summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason DeTiberus <detiber@gmail.com>2016-07-12 13:20:17 -0400
committerGitHub <noreply@github.com>2016-07-12 13:20:17 -0400
commit21fcfdbbafc138ccc8e648b4134f9352df38da51 (patch)
treeb664c7743cc2b39b741637f9e9d2e3c0564a8527
parenta6808a999e8f5a46a9efe099d20180e827ca1a5c (diff)
parent78b5412ff90189dba8c784238dfed4d1620d585b (diff)
downloadopenshift-21fcfdbbafc138ccc8e648b4134f9352df38da51.tar.gz
openshift-21fcfdbbafc138ccc8e648b4134f9352df38da51.tar.bz2
openshift-21fcfdbbafc138ccc8e648b4134f9352df38da51.tar.xz
openshift-21fcfdbbafc138ccc8e648b4134f9352df38da51.zip
Merge pull request #2142 from lhuard1A/fix_openstack_firewall
Re-align the OpenStack firewall rules with the iptables rules
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack.yaml30
1 files changed, 30 insertions, 0 deletions
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
index 422e6dafe..2d0098784 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
@@ -280,6 +280,10 @@ resources:
port_range_max: 8443
- direction: ingress
protocol: tcp
+ port_range_min: 8444
+ port_range_max: 8444
+ - direction: ingress
+ protocol: tcp
port_range_min: 53
port_range_max: 53
- direction: ingress
@@ -302,6 +306,22 @@ resources:
protocol: udp
port_range_min: 24224
port_range_max: 24224
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2224
+ port_range_max: 2224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5404
+ port_range_max: 5404
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5405
+ port_range_max: 5405
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 9090
+ port_range_max: 9090
etcd-secgrp:
type: OS::Neutron::SecurityGroup
@@ -359,6 +379,16 @@ resources:
port_range_max: 10250
remote_mode: remote_group_id
- direction: ingress
+ protocol: tcp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
protocol: udp
port_range_min: 4789
port_range_max: 4789