hostname)
allowed_addresses = [vip_address] if vip_address else None
interface = {
@ -230,6 +232,7 @@ def net_interface_obj(context, name, inventory_hostname=None):
'bootproto': bootproto or 'static',
'defroute': defroute,
'ethtool_opts': ethtool_opts,
'zone': zone,
'allowed_addresses': allowed_addresses,
'onboot': 'yes',
}
@ -267,6 +270,7 @@ def net_bridge_obj(context, name, inventory_hostname=None):
bootproto = net_bootproto(context, name, inventory_hostname)
defroute = net_defroute(context, name, inventory_hostname)
ethtool_opts = net_ethtool_opts(context, name, inventory_hostname)
zone = net_zone(context, name, inventory_hostname)
vip_address = net_vip_address(context, name, inventory_hostname)
allowed_addresses = [vip_address] if vip_address else None
interface = {
@ -282,6 +286,7 @@ def net_bridge_obj(context, name, inventory_hostname=None):
'bootproto': bootproto or 'static',
'defroute': defroute,
'ethtool_opts': ethtool_opts,
'zone': zone,
'allowed_addresses': allowed_addresses,
'onboot': 'yes',
}
@ -325,6 +330,7 @@ def net_bond_obj(context, name, inventory_hostname=None):
bootproto = net_bootproto(context, name, inventory_hostname)
defroute = net_defroute(context, name, inventory_hostname)
ethtool_opts = net_ethtool_opts(context, name, inventory_hostname)
zone = net_zone(context, name, inventory_hostname)
vip_address = net_vip_address(context, name, inventory_hostname)
allowed_addresses = [vip_address] if vip_address else None
interface = {
@ -346,6 +352,7 @@ def net_bond_obj(context, name, inventory_hostname=None):
'bootproto': bootproto or 'static',
'defroute': defroute,
'ethtool_opts': ethtool_opts,
'zone': zone,
'allowed_addresses': allowed_addresses,
'onboot': 'yes',
}
@ -503,6 +510,7 @@ class FilterModule(object):
'net_bootproto': net_bootproto,
'net_defroute': net_defroute,
'net_ethtool_opts': net_ethtool_opts,
'net_zone': net_zone,
'net_interface_obj': net_interface_obj,
'net_bridge_obj': net_bridge_obj,
'net_bond_obj': net_bond_obj,

2
doc/source/configuration/reference/network.rst
View File

@ -326,6 +326,8 @@ The following attributes are supported:
bond and bridge interfaces, settings apply to underlying interfaces. This
should be a string of arguments passed to the ``ethtool`` utility, for
example ``"-G ${DEVICE} rx 8192 tx 8192"``.
``zone``
The name of ``firewalld`` zone to be attached to network interface.
IP Addresses
------------

6
releasenotes/notes/firewalld-zone-option-15cb747feb90446b.yaml Normal file
View File

@ -0,0 +1,6 @@
---
features:
- |
Adds support for configuring firewalld ``zone`` option on network interfaces.
See `story 2008369
<https://storyboard.openstack.org/#!/story/2008369>`__ for details.

2
requirements.yml
View File

@ -5,7 +5,7 @@
# There are no versioned releases of this role.
version: 8438592c84585c86e62ae07e526d3da53629b377
- src: MichaelRigart.interfaces
version: v1.8.1
version: v1.9.0
- src: mrlesmithjr.manage-lvm
version: v0.1.4
- src: mrlesmithjr.mdadm