[TRAIN ONLY] Fix the glance-api-edge firewall configuration
Add a firewall rule for the glance-api-edge service that opens glance's port 9292. This allows "scale out" nodes running at the edge to access a glance endpoint at the edge site. The glance-api-edge service tries to inherit most of its configuration from the base glance-api service. However, the puppet code that applies firewall rules requires the hiera key that defines the rule contain the actual service name [1]. Thus, a rule defined for the glance-api service will not be added when the service name is glance-api-edge. [1] https://opendev.org/openstack/puppet-tripleo/src/branch/stable/train/manifests/firewall/service_rules.pp#L35 Closes-Bug: #1883807 Change-Id: I6a3c77be03d5ad6b20c1eb11291340217544bff8
This commit is contained in:
parent
c61f22c828
commit
975e47f219
|
@ -72,6 +72,13 @@ outputs:
|
|||
map_merge:
|
||||
- get_attr: [GlanceApiBase, role_data]
|
||||
- service_name: glance_api_edge
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [GlanceApiBase, role_data, config_settings]
|
||||
- tripleo::glance_api_edge::firewall_rules:
|
||||
'112 glance_api_edge':
|
||||
dport:
|
||||
- 9292
|
||||
service_config_settings:
|
||||
map_merge:
|
||||
- get_attr: [GlanceApiBase, role_data, service_config_settings]
|
||||
|
|
Loading…
Reference in New Issue