tripleo

  1. Bug #1765700
  2. Comment #12

Comment 12 for bug 1765700

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to puppet-tripleo (stable/queens)

Reviewed: https://review.openstack.org/563580
Committed: https://git.openstack.org/cgit/openstack/puppet-tripleo/commit/?id=2e66aa9bc2710d62fdacd068afa5ce58c648a0fe
Submitter: Zuul
Branch: stable/queens

commit 2e66aa9bc2710d62fdacd068afa5ce58c648a0fe
Author: Harald Jensås <email address hidden>
Date: Sat Apr 21 13:26:44 2018 +0200

    Firewall: NOT persist ephemetal ironic-inspector rules

    When Ironic Inspector is configured to use the iptables
    pxe_filter driver it uses ephemeral firewall rules. This
    change ensures that these rules are not persisted.

    Ironic Inspector iptables filter driver does not set
    comments on it's rules. This patch use the string:
    '-m comment --comment' to ensure rules created by
    puppet-tripleo firewall is not accidentally removed from
    the persisted firewall rules.

    Change-Id: Ic90804db8dd74fce78169d9857a150d5ebf40cbb
    Related-Bug: #1765700
    (cherry picked from commit 94ca328e5d309a5617043b2944e65df79271e0cd)