From d0144b6bd65a02b3cf8463fb4f69d2002c219033 Mon Sep 17 00:00:00 2001 From: Robert Waffen Date: Thu, 18 Jan 2024 16:26:37 +0100 Subject: [PATCH] update firewall resources to use jump instead of action --- manifests/node/kubelet.pp | 6 +++--- manifests/server/apiserver.pp | 6 +++--- manifests/server/etcd.pp | 12 ++++++------ 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/manifests/node/kubelet.pp b/manifests/node/kubelet.pp index bb90c0c..2d05278 100644 --- a/manifests/node/kubelet.pp +++ b/manifests/node/kubelet.pp @@ -295,9 +295,9 @@ include firewall firewall { '100 allow kubelet access': - dport => 10250, - proto => 'tcp', - action => 'accept', + dport => 10250, + proto => 'tcp', + jump => 'accept', } } default: {} diff --git a/manifests/server/apiserver.pp b/manifests/server/apiserver.pp index 08745ef..920dd87 100644 --- a/manifests/server/apiserver.pp +++ b/manifests/server/apiserver.pp @@ -325,9 +325,9 @@ include firewall firewall { '100 allow k8s apiserver access': - dport => 6443, - proto => 'tcp', - action => 'accept', + dport => 6443, + proto => 'tcp', + jump => 'accept', } } default: {} diff --git a/manifests/server/etcd.pp b/manifests/server/etcd.pp index b083431..8dc4375 100644 --- a/manifests/server/etcd.pp +++ b/manifests/server/etcd.pp @@ -188,14 +188,14 @@ include firewall firewall { '100 allow etcd server access': - dport => 2379, - proto => 'tcp', - action => 'accept', + dport => 2379, + proto => 'tcp', + jump => 'accept', } firewall { '100 allow etcd client access': - dport => 2380, - proto => 'tcp', - action => 'accept', + dport => 2380, + proto => 'tcp', + jump => 'accept', } } default: {}