testing

Author: Alex-Welsh

etc/kayobe/compute.yml

@@ -126,7 +126,7 @@
 # Compute node firewalld configuration.
 
 # Whether to install and enable firewalld.
-compute_firewalld_enabled: false
+compute_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 compute_firewalld_zones: "{{ compute_firewalld_zones_default | union(compute_firewalld_zones_extra) | unique | select }}"
@@ -169,14 +169,14 @@ compute_firewalld_rules_default:
         state: enabled
         zone: "{{ tunnel_net_name | net_zone}}"
         network: "{{ tunnel_net_name }}"
-    enabled: "{{ 'geneve' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types) | bool }}"
+    enabled: "{{ ('geneve' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types)) | bool }}"
   # VXLAN
   - rules:
       - port: 4789/udp
         state: enabled
         zone: "{{ tunnel_net_name | net_zone}}"
         network: "{{ tunnel_net_name }}"
-    enabled: "{{ 'geneve' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types) | bool }}"
+    enabled: "{{ ('vxlan' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types)) | bool }}"
 
 ###############################################################################
 # Compute node host libvirt configuration.

etc/kayobe/controllers.yml

@@ -138,7 +138,7 @@
 # provision_oc_net_name }}).
 
 # Whether to install and enable firewalld.
-controller_firewalld_enabled: false
+controller_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 controller_firewalld_zones: "{{ controller_firewalld_zones_default | union(controller_firewalld_zones_extra) | unique | select }}"
@@ -160,7 +160,7 @@ controller_firewalld_rules: "{{ controller_firewalld_rules_default | selectattr(
 controller_firewalld_rules_extra: []
 controller_firewalld_rules_default:
   # Common
-  - rules: 
+  - rules:
       - service: ssh
         zone: "{{ provision_oc_net_name | net_zone }}"
         network: "{{ provision_oc_net_name }}"
@@ -219,14 +219,14 @@ controller_firewalld_rules_default:
         zone: "{{ tunnel_net_name | net_zone }}"
         network: "{{ tunnel_net_name }}"
         state: enabled
-    enabled: "{{ 'geneve' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types) | bool }}"
+    enabled: "{{ ('geneve' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types)) | bool }}"
   # VXLAN
   - rules:
       - port: 4789/udp
         zone: "{{ tunnel_net_name | net_zone }}"
         network: "{{ tunnel_net_name }}"
         state: enabled
-    enabled: "{{ 'vxlan' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types) | bool }}"
+    enabled: "{{ ('vxlan' in (kolla_neutron_ml2_type_drivers + kolla_neutron_ml2_tenant_network_types)) | bool }}"
   # Octavia
   - rules:
       - port: 5555/udp

etc/kayobe/inventory/group_vars/ansible-control/infra-vm

@@ -3,7 +3,7 @@
 # Infrastructure VM node firewalld configuration.
 
 # Whether to install and enable firewalld.
-infra_vm_firewalld_enabled: false
+infra_vm_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 infra_vm_firewalld_zones: "{{ infra_vm_firewalld_zones_default | union(infra_vm_firewalld_zones_extra) | unique | select }}"

etc/kayobe/inventory/group_vars/wazuh-manager/infra-vm

@@ -6,7 +6,7 @@
 # provision_oc_net_name }}).
 
 # Whether to install and enable firewalld.
-infra_vm_firewalld_enabled: false
+infra_vm_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 infra_vm_firewalld_zones: "{{ infra_vm_firewalld_zones_default | union(infra_vm_firewalld_zones_extra) | unique | select }}"

etc/kayobe/kolla.yml

@@ -365,7 +365,7 @@ kolla_build_customizations: "{{ kolla_build_customizations_common | combine(koll
 
 # Dict mapping Kolla Dockerfile ARG names to their values.
 kolla_build_args:
-  node_exporter_version: "1.5.0" # kolla has 1.4.0
+  node_exporter_version: "1.5.0"  # kolla has 1.4.0
   node_exporter_sha256sum: "af999fd31ab54ed3a34b9f0b10c28e9acee9ef5ac5a5d5edfdde85437db7acbb"
 
 ###############################################################################

etc/kayobe/monitoring.yml

@@ -99,7 +99,7 @@
 # Monitoring node firewalld configuration.
 
 # Whether to install and enable firewalld.
-monitoring_firewalld_enabled: false
+monitoring_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 monitoring_firewalld_zones: "{{ monitoring_firewalld_zones_default | union(monitoring_firewalld_zones_extra) | unique | select }}"

etc/kayobe/seed.yml

@@ -159,7 +159,7 @@ seed_extra_containers: {}
 # provision_oc_net_name }}).
 
 # Whether to install and enable firewalld.
-seed_firewalld_enabled: false
+seed_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 seed_firewalld_zones: "{{ seed_firewalld_zones_default | union(seed_firewalld_zones_extra) | unique | select }}"

etc/kayobe/storage.yml

@@ -134,7 +134,7 @@
 # provision_oc_net_name }}).
 
 # Whether to install and enable firewalld.
-storage_firewalld_enabled: false
+storage_firewalld_enabled: true
 
 # A list of zones to create. Each item is a dict containing a 'zone' item.
 storage_firewalld_zones: "{{ storage_firewalld_zones_default | union(storage_firewalld_zones_extra) | unique | select }}"
@@ -180,7 +180,7 @@ storage_firewalld_default:
         zone: "{{ storage_net_name | net_zone }}"
         network: "{{ storage_net_name }}"
         state: "{{ 'enabled' if 'mons' in group_names else 'disabled' }}"
-    enabled: "{{ stackhpc_enable_ceph | default(false) | bool }}" # Just a random guess
+    enabled: "{{ stackhpc_enable_ceph | default(false) | bool }}"
 
 ###############################################################################
 # Storage node swap configuration.