Merge "Adds Firewall rules for cinder access."

packstack/plugins/cinder_250.py

@@ -363,4 +363,10 @@ def create_manifest(config):
     if config['CONFIG_CEILOMETER_INSTALL'] == 'y':
         manifestdata += getManifestTemplate('cinder_ceilometer.pp')
 
+    hosts = config['CONFIG_NOVA_COMPUTE_HOSTS'].split(",")
+    config['FIREWALL_ALLOWED'] = ",".join(["'%s'" % i.strip() for i in hosts if i.strip()])
+    config['FIREWALL_SERVICE_NAME'] = "cinder"
+    config['FIREWALL_PORTS'] = "'3260', '8776'"
+    manifestdata += getManifestTemplate("firewall.pp")
+
     appendManifestFile(manifestfile, manifestdata)

packstack/puppet/templates/cinder.pp

@@ -31,8 +31,4 @@ class {'cinder::volume::iscsi':
     iscsi_ip_address => '%(CONFIG_CINDER_HOST)s'
 }
 
-firewall { '001 cinder incoming':
-    proto    => 'tcp',
-    dport    => ['3260', '8776'],
-    action   => 'accept',
-}
+