diff options
34 files changed, 100 insertions, 45 deletions
diff --git a/.gitignore b/.gitignore index 9af271235..d3fab9f1a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ *~ -#*# -.idea -*.iml +\#*# +.idea/ *.komodoproject .loadpath .project @@ -15,15 +14,14 @@ .DS_Store gce.ini multi_ec2.yaml -multi_inventory.yaml .vagrant .tags* -ansible.cfg +/ansible.cfg *.retry .vscode/* .cache -.tox +.tox/ .coverage *.egg-info .eggs -cover +cover/ diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index 5d90da28a..d953b8ed3 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -8,7 +8,8 @@ - always tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" diff --git a/playbooks/byo/openshift-cluster/enable_dnsmasq.yml b/playbooks/byo/openshift-cluster/enable_dnsmasq.yml index fab3e111f..410f70d74 100644 --- a/playbooks/byo/openshift-cluster/enable_dnsmasq.yml +++ b/playbooks/byo/openshift-cluster/enable_dnsmasq.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift-cluster/openshift-logging.yml b/playbooks/byo/openshift-cluster/openshift-logging.yml index 09ab91bbd..3a18e800e 100644 --- a/playbooks/byo/openshift-cluster/openshift-logging.yml +++ b/playbooks/byo/openshift-cluster/openshift-logging.yml @@ -15,10 +15,12 @@ - always tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - name: Create initial host groups for all hosts hosts: l_oo_all_hosts diff --git a/playbooks/byo/openshift-cluster/redeploy-certificates.yml b/playbooks/byo/openshift-cluster/redeploy-certificates.yml index 73d9baadb..8422789b1 100644 --- a/playbooks/byo/openshift-cluster/redeploy-certificates.yml +++ b/playbooks/byo/openshift-cluster/redeploy-certificates.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml index d337b6f75..6de054937 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml @@ -6,11 +6,12 @@ gather_facts: no tasks: - include_vars: ../../cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" - changed_when: false + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml index a365ae994..106dcc12d 100644 --- a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml +++ b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml @@ -8,10 +8,12 @@ - always tasks: - include_vars: ../cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - name: Create initial host groups for all hosts hosts: l_oo_all_hosts diff --git a/playbooks/byo/openshift-master/restart.yml b/playbooks/byo/openshift-master/restart.yml index b60807a71..c468a898d 100644 --- a/playbooks/byo/openshift-master/restart.yml +++ b/playbooks/byo/openshift-master/restart.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift-master/scaleup.yml b/playbooks/byo/openshift-master/scaleup.yml index 279eeab21..cb9140ee2 100644 --- a/playbooks/byo/openshift-master/scaleup.yml +++ b/playbooks/byo/openshift-master/scaleup.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift-node/network_manager.yml b/playbooks/byo/openshift-node/network_manager.yml index 344b22240..7c453986e 100644 --- a/playbooks/byo/openshift-node/network_manager.yml +++ b/playbooks/byo/openshift-node/network_manager.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts become: yes diff --git a/playbooks/byo/openshift-node/scaleup.yml b/playbooks/byo/openshift-node/scaleup.yml index d8556c94d..1f2509a67 100644 --- a/playbooks/byo/openshift-node/scaleup.yml +++ b/playbooks/byo/openshift-node/scaleup.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: ../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/openshift_facts.yml b/playbooks/byo/openshift_facts.yml index d1acf6175..50936941a 100644 --- a/playbooks/byo/openshift_facts.yml +++ b/playbooks/byo/openshift_facts.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/byo/rhel_subscribe.yml b/playbooks/byo/rhel_subscribe.yml index 6eeba09d9..e96c43214 100644 --- a/playbooks/byo/rhel_subscribe.yml +++ b/playbooks/byo/rhel_subscribe.yml @@ -5,10 +5,12 @@ gather_facts: no tasks: - include_vars: openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts - with_items: "{{ g_all_hosts }}" + with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - hosts: l_oo_all_hosts gather_facts: no diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml b/playbooks/common/openshift-cluster/upgrades/etcd/main.yml index 8268adc2e..fa86d29fb 100644 --- a/playbooks/common/openshift-cluster/upgrades/etcd/main.yml +++ b/playbooks/common/openshift-cluster/upgrades/etcd/main.yml @@ -22,11 +22,14 @@ name: "{{ item }}" groups: etcd_hosts_to_upgrade with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else [] }}" + changed_when: False + - name: Evaluate etcd_hosts_to_backup add_host: name: "{{ item }}" groups: etcd_hosts_to_backup with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else groups.oo_first_master }}" + changed_when: False - name: Backup etcd before upgrading anything include: backup.yml diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml index 76645ff3f..235853b0f 100644 --- a/playbooks/common/openshift-cluster/upgrades/init.yml +++ b/playbooks/common/openshift-cluster/upgrades/init.yml @@ -6,10 +6,12 @@ gather_facts: no tasks: - include_vars: ../../../byo/openshift-cluster/cluster_hosts.yml - - add_host: + - name: Evaluate group l_oo_all_hosts + add_host: name: "{{ item }}" groups: l_oo_all_hosts with_items: "{{ g_all_hosts | default([]) }}" + changed_when: False - name: Include g_*_hosts vars for hosts in group l_oo_all_hosts hosts: l_oo_all_hosts diff --git a/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml index 4e375ac26..37c89374c 100644 --- a/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml @@ -38,3 +38,4 @@ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" ansible_become: "{{ g_sudo | default(omit) }}" with_items: "{{ groups['temp_nodes_to_upgrade'] | default(groups['oo_nodes_to_config']) }}" + changed_when: False diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index 77b37cdc2..23b976192 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -12,6 +12,7 @@ name: "{{ item }}" groups: etcd_hosts_to_backup with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else groups.oo_first_master }}" + changed_when: False # If facts cache were for some reason deleted, this fact may not be set, and if not set # it will always default to true. This causes problems for the etcd data dir fact detection diff --git a/playbooks/common/openshift-etcd/service.yml b/playbooks/common/openshift-etcd/service.yml index a039d30b8..ced4bddc5 100644 --- a/playbooks/common/openshift-etcd/service.yml +++ b/playbooks/common/openshift-etcd/service.yml @@ -9,8 +9,11 @@ when: new_cluster_state is not defined - name: Evaluate g_service_etcd - add_host: name={{ item }} groups=g_service_etcd + add_host: + name: "{{ item }}" + groups: g_service_etcd with_items: "{{ oo_host_group_exp | default([]) }}" + changed_when: False - name: Change etcd state on etcd instance(s) hosts: g_service_etcd diff --git a/playbooks/common/openshift-loadbalancer/service.yml b/playbooks/common/openshift-loadbalancer/service.yml index e413c2b3a..d3762c961 100644 --- a/playbooks/common/openshift-loadbalancer/service.yml +++ b/playbooks/common/openshift-loadbalancer/service.yml @@ -9,8 +9,11 @@ when: new_cluster_state is not defined - name: Evaluate g_service_lb - add_host: name={{ item }} groups=g_service_lb + add_host: + name: "{{ item }}" + groups: g_service_lb with_items: "{{ oo_host_group_exp | default([]) }}" + changed_when: False - name: Change state on lb instance(s) hosts: g_service_lb diff --git a/playbooks/common/openshift-master/service.yml b/playbooks/common/openshift-master/service.yml index 43ef8b6a1..48a2731aa 100644 --- a/playbooks/common/openshift-master/service.yml +++ b/playbooks/common/openshift-master/service.yml @@ -9,8 +9,11 @@ when: new_cluster_state is not defined - name: Evaluate g_service_masters - add_host: name={{ item }} groups=g_service_masters + add_host: + name: "{{ item }}" + groups: g_service_masters with_items: "{{ oo_host_group_exp | default([]) }}" + changed_when: False - name: Change state on master instance(s) hosts: g_service_masters diff --git a/playbooks/common/openshift-nfs/service.yml b/playbooks/common/openshift-nfs/service.yml index 8c3f32403..b1e35e4b1 100644 --- a/playbooks/common/openshift-nfs/service.yml +++ b/playbooks/common/openshift-nfs/service.yml @@ -7,8 +7,11 @@ when: new_cluster_state is not defined - name: Evaluate g_service_nfs - add_host: name={{ item }} groups=g_service_nfs + add_host: + name: "{{ item }}" + groups: g_service_nfs with_items: "{{ oo_host_group_exp | default([]) }}" + changed_when: False - name: Change state on nfs instance(s) hosts: g_service_nfs diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index b36c0eedf..308a8959d 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -44,6 +44,7 @@ ansible_become: "{{ g_sudo | default(omit) }}" with_items: "{{ groups.oo_nodes_to_config | default([]) }}" when: hostvars[item].openshift.common is defined and hostvars[item].openshift.common.is_containerized | bool and (item in groups.oo_nodes_to_config and item in groups.oo_masters_to_config) + changed_when: False - name: Configure containerized nodes hosts: oo_containerized_master_nodes diff --git a/playbooks/common/openshift-node/service.yml b/playbooks/common/openshift-node/service.yml index 2da68ceea..130a5416f 100644 --- a/playbooks/common/openshift-node/service.yml +++ b/playbooks/common/openshift-node/service.yml @@ -9,12 +9,18 @@ when: new_cluster_state is not defined - name: Evaluate g_service_nodes - add_host: name={{ item }} groups=g_service_nodes + add_host: + name: "{{ item }}" + groups: g_service_nodes with_items: "{{ oo_host_group_exp | default([]) }}" + changed_when: False - name: Change state on node instance(s) hosts: g_service_nodes connection: ssh gather_facts: no tasks: - - service: name={{ service_type }}-node state="{{ new_cluster_state }}" + - name: Change state on node instance(s) + service: + name: "{{ service_type }}-node" + state: "{{ new_cluster_state }}" diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 66c9cfa0f..c34700aeb 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -85,7 +85,7 @@ - reg_conf_var: HTTPS_PROXY reg_fact_val: "{{ docker_https_proxy | default('') }}" - reg_conf_var: NO_PROXY - reg_fact_val: "{{ docker_no_proxy | default('') | join(',') }}" + reg_fact_val: "{{ docker_no_proxy | default('') }}" notify: - restart docker when: diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 78886dcea..5ca8879b3 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1641,7 +1641,7 @@ def set_proxy_facts(facts): # We always add local dns domain and ourselves no matter what