openstack/kolla-ansible
Code Issues Proposed changes
a1eec2498a
kolla-ansible/releasenotes/notes/add-firewalld-rules-based-on-enabled-services-96dd418219953a05.yaml
k-s-dean 8553e52acd adds firewalld configuration based on enabled services 
This change introduces automated configuration of firewalld and adds
a new filter for extracting services from the project_services dict.
the filter selects any enabled services and their haproxy element
and returns them so they can be iterated over.
This commit also enables automated configuration of firewalld from enabled
openstack services and adds them to the defined zone and reloads the
system firewall.

Change-Id: Iea3680142711873984efff2b701347b6a56dd355
2022-07-27 12:28:40 +01:00

11 lines
429 B
YAML
Raw Blame History

---
features:
- |
Enables configuring firewalld for external API services.
Extracts the required services and checks the external port,
then adds the ports to a firewalld zone.
Assumes that firewalld has been installed and configured beforehand.
The variable disable_firewall, is disabled by default to preserve
backwards compatibility.
But its good practice to have the system firewall configured.
View Git Blame Copy Permalink