17 lines
832 B
YAML
17 lines
832 B
YAML
---
|
|
upgrade:
|
|
- |
|
|
Kayobe configures Bifrost to use the ``trusted`` zone of ``firewalld``,
|
|
ensuring that all services running on the seed host are accessible.
|
|
Deployments with stricter firewall policies can select another zone by
|
|
setting the ``kolla_bifrost_firewalld_internal_zone`` variable in
|
|
``${KAYOBE_CONFIG_PATH}/bifrost.yml``. To avoid loss of connectivity to the
|
|
seed host, ensure that ``firewalld`` is already configured on the seed host
|
|
before deploying seed services.
|
|
fixes:
|
|
- |
|
|
Fixes loss of connectivity to the seed host after deploying seed services,
|
|
when using a shared provisioning and admin network. This was caused by
|
|
Bifrost configuring ``firewalld`` to only allow Ironic traffic. Kayobe now
|
|
configures Bifrost to use the ``trusted`` zone, which allows all traffic.
|