diff options
Diffstat (limited to 'playbooks')
22 files changed, 109 insertions, 74 deletions
diff --git a/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml index 72fcd77b3..1438fd7d5 100755 --- a/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/ops-docker-loopback-to-direct-lvm.yml @@ -16,7 +16,7 @@ # * You may need to re-deploy docker images after this is run (like monitoring) - name: Fix docker to have a provisioned iops drive - hosts: "{{ cli_name }}" + hosts: "{{ cli_host }}" user: root connection: ssh gather_facts: no diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 3d6de2d17..4edd44fe4 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -143,11 +143,13 @@ - registry\.qe\.openshift\.com/.* - registry\.access\..*redhat\.com/rhel7/etcd - docker.io/openshift + when: openshift_uninstall_images | default(True) | bool - shell: "docker rmi -f {{ item.stdout_lines | join(' ') }}" changed_when: False failed_when: False with_items: "{{ images_to_delete.results }}" + when: openshift_uninstall_images | default(True) | bool - name: Remove sdn drop files file: diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 4839c100b..71ce9e787 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -23,9 +23,8 @@ openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_public_hostname: "{{ ec2_ip_address }}" - openshift_registry_selector: 'type=infra' + openshift_hosted_registry_selector: 'type=infra' openshift_hosted_router_selector: 'type=infra' - openshift_infra_nodes: "{{ g_infra_hosts }}" openshift_node_labels: region: "{{ deployment_vars[deployment_type].region }}" type: "{{ hostvars[inventory_hostname]['ec2_tag_sub-host-type'] if inventory_hostname in groups['tag_host-type_node'] else hostvars[inventory_hostname]['ec2_tag_host-type'] }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml index 8b1b2fb1b..d7798d304 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/docker/docker_upgrade.yml @@ -4,26 +4,27 @@ roles: - openshift_facts tasks: + - fail: + msg: Cannot upgrade Docker on Atomic operating systems. + when: openshift.common.is_atomic | bool + - name: Determine available Docker version script: ../../../../common/openshift-cluster/upgrades/files/rpm_versions.sh docker register: g_docker_version_result - when: not openshift.common.is_atomic | bool - name: Check if Docker is installed command: rpm -q docker register: pkg_check failed_when: pkg_check.rc > 1 changed_when: no - when: not openshift.common.is_atomic | bool - set_fact: g_docker_version: "{{ g_docker_version_result.stdout | from_yaml }}" - when: not openshift.common.is_atomic | bool - name: Set fact if docker requires an upgrade set_fact: docker_upgrade: true - when: not openshift.common.is_atomic | bool and pkg_check.rc == 0 and g_docker_version.curr_version | version_compare('1.10','<') + when: pkg_check.rc == 0 and g_docker_version.curr_version | version_compare('1.10','<') - fail: msg: This playbook requires access to Docker 1.10 or later diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/files/nuke_images.sh b/playbooks/byo/openshift-cluster/upgrades/docker/files/nuke_images.sh index 9a5ee2276..6b155f7fa 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/files/nuke_images.sh +++ b/playbooks/byo/openshift-cluster/upgrades/docker/files/nuke_images.sh @@ -1,22 +1,22 @@ #!/bin/bash # Stop any running containers -running_container_count=`docker ps -q | wc -l` -if test $running_container_count -gt 0 +running_container_ids=`docker ps -q` +if test -n "$running_container_ids" then - docker stop $(docker ps -q) + docker stop $running_container_ids fi # Delete all containers -container_count=`docker ps -a -q | wc -l` -if test $container_count -gt 0 +container_ids=`docker ps -a -q` +if test -n "$container_ids" then - docker rm -f -v $(docker ps -a -q) + docker rm -f -v $container_ids fi # Delete all images (forcefully) -image_count=`docker images -q | wc -l` -if test $image_count -gt 0 +image_ids=`docker images -q` +if test -n "$image_ids" then # Taken from: https://gist.github.com/brianclements/f72b2de8e307c7b56689#gistcomment-1443144 docker rmi $(docker images | grep "$2/\|/$2 \| $2 \|$2 \|$2-\|$2_" | awk '{print $1 ":" $2}') 2>/dev/null || echo "No images matching \"$2\" left to purge." diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml index cda490b1f..37f523246 100644 --- a/playbooks/common/openshift-cluster/initialize_facts.yml +++ b/playbooks/common/openshift-cluster/initialize_facts.yml @@ -1,6 +1,7 @@ --- - name: Initialize host facts hosts: oo_all_hosts + any_errors_fatal: true roles: - openshift_facts tasks: diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml index 811b3d685..c3077e3c2 100644 --- a/playbooks/common/openshift-cluster/openshift_hosted.yml +++ b/playbooks/common/openshift-cluster/openshift_hosted.yml @@ -1,30 +1,18 @@ -- name: Create