summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorOpenShift Bot <eparis+openshiftbot@redhat.com>2017-05-10 23:02:38 -0500
committerGitHub <noreply@github.com>2017-05-10 23:02:38 -0500
commit0c08ff121fbd32cb71ee241b4e33df84bd3d7506 (patch)
tree7e9e0174f2b8a43e1a7e77f322252add3a22867e /roles
parentedfb4329eca819a6d9d1f09b66d81a91412fde60 (diff)
parentcc18aa0edf3a55954c2227c01eee25d12766702a (diff)
downloadopenshift-0c08ff121fbd32cb71ee241b4e33df84bd3d7506.tar.gz
openshift-0c08ff121fbd32cb71ee241b4e33df84bd3d7506.tar.bz2
openshift-0c08ff121fbd32cb71ee241b4e33df84bd3d7506.tar.xz
openshift-0c08ff121fbd32cb71ee241b4e33df84bd3d7506.zip
Merge pull request #4152 from sdodson/iptables-default
Merged by openshift-bot
Diffstat (limited to 'roles')
-rw-r--r--roles/docker/tasks/package_docker.yml2
-rw-r--r--roles/docker/templates/systemcontainercustom.conf.j22
-rw-r--r--roles/os_firewall/README.md2
-rw-r--r--roles/os_firewall/defaults/main.yml2
4 files changed, 4 insertions, 4 deletions
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
index 10fb5772c..e101730d2 100644
--- a/roles/docker/tasks/package_docker.yml
+++ b/roles/docker/tasks/package_docker.yml
@@ -46,7 +46,7 @@
template:
dest: "{{ docker_systemd_dir }}/custom.conf"
src: custom.conf.j2
- when: not os_firewall_use_firewalld | default(True) | bool
+ when: not os_firewall_use_firewalld | default(False) | bool
- stat: path=/etc/sysconfig/docker
register: docker_check
diff --git a/roles/docker/templates/systemcontainercustom.conf.j2 b/roles/docker/templates/systemcontainercustom.conf.j2
index a4fb01d2b..1faad506a 100644
--- a/roles/docker/templates/systemcontainercustom.conf.j2
+++ b/roles/docker/templates/systemcontainercustom.conf.j2
@@ -10,7 +10,7 @@ ENVIRONMENT=HTTPS_PROXY={{ docker_http_proxy }}
{%- if "no_proxy" in openshift.common %}
ENVIRONMENT=NO_PROXY={{ docker_no_proxy }}
{%- endif %}
-{%- if os_firewall_use_firewalld|default(true) %}
+{%- if os_firewall_use_firewalld|default(false) %}
[Unit]
Wants=iptables.service
After=iptables.service
diff --git a/roles/os_firewall/README.md b/roles/os_firewall/README.md
index 43db3cc74..e7ef544f4 100644
--- a/roles/os_firewall/README.md
+++ b/roles/os_firewall/README.md
@@ -17,7 +17,7 @@ Role Variables
| Name | Default | |
|---------------------------|---------|----------------------------------------|
-| os_firewall_use_firewalld | True | If false, use iptables |
+| os_firewall_use_firewalld | False | If false, use iptables |
| os_firewall_allow | [] | List of service,port mappings to allow |
| os_firewall_deny | [] | List of service, port mappings to deny |
diff --git a/roles/os_firewall/defaults/main.yml b/roles/os_firewall/defaults/main.yml
index 4c544122f..01859e5fc 100644
--- a/roles/os_firewall/defaults/main.yml
+++ b/roles/os_firewall/defaults/main.yml
@@ -2,6 +2,6 @@
os_firewall_enabled: True
# firewalld is not supported on Atomic Host
# https://bugzilla.redhat.com/show_bug.cgi?id=1403331
-os_firewall_use_firewalld: "{{ False if openshift.common.is_atomic | bool else True }}"
+os_firewall_use_firewalld: "{{ False }}"
os_firewall_allow: []
os_firewall_deny: []