| | |
| | | changed_when: false |
| | | ignore_errors: true |
| | | |
| | | - name: Make sure firewall has open port 10250 (persistent) |
| | | - name: Make sure firewall has open port 10050 (persistent) |
| | | lineinfile: |
| | | dest: /etc/sysconfig/iptables |
| | | insertbefore: '-A INPUT -j OS_FIREWALL_ALLOW' |
| | | line: '-A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 10250 -j ACCEPT' |
| | | line: '-A OS_FIREWALL_ALLOW -p tcp -m state --state NEW -m tcp --dport 10050 -j ACCEPT' |
| | | state: present |
| | | when: iptables.rc == 0 |
| | | |
| | |
| | | # see https://docs.openshift.com/container-platform/3.5/admin_guide/iptables.html |
| | | # |
| | | # Instead, just insert the rule to current INPUT chain. |
| | | - name: Make sure firewall has open port 10250 (dynamic) |
| | | - name: Make sure firewall has open port 10050 (dynamic) |
| | | iptables: |
| | | chain: INPUT |
| | | action: insert |