Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

openqa tap: handle eth2 in the custom firewall rules too

Browse source 
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
Adam Williamson 2017-09-09 11:40:23 -07:00
parent cac1fb41ab
commit 07975eb7e9
1 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
inventory/group_vars/openqa-tap-workers
View file

@ -5,14 +5,16 @@ openqa_tap: true
host_group: openqa-tap-workers
# firewall rules to allow openQA openvswitch guests to communicate
# eth0 for x86_64 worker hosts, eth2 for ppc64 worker host
custom_rules: [
'-A FORWARD -i br0 -j ACCEPT',
'-A FORWARD -m state -i eth0 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
'-A FORWARD -m state -i eth2 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
'-A INPUT -i br0 -j ACCEPT'
]
# we do stuff with ifcfg that base doesn't understand. terrible, terrible
# stuff. seriously - it doesn't handle the openvswitch config well. so
# let's tell it to just configure eth0 for us and leave everything else
# alone.
ansible_ifcfg_whitelist: ['eth0']
# let's tell it to just configure eth0 (and eth2, for ppc64) for us and
# leave everything else alone.
ansible_ifcfg_whitelist: ['eth0', 'eth2']