openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Add new parameter in order to switch firewall engine 

Depends-On: https://review.opendev.org/c/openstack/tripleo-ansible/+/841414
Change-Id: If6fd1200629df555d5d9f007cd433da6eb1f952a
This commit is contained in:
Cédric Jeanneret 2022-05-11 17:31:53 +02:00 committed by Cedric Jeanneret
parent e30c94f760
commit 6168a9d4b1
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
deployment/tripleo-firewall/tripleo-firewall-baremetal-ansible.yaml
View File

@ -33,6 +33,12 @@ parameters:
type: json
tags:
- role_specific
FirewallEngine:
default: 'iptables'
description: Set the actual firewall engine. Can be "iptables" or "nftables"
type: string
constraints:
- allowed_values: ['iptables', 'nftables']
resources:
# Merging role-specific parameters (RoleParameters) with the default parameters.
@ -69,6 +75,8 @@ outputs:
- {get_attr: [RoleParametersValue, value, extra_firewall_rules]}
host_firewall_tasks:
- name: Run firewall role
vars:
tripleo_firewall_engine: {get_param: FirewallEngine}
include_role:
name: tripleo_firewall
update_tasks:

5
releasenotes/notes/firewall-engine-36c6e6a9006fbad0.yaml Normal file
View File

@ -0,0 +1,5 @@
---
features:
- |
Add a new parameter "FirewallEngine" in order to chose what firewall
engine we want to use. Values can be iptables (default), or nftables.