From bc2ba98351a4b45a18813cf2dc2cd58f098bc1d3 Mon Sep 17 00:00:00 2001 From: Russell Teague Date: Thu, 26 Jan 2017 11:36:58 -0500 Subject: Create v3_5 upgrade playbooks --- playbooks/common/openshift-cluster/upgrades/init.yml | 14 ++++++++++++++ .../openshift-cluster/upgrades/upgrade_control_plane.yml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'playbooks/common') diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml index b62557550..a3b8c489e 100644 --- a/playbooks/common/openshift-cluster/upgrades/init.yml +++ b/playbooks/common/openshift-cluster/upgrades/init.yml @@ -65,3 +65,17 @@ when: not openshift.common.is_atomic | bool args: warn: no + +- name: Ensure firewall is not switched during upgrade + hosts: oo_all_hosts + tasks: + - name: Check if iptables is running + command: systemctl status iptables + ignore_errors: true + changed_when: false + register: service_iptables_status + + - name: Set fact os_firewall_use_firewalld FALSE for iptables + set_fact: + os_firewall_use_firewalld: false + when: "'Active: active' in service_iptables_status.stdout" diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index 23b976192..9cad931af 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -32,7 +32,7 @@ include: ./etcd/main.yml # Create service signer cert when missing. Service signer certificate -# is added to master config in the master config hook for v3_3. +# is added to master config in the master_config_upgrade hook. - name: Determine if service signer cert must be created hosts: oo_first_master tasks: -- cgit v1.2.3