Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 58818a6af1
Branches Tags
okd
/
roles
/
contiv
/
tasks
/
netmaster_iptables.yml

netmaster_iptables.yml 624 B
History Raw

123456789101112131415161718192021 
  1. ---
    2. 

  2. - name: Netmaster IPtables | Get iptables rules
    3. 

  3.   command: iptables -L --wait
    4. 

  4.   register: iptablesrules
    5. 

  5.   always_run: yes
    6. 

  6. 

  7. - name: Netmaster IPtables | Enable iptables at boot
    8. 

  8.   service:
    9. 

  9.     name: iptables
    10. 

  10.     enabled: yes
    11. 

  11.     state: started
    12. 

  12. 

  13. - name: Netmaster IPtables | Open Netmaster with iptables
    14. 

  14.   command: /sbin/iptables -I INPUT 1 -p tcp --dport {{ item }} -j ACCEPT -m comment --comment "contiv"
    15. 

  15.   with_items:
    16. 

  16.     - "{{ netmaster_port }}"
    17. 

  17.     - "{{ contiv_rpc_port1 }}"
    18. 

  18.     - "{{ contiv_rpc_port2 }}"
    19. 

  19.     - "{{ contiv_rpc_port3 }}"
    20. 

  20.   when: iptablesrules.stdout.find("contiv") == -1
    21. 

  21.   notify: Save iptables rules
    22.