network, fwdriver: open VXLAN port

85ebd927 · Czémán Arnold · cloud · f27951e6 · 85ebd927 · 85ebd927
Commit 85ebd927 authored Jul 06, 2016 by Czémán Arnold Committed by cloud Feb 26, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 1 deletions

salt/fwdriver/files/open_ports.sh
+3 -0

salt/network/configuration.sls
+17 -0

salt/network/init.sls
+1 -1

No files found.
--- a/salt/fwdriver/files/open_ports.sh
+++ b/salt/fwdriver/files/open_ports.sh
@@ -30,3 +30,6 @@ ADDRULE="python /home/{{ pillar['user'] }}/circle/circle/manage.py add_rule"
 # NFS server ports
 {{ open_ports(pillar['nfs_server_ports']) }}

+# VXLAN port
+{% set vxlan_port = (pillar["network"]["vxlan_port"], ) %}
+{{ open_ports(vxlan_port) }}
--- a/salt/network/configuration.sls
+++ b/salt/network/configuration.sls
+{% if pillar["deployment_mode"] == "node" %}
+
+{% set vxlan_port =  pillar["network"]["vxlan_port"]["port"] %}
+{% set vxlan_proto = pillar["network"]["vxlan_port"]["proto"] %}
+
+open_vxlan_port:
+  cmd.run:
+    {% if grains['os_family'] == 'RedHat' %}
+    - name: >
+        firewall-cmd --complete-reload ;
+        firewall-cmd --permanent --zone=public --add-port={{ vxlan_port }}/{{ vxlan_proto }} ;
+        firewall-cmd --reload
+    {% else %}
+    - name: ufw allow {{ vxlan_port }}/{{ vxlan_proto }}
+    {% endif %}
+
+{% endif %}
--- a/salt/network/init.sls
+++ b/salt/network/init.sls
 include:
  - openvswitch
-
+  - network.configuration

 ovs-bridge:
  openvswitch_bridge.present: