Browse Source

no firewall rule between nodes

Emmanuel Garette 2 months ago
parent
commit
8ce8a16a0b
2 changed files with 7 additions and 0 deletions
  1. 2
    0
      dicos/29_one-master.xml
  2. 5
    0
      tmpl/60-one

+ 2
- 0
dicos/29_one-master.xml View File

@@ -7,6 +7,7 @@
7 7
         <file filelist='onesinglenode' name='/etc/one/sched.conf' rm='True'/>
8 8
         <file filelist='onesinglenode' name='/var/lib/one/remotes/etc/vnm/OpenNebulaNetwork.conf' rm='True' mkdir='True'/>
9 9
         <file filelist='onesinglenode' name='/etc/one/auth/ldap_auth.conf'/>
10
+        <file filelist='one_ha' name='/usr/share/eole/bastion/data/60-one' mode='755'/>
10 11
 
11 12
         <service>opennebula</service>
12 13
         <service>opennebula-scheduler</service>
@@ -233,6 +234,7 @@
233 234
             <target type='variable'>one_vip</target>
234 235
             <target type='variable'>one_vip_mask</target>
235 236
             <target type='service_accesslist'>sunstone_xmlrpc</target>
237
+            <target type='filelist'>one_ha</target>
236 238
         </condition>
237 239
 
238 240
         <fill name='calc_val' target='one_vip_mask'>

+ 5
- 0
tmpl/60-one View File

@@ -0,0 +1,5 @@
1
+#!/bin/bash
2
+
3
+%for %%host in %%one_nodes
4
+/sbin/iptables -A eth%%{one_node_int}-root -s %%host -p tcp --syn -j ACCEPT
5
+%end for