a89d46e038
In change I89cff59947dda3f51482486c41a3d67c4aa36a3e the default firewall rules where changed so that only the %{hiera('ctlplane_subnet')} is allowed. In DCN (spine-and-leaf) the result is that SSH to nodes in remote subnets is not possible. This change replaces the use of hiera, and instead use the 'net_cidr_map' to create firewall rules for each subnet on the ctlplane network. By creating a rule for each subnet on the ctlplane SSH will be allowed within the L3 ctlplane network. Closes-Bug: #1834161 Change-Id: I43875eee401bb75e14874c776339a7c2a02d300f |
||
---|---|---|
.. | ||
tripleo-firewall-baremetal-puppet.yaml |