summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLénaïc Huard <lhuard@amadeus.com>2016-07-12 17:57:31 +0200
committerLénaïc Huard <lhuard@amadeus.com>2016-07-12 17:57:31 +0200
commit78b5412ff90189dba8c784238dfed4d1620d585b (patch)
tree17cb79cac04a9f8920be3493caacd1fc05705115
parent8d5093659acb2947fe1734ff2035073a091d3647 (diff)
downloadopenshift-78b5412ff90189dba8c784238dfed4d1620d585b.tar.gz
openshift-78b5412ff90189dba8c784238dfed4d1620d585b.tar.bz2
openshift-78b5412ff90189dba8c784238dfed4d1620d585b.tar.xz
openshift-78b5412ff90189dba8c784238dfed4d1620d585b.zip
Re-align the OpenStack firewall rules with the iptables rules
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack.yaml30
1 files changed, 30 insertions, 0 deletions
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
index 422e6dafe..2d0098784 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
@@ -280,6 +280,10 @@ resources:
port_range_max: 8443
- direction: ingress
protocol: tcp
+ port_range_min: 8444
+ port_range_max: 8444
+ - direction: ingress
+ protocol: tcp
port_range_min: 53
port_range_max: 53
- direction: ingress
@@ -302,6 +306,22 @@ resources:
protocol: udp
port_range_min: 24224
port_range_max: 24224
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 2224
+ port_range_max: 2224
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5404
+ port_range_max: 5404
+ - direction: ingress
+ protocol: udp
+ port_range_min: 5405
+ port_range_max: 5405
+ - direction: ingress
+ protocol: tcp
+ port_range_min: 9090
+ port_range_max: 9090
etcd-secgrp:
type: OS::Neutron::SecurityGroup
@@ -359,6 +379,16 @@ resources:
port_range_max: 10250
remote_mode: remote_group_id
- direction: ingress
+ protocol: tcp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
+ protocol: udp
+ port_range_min: 10255
+ port_range_max: 10255
+ remote_mode: remote_group_id
+ - direction: ingress
protocol: udp
port_range_min: 4789
port_range_max: 4789