ansible-collections/kubernetes
2
0
Fork 0
Code Issues 8 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

feat(firewall): use collection nofusscomputing.firewall to configure kubernetes firewall

Browse Source 
!46
This commit is contained in:
Jon Lockwood
2024-03-16 23:05:01 +09:30
parent 74187c7023
commit 4af31ff3ac
10 changed files with 121 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/nfc_kubernetes/tasks/k3s/configure.yaml
View File

@ -14,7 +14,7 @@
- name: Check if FW dir exists
ansible.builtin.stat:
name: /etc/iptables.rules.d
name: /etc/iptables-reloader/rules.d
register: firewall_rules_dir_metadata
@ -37,10 +37,10 @@
when: "{{ kubernetes_config.cluster.prime.name | default(inventory_hostname) == inventory_hostname }}"
- src: iptables-kubernetes.rules.j2
dest: "/etc/iptables.rules.d/iptables-kubernetes.rules"
dest: "/etc/iptables-reloader/rules.d/iptables-kubernetes.rules"
notify: firewall_reloader
when: |-
{%- if nfc_kubernetes.enable_firewall -%}
{%- if firewall_installed -%}
{{ firewall_rules_dir_metadata.stat.exists }}