This change introduces new variables to define the firewall rules for
haproxy frontend.
When an API service is enabled, we should add proper firewall rule not
only in the node where the API service is running, but also in
the loadbalancer node where haproxy is running, otherwise the frontend
port in haproxy is not accessible.
Reviewed: https:/ /review. opendev. org/c/openstack /tripleo- ansible/ +/839738 /opendev. org/openstack/ tripleo- ansible/ commit/ 3267287fab46c83 8a3c1b851cd8446 a2c6fde0cb
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/wallaby
commit 3267287fab46c83 8a3c1b851cd8446 a2c6fde0cb
Author: Takashi Kajinami <email address hidden>
Date: Thu Mar 3 00:16:19 2022 +0900
tripleo_ firewall: Allow injecting frontend rules
This change introduces new variables to define the firewall rules for
haproxy frontend.
When an API service is enabled, we should add proper firewall rule not
only in the node where the API service is running, but also in
the loadbalancer node where haproxy is running, otherwise the frontend
port in haproxy is not accessible.
The new variables are used once [1] is merged.
[1] https:/ /review. opendev. org/c/openstack /tripleo- heat-templates/ +/831549
Related-Bug: #1961799 77166b296178b9b 0622263998d b233ea6821ef366 601e557558)
Change-Id: I9d79df8a8d0eaf
(cherry picked from commit f2760f5de319c07