diff options
author | Tomas Sedovic <tomas@sedovic.cz> | 2017-10-27 17:59:44 +0200 |
---|---|---|
committer | Tomas Sedovic <tomas@sedovic.cz> | 2017-11-07 14:35:46 +1100 |
commit | 94413931c26e47fd9acd3c0d20bbcfd1704755d1 (patch) | |
tree | f34cf477a608dadaf544a25b808597085fc9c53e /playbooks/openstack/openshift-cluster/post-install.yml | |
parent | b1e4629ae3e86c59503ac29a781a62a8e75c14f2 (diff) | |
download | openshift-94413931c26e47fd9acd3c0d20bbcfd1704755d1.tar.gz openshift-94413931c26e47fd9acd3c0d20bbcfd1704755d1.tar.bz2 openshift-94413931c26e47fd9acd3c0d20bbcfd1704755d1.tar.xz openshift-94413931c26e47fd9acd3c0d20bbcfd1704755d1.zip |
Remove the post-install and scale-up playbooks
They're not necessary for the initial PR so let's add them properly
later.
Diffstat (limited to 'playbooks/openstack/openshift-cluster/post-install.yml')
-rw-r--r-- | playbooks/openstack/openshift-cluster/post-install.yml | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/playbooks/openstack/openshift-cluster/post-install.yml b/playbooks/openstack/openshift-cluster/post-install.yml deleted file mode 100644 index 7b1744a18..000000000 --- a/playbooks/openstack/openshift-cluster/post-install.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- hosts: OSEv3 - gather_facts: False - become: True - tasks: - - name: Save iptables rules to a backup file - when: openshift_use_flannel|default(False)|bool - shell: iptables-save > /etc/sysconfig/iptables.orig-$(date +%Y%m%d%H%M%S) - -# Enable iptables service on app nodes to persist custom rules (flannel SDN) -# FIXME(bogdando) w/a https://bugzilla.redhat.com/show_bug.cgi?id=1490820 -- hosts: app - gather_facts: False - become: True - vars: - os_firewall_allow: - - service: dnsmasq tcp - port: 53/tcp - - service: dnsmasq udp - port: 53/udp - tasks: - - when: openshift_use_flannel|default(False)|bool - block: - - include_role: - name: os_firewall - - include_role: - name: lib_os_firewall - - name: set allow rules for dnsmasq - os_firewall_manage_iptables: - name: "{{ item.service }}" - action: add - protocol: "{{ item.port.split('/')[1] }}" - port: "{{ item.port.split('/')[0] }}" - with_items: "{{ os_firewall_allow }}" - -- hosts: OSEv3 - gather_facts: False - become: True - tasks: - - name: Apply post-install iptables hacks for Flannel SDN (the best effort) - when: openshift_use_flannel|default(False)|bool - block: - - name: set allow/masquerade rules for for flannel/docker - shell: >- - (iptables-save | grep -q custom-flannel-docker-1) || - iptables -A DOCKER -w - -p all -j ACCEPT - -m comment --comment "custom-flannel-docker-1"; - (iptables-save | grep -q custom-flannel-docker-2) || - iptables -t nat -A POSTROUTING -w - -o {{flannel_interface|default('eth1')}} - -m comment --comment "custom-flannel-docker-2" - -j MASQUERADE - - # NOTE(bogdando) the rules will not be restored, when iptables service unit is disabled & masked - - name: Persist in-memory iptables rules (w/o dynamic KUBE rules) - shell: iptables-save | grep -v KUBE > /etc/sysconfig/iptables |