From 42566814456bfff8bd9898ab4bd9964ec9dd4987 Mon Sep 17 00:00:00 2001
From: Zack Cerza <zack@redhat.com>
Date: Tue, 1 May 2018 12:00:00 -0600
Subject: [PATCH] ceph-node-exporter: Open firewall ports

Signed-off-by: Zack Cerza <zack@redhat.com>
---
 .../tasks/configure_firewall.yml              | 19 +++++++++++++++++++
 .../roles/ceph-node-exporter/tasks/main.yml   |  2 ++
 2 files changed, 21 insertions(+)
 create mode 100644 ansible/roles/ceph-node-exporter/tasks/configure_firewall.yml

diff --git a/ansible/roles/ceph-node-exporter/tasks/configure_firewall.yml b/ansible/roles/ceph-node-exporter/tasks/configure_firewall.yml
new file mode 100644
index 0000000..b3908ec
--- /dev/null
+++ b/ansible/roles/ceph-node-exporter/tasks/configure_firewall.yml
@@ -0,0 +1,19 @@
+---
+- name: Check firewalld status
+  shell: "systemctl show firewalld | grep UnitFileState"
+  register: firewalld_status
+  failed_when: false
+  changed_when: false
+  tags:
+    - skip_ansible_lint
+
+- name: Open ports for Grafana
+  firewalld:
+    port: "{{ item }}"
+    zone: "{{ firewalld_zone }}"
+    state: enabled
+    immediate: true
+    permanent: true
+  with_items:
+    - 9100/tcp
+  when: "'enabled' in firewalld_status.stdout"
diff --git a/ansible/roles/ceph-node-exporter/tasks/main.yml b/ansible/roles/ceph-node-exporter/tasks/main.yml
index 0c0fbf1..b01abb6 100644
--- a/ansible/roles/ceph-node-exporter/tasks/main.yml
+++ b/ansible/roles/ceph-node-exporter/tasks/main.yml
@@ -23,6 +23,8 @@
   tags:
     - node_exporter
 
+- include: configure_firewall.yml
+
 - include: create_service.yml
   when:
     - devel_mode
-- 
2.47.3