summaryrefslogtreecommitdiffstats
path: root/roles/openshift_loadbalancer/defaults
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2017-08-11 12:03:58 -0400
committerGitHub <noreply@github.com>2017-08-11 12:03:58 -0400
commit3409e6db205b6b24914e16c62972de50071f4051 (patch)
treedbfacaf9d6640241ee5dd7a2446d330a4e12283e /roles/openshift_loadbalancer/defaults
parent57d7984bc7d7f64184c0defd3cc305cb3ef2708f (diff)
parent7d50ffe98dfa17e3fb72627699c794843ed5295d (diff)
downloadopenshift-3409e6db205b6b24914e16c62972de50071f4051.tar.gz
openshift-3409e6db205b6b24914e16c62972de50071f4051.tar.bz2
openshift-3409e6db205b6b24914e16c62972de50071f4051.tar.xz
openshift-3409e6db205b6b24914e16c62972de50071f4051.zip
Merge pull request #4797 from kwoodson/os_firewall_refactor
Refactor the firewall workflow.
Diffstat (limited to 'roles/openshift_loadbalancer/defaults')
-rw-r--r--roles/openshift_loadbalancer/defaults/main.yml13
1 files changed, 13 insertions, 0 deletions
diff --git a/roles/openshift_loadbalancer/defaults/main.yml b/roles/openshift_loadbalancer/defaults/main.yml
index 6190383b6..3f6409233 100644
--- a/roles/openshift_loadbalancer/defaults/main.yml
+++ b/roles/openshift_loadbalancer/defaults/main.yml
@@ -1,4 +1,7 @@
---
+r_openshift_loadbalancer_firewall_enabled: True
+r_openshift_loadbalancer_use_firewalld: False
+
haproxy_frontends:
- name: main
binds:
@@ -12,3 +15,13 @@ haproxy_backends:
- name: web01
address: 127.0.0.1:9000
opts: check
+
+r_openshift_loadbalancer_os_firewall_deny: []
+r_openshift_loadbalancer_os_firewall_allow:
+- service: haproxy stats
+ port: "9000/tcp"
+- service: haproxy balance
+ port: "{{ openshift_master_api_port | default(8443) }}/tcp"
+- service: nuage mon
+ port: "{{ nuage_mon_rest_server_port | default(9443) }}/tcp"
+ cond: "{{ openshift_use_nuage | default(false) | bool }}"