openstack
/
tripleo-ansible
Code Issues Proposed changes
tripleo-ansible/tripleo_ansible/roles
History
Carlos Goncalves 237fe69c85 tripleo_frr: add BGP TTL security 
FRR supports enforcing Generalized TTL Security Mechanism (GTSM) where
only neighbors that are the specified number of hops away will be
allowed to become neighbors.

This patch adds a new option to set the number of hops allowed,
defaulting to 1 for strict security out of the box. Setting value to
zero or less will disable GTSM.

Change-Id: I1166f22fef8e3f6b825343b4e2792ce9cfb10547
 		2021-02-12 10:46:44 +00:00
..
aide Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
backup_and_restore Opens ports to NFS server's firewalld 2021-01-21 12:02:15 +01:00
login_defs Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
octavia_common Add support for Octavia amphora log offloading 2020-06-03 19:09:09 +00:00
octavia_controller_check Increase validity period of Octavia CA and certificates 2020-06-11 08:12:37 +02:00
octavia_controller_config Scan existing controllers on update to pick up existing certs/private keys 2020-05-26 15:21:09 +02:00
octavia_controller_post_config Fix rsyslog facility config for Octavia amphora-agent 2020-12-01 16:25:00 +01:00
octavia_overcloud_config Make server group quota unlimited for Octavia 2021-02-01 10:51:49 +00:00
octavia_undercloud Octavia: handle empty amphora image search result 2020-04-23 10:23:52 -02:30
test_deps Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
test_package_action Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_bootstrap Stop NetworkManager from updating resolv.conf 2020-12-03 16:37:23 +05:30
tripleo_cellv2 Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_ceph_client Merge "Make get ceph_mon_ip addresses task composable network compatible" 2021-01-19 01:33:25 +00:00
tripleo_ceph_common Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_ceph_run_ansible Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_ceph_uuid Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_ceph_work_dir Create ceph directories in config-download without become 2021-01-17 14:33:12 -05:00
tripleo_clients_install Add test_deps_setup_tripleo var 2020-11-26 11:07:21 +00:00
tripleo_config Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_container_image_build Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_container_image_prepare Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_container_manage Instruct systemd to accept 137 and 143 exit code 2020-10-06 17:20:01 +02:00
tripleo_container_rm Replace podman commands by module 2020-05-11 13:05:38 +00:00
tripleo_container_stop Replace podman commands by module 2020-05-11 13:05:38 +00:00
tripleo_container_tag Convert docker molecule usage to podman 2020-04-30 09:55:18 -05:00
tripleo_create_admin Add distribute_private_key boolean for tripleo_create_admin 2020-12-23 20:13:37 +00:00
tripleo_derived_parameters Derived parameters: Add AMD iommu support 2020-12-01 20:45:07 +01:00
tripleo_firewall Allow tripleo_firewall to work in check mode 2020-09-29 16:41:45 +00:00
tripleo_frr tripleo_frr: add BGP TTL security 2021-02-12 10:46:44 +00:00
tripleo_ha_wrapper Add test_deps_setup_tripleo var 2020-11-26 11:07:21 +00:00
tripleo_hieradata Add OVN chassis macs to hieradata 2020-09-29 19:30:58 +02:00
tripleo_hosts_entries Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_image_serve Handle containers with no namespace 2021-01-29 11:18:47 -07:00
tripleo_kernel [kernel] Updating facts before disabling NICs 2020-11-27 22:35:03 -05:00
tripleo_keystone_resources Add no_log to os_user async status 2020-09-15 10:38:31 -06:00
tripleo_lvmfilter Run LVM filter tasks when enabled, regardless of allow/deny list size 2020-12-16 20:42:55 +00:00
tripleo_module_load Switch from handlers to tasks 2020-07-24 13:07:25 -06:00
tripleo_multipathd Add tripleo_multipathd role 2020-10-19 07:59:52 -07:00
tripleo_network_config Update legacy network init 2021-02-09 18:39:30 +00:00
tripleo_nodes_validation Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_nova_image_cache Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_nvdimm Fix check for existing nvdimm namespaces 2020-12-14 11:37:13 +01:00
tripleo_ovs_dpdk Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_packages Merge "Remove pcs/pacemaker package installation from upgrade tasks" 2021-01-20 20:19:34 +00:00
tripleo_persist Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_podman Support default pid limits in containers.conf 2021-02-10 07:59:24 +01:00
tripleo_provision_mcelog Add missing doc & zuul job for tripleo_provision_mcelog 2020-05-22 16:17:29 -04:00
tripleo_ptp Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_puppet_cache Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_redhat_enforce Allow rhsm subscription test to be overrided in RHOSP deployment. 2021-01-25 15:23:46 +01:00
tripleo_securetty Use the UBI8 image for testing 2020-09-23 08:56:23 -05:00
tripleo_ssh_known_hosts Add test_deps_setup_tripleo var 2020-11-26 11:07:21 +00:00
tripleo_sshd Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_systemd_wrapper Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_timezone Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_transfer Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_update_trusted_cas Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_upgrade_hiera Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tripleo_validations_package Don't set capabilities in priviledge mode 2021-01-15 17:54:17 +02:00
tuned Ensure tuned_custom_profile is used for tuned role 2020-10-31 11:20:52 -05:00