From 4d698ce831f1e1173b8f707506a97c168eb4f6e9 Mon Sep 17 00:00:00 2001
From: Guillaume Abrioux <gabrioux@redhat.com>
Date: Tue, 23 Oct 2018 09:49:50 +0200
Subject: [PATCH] ceph-infra: reload firewall after rules are added

we ensure that firewalld is installed and running before adding any
rule. This has no sense anymore not to reload firewalld once the rule
are added.

Signed-off-by: Guillaume Abrioux <gabrioux@redhat.com>
---
 roles/ceph-infra/tasks/configure_firewall.yml | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/roles/ceph-infra/tasks/configure_firewall.yml b/roles/ceph-infra/tasks/configure_firewall.yml
index d0075979c..9fbbc2938 100644
--- a/roles/ceph-infra/tasks/configure_firewall.yml
+++ b/roles/ceph-infra/tasks/configure_firewall.yml
@@ -27,7 +27,7 @@
     zone: "{{ ceph_mon_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -43,7 +43,7 @@
     zone: "{{ ceph_mgr_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -59,7 +59,7 @@
     zone: "{{ ceph_osd_firewall_zone }}"
     source: "{{ item }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   with_items:
     - "{{ public_network }}"
@@ -78,7 +78,7 @@
     zone: "{{ ceph_rgw_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -94,7 +94,7 @@
     zone: "{{ ceph_mds_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -110,7 +110,7 @@
     zone: "{{ ceph_nfs_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -126,7 +126,7 @@
     zone: "{{ ceph_nfs_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -142,7 +142,7 @@
     zone: "{{ ceph_restapi_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -158,7 +158,7 @@
     zone: "{{ ceph_rbdmirror_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
@@ -174,7 +174,7 @@
     zone: "{{ ceph_iscsi_firewall_zone }}"
     source: "{{ public_network }}"
     permanent: true
-    immediate: false # if true then fails in case firewalld is stopped
+    immediate: true
     state: enabled
   notify: restart firewalld
   when:
-- 
2.39.5