diff options
author | Mathias Merscher <Mathias.Merscher@dg-i.net> | 2016-10-02 16:31:27 +0200 |
---|---|---|
committer | Mathias Merscher <Mathias.Merscher@dg-i.net> | 2016-10-04 12:47:41 +0200 |
commit | 9f22136fe973f698e079925553793f0b7170552d (patch) | |
tree | 64cc0cd0d3e0b4c60351c7f4b84f77348e0cacb3 | |
parent | a025229edb987afb69d4799c84956821a2c56ecc (diff) | |
download | openshift-9f22136fe973f698e079925553793f0b7170552d.tar.gz openshift-9f22136fe973f698e079925553793f0b7170552d.tar.bz2 openshift-9f22136fe973f698e079925553793f0b7170552d.tar.xz openshift-9f22136fe973f698e079925553793f0b7170552d.zip |
allow networkConfig.ingressIPNetworkCIDRs to be configured
Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
-rw-r--r-- | inventory/byo/hosts.origin.example | 7 | ||||
-rw-r--r-- | inventory/byo/hosts.ose.example | 7 | ||||
-rw-r--r-- | roles/openshift_master/templates/master.yaml.v1.j2 | 3 |
3 files changed, 17 insertions, 0 deletions
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index 3b43b5d0a..4e542fb2c 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -441,6 +441,13 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # your nodes, pods, or service CIDRs for security reasons. #openshift_master_external_ip_network_cidrs=['0.0.0.0/0'] +# IngressIPNetworkCIDR controls the range to assign ingress IPs from for +# services of type LoadBalancer on bare metal. If empty, ingress IPs will not +# be assigned. It may contain a single CIDR that will be allocated from. For +# security reasons, you should ensure that this range does not overlap with +# the CIDRs reserved for external IPs, nodes, pods, or services. +#openshift_master_ingress_ip_network_cidr=172.46.0.0/16 + # Configure number of bits to allocate to each host’s subnet e.g. 8 # would mean a /24 network on the host. #osm_host_subnet_length=8 diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 19519da50..2645d4510 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -440,6 +440,13 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # your nodes, pods, or service CIDRs for security reasons. #openshift_master_external_ip_network_cidrs=['0.0.0.0/0'] +# IngressIPNetworkCIDR controls the range to assign ingress IPs from for +# services of type LoadBalancer on bare metal. If empty, ingress IPs will not +# be assigned. It may contain a single CIDR that will be allocated from. For +# security reasons, you should ensure that this range does not overlap with +# the CIDRs reserved for external IPs, nodes, pods, or services. +#openshift_master_ingress_ip_network_cidr=172.46.0.0/16 + # Configure number of bits to allocate to each host’s subnet e.g. 8 # would mean a /24 network on the host. #osm_host_subnet_length=8 diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index ced3eb76f..b4d4c7067 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -164,6 +164,9 @@ networkConfig: # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.common.portal_net }} externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | to_padded_yaml(1,2) }} +{% if openshift_master_ingress_ip_network_cidr %} + ingressIPNetworkCIDR: {{ openshift_master_ingress_ip_network_cidr }} +{% endif %} oauthConfig: {% if 'oauth_always_show_provider_selection' in openshift.master %} alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }} |