persistent volumes and create hosted services +- name: Create persistent volumes hosts: oo_first_master vars: - attach_registry_volume: "{{ openshift.hosted.registry.storage.kind != None }}" - deploy_infra: "{{ openshift.master.infra_nodes | default([]) | length > 0 }}" persistent_volumes: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volumes(groups) }}" persistent_volume_claims: "{{ hostvars[groups.oo_first_master.0] | oo_persistent_volume_claims }}" roles: - role: openshift_persistent_volumes when: persistent_volumes | length > 0 or persistent_volume_claims | length > 0 - - role: openshift_serviceaccounts - openshift_serviceaccounts_names: - - router - - registry - openshift_serviceaccounts_namespace: default - openshift_serviceaccounts_sccs: - - privileged - - role: openshift_registry - registry_volume_claim: "{{ openshift.hosted.registry.storage.volume.name }}-claim" - when: deploy_infra | bool and attach_registry_volume | bool - - role: openshift_metrics - when: openshift.hosted.metrics.deploy | bool - name: Create Hosted Resources hosts: oo_first_master pre_tasks: - set_fact: openshift_hosted_router_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}" + openshift_hosted_registry_registryurl: "{{ hostvars[groups.oo_first_master.0].openshift.master.registry_url }}" + when: "'master' in hostvars[groups.oo_first_master.0].openshift and 'registry_url' in hostvars[groups.oo_first_master.0].openshift.master" roles: - role: openshift_hosted diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 0a37d4597..e3d16d359 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -5,6 +5,11 @@ vars: openshift_deployment_type: "{{ deployment_type }}" roles: + # Explicitly calling openshift_facts because it appears that when + # rhel_subscribe is skipped that the openshift_facts dependency for + # openshift_repos is also skipped (this is the case at least for Ansible + # 2.0.2) + - openshift_facts - role: rhel_subscribe when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and ansible_distribution == "RedHat" and diff --git a/playbooks/common/openshift-cluster/upgrades/files/rpm_versions.sh b/playbooks/common/openshift-cluster/upgrades/files/rpm_versions.sh index a2a9579b5..7bf249742 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/rpm_versions.sh +++ b/playbooks/common/openshift-cluster/upgrades/files/rpm_versions.sh @@ -1,7 +1,11 @@ #!/bin/bash - -installed=$(yum list installed -e 0 -q "$@" 2>&1 | tail -n +2 | awk '{ print $2 }' | sort -r | tr '\n' ' ') -available=$(yum list available -e 0 -q "$@" 2>&1 | tail -n +2 | grep -v 'el7ose' | awk '{ print $2 }' | sort -r | tr '\n' ' ') +if [ `which dnf 2> /dev/null` ]; then + installed=$(dnf repoquery --installed --latest-limit 1 -d 0 --qf '%{version}-%{release}' "${@}" 2> /dev/null) + available=$(dnf repoquery --available --latest-limit 1 -d 0 --qf '%{version}-%{release}' "${@}" 2> /dev/null) +else + installed=$(repoquery --plugins --pkgnarrow=installed --qf '%{version}-%{release}' "${@}" 2> /dev/null) + available=$(repoquery --plugins --pkgnarrow=available --qf '%{version}-%{release}' "${@}" 2> /dev/null) +fi echo "---" echo "curr_version: ${installed}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml index 27b3ece96..f163cca86 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml @@ -212,6 +212,9 @@ msg: Upgrade packages not found when: openshift_image_tag is not defined and (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) +- name: Verify docker upgrade targets + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config + tasks: - name: Determine available Docker script: ../files/rpm_versions.sh docker register: g_docker_version_result @@ -266,7 +269,7 @@ - name: Backup etcd hosts: etcd_hosts_to_backup vars: - embedded_etcd: "{{ openshift.master.embedded_etcd }}" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" timestamp: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" roles: - openshift_facts diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml index c93bf2a17..964257af5 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml @@ -4,7 +4,7 @@ ############################################################################### - name: Upgrade docker - hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config + hosts: oo_masters_to_config:oo_nodes_to_config roles: - openshift_facts tasks: @@ -20,6 +20,15 @@ openshift_image_tag: "v{{ g_new_version }}" openshift_version: "{{ g_new_version }}" +- name: Upgrade docker + hosts: oo_etcd_to_config + roles: + - openshift_facts + tasks: + # Upgrade docker when host is not atomic and host is not a non-containerized etcd node + - include: docker_upgrade.yml + when: not openshift.common.is_atomic | bool and not ('oo_etcd_to_config' in group_names and not openshift.common.is_containerized) + # The cli image is used by openshift_docker_facts