Re-enable ManageFirewall by default.
This default setting got lots in the composable roles/services patches.
Re-enable the ManageFirewall setting by default per what we did in
git commit 73c76b867d.
We also fix a typo in neutron-api.yaml so that the firewall rules
matches to service_name. (otherwise it won't get loaded).
Also, drops the environments/manage-firewall.yaml which is
no longer needed if we enable firewall management by default.
Change-Id: Ie198e4efd190131d0722085b10ef77da9005bc1b
Closes-bug: 1629934
This commit is contained in:
Dan Prince
Emilien Macchi
parent
f9c3481c3e
commit
ddd4d3cd9f
|
|
@ -1,2 +0,0 @@
|
||||||
parameter_defaults:
|
|
||||||
ManageFirewall: true
|
|
||||||
|
|
@ -145,8 +145,8 @@ outputs:
|
||||||
neutron::server::notifications::password: {get_param: NovaPassword}
|
neutron::server::notifications::password: {get_param: NovaPassword}
|
||||||
neutron::keystone::authtoken::project_name: 'service'
|
neutron::keystone::authtoken::project_name: 'service'
|
||||||
neutron::server::sync_db: true
|
neutron::server::sync_db: true
|
||||||
tripleo.neutron_server.firewall_rules:
|
tripleo.neutron_api.firewall_rules:
|
||||||
'114 neutron server':
|
'114 neutron api':
|
||||||
dport:
|
dport:
|
||||||
- 9696
|
- 9696
|
||||||
- 13696
|
- 13696
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ parameters:
|
||||||
via parameter_defaults in the resource registry.
|
via parameter_defaults in the resource registry.
|
||||||
type: json
|
type: json
|
||||||
ManageFirewall:
|
ManageFirewall:
|
||||||
default: false
|
default: true
|
||||||
description: Whether to manage IPtables rules.
|
description: Whether to manage IPtables rules.
|
||||||
type: boolean
|
type: boolean
|
||||||
PurgeFirewallRules:
|
PurgeFirewallRules:
|
||||||
|
|
|
||||||
|
|
@ -114,7 +114,9 @@
|
||||||
- OS::TripleO::Services::ComputeNeutronL3Agent
|
- OS::TripleO::Services::ComputeNeutronL3Agent
|
||||||
- OS::TripleO::Services::ComputeNeutronMetadataAgent
|
- OS::TripleO::Services::ComputeNeutronMetadataAgent
|
||||||
- OS::TripleO::Services::TripleoPackages
|
- OS::TripleO::Services::TripleoPackages
|
||||||
- OS::TripleO::Services::TripleoFirewall
|
# FIXME: This doesn't appear to have been enabled before
|
||||||
|
# so disabling it here until we can support it
|
||||||
|
#- OS::TripleO::Services::TripleoFirewall
|
||||||
- OS::TripleO::Services::NeutronSriovAgent
|
- OS::TripleO::Services::NeutronSriovAgent
|
||||||
- OS::TripleO::Services::OpenDaylightOvs
|
- OS::TripleO::Services::OpenDaylightOvs
|
||||||
- OS::TripleO::Services::SensuClient
|
- OS::TripleO::Services::SensuClient
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue