Enable firewall by default on the overcloud
We firewall the undercloud, which is only listening on the
provisioning network anyway, but our default settings leave the
overcloud, which needs to be publicly accessible (for a
deployment-specific definition of "public"), wide open. This
seems like a bad default.
Anyone who is deploying additional services can either open the
firewall ports themselves as part of the deployment or can set the
ManageFirewall param to false.
Change-Id: I3731a0a7bc4be94c8e7a289c90d304599634e928
Code Review / apex-tripleo-heat-templates.git / commit