Add contrib playbook to disable service firewall (#7431)

Basically we need to make necessary TCP/UDP ports open.
However the necessary ports are so many, and sometimes it is difficult
to figure out that is due to firewall issues or not if facing deployment
issues.
To distinguish a root problem on such situation, this adds contrib
playbook to disable the service firewall for Kubespray development
and test.
This commit is contained in:
Kenichi Omichi 2021-05-18 06:45:30 -07:00 committed by GitHub
parent 29c2fbdbc1
commit b3d9f2b4a2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 29 additions and 0 deletions

View file

@ -0,0 +1,4 @@
---
- hosts: all
roles:
- { role: prepare }

View file

@ -0,0 +1,2 @@
---
disable_service_firewall: false

View file

@ -0,0 +1,23 @@
---
- block:
- name: List services
service_facts:
- name: Disable service firewalld
systemd:
name: firewalld
state: stopped
enabled: no
when:
"'firewalld.service' in services"
- name: Disable service ufw
systemd:
name: ufw
state: stopped
enabled: no
when:
"'ufw.service' in services"
when:
- disable_service_firewall