Add contrib playbook to disable service firewall (#7431)
Basically we need to make necessary TCP/UDP ports open. However the necessary ports are so many, and sometimes it is difficult to figure out that is due to firewall issues or not if facing deployment issues. To distinguish a root problem on such situation, this adds contrib playbook to disable the service firewall for Kubespray development and test.
This commit is contained in:
parent
29c2fbdbc1
commit
b3d9f2b4a2
3 changed files with 29 additions and 0 deletions
4
contrib/os-services/os-services.yml
Normal file
4
contrib/os-services/os-services.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
roles:
|
||||||
|
- { role: prepare }
|
2
contrib/os-services/roles/prepare/defaults/main.yml
Normal file
2
contrib/os-services/roles/prepare/defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
disable_service_firewall: false
|
23
contrib/os-services/roles/prepare/tasks/main.yml
Normal file
23
contrib/os-services/roles/prepare/tasks/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
- block:
|
||||||
|
- name: List services
|
||||||
|
service_facts:
|
||||||
|
|
||||||
|
- name: Disable service firewalld
|
||||||
|
systemd:
|
||||||
|
name: firewalld
|
||||||
|
state: stopped
|
||||||
|
enabled: no
|
||||||
|
when:
|
||||||
|
"'firewalld.service' in services"
|
||||||
|
|
||||||
|
- name: Disable service ufw
|
||||||
|
systemd:
|
||||||
|
name: ufw
|
||||||
|
state: stopped
|
||||||
|
enabled: no
|
||||||
|
when:
|
||||||
|
"'ufw.service' in services"
|
||||||
|
|
||||||
|
when:
|
||||||
|
- disable_service_firewall
|
Loading…
Reference in a new issue