4ac11fabcf
Add podman and podman_sdk role for preparing machine for Podman deployment of Openstack. Signed-off-by: Ivan Halomi <i.halomi@partner.samsung.com> Signed-off-by: Martin Hiner <m.hiner@partner.samsung.com> Co-Authored-By: Michal Arbet <michal.arbet@ultimum.io> Change-Id: Ie4b4c1cf8fe6e7ce41eaa703b423dedcb41e3afc
39 lines
1002 B
YAML
39 lines
1002 B
YAML
---
|
|
# TODO(inc0): Gates don't seem to have ufw executable, check for it instead of ignore errors
|
|
- block:
|
|
- name: Set firewall default policy
|
|
# noqa ignore-errors
|
|
become: True
|
|
ufw:
|
|
state: disabled
|
|
policy: allow
|
|
when: ansible_facts.os_family == 'Debian'
|
|
ignore_errors: yes
|
|
|
|
- name: Check if firewalld is installed
|
|
# noqa command-instead-of-module
|
|
command: rpm -q firewalld
|
|
register: firewalld_check
|
|
changed_when: false
|
|
failed_when: firewalld_check.rc > 1
|
|
when: ansible_facts.os_family == 'RedHat'
|
|
|
|
- name: Disable firewalld
|
|
become: True
|
|
service:
|
|
name: "{{ item }}"
|
|
enabled: false
|
|
state: stopped
|
|
with_items:
|
|
- firewalld
|
|
when:
|
|
- ansible_facts.os_family == 'RedHat'
|
|
- firewalld_check.rc == 0
|
|
when: disable_firewall | bool
|
|
|
|
- import_role:
|
|
name: openstack.kolla.packages
|
|
|
|
- import_role:
|
|
name: openstack.kolla.{{ container_engine }}
|