Skip to content
Permalink
Browse files
Convert to rich rules
  • Loading branch information
dinukadesilva committed Apr 15, 2022
1 parent fb68e7e commit ae1f0f2e2ddb7ca1bea243c056dea764f79dacff
Showing 1 changed file with 30 additions and 10 deletions.
@@ -4,8 +4,12 @@
become: yes

- name: open firewall port 7070 for DRMS Grpc connections
firewalld: port="7070/tcp"
zone=public permanent=true state=enabled immediate=yes
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="7070" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"
@@ -21,29 +25,45 @@
become: yes

- name: open firewall port 9092 for Kafka connections
firewalld: port="9092/tcp"
zone=public permanent=true state=enabled immediate=yes
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="9092" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"

- name: open firewall port 6060 for Data Orchestrator Grpc connections
firewalld: port="6060/tcp"
zone=public permanent=true state=enabled immediate=yes
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="6060" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"

- name: open firewall port {{ datalake_data_orch_http_port }} for Data Orchestrator HTTP connections
firewalld: port="{{ datalake_data_orch_http_port }}/tcp"
zone=public permanent=true state=enabled immediate=yes
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ datalake_data_orch_http_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"

- name: open firewall port {{ datalake_data_orch_grpc_port }} for Data Orchestrator gRPC connections
firewalld: port="{{ datalake_data_orch_grpc_port }}/tcp"
zone=public permanent=true state=enabled immediate=yes
firewalld:
zone: public
permanent: yes
state: enabled
immediate: yes
rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ datalake_data_orch_grpc_port }}" protocol=tcp accept
become: yes
with_items:
- "{{ sharing_subnets }}"

0 comments on commit ae1f0f2

Please sign in to comment.