Allow nova servers to reach heat services on port 80
When we run heat api services with apache+uwsgi(mod_proxy_uwsgi), we would need the services to be reachable from the neutron public net on port 80. Change-Id: I7c227b3fe580b2a60aa50a043200f4e4f270a5a3
This commit is contained in:
parent
f600d002c0
commit
d0b3c9076c
@ -58,8 +58,9 @@ cat > $ipv4_rules << EOF
|
|||||||
# the ironic API from the neutron public net
|
# the ironic API from the neutron public net
|
||||||
-A openstack-INPUT -s 172.24.4.0/23 -p udp -m udp --dport 69 -j ACCEPT
|
-A openstack-INPUT -s 172.24.4.0/23 -p udp -m udp --dport 69 -j ACCEPT
|
||||||
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 6385 -j ACCEPT
|
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 6385 -j ACCEPT
|
||||||
# Ports 8000, 8003, 8004 from the devstack neutron public net to allow
|
# Ports 80, 8000, 8003, 8004 from the devstack neutron public net to allow
|
||||||
# nova servers to reach heat-api-cfn, heat-api-cloudwatch, heat-api
|
# nova servers to reach heat-api-cfn, heat-api-cloudwatch, heat-api
|
||||||
|
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 80 -j ACCEPT
|
||||||
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8000 -j ACCEPT
|
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8000 -j ACCEPT
|
||||||
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8003 -j ACCEPT
|
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8003 -j ACCEPT
|
||||||
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8004 -j ACCEPT
|
-A openstack-INPUT -s 172.24.4.0/23 -p tcp -m tcp --dport 8004 -j ACCEPT
|
||||||
|
Loading…
Reference in New Issue
Block a user