Suppress unneeded verbosity with no_log: true

Set no_log: true for firewall discovery verbosity that occurs
when checks are run to determine firewall mechanism, status and
ports.

patchset #2: bump with commit message, no changes
patchset #3: bump with commit message again, no changes.

Change-Id: I7779076efaff0e8173713eb5a2f9c594fb180741

ansible/install/roles/fluentd/tasks/main.yml

@@ -43,16 +43,19 @@
   shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled'
   ignore_errors: true
   register: firewalld_in_use
+  no_log: true
 
 - name: Determine if firewalld is active
   shell: systemctl is-active firewalld.service | grep -vq inactive
   ignore_errors: true
   register: firewalld_is_active
+  no_log: true
 
 - name: Determine if TCP/{{fluentd_syslog_port}} is already active
   shell: firewall-cmd --list-ports | egrep -q "^{{fluentd_syslog_port}}/tcp"
   ignore_errors: true
   register: firewalld_tcp42185_exists
+  no_log: true
 
 # add firewall rule via firewall-cmd
 - name: Add firewall rule for TCP/{{fluentd_syslog_port}} (firewalld)
@@ -70,6 +73,7 @@
   ignore_errors: true
   register: iptables_tcp42185_exists
   failed_when: iptables_tcp42185_exists == 127
+  no_log: true
 
 - name: Add firewall rule for TCP/{{fluentd_syslog_port}} (iptables-services)
   lineinfile:
@@ -91,16 +95,19 @@
   shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled'
   ignore_errors: true
   register: firewalld_in_use
+  no_log: true
 
 - name: Determine if firewalld is active
   shell: systemctl is-active firewalld.service | grep -vq inactive
   ignore_errors: true
   register: firewalld_is_active
+  no_log: true
 
 - name: Determine if TCP/{{fluentd_http_port}} is already active
   shell: firewall-cmd --list-ports | egrep -q "^{{fluentd_http_port}}/tcp"
   ignore_errors: true
   register: firewalld_tcp9919_exists
+  no_log: true
 
 # add firewall rule via firewall-cmd
 - name: Add firewall rule for TCP/{{fluentd_http_port}} (firewalld)
@@ -118,6 +125,7 @@
   ignore_errors: true
   register: iptables_tcp9919_exists
   failed_when: iptables_tcp9919_exists == 127
+  no_log: true
 
 - name: Add firewall rule for TCP/{{fluentd_http_port}} (iptables-services)
   lineinfile:

ansible/install/roles/kibana/tasks/main.yml

@@ -25,6 +25,7 @@
   shell: cat /var/log/messages | /opt/logstash/bin/logstash -f /etc/logstash/conf.d/10-syslog.conf
   when: "'logstash-' not in elasticsearch_index.content"
   ignore_errors: true
+  no_log: true
 
 - name: Install local rsyslogd for fluentd
   yum: name={{ item }} state=present

ansible/install/roles/nginx/tasks/main.yml

@@ -65,16 +65,19 @@
   shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled'
   ignore_errors: true
   register: firewalld_in_use
+  no_log: true
 
 - name: Determine if firewalld is active
   shell: systemctl is-active firewalld.service | grep -vq inactive
   ignore_errors: true
   register: firewalld_is_active
+  no_log: true
 
 - name: Determine if TCP/{{nginx_kibana_port}} is already active
   shell: firewall-cmd --list-ports | egrep -q "^{{nginx_kibana_port}}/tcp"
   ignore_errors: true
   register: firewalld_tcp80_exists
+  no_log: true
 
 # add firewall rule via firewall-cmd
 - name: Add firewall rule for TCP/{{nginx_kibana_port}} (firewalld)
@@ -92,6 +95,7 @@
   ignore_errors: true
   register: iptables_tcp80_exists
   failed_when: iptables_tcp80_exists == 127
+  no_log: true
 
 - name: Add firewall rule for TCP/{{nginx_kibana_port}} (iptables-services)
   lineinfile:
@@ -113,16 +117,19 @@
   shell: systemctl is-enabled firewalld.service | egrep -qv 'masked|disabled'
   ignore_errors: true
   register: firewalld_in_use
+  no_log: true
 
 - name: Determine if firewalld is active
   shell: systemctl is-active firewalld.service | grep -vq inactive
   ignore_errors: true
   register: firewalld_is_active
+  no_log: true
 
 - name: Determine if TCP/{{elk_server_ssl_cert_port}} is already active
   shell: firewall-cmd --list-ports | egrep -q "^{{elk_server_ssl_cert_port}}/tcp"
   ignore_errors: true
   register: firewalld_tcp8080_exists
+  no_log: true
 
 # add firewall rule via firewall-cmd
 - name: Add firewall rule for TCP/{{elk_server_ssl_cert_port}} (firewalld)
@@ -140,6 +147,7 @@
   ignore_errors: true
   register: iptables_tcp8080_exists
   failed_when: iptables_tcp8080_exists == 127
+  no_log: true
 
 - name: Add firewall rule for TCP/{{elk_server_ssl_cert_port}} (iptables-services)
   lineinfile: