Yeah really good job with this wonderful app!
An example use case would be updating firewall rules on all nodes, so you allow all traffic between nodes.
version: 0.4
env:
NODE_IPS: $(kubectl get nodes -o jsonpath={.items[*].status.addresses[?\(@.type==\"InternalIP\"\)].address})
networks:
prod:
inventory: for i in $(kubectl get nodes -o jsonpath={.items[*].status.addresses[?\(@.type==\"InternalIP\"\)].address}); do echo "ubuntu@$i"; done
commands:
nodeips:
run: >
sudo ufw --force reset;
sudo ufw default deny incoming;
sudo ufw default allow outgoing;
for i in $NODE_IPS; do sudo ufw allow from $i comment "node IP"; done;
sudo ufw --force enable;
mytest:
run: echo $NODE_IPS
ufwstatus:
run: sudo ufw status
Yeah really good job with this wonderful app! An example use case would be updating firewall rules on all nodes, so you allow all traffic between nodes.