8 년 전 · 1485080974
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -343,6 +343,16 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 
				 #osm_cluster_network_cidr=10.1.0.0/16
			
 
				 #openshift_portal_net=172.30.0.0/16
			
 
				 
			
 
				+
			
 
				+# ExternalIPNetworkCIDRs controls what values are acceptable for the
			
 
				+# service external IP field. If empty, no externalIP may be set. It
			
 
				+# may contain a list of CIDRs which are checked for access. If a CIDR
			
 
				+# is prefixed with !, IPs in that CIDR will be rejected. Rejections
			
 
				+# will be applied first, then the IP checked against one of the
			
 
				+# allowed CIDRs. You should ensure this range does not overlap with
			
 
				+# your nodes, pods, or service CIDRs for security reasons.
			
 
				+#openshift_master_external_ip_network_cidrs=['0.0.0.0/0']
			
 
				+
			
 
				 # Configure number of bits to allocate to each host’s subnet e.g. 8
			
 
				 # would mean a /24 network on the host.
			
 
				 #osm_host_subnet_length=8
			
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -339,6 +339,15 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 
				 #openshift_portal_net=172.30.0.0/16
			
 
				 
			
 
				 
			
 
				+# ExternalIPNetworkCIDRs controls what values are acceptable for the
			
 
				+# service external IP field. If empty, no externalIP may be set. It
			
 
				+# may contain a list of CIDRs which are checked for access. If a CIDR
			
 
				+# is prefixed with !, IPs in that CIDR will be rejected. Rejections
			
 
				+# will be applied first, then the IP checked against one of the
			
 
				+# allowed CIDRs. You should ensure this range does not overlap with
			
 
				+# your nodes, pods, or service CIDRs for security reasons.
			
 
				+#openshift_master_external_ip_network_cidrs=['0.0.0.0/0']
			
 
				+
			
 
				 # Configure number of bits to allocate to each host’s subnet e.g. 8
			
 
				 # would mean a /24 network on the host.
			
 
				 #osm_host_subnet_length=8
			
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -156,6 +156,7 @@ networkConfig:
 
				 {% endif %}
			
 
				 # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet
			
 
				   serviceNetworkCIDR: {{ openshift.common.portal_net }}
			
 
				+  externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | to_padded_yaml(1,2) }}
			
 
				 oauthConfig:
			
 
				 {% if 'oauth_always_show_provider_selection' in openshift.master %}
			
 
				   alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }}