Local volumes and StatefulSet to provision Master/Slave MySQL and Galera cluster

1 files changed, 32 insertions, 0 deletions

diff --git a/roles/ands_network/tasks/firewall.yml b/roles/ands_network/tasks/firewall.yml
new file mode 100644
index 0000000..d5ba5f3
--- /dev/null
+++ b/roles/ands_network/tasks/firewall.yml
@@ -0,0 +1,32 @@
+- name: Ensure firewall template directory exists
+  file: path="{{ firewall_template_path }}" state="directory" mode=0644 owner=root group=root
+
+#Just in case we already added but not reloaded yet
+#- name: Reload firewalld rules
+#  shell: firewall-cmd --reload
+
+- name: Get list of existing firewalld services
+  shell: "firewall-cmd --get-services | tr ' ' '\n'"
+  changed_when: false
+  register: services
+
+- name: Configure missing firewalld services
+  include_tasks: firewall_service.yml
+  with_items: "{{ firewall_services }}"
+  vars:
+    servicelist: "{{ services.stdout_lines }}"
+  loop_control:
+    loop_var: service
+
+- name: Reload firewalld rules
+  shell: firewall-cmd --reload
+
+- name: Enable MySQL and Galera services if ands_hostnet_db is enabled
+  firewalld: service="{{ item }}" state="enabled" permanent="true" immediate="true"
+  when: ands_hostnet_db | default(false)
+  with_items:
+    - mysql
+    - galera
+
+- name: Reload firewalld rules
+  shell: firewall-cmd --reload