From 90f35c759af2cb483f0dc4ccccbb9ad0cf450d7a Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Mon, 9 May 2016 11:20:00 -0400
Subject: Fix firewall rules

---
 roles/openshift_master/defaults/main.yml | 36 --------------------------------
 1 file changed, 36 deletions(-)

(limited to 'roles/openshift_master/defaults')

diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 16df984f9..dbd62c80f 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -1,40 +1,4 @@
 ---
 openshift_node_ips: []
-
 # TODO: update setting these values based on the facts
-os_firewall_allow:
-- service: etcd embedded
-  port: 4001/tcp
-- service: api server https
-  port: "{{ openshift.master.api_port }}/tcp"
-- service: api controllers https
-  port: "{{ openshift.master.controllers_port }}/tcp"
-- service: skydns tcp
-  port: "{{ openshift.master.dns_port }}/tcp"
-- service: skydns udp
-  port: "{{ openshift.master.dns_port }}/udp"
-# On HA masters version_gte facts are not properly set so open port 53
-# whenever we're not certain of the need
-- service: legacy skydns tcp
-  port: "53/tcp"
-  when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
-- service: legacy skydns udp
-  port: "53/udp"
-  when: "{{ 'version' not in openshift.common or openshift.common.version == None }}"
-- service: Fluentd td-agent tcp
-  port: 24224/tcp
-- service: Fluentd td-agent udp
-  port: 24224/udp
-- service: pcsd
-  port: 2224/tcp
-- service: Corosync UDP
-  port: 5404/udp
-- service: Corosync UDP
-  port: 5405/udp
-os_firewall_deny:
-- service: api server http
-  port: 8080/tcp
-- service: former etcd peer port
-  port: 7001/tcp
-
 openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}"
-- 
cgit v1.2.1