Last active
May 2, 2017 13:52
-
-
Save ioggstream/ef5b62a6cfa90e0dfe01dfb745e52887 to your computer and use it in GitHub Desktop.
Open firewall ports openshift loadbalancer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift_loadbalancer_additional_frontends: | |
- name: openshift-api-fe-80 | |
mode: tcp | |
options: tcplog | |
binds: [ "*:80" ] | |
default_backend: openshift-api-be-80 | |
- name: openshift-api-fe-443 | |
mode: tcp | |
options: tcplog | |
binds: [ "*:443" ] | |
default_backend: openshift-api-be-443 | |
openshift_loadbalancer_additional_backends: | |
- name: openshift-api-be-80 | |
mode: tcp | |
option: tcplog | |
balance: source | |
servers: | |
- name: infra0 | |
address: 192.168.0.7:80 | |
opts: check | |
- name: infra1 | |
address: 192.168.0.14:80 | |
opts: check | |
- name: openshift-api-be-443 | |
mode: tcp | |
option: tcplog | |
balance: source | |
servers: | |
- name: infra0 | |
address: 192.168.0.7:443 | |
opts: check | |
- name: infra1 | |
address: 192.168.0.14:443 | |
opts: check | |
frontend atomic-openshift-app | |
bind *:443 | |
default_backend atomic-openshift-app | |
mode tcp | |
option tcplog | |
backend atomic-openshift-app | |
balance source | |
mode tcp | |
server infra0 192.168.0.13:8443 check | |
server infra1 192.168.0.15:8443 check | |
$ cat /usr/share/ansible/openshift-ansible/playbooks/common/openshift-loadbalancer/roles/openshift_loadbalancer/meta/main.yml | |
--- | |
galaxy_info: | |
author: Jason DeTiberus | |
description: OpenShift haproxy loadbalancer | |
company: Red Hat, Inc. | |
license: Apache License, Version 2.0 | |
min_ansible_version: 2.2 | |
platforms: | |
- name: EL | |
versions: | |
- 7 | |
dependencies: | |
- role: openshift_facts | |
- role: os_firewall | |
os_firewall_allow: | |
- service: haproxy stats | |
port: "9000/tcp" | |
- service: haproxy balance | |
port: "{{ openshift_master_api_port | default(8443) }}/tcp" | |
- role: os_firewall | |
os_firewall_allow: | |
- service: nuage mon | |
port: "{{ nuage_mon_rest_server_port | default(9443) }}/tcp" | |
when: openshift_use_nuage | default(false) | bool | |
- role: openshift_repos | |
- role: os_firewall | |
os_firewall_allow: | |
- service: haproxy apps | |
port: "{{item}}/tcp" | |
with_items: | |
- 80 | |
- 443 | |
when: openshift_lb_infra | default(false) | bool |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment