Introduce iptables_package var
on RHEL-9 there is no iptables package, we need to install iptables-nft package here. In CentOS Stream-9 and Fedora-34 onwards iptables-nft package is available.[1] But we also need to support other distros, so we are introducing iptables_packages var and distro specific var files (having different name) for installing iptables package. [1]. https://pkgs.org/download/iptables-nft Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com> Change-Id: I8d5d3182996fc1e83b7f4f7eb99cf4c347d6ef1f
This commit is contained in:
Chandan Kumar (raukadah)
parent
90c427d630
commit
6aa268834c
@ -1,2 +1,10 @@
|
|||||||
Configures the inventory private and public addresses in a multi-node job in
|
Multinode firewall is configured.
|
||||||
iptables in order to allow traffic to and from each node without restrictions.
|
|
||||||
|
This role is intended to install iptables and configure firewall.
|
||||||
|
|
||||||
|
**Role Variables**
|
||||||
|
|
||||||
|
.. zuul:rolevar:: iptables_package
|
||||||
|
:default: iptables
|
||||||
|
|
||||||
|
Install the distribution package for Iptables.
|
||||||
|
|||||||
2
roles/multi-node-firewall/defaults/main.yaml
Normal file
2
roles/multi-node-firewall/defaults/main.yaml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
iptables_package: "iptables"
|
||||||
@ -1,7 +1,16 @@
|
|||||||
- name: Ensure iptables
|
- name: Include operating system specific vars
|
||||||
|
include_vars: "{{ zj_distro_os }}"
|
||||||
|
with_first_found:
|
||||||
|
- "{{ ansible_distribution }}.yaml"
|
||||||
|
- "{{ ansible_os_family }}.yaml"
|
||||||
|
- "default.yaml"
|
||||||
|
loop_control:
|
||||||
|
loop_var: zj_distro_os
|
||||||
|
|
||||||
|
- name: 'Ensure {{ iptables_package }}'
|
||||||
become: true
|
become: true
|
||||||
package:
|
package:
|
||||||
name: iptables
|
name: "{{ iptables_package }}"
|
||||||
|
|
||||||
- name: Set up the host ip addresses
|
- name: Set up the host ip addresses
|
||||||
set_fact:
|
set_fact:
|
||||||
|
|||||||
7
roles/multi-node-firewall/vars/CentOS.yaml
Normal file
7
roles/multi-node-firewall/vars/CentOS.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
iptables_package: >-
|
||||||
|
{% if ansible_distribution_major_version|int <= 8 -%}
|
||||||
|
iptables
|
||||||
|
{%- else -%}
|
||||||
|
iptables-nft
|
||||||
|
{%- endif %}
|
||||||
7
roles/multi-node-firewall/vars/Fedora.yaml
Normal file
7
roles/multi-node-firewall/vars/Fedora.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
iptables_package: >-
|
||||||
|
{% if ansible_distribution_major_version|int <= 33 -%}
|
||||||
|
iptables
|
||||||
|
{%- else -%}
|
||||||
|
iptables-nft
|
||||||
|
{%- endif %}
|
||||||
7
roles/multi-node-firewall/vars/RedHat.yaml
Normal file
7
roles/multi-node-firewall/vars/RedHat.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
iptables_package: >-
|
||||||
|
{% if ansible_distribution_major_version|int <= 8 -%}
|
||||||
|
iptables
|
||||||
|
{%- else -%}
|
||||||
|
iptables-nft
|
||||||
|
{%- endif %}
|
||||||
2
roles/multi-node-firewall/vars/default.yaml
Normal file
2
roles/multi-node-firewall/vars/default.yaml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
iptables_package: "iptables"
|
||||||
Loading…
Reference in New Issue
Block a user