dbe38cac18
Allow our operators to override ExtraFirewallRules per role. Also add an environment file that hopefully provide enough example on how this feature can be used. Also making sure that CI is testing this change. Change-Id: I776f1cdb780ab57d7554985f0b7c2139356cdf3a
24 lines
621 B
YAML
24 lines
621 B
YAML
# This is an example of custom firewall rules that one could apply for specific
|
|
# roles.
|
|
|
|
parameter_defaults:
|
|
|
|
# This firewall rule will autorize 12345/tcp from localhost on all the nodes
|
|
# in the overcloud:
|
|
# ExtraFirewallRules:
|
|
# '301 allow arbitrary tcp rule':
|
|
# dport: 12345
|
|
# proto: tcp
|
|
# source: 127.0.0.1
|
|
# action: insert
|
|
|
|
# This firewall rule will autorize 12345/tcp from localhost on all the
|
|
# compute nodes:
|
|
# ComputeParameters:
|
|
# ExtraFirewallRules:
|
|
# '301 allow arbitrary tcp rule':
|
|
# dport: 12345
|
|
# proto: tcp
|
|
# source: 127.0.0.1
|
|
# action: insert
|