ansible-collections/kubernetes
2
0
Fork 0
Code Issues 8 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

fix(firewall): dont add rules for disabled features

Browse Source 
!48
This commit is contained in:
Jon Lockwood
2024-03-18 19:08:33 +09:30
parent 10eae79a74
commit 89b5593abf
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/nfc_kubernetes/templates/iptables-kubernetes.rules.j2
View File

@ -162,10 +162,18 @@
{%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-flannel-wg-four -s ' + kubernetes_host + ' -j ACCEPT'] -%}
{%- if false -%}{# see IPv6 is disabled #}
{%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-flannel-wg-six -s ' + kubernetes_host + ' -j ACCEPT'] -%}
{%- endif -%}
{%- if false -%}{# see Installation-manifest-Calico_Cluster.yaml.j2 bgp is disabled #}
{%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-calico-bgp -s ' + kubernetes_host + ' -j ACCEPT'] -%}
{%- endif -%}
{%- set data.firewall_rules = data.firewall_rules + ['-I kubernetes-calico-typha -s ' + kubernetes_host + ' -j ACCEPT'] -%}
{%- if nfc_kubernetes_enable_metallb | default(false) -%}