Only check ports if NMAP exists

author Daniel Gryniewicz <dang@redhat.com>

Wed, 22 Jun 2016 14:10:16 +0000 (10:10 -0400)

committer Daniel Gryniewicz <dang@redhat.com>

Wed, 13 Jul 2016 17:17:49 +0000 (13:17 -0400)
author Daniel Gryniewicz <dang@redhat.com>
Wed, 22 Jun 2016 14:10:16 +0000 (10:10 -0400)
committer Daniel Gryniewicz <dang@redhat.com>
Wed, 13 Jul 2016 17:17:49 +0000 (13:17 -0400)
diff --git a/roles/ceph-common/tasks/checks/check_firewall.yml b/roles/ceph-common/tasks/checks/check_firewall.yml

index 7eb493a1bd2a3e2e313fe902ae08594e5f7e6132..3d829e89387da87cf69b6dc36dafda7bde0a68f0 100644 (file)
--- a/roles/ceph-common/tasks/checks/check_firewall.yml
+++ b/roles/ceph-common/tasks/checks/check_firewall.yml
@@ -27,8 +27,8 @@
        msg: "Please allow port 6789 on your firewall"
    when:
      - mon_group_name in group_names
-    - monportstate.rc == 0
      - nmapexist.rc == 0
+    - monportstate.rc == 0
  
  - name: check if osd and mds range is not filtered (osd hosts)
    local_action: shell set -o pipefail && nmap -p 6800-7300 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -44,8 +44,8 @@
        msg: "Please allow range from 6800 to 7300 on your firewall"
    when:
      - osd_group_name in group_names
-    - osdrangestate.rc == 0
      - nmapexist.rc == 0
+    - osdrangestate.rc == 0
  
  - name: check if osd and mds range is not filtered (mds hosts)
    local_action: shell set -o pipefail && nmap -p 6800-7300 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -61,8 +61,8 @@
        msg: "Please allow range from 6800 to 7300 on your firewall"
    when:
      - mds_group_name in group_names
-    - mdsrangestate.rc == 0
      - nmapexist.rc == 0
+    - mdsrangestate.rc == 0
  
  - name: check if rados gateway port is not filtered
    local_action: shell set -o pipefail && nmap -p {{ radosgw_civetweb_port }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -78,8 +78,8 @@
        msg: "Please allow port {{ radosgw_civetweb_port }} on your firewall"
    when:
      - rgw_group_name in group_names
-    - rgwportstate.rc == 0
      - nmapexist.rc == 0
+    - rgwportstate.rc == 0
  
  - name: check if NFS ports are not filtered
    local_action: shell set -o pipefail && nmap -p 111,2049 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -95,5 +95,5 @@
        msg: "Please allow ports 111 and 2049 on your firewall"
    when:
      - nfs_group_name in group_names
-    - nfsportstate.rc == 0
      - nmapexist.rc == 0
+    - nfsportstate.rc == 0
author	Daniel Gryniewicz <dang@redhat.com>
	Wed, 22 Jun 2016 14:10:16 +0000 (10:10 -0400)
committer	Daniel Gryniewicz <dang@redhat.com>
	Wed, 13 Jul 2016 17:17:49 +0000 (13:17 -0400)