- iscsi_gw_group_name in group_names
tags: firewall
+ - name: open node_exporter port
+ firewalld:
+ port: "9100/tcp"
+ zone: "{{ ceph_dashboard_firewall_zone }}"
+ permanent: true
+ immediate: true
+ state: enabled
+ when: dashboard_enabled | bool
+
- block:
- - name: open grafana port
+ - name: open dashboard port
firewalld:
- port: "3000/tcp"
+ port: "{{ dashboard_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- - name: open node_exporter port
+ - name: open mgr/prometheus port
firewalld:
- port: "9100/tcp"
+ port: "9283/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
+ when:
+ - dashboard_enabled | bool
+ - mgr_group_name is defined
+ - mgr_group_name in group_names
- - name: open mgr/prometheus port
+ - block:
+ - name: open grafana port
firewalld:
- port: "9283/tcp"
+ port: "3000/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
permanent: true
immediate: true
state: enabled
- when: dashboard_enabled
+
+ - name: open alertmanager port
+ firewalld:
+ port: "9093/tcp"
+ zone: "{{ ceph_dashboard_firewall_zone }}"
+ permanent: true
+ immediate: true
+ state: enabled
+ when:
+ - dashboard_enabled | bool
+ - inventory_hostname in groups.get('grafana-server', [])
- name: open haproxy ports
firewalld:
projects / ceph-ansible.git / commitdiff