| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- ---
- openshift_node_ips: []
- # TODO: update setting these values based on the facts
- os_firewall_allow:
- - service: etcd embedded
- port: 4001/tcp
- - service: api server https
- port: "{{ openshift.master.api_port }}/tcp"
- - service: api controllers https
- port: "{{ openshift.master.controllers_port }}/tcp"
- - service: skydns tcp
- port: "{{ openshift.master.dns_port }}/tcp"
- - service: skydns udp
- port: "{{ openshift.master.dns_port }}/udp"
- # On HA masters version_gte facts are not properly set so open port 53
- # whenever we're not certain of the need
- - service: legacy skydns tcp
- port: "53/tcp"
- when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
- - service: legacy skydns udp
- port: "53/udp"
- when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
- - service: Fluentd td-agent tcp
- port: 24224/tcp
- - service: Fluentd td-agent udp
- port: 24224/udp
- - service: pcsd
- port: 2224/tcp
- - service: Corosync UDP
- port: 5404/udp
- - service: Corosync UDP
- port: 5405/udp
- os_firewall_deny:
- - service: api server http
- port: 8080/tcp
- - service: former etcd peer port
- port: 7001/tcp
- openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}"
|
