Skip to content
This repository was archived by the owner on Jul 7, 2020. It is now read-only.

Commit 8f6bf6f

Browse files
obnoxxxobnoxxx
authored
Merge pull request #63 from jarrpa/vagrant-update
vagrant: Make firewall changes permanent on nodes
2 parents 5d13fdc + fe60447 commit 8f6bf6f

File tree

1 file changed

+8
-14
lines changed

1 file changed

+8
-14
lines changed

vagrant/roles/nodes/tasks/main.yml

Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,14 @@
1-
- name: iptables key
2-
command: iptables -N HEKETI
1+
- name: Open port 24007 (GlusterFS daemon)
2+
firewalld: port=24007/tcp zone=trusted permanent=true state=enabled immediate=true
33

4-
- name: iptables 24007
5-
command: iptables -A HEKETI -p tcp -m state --state NEW -m tcp --dport 24007 -j ACCEPT
4+
- name: Open port 24008 (GlusterFS management)
5+
firewalld: port=24008/tcp zone=trusted permanent=true state=enabled immediate=true
66

7-
- name: iptables 24008
8-
command: iptables -A HEKETI -p tcp -m state --state NEW -m tcp --dport 24008 -j ACCEPT
7+
- name: Open port 2222 (GlusterFS sshd)
8+
firewalld: port=2222/tcp zone=trusted permanent=true state=enabled immediate=true
99

10-
- name: iptables 2222
11-
command: iptables -A HEKETI -p tcp -m state --state NEW -m tcp --dport 2222 -j ACCEPT
12-
13-
- name: iptables 49152
14-
command: iptables -A HEKETI -p tcp -m state --state NEW -m multiport --dports 49152:49251 -j ACCEPT
10+
- name: Open ports 49152-49251 (GlusterFS bricks)
11+
firewalld: port=49152-49251/tcp zone=trusted permanent=true state=enabled immediate=true
1512

1613
- name: Pull GlusterFS Docker image
1714
command: docker pull gluster/gluster-centos:latest
@@ -24,6 +21,3 @@
2421

2522
- name: kubeadm join with master
2623
command: kubeadm join --token={{ kubernetes_token }} {{ hostvars['master'].ansible_eth1.ipv4.address }}
27-
28-
#- name: save iptables
29-
# command: service iptables save

0 commit comments

Comments
 (0)