summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node/meta
diff options
context:
space:
mode:
authorJason DeTiberus <detiber@gmail.com>2016-06-01 14:38:27 -0400
committerJason DeTiberus <detiber@gmail.com>2016-06-01 14:38:27 -0400
commitc4c6685855a9dc6b4c698465b799c72d6a4f13bd (patch)
tree96372201e3dab7e2dd91612bbdec72fcbe84e4e9 /roles/openshift_node/meta
parent54186e0e5022a827e6ffdeaffabcb5403bebe6e6 (diff)
parent4b347b84711fdf0906fa3a270f51c38c23fe247e (diff)
downloadopenshift-c4c6685855a9dc6b4c698465b799c72d6a4f13bd.tar.gz
openshift-c4c6685855a9dc6b4c698465b799c72d6a4f13bd.tar.bz2
openshift-c4c6685855a9dc6b4c698465b799c72d6a4f13bd.tar.xz
openshift-c4c6685855a9dc6b4c698465b799c72d6a4f13bd.zip
Merge pull request #1968 from abutcher/os-firewall-eval
[v2] Move os_firewall_allow from defaults to role dependencies.
Diffstat (limited to 'roles/openshift_node/meta')
-rw-r--r--roles/openshift_node/meta/main.yml15
1 files changed, 14 insertions, 1 deletions
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index 31547b846..97ab8241b 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -19,4 +19,17 @@ dependencies:
- role: openshift_node_dnsmasq
when: openshift.common.use_dnsmasq
- role: os_firewall
-
+ os_firewall_allow:
+ - service: Kubernetes kubelet
+ port: 10250/tcp
+ - service: http
+ port: 80/tcp
+ - service: https
+ port: 443/tcp
+ - service: Openshift kubelet ReadOnlyPort
+ port: 10255/tcp
+ - service: Openshift kubelet ReadOnlyPort udp
+ port: 10255/udp
+ - service: OpenShift OVS sdn
+ port: 4789/udp
+ when: openshift.node.use_openshift_sdn | bool