f856f3bfaf
In order to get flat networking working correctly we need to create a new veth pair that neutron can use on the host machines. Neutron can take the veth end of this pair for the brq bridge while the other end remains in br-flat allowing communication back to the VM. This also expands the DHCP range for the veth pairs and changes the host_bind_override to use the new veth. Change-Id: I9cd161599ba659890142143d4718420d680d7dca
71 lines
2.0 KiB
YAML
71 lines
2.0 KiB
YAML
---
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
mnaio_host_iptables_rules:
|
|
- table: filter
|
|
chain: INPUT
|
|
protocol: tcp
|
|
match: tcp
|
|
destination_port: 67
|
|
jump: ACCEPT
|
|
- table: filter
|
|
chain: INPUT
|
|
protocol: udp
|
|
match: udp
|
|
destination_port: 67
|
|
jump: ACCEPT
|
|
- table: filter
|
|
chain: INPUT
|
|
protocol: udp
|
|
match: udp
|
|
destination_port: 53
|
|
jump: ACCEPT
|
|
- table: filter
|
|
chain: INPUT
|
|
protocol: udp
|
|
match: udp
|
|
destination_port: 53
|
|
jump: ACCEPT
|
|
- table: filter
|
|
chain: FORWARD
|
|
in_interface: vm-br-dhcp
|
|
jump: ACCEPT
|
|
- table: filter
|
|
chain: FORWARD
|
|
out_interface: vm-br-dhcp
|
|
jump: ACCEPT
|
|
- table: nat
|
|
chain: POSTROUTING
|
|
out_interface: "{{ masquerade_interface | default(default_interface) }}"
|
|
jump: MASQUERADE
|
|
|
|
mnaio_host_iptables_prerouting_ports:
|
|
- host_port: 80
|
|
vm_port: 80
|
|
vm_ip: "{{ hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr'] }}"
|
|
- host_port: 443
|
|
vm_port: 443
|
|
vm_ip: "{{ hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr'] }}"
|
|
- host_port: 2222
|
|
vm_port: 22
|
|
vm_ip: "{{ hostvars[groups['deploy_hosts'][0]]['server_vm_fixed_addr'] }}"
|
|
- host_port: 6080
|
|
vm_port: 6080
|
|
vm_ip: "{{ hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr'] }}"
|
|
- host_port: 6082
|
|
vm_port: 6082
|
|
vm_ip: "{{ hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr'] }}"
|
|
- host_port: 8443
|
|
vm_port: 8443
|
|
vm_ip: "{{ hostvars[groups['loadbalancer_hosts'][0]]['server_vm_fixed_addr'] }}"
|