to determine the currently installed # version. We need to explicitly pull the latest image to handle cases where # the locally cached 'latest' tag is older the g_new_version. diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 6cb3a954f..a95de8cf3 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -1,6 +1,7 @@ --- - name: Set etcd facts needed for generating certs hosts: oo_etcd_to_config + any_errors_fatal: true roles: - openshift_facts tasks: diff --git a/playbooks/common/openshift-loadbalancer/service.yml b/playbooks/common/openshift-loadbalancer/service.yml index 19fffd5e9..e06a14c89 100644 --- a/playbooks/common/openshift-loadbalancer/service.yml +++ b/playbooks/common/openshift-loadbalancer/service.yml @@ -17,4 +17,4 @@ connection: ssh gather_facts: no tasks: - - service: name=hapoxy state="{{ new_cluster_state }}" + - service: name=haproxy state="{{ new_cluster_state }}" diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 0ca148169..8fd0904d6 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -46,7 +46,7 @@ openshift_hosted_metrics_duration: "{{ lookup('oo_option', 'openshift_hosted_metrics_duration') | default(7) }}" when: openshift_hosted_metrics_duration is not defined - set_fact: - openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default(10) }}" + openshift_hosted_metrics_resolution: "{{ lookup('oo_option', 'openshift_hosted_metrics_resolution') | default('10s', true) }}" when: openshift_hosted_metrics_resolution is not defined roles: - openshift_facts @@ -186,11 +186,6 @@ | list ) }}" master_cert_subdir: master-{{ openshift.common.hostname }} master_cert_config_dir: "{{ openshift.common.config_base }}/master" - - set_fact: - openshift_infra_nodes: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']) - | oo_nodes_with_label('region', 'infra') - | oo_collect('inventory_hostname') }}" - when: openshift_infra_nodes is not defined and groups.oo_nodes_to_config | default([]) | length > 0 - name: Configure master certificates hosts: oo_first_master diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index b3491ef8d..80659dc52 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -121,7 +121,7 @@ | union(groups['oo_etcd_to_config'] | default([]))) | oo_collect('openshift.common.hostname') | default([]) | join (',') }}" - when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and + when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and openshift_generate_no_proxy_hosts | default(True) | bool }}" roles: - openshift_node @@ -137,7 +137,7 @@ | union(groups['oo_etcd_to_config'] | default([]))) | oo_collect('openshift.common.hostname') | default([]) | join (',') }}" - when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and + when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and openshift_generate_no_proxy_hosts | default(True) | bool }}" roles: - openshift_node @@ -184,7 +184,7 @@ -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . args: creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" - with_items: etcd_needing_client_certs | default([]) + with_items: "{{ etcd_needing_client_certs | default([]) }}" - name: Retrieve the etcd cert tarballs fetch: src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -192,7 +192,7 @@ flat: yes fail_on_missing: yes validate_checksum: yes - with_items: etcd_needing_client_certs | default([]) + with_items: "{{ etcd_needing_client_certs | default([]) }}" - name: Copy the external etcd flannel certs to the nodes hosts: oo_nodes_to_config diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index b973c513f..97572b930 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -26,9 +26,8 @@ openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" - openshift_registry_selector: 'type=infra' + openshift_hosted_registry_selector: 'type=infra' openshift_hosted_router_selector: 'type=infra' - openshift_infra_nodes: "{{ g_infra_hosts }}" openshift_master_cluster_method: 'native' openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}" os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index 032d4cf68..21d82f422 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -26,9 +26,8 @@ openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" - openshift_registry_selector: 'type=infra' + openshift_hosted_registry_selector: 'type=infra' openshift_hosted_router_selector: 'type=infra' - openshift_infra_nodes: "{{ g_infra_hosts }}" openshift_master_cluster_method: 'native' openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}" os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}" diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index 8e96cec8d..b645a791a 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -30,22 +30,22 @@ <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> - <driver name='qemu' type='qcow2'/> + <driver name='qemu' type='qcow2' discard='unmap'/> <source