summaryrefslogtreecommitdiffstats
path: root/roles/os_firewall
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2017-05-10 15:10:32 -0400
committerScott Dodson <sdodson@redhat.com>2017-05-10 15:10:32 -0400
commitcc18aa0edf3a55954c2227c01eee25d12766702a (patch)
treecba62c28f1adde14072599bf4023ee6db3c99818 /roles/os_firewall
parent5a4365e765e16a4401d10f0bd42a7d3e194d4ab0 (diff)
downloadopenshift-cc18aa0edf3a55954c2227c01eee25d12766702a.tar.gz
openshift-cc18aa0edf3a55954c2227c01eee25d12766702a.tar.bz2
openshift-cc18aa0edf3a55954c2227c01eee25d12766702a.tar.xz
openshift-cc18aa0edf3a55954c2227c01eee25d12766702a.zip
Default to iptables on master
We did this in 3.5 but never on master and we never came back to add migration support. So we'll revert this on master and if/when we add migration support we'll switch the default.
Diffstat (limited to 'roles/os_firewall')
-rw-r--r--roles/os_firewall/README.md2
-rw-r--r--roles/os_firewall/defaults/main.yml2
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/os_firewall/README.md b/roles/os_firewall/README.md
index 43db3cc74..e7ef544f4 100644
--- a/roles/os_firewall/README.md
+++ b/roles/os_firewall/README.md
@@ -17,7 +17,7 @@ Role Variables
| Name | Default | |
|---------------------------|---------|----------------------------------------|
-| os_firewall_use_firewalld | True | If false, use iptables |
+| os_firewall_use_firewalld | False | If false, use iptables |
| os_firewall_allow | [] | List of service,port mappings to allow |
| os_firewall_deny | [] | List of service, port mappings to deny |
diff --git a/roles/os_firewall/defaults/main.yml b/roles/os_firewall/defaults/main.yml
index 4c544122f..01859e5fc 100644
--- a/roles/os_firewall/defaults/main.yml
+++ b/roles/os_firewall/defaults/main.yml
@@ -2,6 +2,6 @@
os_firewall_enabled: True
# firewalld is not supported on Atomic Host
# https://bugzilla.redhat.com/show_bug.cgi?id=1403331
-os_firewall_use_firewalld: "{{ False if openshift.common.is_atomic | bool else True }}"
+os_firewall_use_firewalld: "{{ False }}"
os_firewall_allow: []
os_firewall_deny: []