summaryrefslogtreecommitdiffstats
path: root/pillar
diff options
context:
space:
mode:
authorGeorg Pfuetzenreuter2023-02-12 06:04:16 +0100
committerGeorg Pfuetzenreuter2023-02-12 06:04:16 +0100
commitc5ce94d7b5217265cc50b6aa98a2074f4885d5eb (patch)
treed706daba5d59783034d5215a313f044669110e5b /pillar
parentbef66c1f8a5500a24ae41286c3f377c07f47cd30 (diff)
downloadsalt-c5ce94d7b5217265cc50b6aa98a2074f4885d5eb.tar.gz
salt-c5ce94d7b5217265cc50b6aa98a2074f4885d5eb.tar.bz2
salt-c5ce94d7b5217265cc50b6aa98a2074f4885d5eb.zip
Manage backend firewall zoneimport-denc-webcluster
Configure backend firewall zones if applicable. Allow all UDP for cluster traffic. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Diffstat (limited to 'pillar')
-rw-r--r--pillar/global/init.sls4
-rw-r--r--pillar/role/ha-node.sls3
2 files changed, 7 insertions, 0 deletions
diff --git a/pillar/global/init.sls b/pillar/global/init.sls
index 5b174bf..c35306c 100644
--- a/pillar/global/init.sls
+++ b/pillar/global/init.sls
@@ -26,6 +26,10 @@ firewalld:
public:
short: Public
{{ firewall_interfaces(public) }}
+ {%- if backend | length %}
+ backend:
+ {{ firewall_interfaces(backend) }}
+ {%- endif %}
{%- endif %}
mine_functions:
diff --git a/pillar/role/ha-node.sls b/pillar/role/ha-node.sls
index d52076a..137e1af 100644
--- a/pillar/role/ha-node.sls
+++ b/pillar/role/ha-node.sls
@@ -3,3 +3,6 @@ firewalld:
internal:
services:
- vrrp
+ backend:
+ protocols:
+ - udp