WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-05-03 04:23:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2bc9ab059f4baab034dafd062dba9dfd50ec2c4e
fedora-infra_ansible/inventory/group_vars/openqa-tap-workers
Adam Williamson a0e93efde2 openQA: tweak ansible_ifcfg_whitelist handling for workers 
As we have more and more tap workers, it's no longer practical
to do this for the whole group, as each one seems to have a
*different* set of interfaces a) present and b) 'active'. So
let's just take it out of the group vars and do it per-host
instead. Each tap worker only actually has *one* real hardware
interface that should be handled by network / NetworkManager,
so we just list that one per-host (it's eth0 for all of them
except the ppc64 host, which is eth2 for some damn reason).

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2018-03-14 12:01:20 -07:00

15 lines
523 B
Plaintext
Raw Blame History

openqa_tap: true
# for iptables rules...maybe other stuff in future? both staging
# and prod workers are in this group
host_group: openqa-tap-workers
# firewall rules to allow openQA openvswitch guests to communicate
# eth0 for x86_64 worker hosts, eth2 for ppc64 worker host
custom_rules: [
'-A FORWARD -i br0 -j ACCEPT',
'-A FORWARD -m state -i eth0 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
'-A FORWARD -m state -i eth2 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
'-A INPUT -i br0 -j ACCEPT'
]
Reference in New Issue View Git Blame Copy Permalink