Skip to content

Commit f3656f8

Browse files
paulherboschpaulherbosch
authored
Merge pull request #487 from cultuurnet/feature/UPS-5319
[UPS-5319] Allow incoming ES traffic when remote access is enabled
2 parents 4169a68 + 300a6ef commit f3656f8

File tree

2 files changed

+15
-0
lines changed

2 files changed

+15
-0
lines changed

manifests/elasticsearch.pp

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,9 @@
9191
before => Class['elasticsearch']
9292
}
9393

94+
realize Firewall['600 accept elasticsearch http traffic']
95+
realize Firewall['600 accept elasticsearch cluster traffic']
96+
9497
$es_config = {
9598
'network.host' => [ "${::ipaddress_eth0}", "127.0.0.1" ],
9699
'http.cors.enabled' => true,

manifests/firewall/rules.pp

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,4 +71,16 @@
7171
dport => '2003',
7272
action => 'accept'
7373
}
74+
75+
@firewall { '600 accept elasticsearch http traffic':
76+
proto => 'tcp',
77+
dport => '9200',
78+
action => 'accept'
79+
}
80+
81+
@firewall { '600 accept elasticsearch cluster traffic':
82+
proto => 'tcp',
83+
dport => '9300',
84+
action => 'accept'
85+
}
7486
}

0 commit comments

Comments
 (0)