file='{{ libvirt_storage_pool_path }}/{{ item }}.qcow2'/> - <target dev='vda' bus='virtio'/> + <target dev='sda' bus='scsi'/> </disk> <disk type='file' device='disk'> - <driver name='qemu' type='qcow2'/> + <driver name='qemu' type='qcow2' discard='unmap'/> <source file='{{ libvirt_storage_pool_path }}/{{ item }}-docker.qcow2'/> - <target dev='vdb' bus='virtio'/> + <target dev='sdb' bus='scsi'/> </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso'/> - <target dev='vdc' bus='virtio'/> + <target dev='sdc' bus='scsi'/> <readonly/> </disk> - <controller type='usb' index='0' /> + <controller type='scsi' model='virtio-scsi' /> <interface type='network'> <source network='{{ libvirt_network }}'/> <model type='virtio'/> @@ -56,17 +56,6 @@ <console type='pty'> <target type='serial' port='0'/> </console> - <channel type='spicevmc'> - <target type='virtio' name='com.redhat.spice.0'/> - </channel> - <input type='tablet' bus='usb' /> - <input type='mouse' bus='ps2'/> - <graphics type='spice' autoport='yes' /> - <video> - <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1'/> - </video> - <redirdev bus='usb' type='spicevmc'> - </redirdev> <memballoon model='virtio'> </memballoon> </devices> diff --git a/playbooks/libvirt/openshift-cluster/templates/user-data b/playbooks/libvirt/openshift-cluster/templates/user-data index 8b79940f4..fbcf7c886 100644 --- a/playbooks/libvirt/openshift-cluster/templates/user-data +++ b/playbooks/libvirt/openshift-cluster/templates/user-data @@ -5,7 +5,7 @@ hostname: {{ item[0] }} fqdn: {{ item[0] }}.example.com mounts: -- [ vdb ] +- [ sdb ] users: - default @@ -26,12 +26,18 @@ write_files: permissions: 440 content: | Defaults:openshift !requiretty - - content: | - DEVS=/dev/vdb - VG=docker_vg - path: /etc/sysconfig/docker-storage-setup + - path: /etc/sysconfig/docker-storage-setup owner: root:root permissions: '0644' + content: | + DEVS=/dev/sdb + VG=docker_vg + EXTRA_DOCKER_STORAGE_OPTIONS='--storage-opt dm.blkdiscard=true' + - path: /etc/systemd/system/fstrim.timer.d/hourly.conf + content: | + [Timer] + OnCalendar=hourly runcmd: - NETWORK_CONFIG=/etc/sysconfig/network-scripts/ifcfg-eth0; if ! grep DHCP_HOSTNAME ${NETWORK_CONFIG}; then echo 'DHCP_HOSTNAME="{{ item[0] }}.example.com"' >> ${NETWORK_CONFIG}; fi; pkill -9 dhclient; service network restart + - systemctl enable --now fstrim.timer diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index 6e4f414d6..6fff31826 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -23,9 +23,8 @@ openshift_cluster_id: "{{ cluster_id }}" openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" - openshift_registry_selector: 'type=infra' + openshift_hosted_registry_selector: 'type=infra' openshift_hosted_router_selector: 'type=infra' - openshift_infra_nodes: "{{ g_infra_hosts }}" openshift_master_cluster_method: 'native' openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}" os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}" diff --git a/playbooks/openstack/openshift-cluster/dns.yml b/playbooks/openstack/openshift-cluster/dns.yml index 31113d5f0..446a1846f 100644 --- a/playbooks/openstack/openshift-cluster/dns.yml +++ b/playbooks/openstack/openshift-cluster/dns.yml @@ -35,6 +35,11 @@ - vars.yml - cluster_hosts.yml roles: + # Explicitly calling openshift_facts because it appears that when + # rhel_subscribe is skipped that the openshift_facts dependency for + # openshift_repos is also skipped (this is the case at least for Ansible + # 2.0.2) + - openshift_facts - role: rhel_subscribe when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and ansible_distribution == "RedHat" and diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index 422e6dafe..2d0098784 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -280,6 +280,10 @@ resources: port_range_max: 8443 - direction: ingress protocol: tcp + port_range_min: 8444 + port_range_max: 8444 + - direction: ingress + protocol: tcp port_range_min: 53 port_range_max: 53 - direction: ingress @@ -302,6 +306,22 @@ resources: protocol: udp port_range_min: 24224 port_range_max: 24224 + - direction: ingress + protocol: tcp + port_range_min: 2224 + port_range_max: 2224 + - direction: ingress + protocol: udp + port_range_min: 5404 + port_range_max: 5404 + - direction: ingress + protocol: udp + port_range_min: 5405 + port_range_max: 5405 + - direction: ingress + protocol: tcp + port_range_min: 9090 + port_range_max: 9090 etcd-secgrp: type: OS::Neutron::SecurityGroup @@ -359,6 +379,16 @@ resources: port_range_max: 10250 remote_mode: remote_group_id - direction: ingress + protocol: tcp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress + protocol: udp + port_range_min: 10255 + port_range_max: 10255 + remote_mode: remote_group_id + - direction: ingress protocol: udp port_range_min: 4789 port_range_max: 4789 |