Update base playbook to not set rootpw on releng and add accel stuff in iptables for releng.

roles/base/tasks/main.yml

@@ -30,7 +30,7 @@
   user: name=root password={{ rootpw }} state=present
   tags:
   - rootpw
-  when: not inventory_hostname.startswith('build')
+  when: not inventory_hostname.startswith('build') or not inventory_hostname.startswith('releng')
 
 - name: add ansible root key 
   authorized_key: user=root key="{{ item }}"

roles/base/templates/iptables/iptables.releng

@@ -42,6 +42,10 @@ COMMIT
 -A INPUT -p tcp -m tcp -s 192.168.100.0/24 --dport 22 -j REJECT --reject-with tcp-reset
 -A INPUT -p tcp -m tcp  --dport 22 -j ACCEPT 
 
+# for fireball mode - allow port 5099 from lockbox and it's ips
+-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.126.23 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.127.51 -j ACCEPT
+
 # Allow all netapp traffic
 -A INPUT -p udp -m udp -s 10.5.88.36 -j ACCEPT
 -A INPUT -p tcp -m tcp -s 10.5.88.36 -j ACCEPT