common['no_proxy'].append('.' + common['dns_domain']) common['no_proxy'].append(common['hostname']) - common['no_proxy'] = sort_unique(common['no_proxy']) + common['no_proxy'] = ','.join(sort_unique(common['no_proxy'])) facts['common'] = common return facts diff --git a/roles/openshift_hosted_metrics/tasks/install.yml b/roles/openshift_hosted_metrics/tasks/install.yml index 2c839996e..6a442cefc 100644 --- a/roles/openshift_hosted_metrics/tasks/install.yml +++ b/roles/openshift_hosted_metrics/tasks/install.yml @@ -128,5 +128,5 @@ modify_yaml: dest: "{{ openshift.common.config_base }}/master/master-config.yaml" yaml_key: assetConfig.metricsPublicURL - yaml_value: "{{ openshift_hosted_metrics_public_url }}" + yaml_value: "{{ openshift_hosted_metrics_deploy_url }}" notify: restart master diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2 index 7aea89578..6e2439fd9 100644 --- a/roles/openshift_master/templates/atomic-openshift-master.j2 +++ b/roles/openshift_master/templates/atomic-openshift-master.j2 @@ -29,7 +29,7 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }} HTTPS_PROXY={{ openshift.common.https_proxy | default('')}} {% endif %} {% if 'no_proxy' in openshift.common %} -NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} +NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} {% endif %} {% if not ('https_proxy' in openshift.common or 'https_proxy' in openshift.common or 'no_proxy' in openshift.common) %} {% for item in master_proxy %} diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index fcb8125e9..cf7ceacff 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -15,8 +15,8 @@ assetConfig: {% if 'logging_public_url' in openshift.master %} loggingPublicURL: {{ openshift.master.logging_public_url }} {% endif %} -{% if openshift_hosted_metrics_deploy | default(false) | bool %} - metricsPublicURL: {{ openshift_hosted_metrics_public_url }} +{% if openshift_hosted_metrics_deploy_url is defined %} + metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }} {% endif %} {% if 'extension_scripts' in openshift.master %} extensionScripts: {{ openshift.master.extension_scripts | to_padded_yaml(1, 2) }} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 index 43fb3cafa..c484d23cc 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 @@ -24,5 +24,5 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }} HTTPS_PROXY={{ openshift.common.https_proxy | default('')}} {% endif %} {% if 'no_proxy' in openshift.common %} -NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} +NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} {% endif %} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 index 6d26a69eb..e0adbbf52 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 @@ -24,5 +24,5 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }} HTTPS_PROXY={{ openshift.common.https_proxy | default('')}} {% endif %} {% if 'no_proxy' in openshift.common %} -NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} +NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} {% endif %} diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index 0dba4b3ba..74885d713 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -21,11 +21,10 @@ g_metrics_hostname: "{{ openshift_hosted_metrics_public_url | default('hawkular-metrics.' ~ (openshift_master_default_subdomain)) | oo_hostname_from_url }}" - when: openshift_hosted_metrics_deploy | default(false) | bool - set_fact: - openshift_hosted_metrics_public_url: "https://{{ g_metrics_hostname }}/hawkular/metrics" - when: openshift_hosted_metrics_deploy | default(false) | bool + openshift_hosted_metrics_deploy_url: "https://{{ g_metrics_hostname }}/hawkular/metrics" + when: (openshift_hosted_metrics_deploy | default(false) | bool) or (openshift_hosted_metrics_public_url is defined) - name: Set master facts openshift_facts: diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 626c47387..5243a87fe 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -90,7 +90,7 @@ - regex: '^HTTPS_PROXY=' line: "HTTPS_PROXY={{ openshift.common.https_proxy | default('') }}" - regex: '^NO_PROXY=' - line: "NO_PROXY={{ openshift.common.no_proxy | default([]) | join(',') }},{{ openshift.common.portal_net }},{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}" + line: "NO_PROXY={{ openshift.common.no_proxy | default([]) }},{{ openshift.common.portal_net }},{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}" when: ('http_proxy' in openshift.common and openshift.common.http_proxy != '') notify: - restart node diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index c4db197ca..a9a69f73c 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -16,6 +16,11 @@ register: task_result failed_when: "task_result|failed and 'could not' not in task_result.msg|lower" +- name: Wait 10 seconds after disabling iptables + pause: + seconds: 10 + when: task_result | changed + - name: Start and enable firewalld service systemd: name: firewalld diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 930b32cf2..38ea2477c 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -9,6 +9,11 @@ register: task_result failed_when: "task_result|failed and 'could not' not in task_result.msg|lower" +- name: Wait 10 seconds after disabling firewalld + pause: + seconds: 10 + when: task_result | changed + - name: Install iptables packages package: name={{ item }} state=present with_items: |