From: Zack Cerza <zack@redhat.com>
Date: Tue, 7 Aug 2018 18:32:59 +0000 (-0700)
Subject: ceph-mgr: Open port 9283
X-Git-Tag: v2.0~5^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=a4ab8293c697e829d41f7d656ae5000c183220fa;p=cephmetrics.git

ceph-mgr: Open port 9283

https://github.com/ceph/cephmetrics/issues/213

Signed-off-by: Zack Cerza <zack@redhat.com>
---

diff --git a/ansible/roles/ceph-mgr/tasks/configure_firewall.yml b/ansible/roles/ceph-mgr/tasks/configure_firewall.yml
new file mode 100644
index 0000000..40905b8
--- /dev/null
+++ b/ansible/roles/ceph-mgr/tasks/configure_firewall.yml
@@ -0,0 +1,19 @@
+---
+- name: Check firewalld status
+  shell: "systemctl show firewalld | grep UnitFileState"
+  register: firewalld_status
+  failed_when: false
+  changed_when: false
+  tags:
+    - skip_ansible_lint
+
+- name: Open port for the mgr prometheus module
+  firewalld:
+    port: "{{ item }}"
+    zone: "{{ firewalld_zone }}"
+    state: enabled
+    immediate: true
+    permanent: true
+  with_items:
+    - 9283/tcp
+  when: "'enabled' in firewalld_status.stdout"
diff --git a/ansible/roles/ceph-mgr/tasks/main.yml b/ansible/roles/ceph-mgr/tasks/main.yml
index 0a3617f..e19fe7c 100644
--- a/ansible/roles/ceph-mgr/tasks/main.yml
+++ b/ansible/roles/ceph-mgr/tasks/main.yml
@@ -7,6 +7,10 @@
   meta: end_play
   when: backend.metrics != 'mgr' or backend.storage != 'prometheus'
 
+- import_tasks: configure_firewall.yml
+  tags:
+    - firewall
+
 - name: Check to see if the mgr is containerized
   command: "docker inspect {{ item }}"
   with_items: