okd/roles/openshift_master/defaults/main.yml

---
openshift_node_ips: []

# TODO: update setting these values based on the facts
os_firewall_allow:
- service: etcd embedded
  port: 4001/tcp
- service: OpenShift api https
  port: 8443/tcp
- service: OpenShift dns tcp
  port: 53/tcp
- service: OpenShift dns udp
  port: 53/udp
- service: Fluentd td-agent tcp
  port: 24224/tcp
- service: Fluentd td-agent udp
  port: 24224/udp
os_firewall_deny:
- service: OpenShift api http
  port: 8080/tcp
- service: former OpenShift web console port
  port: 8444/tcp
- service: former etcd peer port
  port: 7001/tcp