diff options
| author | Bogdan Dobrelya <bdobreli@redhat.com> | 2017-08-16 09:14:06 +0200 |
|---|---|---|
| committer | Tomas Sedovic <tomas@sedovic.cz> | 2017-08-16 09:14:06 +0200 |
| commit | 6ebad037254b0c254638f6e6dfbd48e451a1ceeb (patch) | |
| tree | e9aeb0cc4e48a1e908c6c1156a50f0c4734fc650 /roles/static_inventory/tasks/main.yml | |
| parent | fca4c6047bb35582b5254d4a087f7119364a8725 (diff) | |
| download | openshift-6ebad037254b0c254638f6e6dfbd48e451a1ceeb.tar.gz openshift-6ebad037254b0c254638f6e6dfbd48e451a1ceeb.tar.bz2 openshift-6ebad037254b0c254638f6e6dfbd48e451a1ceeb.tar.xz openshift-6ebad037254b0c254638f6e6dfbd48e451a1ceeb.zip | |
Access UI via a bastion node (#596)
When using a bastion and a single master, use the lb-secgrp
to access UI port allowed from the ingress bastion node cidr.
For HA (masters>1), UI still should be accessed via
the LB node's ingress cidr, omitting the bastion.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
Diffstat (limited to 'roles/static_inventory/tasks/main.yml')
| -rw-r--r-- | roles/static_inventory/tasks/main.yml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/roles/static_inventory/tasks/main.yml b/roles/static_inventory/tasks/main.yml index b58866017..24e11beb6 100644 --- a/roles/static_inventory/tasks/main.yml +++ b/roles/static_inventory/tasks/main.yml @@ -8,3 +8,10 @@ - name: Generate SSH config for accessing hosts via bastion include: sshconfig.yml when: use_bastion|bool + +- name: Configure SSH tunneling to access UI + include: sshtun.yml + become: true + when: + - use_bastion|bool + - ui_ssh_tunnel|bool |