| 1234567891011121314151617181920212223 |
- ---
- - name: IPtables | Get iptables rules
- command: iptables -L --wait
- register: iptablesrules
- check_mode: no
- - name: Allow traffic from overlay to underlay
- command: /sbin/iptables --wait -I FORWARD 1 -s {{ openshift_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-overlay-underlay"
- when: "'nuage-overlay-underlay' not in iptablesrules.stdout"
- notify:
- - save iptable rules
- - name: Allow traffic from underlay to overlay
- command: /sbin/iptables --wait -I FORWARD 1 -d {{ openshift_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-underlay-overlay"
- when: "'nuage-underlay-overlay' not in iptablesrules.stdout"
- notify:
- - save iptable rules
- - name: Allow docker daemon traffic from underlay to overlay
- command: /sbin/iptables -t nat -A POSTROUTING ! -s {{ openshift_cluster_network_cidr }} -o svc-pat-tap -j MASQUERADE -m comment --comment "nuage-docker-underlay-overlay"
- when: "'nuage-docker-underlay-overlay' not in iptablesrules.stdout"
- notify:
- - save iptable rules
|
