From: Stephen Gran Date: Sat, 26 Apr 2014 08:21:51 +0000 (+0100) Subject: fix up firewalls for openstack api X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fdsa-puppet.git;a=commitdiff_plain;h=daa253710eb06ca25b21e8e5d34023d900b332be fix up firewalls for openstack api Signed-off-by: Stephen Gran --- diff --git a/modules/ferm/manifests/per-host.pp b/modules/ferm/manifests/per-host.pp index f87b97cbc..f3af90513 100644 --- a/modules/ferm/manifests/per-host.pp +++ b/modules/ferm/manifests/per-host.pp @@ -21,15 +21,15 @@ class ferm::per-host { description => 'Allow keystone access', rule => '&SERVICE_RANGE(tcp, 5000, ( 5.153.231.240/27 172.29.123.0/24 ))' } - @ferm::rule { 'dsa-keystone2': + @ferm::rule { 'dsa-keystone-admin': description => 'Allow keystone access', rule => '&SERVICE_RANGE(tcp, 35357, ( 5.153.231.240/27 172.29.123.0/24 ))' } - @ferm::rule { 'dsa-glance1': + @ferm::rule { 'dsa-glance-api': description => 'Allow glance access', - rule => '&SERVICE_RANGE(tcp, 9191, ( 5.153.231.240/27 172.29.123.0/24 ))' + rule => '&SERVICE_RANGE(tcp, 9292, ( 5.153.231.240/27 172.29.123.0/24 ))' } - @ferm::rule { 'dsa-glance2': + @ferm::rule { 'dsa-glance-registry': description => 'Allow glance access', rule => '&SERVICE_RANGE(tcp, 9191, ( 5.153.231.240/27 172.29.123.0/24 ))' } @@ -37,7 +37,7 @@ class ferm::per-host { description => 'Allow glance access', rule => '&SERVICE_RANGE(tcp, 9696, ( 5.153.231.240/27 172.29.123.0/24 ))' } - @ferm::rule { 'dsa-nova1': + @ferm::rule { 'dsa-nova-ec2': description => 'Allow nova access', rule => '&SERVICE_RANGE(tcp, 8773, ( 5.153.231.240/27 172.29.123.0/24 ))' } @@ -45,7 +45,7 @@ class ferm::per-host { description => 'Allow nova access', rule => '&SERVICE_RANGE(tcp, 8774, ( 5.153.231.240/27 172.29.123.0/24 ))' } - @ferm::rule { 'dsa-nova3': + @ferm::rule { 'dsa-nova-metadata': description => 'Allow nova access', rule => '&SERVICE_RANGE(tcp, 8775, ( 5.153.231.240/27 172.29.123.0/24 ))' }