diff options
author | Vasyl Saienko <vsaienko@mirantis.com> | 2017-04-19 19:54:57 +0300 |
---|---|---|
committer | Vasyl Saienko <vsaienko@mirantis.com> | 2017-04-19 19:57:15 +0300 |
commit | 13eff665f0ac1b43480ed06d8fad3ccbb9974e7a (patch) | |
tree | 84f4aa6edafffb179aff1120f5c2a7ec6ffb662b | |
parent | 7f1639e77efb32be280f56983a22485f56e24718 (diff) | |
download | ironic-13eff665f0ac1b43480ed06d8fad3ccbb9974e7a.tar.gz |
[Devstack]: open firewall for ironic api on provision net
For grenade job we need to open firewall on provision network IP on
subnode. This needed for grenade job to setup redirect from primary
node to subnode.
Change-Id: I026121121059768aa74389add7eee6e63fdb214d
-rw-r--r-- | devstack/lib/ironic | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/devstack/lib/ironic b/devstack/lib/ironic index 2292da6e3..4474f6372 100644 --- a/devstack/lib/ironic +++ b/devstack/lib/ironic @@ -1612,6 +1612,8 @@ function configure_iptables { # nodes boot from TFTP and callback to the API server listening on $HOST_IP sudo iptables -I INPUT -d $IRONIC_TFTPSERVER_IP -p udp --dport 69 -j ACCEPT || true sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true + sudo iptables -I INPUT -d $IRONIC_HTTP_SERVER -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true + sudo iptables -I FORWARD -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true if is_deployed_by_agent; then # agent ramdisk gets instance image from swift sudo iptables -I INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true |