From 0c02bc3a32f38020eabfd6e75e583b46f901ea59 Mon Sep 17 00:00:00 2001 From: Adrien Reslinger Date: Sat, 10 Jul 2021 00:04:39 +0200 Subject: [PATCH] Update deployment --- tasks/RedHat.yml | 67 ++++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 36 deletions(-) diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml index a75a704..fec66e8 100644 --- a/tasks/RedHat.yml +++ b/tasks/RedHat.yml @@ -51,44 +51,38 @@ # register: result # until: result is successful -- name: Register kubernetes firewalld service - template: - src: "etc/firewalld/services/kubernetes.xml.j2" - dest: "/etc/firewalld/services/kubernetes.xml" - group: root - owner: root - mode: 0644 - register: need_firewalld_reload - when: - - kubernetes_server|bool - -- name: Reload firewalld configuration - service: - name: firewalld - state: reloaded - enabled: yes - when: - - kubernetes_server|bool - - need_firewalld_reload is changed - -#- name: reload firewalld to refresh service list -# command: firewall-cmd --reload +#- name: Register kubernetes firewalld service +# template: +# src: "etc/firewalld/services/kubernetes.xml.j2" +# dest: "/etc/firewalld/services/kubernetes.xml" +# group: root +# owner: root +# mode: 0644 +# register: need_firewalld_reload # when: -# - need_firewalld_reload is changed # - kubernetes_server|bool - -# Définir interface -- name: Open Firewalld - firewalld: - zone: external - service: kubernetes - permanent: true - state: enabled - immediate: true - when: -# - need_firewall|bool -# - firewall_name == "firewalld" - - kubernetes_server|bool +# +#- name: Reload firewalld configuration +# service: +# name: firewalld +# state: reloaded +# enabled: yes +# when: +# - kubernetes_server|bool +# - need_firewalld_reload is changed +# +## Définir interface +#- name: Open Firewalld +# firewalld: +# zone: external +# service: kubernetes +# permanent: true +# state: enabled +# immediate: true +# when: +## - need_firewall|bool +## - firewall_name == "firewalld" +# - kubernetes_server|bool #- name: Create kubernetes firewalld zone # firewalld: @@ -107,6 +101,7 @@ when: - kubernetes_server|bool with_items: + - "{{ (lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.network + '/' + lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.netmask) | ipaddr('net') }}" - "{{ kubernetes_pods_network }}" - "10.96.0.0/12"