commented out firwall rule
we are pretty sure that nova configures this on its own
This commit is contained in:
parent
c09d2d69c7
commit
ebfbc1fd0f
|
@ -29,9 +29,9 @@ class nova::compute(
|
|||
}
|
||||
|
||||
# forward guest metadata requests to correct API server
|
||||
exec { "forward_api_requests":
|
||||
command => "/sbin/iptables -t nat -A PREROUTING -d ${aws_address}/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination ${api_server}:${api_port}",
|
||||
unless => "/sbin/iptables -L PREROUTING -t nat -n | egrep 'DNAT[ ]+tcp+[ ]+--[ ]+0.0.0.0\\/0+[ ]+${aws_address}+[ ]+tcp+[ ]+dpt:80+[ ]+to:${api_server}:${api_port}'"
|
||||
}
|
||||
|
||||
# exec { "forward_api_requests":
|
||||
# command => "/sbin/iptables -t nat -A PREROUTING -d ${aws_address}/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination ${api_server}:${api_port}",
|
||||
# unless => "/sbin/iptables -L PREROUTING -t nat -n | egrep 'DNAT[ ]+tcp+[ ]+--[ ]+0.0.0.0\\/0+[ ]+${aws_address}+[ ]+tcp+[ ]+dpt:80+[ ]+to:${api_server}:${api_port}'",
|
||||
# logoutput => on_failure
|
||||
# }
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue