diff --git a/reproducer.yml b/reproducer.yml index 2ca9310f32..7ac0960169 100644 --- a/reproducer.yml +++ b/reproducer.yml @@ -61,10 +61,3 @@ roles: - role: ci_setup - role: reproducer - - post_tasks: - - name: Allow traffic from OSP VMs to OSP API (needed for shiftstack) - become: true - when: cifmw_allow_vms_to_reach_osp_api | default ('false') | bool - ansible.builtin.command: # noqa: command-instead-of-module - cmd: iptables -I LIBVIRT_FWI 1 -o ocpbm -j ACCEPT diff --git a/roles/libvirt_manager/tasks/generate_networking_data.yml b/roles/libvirt_manager/tasks/generate_networking_data.yml index 65288ffbe9..a2bf58d01f 100644 --- a/roles/libvirt_manager/tasks/generate_networking_data.yml +++ b/roles/libvirt_manager/tasks/generate_networking_data.yml @@ -287,3 +287,9 @@ - name: Ensure dnsmasq is reloaded now ansible.builtin.meta: flush_handlers # END inject reserved IPs + +- name: Allow traffic from OSP VMs to OSP API (needed for shiftstack) + become: true + when: cifmw_libvirt_manager_allow_ocp_traffic | default ('false') | bool + ansible.builtin.command: # noqa: command-instead-of-module + cmd: iptables -I LIBVIRT_FWI 1 -o ocpbm -j ACCEPT diff --git a/scenarios/reproducers/dt-osasinfra.yml b/scenarios/reproducers/dt-osasinfra.yml index d8a81261e5..4c0dfd15ce 100644 --- a/scenarios/reproducers/dt-osasinfra.yml +++ b/scenarios/reproducers/dt-osasinfra.yml @@ -38,7 +38,7 @@ cifmw_ceph_spec_public_network: "{{ cifmw_networking_definition.networks.ctlplan # # cifmw_deploy_architecture_stopper: -cifmw_allow_vms_to_reach_osp_api: true +cifmw_libvirt_manager_allow_ocp_traffic: true cifmw_networking_mapper_definition_patches_01: networks: tenant: