starlingx/config
Code Issues Proposed changes
23a41191c1
config/puppet-manifests/src/modules/platform/manifests/smapi.pp
Yi Wang 4445e0b337 Remove some firewall rules 
* Remove those firewalls rules managed by puppet for exposing platform
  services, because we have used Calico to create some rules to do the
  same thing.
* Remove system firewall-rule-related commands and controllers.

Passed tests:
* Fresh build
* Deployment(simplex, duplex, multi-node)
* System-level tests
  * firewall-rule-xxx commands was removed as expected.
  * puppet firewall rules have been removed as expected.
  * manually check iptable rules.
  * use the utility of uc to test exposed tcp ports and a few
    non-exposed tcp ports again.
  * create vms

Story: 2005066
Task: 29864

Depends-On: https://review.openstack.org/#/c/649217
Change-Id: Ie5df744598c75d45d21ce6585f31f6d8f1809f04
Signed-off-by: Yi Wang <yi.c.wang@intel.com>
2019-04-18 14:39:25 +08:00

52 lines
1.3 KiB
Puppet
Raw Blame History

class platform::smapi::params (
$auth_username = undef,
$keystone_auth_url = undef,
$keystone_username = undef,
$keystone_password = undef,
$public_url = undef,
$admin_url = undef,
$bind_ip = undef,
$port = undef,
$region = undef,
) {}
class platform::smapi::haproxy
inherits ::platform::smapi::params {
include ::platform::params
include ::platform::haproxy::params
platform::haproxy::proxy { 'sm-api-internal':
server_name => 's-smapi-internal',
public_ip_address => $::platform::haproxy::params::private_ip_address,
public_port => $port,
public_api => false,
private_ip_address => $bind_ip,
private_port => $port,
}
platform::haproxy::proxy { 'sm-api-public':
server_name => 's-smapi-public',
public_port => $port,
private_port => $port,
}
}
class platform::smapi
inherits ::platform::smapi::params {
if ($::platform::params::init_keystone) {
include ::smapi::keystone::auth
}
include ::platform::params
include ::platform::smapi::haproxy
$bind_host_name = $::platform::params::hostname
file { '/etc/sm-api/sm-api.conf':
ensure => 'present',
content => template('platform/sm-api.conf.erb'),
owner => 'root',
group => 'root',
mode => '0400',
}
}
View Git Blame Copy Permalink