summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node/defaults
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_node/defaults')
-rw-r--r--roles/openshift_node/defaults/main.yml15
1 files changed, 12 insertions, 3 deletions
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index 47073ee0f..973b3a619 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -1,5 +1,8 @@
---
-os_firewall_allow:
+r_openshift_node_firewall_enabled: True
+r_openshift_node_use_firewalld: False
+r_openshift_node_os_firewall_deny: []
+r_openshift_node_os_firewall_allow:
- service: Kubernetes kubelet
port: 10250/tcp
- service: http
@@ -8,7 +11,13 @@ os_firewall_allow:
port: 443/tcp
- service: OpenShift OVS sdn
port: 4789/udp
- when: openshift.common.use_openshift_sdn | default(true) | bool
+ cond: openshift.common.use_openshift_sdn | default(true) | bool
- service: Calico BGP Port
port: 179/tcp
- when: openshift.common.use_calico | bool
+ cond: "{{ openshift.common.use_calico | bool }}"
+- service: Kubernetes service NodePort TCP
+ port: "{{ openshift_node_port_range | default('') }}/tcp"
+ cond: "{{ openshift_node_port_range is defined }}"
+- service: Kubernetes service NodePort UDP
+ port: "{{ openshift_node_port_range | default('') }}/udp"
+ cond: "{{ openshift_node_port_range is defined }}"