blob: 16df984f95de3cf88d60dd6a372842b43db544a2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
---
openshift_node_ips: []
# TODO: update setting these values based on the facts
os_firewall_allow:
- service: etcd embedded
port: 4001/tcp
- service: api server https
port: "{{ openshift.master.api_port }}/tcp"
- service: api controllers https
port: "{{ openshift.master.controllers_port }}/tcp"
- service: skydns tcp
port: "{{ openshift.master.dns_port }}/tcp"
- service: skydns udp
port: "{{ openshift.master.dns_port }}/udp"
# On HA masters version_gte facts are not properly set so open port 53
# whenever we're not certain of the need
- service: legacy skydns tcp
port: "53/tcp"
when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
- service: legacy skydns udp
port: "53/udp"
when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
- service: Fluentd td-agent tcp
port: 24224/tcp
- service: Fluentd td-agent udp
port: 24224/udp
- service: pcsd
port: 2224/tcp
- service: Corosync UDP
port: 5404/udp
- service: Corosync UDP
port: 5405/udp
os_firewall_deny:
- service: api server http
port: 8080/tcp
- service: former etcd peer port
port: 7001/tcp
openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}"
|