[MediaWiki-commits] [Gerrit] operations/puppet[production]: Labs puppetmaster: Allow api calls from the designate host

Mon, 19 Jun 2017 10:22:25 -0700 

Andrew Bogott has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/359959 )

Change subject: Labs puppetmaster:  Allow api calls from the designate host
......................................................................


Labs puppetmaster:  Allow api calls from the designate host

Bug: T147878
Change-Id: I799cff0d83df4ea5c643da9bc212c3418c01ac68
---
M modules/role/manifests/labs/puppetmaster.pp
1 file changed, 2 insertions(+), 1 deletion(-)

Approvals:
  Andrew Bogott: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/role/manifests/labs/puppetmaster.pp 
b/modules/role/manifests/labs/puppetmaster.pp
index 3833308..35f1f83 100644
--- a/modules/role/manifests/labs/puppetmaster.pp
+++ b/modules/role/manifests/labs/puppetmaster.pp
@@ -13,6 +13,7 @@
     $labs_instance_range = $novaconfig['fixed_range']
     $horizon_host = hiera('labs_horizon_host')
     $horizon_host_ip = ipresolve(hiera('labs_horizon_host'), 4)
+    $designate_host_ip = ipresolve(hiera('labs_designate_hostname'), 4)
     # Only allow puppet access from the instances
     $allow_from = flatten([$labs_instance_range, '208.80.154.14', 
'208.80.155.119', '208.80.153.74', $horizon_host_ip, $labs_metal])
 
@@ -45,7 +46,7 @@
             rule => "saddr (${labs_vms} ${labs_metal} ${monitoring} 
${horizon_host_ip}) proto tcp dport 8140 ACCEPT;",
         },
         puppetbackend => {
-            rule => "saddr (${horizon_host_ip}) proto tcp dport 8101 ACCEPT;",
+            rule => "saddr (${horizon_host_ip} ${designate_host_ip}) proto tcp 
dport 8101 ACCEPT;",
         },
         puppetbackendgetter => {
             rule => "saddr (${labs_vms} ${labs_metal} ${monitoring} 
${horizon_host_ip}) proto tcp dport 8100 ACCEPT;",

-- 
To view, visit https://gerrit.wikimedia.org/r/359959
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I799cff0d83df4ea5c643da9bc212c3418c01ac68
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to