From 7eb36e5ee16d9f2df9ead4198e6d0849c73af40d Mon Sep 17 00:00:00 2001
From: Vincent Schwarzer <vincent.schwarzer@yahoo.de>
Date: Tue, 9 May 2017 14:52:58 +0200
Subject: Added Calico BGP Port 179 to Firewalld

---
 roles/openshift_node/defaults/main.yml | 3 +++
 roles/openshift_node/meta/main.yml     | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index bf66ef1d6..5904ca9bc 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -9,3 +9,6 @@ os_firewall_allow:
 - service: OpenShift OVS sdn
   port: 4789/udp
   when: openshift.common.use_openshift_sdn | bool
+- service: Calico BGP Port
+  port: 179/tcp
+  when: openshift.common.use_calico | bool
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index 0da41d0c1..3b7e8126a 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -31,6 +31,12 @@ dependencies:
   - service: OpenShift OVS sdn
     port: 4789/udp
   when: openshift.common.use_openshift_sdn | bool
+- role: os_firewall
+  os_firewall_allow:
+  - service: Calico BGP Port
+    port: 179/tcp
+  when: openshift.common.use_calico | bool
+
 - role: os_firewall
   os_firewall_allow:
   - service: Kubernetes service NodePort TCP
-- 
cgit v1.2.3