Add iptables rule for zookeeper on nodepool.o.o

We need to allow access to zookeeper from nb01.o.o.

Change-Id: I03fb205544fb27253c6227823858ed92cea9b258
Signed-off-by: Paul Belanger <pabelanger@redhat.com>

manifests/site.pp

@@ -830,7 +830,14 @@ node 'nodepool.openstack.org' {
   $entercloud_username = hiera('nodepool_entercloud_username', 'username')
   $entercloud_password = hiera('nodepool_entercloud_password')
   $clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb")
+
+  $zk_receivers = ['nb01.openstack.org']
+  $zk_iptables_rule = regsubst($zk_receivers,
+                               '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 2181 -s \1 -j ACCEPT')
+  $iptables_rule = flatten([$zk_iptables_rule])
   class { 'openstack_project::server':
+    iptables_rules6           => $iptables_rule,
+    iptables_rules4           => $iptables_rule,
     sysadmins                 => hiera('sysadmins', []),
     iptables_public_tcp_ports => [80],
   }