Code Review / apex-puppet-tripleo.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 9b22f9f) | patch
Implement firewalling in tripleo::firewall
authorYanis Guenane <yguenane@redhat.com>
Wed, 15 Jul 2015 09:58:46 +0000 (11:58 +0200)
committerYanis Guenane <yguenane@redhat.com>
Wed, 15 Jul 2015 09:58:46 +0000 (11:58 +0200)
commitc59650772c8d7d2e84a19782ef8d53cec02deb9b
treeaec45b9a2d425ee6bac3815a60a5171cc0d25d3btree | snapshot
parent9b22f9f4ddfd511d19f3e34d7be70092a79d18d7commit | diff
Implement firewalling in tripleo::firewall

Currently firewalling is implemented in tripleo/init.pp this commit
moves it to its own scope tripleo/firewall.pp.

This is done so that in tripleo-heat-templates we can have a simple and
generic `include tripleo::firewall` in every manifest - unconditional.
The rest of the behavior will all be managed by hiera.

If a user wants to enable firewalling:

```
tripleo::firewall::manage_firewall: true
```

If a user wants to specify firewall rules:

```
tripleo::firewall::firewall_rules:
  '103 mongod':
    port: 27017
```

Change-Id: I144c60db2a568a94dce5b51257f1d10980173325
manifests/firewall.pp [new file with mode: 0644] blob
manifests/init.pp diff | blob | history
spec/classes/tripleo_firewall_spec.rb [new file with mode: 0644] blob
spec/classes/tripleo_init_spec.rb diff | blob | history