From d94dbdfad8bb26a88f25ba4bd147ab1ff8ddd2e8 Mon Sep 17 00:00:00 2001
From: Ryan Cook <rcook@redhat.com>
Date: Thu, 15 Jun 2017 20:24:10 -0400
Subject: [PATCH] missing firewall rules

---
 templates/var/lib/ansible/playbooks/scaleup.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/templates/var/lib/ansible/playbooks/scaleup.yml b/templates/var/lib/ansible/playbooks/scaleup.yml
index 1c946f3..8ceedb9 100644
--- a/templates/var/lib/ansible/playbooks/scaleup.yml
+++ b/templates/var/lib/ansible/playbooks/scaleup.yml
@@ -16,6 +16,12 @@ cat << 'EOF' > /var/lib/os-apply-config/templates/var/lib/ansible/playbooks/scal
     shell: iptables -A DOCKER -p tcp -j ACCEPT
     when: openshift_use_flannel
 
+  - name: Set up masquerading on flannel interface
+    shell: iptables -t nat -A POSTROUTING -o {{ flannel_interface }} -j MASQUERADE
+
+  - name: Make iptables rules permanent
+    shell: /usr/libexec/iptables/iptables.init save
+
 - hosts: new_nodes
   sudo: yes
   tasks: