Skip to content

Commit

Permalink
Disable firewall on gateway
Browse files Browse the repository at this point in the history 
Flush all iptables rules on the gateway at the end of orchestrate

PNDA-4765
  • Loading branch information
@jeclarke
jeclarke committed Aug 10, 2018
1 parent ddf768a commit 2f65aaf
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 0 deletions.
8 changes: 8 additions & 0 deletions salt/firewall/clear.sls
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
firewall-flush:
iptables.flush

firewall-disable-saved-rules:
file.replace:
- name: /etc/rc.local
- pattern: '^(.*)iptables.conf(.*)'
- repl: ''
8 changes: 8 additions & 0 deletions salt/orchestrate/pnda.sls
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,14 @@ orchestrate-pnda-haproxy:
- timeout: 120
- queue: True

orchestrate-pnda-install_clear_fw:
salt.state:
- tgt: 'G@pnda_cluster:{{pnda_cluster}} and ( G@roles:haproxy or G@roles:knox )'
- tgt_type: compound
- sls: firewall.clear
- timeout: 120
- queue: True

orchestrate-pnda-install_remove_new_node_markers:
salt.state:
- tgt: 'G@pnda_cluster:{{pnda_cluster}}'
Expand Down

0 comments on commit 2f65aaf

Please sign in to comment.