mirror of
https://github.com/kubernetes-sigs/kubespray.git
synced 2026-05-08 01:47:37 -02:30
Adding egress IPv6 for node-local-dns queries
This commit is contained in:
raviranjan
committed by
Florian Ruynat
Florian Ruynat
parent
21289db181
commit
200b630319
@@ -220,30 +220,60 @@ variable "bastion_allowed_remote_ips" {
|
||||
default = ["0.0.0.0/0"]
|
||||
}
|
||||
|
||||
variable "bastion_allowed_remote_ipv6_ips" {
|
||||
description = "An array of IPv6 CIDRs allowed to SSH to hosts"
|
||||
type = list(string)
|
||||
default = ["::/0"]
|
||||
}
|
||||
|
||||
variable "master_allowed_remote_ips" {
|
||||
description = "An array of CIDRs allowed to access API of masters"
|
||||
type = list(string)
|
||||
default = ["0.0.0.0/0"]
|
||||
}
|
||||
|
||||
variable "master_allowed_remote_ipv6_ips" {
|
||||
description = "An array of IPv6 CIDRs allowed to access API of masters"
|
||||
type = list(string)
|
||||
default = ["::/0"]
|
||||
}
|
||||
|
||||
variable "k8s_allowed_remote_ips" {
|
||||
description = "An array of CIDRs allowed to SSH to hosts"
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "k8s_allowed_remote_ips_ipv6" {
|
||||
description = "An array of IPv6 CIDRs allowed to SSH to hosts"
|
||||
type = list(string)
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "k8s_allowed_egress_ips" {
|
||||
description = "An array of CIDRs allowed for egress traffic"
|
||||
type = list(string)
|
||||
default = ["0.0.0.0/0"]
|
||||
}
|
||||
|
||||
variable "k8s_allowed_egress_ipv6_ips" {
|
||||
description = "An array of CIDRs allowed for egress IPv6 traffic"
|
||||
type = list(string)
|
||||
default = ["::/0"]
|
||||
}
|
||||
|
||||
variable "master_allowed_ports" {
|
||||
type = list(any)
|
||||
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "master_allowed_ports_ipv6" {
|
||||
type = list(any)
|
||||
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "worker_allowed_ports" {
|
||||
type = list(any)
|
||||
|
||||
@@ -257,12 +287,31 @@ variable "worker_allowed_ports" {
|
||||
]
|
||||
}
|
||||
|
||||
variable "worker_allowed_ports_ipv6" {
|
||||
type = list(any)
|
||||
|
||||
default = [
|
||||
{
|
||||
"protocol" = "tcp"
|
||||
"port_range_min" = 30000
|
||||
"port_range_max" = 32767
|
||||
"remote_ip_prefix" = "::/0"
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
variable "bastion_allowed_ports" {
|
||||
type = list(any)
|
||||
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "bastion_allowed_ports_ipv6" {
|
||||
type = list(any)
|
||||
|
||||
default = []
|
||||
}
|
||||
|
||||
variable "use_access_ip" {
|
||||
default = 1
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user