From 33448be976c7a2110fc803a0aa92bb57cb3a9b08 Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Tue, 17 May 2016 17:40:44 -0400 Subject: [PATCH] Enable tcp/8088 on jenkins slaves We are enabling tcp/8088 specifically for zuul v2.5. This will allow a user to telnet jenkins.slave.fqdn 8088 to stream the logs on the remote host. Change-Id: Iaf0e12ebe6dfcd30a88021a4d313284dae445ee8 Signed-off-by: Paul Belanger --- .../openstack_project/manifests/single_use_slave.pp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/modules/openstack_project/manifests/single_use_slave.pp b/modules/openstack_project/manifests/single_use_slave.pp index eb0e64b400..bd359479b6 100644 --- a/modules/openstack_project/manifests/single_use_slave.pp +++ b/modules/openstack_project/manifests/single_use_slave.pp @@ -21,12 +21,12 @@ class openstack_project::single_use_slave ( $project_config_repo = 'https://git.openstack.org/openstack-infra/project-config', ) inherits openstack_project { class { 'openstack_project::template': - certname => $certname, - automatic_upgrades => $automatic_upgrades, - install_users => $install_users, - install_resolv_conf => $install_resolv_conf, - enable_unbound => $enable_unbound, - iptables_rules4 => + certname => $certname, + automatic_upgrades => $automatic_upgrades, + install_users => $install_users, + install_resolv_conf => $install_resolv_conf, + enable_unbound => $enable_unbound, + iptables_rules4 => [ # Ports 69 and 6385 allow to allow ironic VM nodes to reach tftp and # the ironic API from the neutron public net @@ -39,6 +39,7 @@ class openstack_project::single_use_slave ( '-p tcp --dport 8004 -s 172.24.4.0/23 -j ACCEPT', '-m limit --limit 2/min -j LOG --log-prefix "iptables dropped: "', ], + iptables_public_tcp_ports => [8088], } class { 'jenkins::slave': ssh_key => $ssh_key,