Puppet Class: profile::base::firewall

Defined in:
modules/profile/manifests/base/firewall.pp

Overview

Temporary solution until someone has input about what to do with base::firewall

Parameters:

  • monitoring_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('monitoring_hosts', {default_value => []}))
  • cumin_masters (Array[Stdlib::IP::Address]) (defaults to: lookup('cumin_masters', {default_value => []}))
  • bastion_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('bastion_hosts', {default_value => []}))
  • cache_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('cache_hosts', {default_value => []}))
  • kafka_brokers_main (Array[Stdlib::IP::Address]) (defaults to: lookup('kafka_brokers_main', {default_value => []}))
  • kafka_brokers_analytics (Array[Stdlib::IP::Address]) (defaults to: lookup('kafka_brokers_analytics', {default_value => []}))
  • kafka_brokers_jumbo (Array[Stdlib::IP::Address]) (defaults to: lookup('kafka_brokers_jumbo', {default_value => []}))
  • kafka_brokers_logging (Array[Stdlib::IP::Address]) (defaults to: lookup('kafka_brokers_logging', {default_value => []}))
  • zookeeper_hosts_main (Array[Stdlib::IP::Address]) (defaults to: lookup('zookeeper_hosts_main', {default_value => []}))
  • druid_public_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('druid_public_hosts', {default_value => []}))
  • labstore_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('labstore_hosts', {default_value => []}))
  • mysql_root_clients (Array[Stdlib::IP::Address]) (defaults to: lookup('mysql_root_clients', {default_value => []}))
  • deployment_hosts (Array[Stdlib::IP::Address]) (defaults to: lookup('deployment_hosts', {default_value => []}))
  • enable_logging (Boolean) (defaults to: lookup('profile::base::firewall::enable_logging'))
  • block_abuse_nets (Boolean) (defaults to: lookup('profile::base::firewall::block_abuse_nets'))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# File 'modules/profile/manifests/base/firewall.pp', line 2

class profile::base::firewall (
    Array[Stdlib::IP::Address] $monitoring_hosts        = lookup('monitoring_hosts',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $cumin_masters           = lookup('cumin_masters',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $bastion_hosts           = lookup('bastion_hosts',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $cache_hosts             = lookup('cache_hosts',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $kafka_brokers_main      = lookup('kafka_brokers_main',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $kafka_brokers_analytics = lookup('kafka_brokers_analytics',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $kafka_brokers_jumbo     = lookup('kafka_brokers_jumbo',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $kafka_brokers_logging   = lookup('kafka_brokers_logging',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $zookeeper_hosts_main    = lookup('zookeeper_hosts_main',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $druid_public_hosts      = lookup('druid_public_hosts',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $labstore_hosts          = lookup('labstore_hosts',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $mysql_root_clients      = lookup('mysql_root_clients',
                                                                {default_value => []}),
    Array[Stdlib::IP::Address] $deployment_hosts        = lookup('deployment_hosts',
                                                                {default_value => []}),
    Boolean                    $enable_logging   = lookup('profile::base::firewall::enable_logging'),
    Boolean                    $block_abuse_nets = lookup('profile::base::firewall::block_abuse_nets'),
) {
    class { '::base::firewall':
        monitoring_hosts        => $monitoring_hosts,
        cumin_masters           => $cumin_masters,
        bastion_hosts           => $bastion_hosts,
        cache_hosts             => $cache_hosts,
        kafka_brokers_main      => $kafka_brokers_main,
        kafka_brokers_analytics => $kafka_brokers_analytics,
        kafka_brokers_jumbo     => $kafka_brokers_jumbo,
        kafka_brokers_logging   => $kafka_brokers_logging,
        zookeeper_hosts_main    => $zookeeper_hosts_main,
        druid_public_hosts      => $druid_public_hosts,
        labstore_hosts          => $labstore_hosts,
        mysql_root_clients      => $mysql_root_clients,
        deployment_hosts        => $deployment_hosts,
        block_abuse_nets        => $block_abuse_nets,
    }
    if $enable_logging {
        include profile::base::firewall::log
    }
}