summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node/defaults
diff options
context:
space:
mode:
authorKenny Woodson <kwoodson@redhat.com>2017-07-19 08:51:14 -0400
committerKenny Woodson <kwoodson@redhat.com>2017-08-08 10:46:12 -0400
commit4f9b26e8af5890b7960291497020586426e7f1fc (patch)
treeba2dd554f739485a9c2e8654e6af626b54e7a520 /roles/openshift_node/defaults
parent0569c5069dabeea9e2fe94cd097cb6f2b1540867 (diff)
downloadopenshift-4f9b26e8af5890b7960291497020586426e7f1fc.tar.gz
openshift-4f9b26e8af5890b7960291497020586426e7f1fc.tar.bz2
openshift-4f9b26e8af5890b7960291497020586426e7f1fc.tar.xz
openshift-4f9b26e8af5890b7960291497020586426e7f1fc.zip
First attempt at refactor of os_firewall
Diffstat (limited to 'roles/openshift_node/defaults')
-rw-r--r--roles/openshift_node/defaults/main.yml14
1 files changed, 12 insertions, 2 deletions
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index 47073ee0f..52218f683 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -1,14 +1,24 @@
---
-os_firewall_allow:
+r_openshift_node_os_firewall_deny: []
+r_openshift_node_os_firewall_allow:
- service: Kubernetes kubelet
port: 10250/tcp
+ cond: true
- service: http
port: 80/tcp
+ cond: true
- service: https
port: 443/tcp
+ cond: true
- service: OpenShift OVS sdn
port: 4789/udp
when: openshift.common.use_openshift_sdn | default(true) | bool
- service: Calico BGP Port
port: 179/tcp
- when: openshift.common.use_calico | bool
+ cond: "{{ openshift.common.use_calico | bool }}"
+- service: Kubernetes service NodePort TCP
+ port: "{{ openshift_node_port_range | default('') }}/tcp"
+ cond: "{{ openshift_node_port_range is defined }}"
+- service: Kubernetes service NodePort UDP
+ port: "{{ openshift_node_port_range | default('') }}/udp"
+ cond: "{{ openshift_node_port_range is defined }}"