From: Martin Zobel-Helas <zobel@debian.org>
Date: Fri, 18 Apr 2014 18:33:34 +0000 (+0200)
Subject: open firewall ports on oyens
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=b3778507231415f03bf709d3337019a18e15f56a;p=mirror%2Fdsa-puppet.git

open firewall ports on oyens

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
---

diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp
index 54e05b8ca..45293401a 100644
--- a/modules/ferm/manifests/per-host.pp
+++ b/modules/ferm/manifests/per-host.pp
@@ -14,9 +14,25 @@ class ferm::per-host {
 	case $::hostname {
 		oyens: {
 			@ferm::rule { 'dsa-amqp':
-				description     => 'Allow upsmon access',
+				description     => 'Allow rabbitmq access',
 				rule            => '&SERVICE_RANGE(tcp, 5672, ( 5.153.231.240/27 172.29.123.0/24 ))'
 			}
+			@ferm::rule { 'dsa-keystone':
+				description     => 'Allow keystone access',
+				rule            => '&SERVICE_RANGE(tcp, 5000, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-keystone2':
+				description     => 'Allow keystone access',
+				rule            => '&SERVICE_RANGE(tcp, 35357, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-glance':
+				description     => 'Allow glance access',
+				rule            => '&SERVICE_RANGE(tcp, 9292, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
+			@ferm::rule { 'dsa-nova':
+				description     => 'Allow nova access',
+				rule            => '&SERVICE_RANGE(tcp, 8774, ( 5.153.231.240/27 172.29.123.0/24 ))'
+			}
 		}
 	}
 	case $::hostname {