From 175cdba9b15ef3fd4935c40a3a10812613b53751 Mon Sep 17 00:00:00 2001
From: GreatLazyMan <110919403+GreatLazyMan@users.noreply.github.com>
Date: Thu, 18 Aug 2022 16:12:37 +0800
Subject: [PATCH] Add 'flush ip6tables' task in reset role (#9168)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Add 'flush ip6tables' task in reset role

If enable_dual_stack_networks is set to true and ip6 is defined，ip6tables will be created. But when reset the kubernetes cluster, kubespray doesn't flush ip6tables.

* [CI] fix molecule tests on opensuse by upgrading to 15.4 (#9175)

* [CI] fix molecule tests on opensuse by upgrading to 15.4

* [opensuse] use correct python crytography package name depending on distribution version

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
---
 roles/reset/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml
index f35b50407..3c33815c2 100644
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -205,6 +205,20 @@
   tags:
     - iptables
 
+- name: flush ip6tables
+  iptables:
+    table: "{{ item }}"
+    flush: yes
+    ip_version: ipv6
+  with_items:
+    - filter
+    - nat
+    - mangle
+    - raw
+  when: flush_iptables|bool and enable_dual_stack_networks
+  tags:
+    - ip6tables
+
 - name: Clear IPVS virtual server table
   command: "ipvsadm -C"
   ignore_errors: true  # noqa ignore-errors