Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Deploy versionless keystone endpoints (for keystone only)"
[apex-tripleo-heat-templates.git] / puppet / services / tripleo-firewall.yaml
diff --git a/puppet/services/tripleo-firewall.yaml b/puppet/services/tripleo-firewall.yaml
index 14965b4..67e14d9 100644 (file)
--- a/puppet/services/tripleo-firewall.yaml
+++ b/puppet/services/tripleo-firewall.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
 
 description: >
   TripleO Firewall settings
@@ -18,11 +18,22 @@ parameters:
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  ManageFirewall:
+    default: true
+    description: Whether to manage IPtables rules.
+    type: boolean
+  PurgeFirewallRules:
+    default: false
+    description: Whether IPtables rules should be purged before setting up the new ones.
+    type: boolean
 
 outputs:
   role_data:
     description: Role data for the TripleO firewall settings
     value:
       service_name: tripleo_firewall
+      config_settings:
+        tripleo::firewall::manage_firewall: {get_param: ManageFirewall}
+        tripleo::firewall::purge_firewall_rules: {get_param: PurgeFirewallRules}
       step_config: |
         include ::tripleo::firewall