Allow compute nodes access to private docker image server

Update the NAT firewall rules to allow the compute nodes to pull docker
images from our private server operating on port 9001.

This can be reverted once we have a public server on ports 80/443.

Change-Id: I427e13819eaf54aa6dd5248056494d4f9a825f51
Story: 2002843
Task: 27031
Signed-off-by: Chris Friesen <chris.friesen@windriver.com>
This commit is contained in:
Chris Friesen 2018-11-29 11:34:25 -06:00
parent 6b56b8c3a1
commit b399da9d3a
1 changed files with 2 additions and 1 deletions

View File

@ -299,10 +299,11 @@ class platform::kubernetes::worker
}
}
# TODO: remove port 9001 once we have a public docker image registry using standard ports.
class platform::kubernetes::firewall::params (
$transport = 'tcp',
$table = 'nat',
$dports = [80, 443],
$dports = [80, 443, 9001],
$chain = 'POSTROUTING',
$jump = 'SNAT',
) {}