From 71e7aa348e3abec766a71104c090de1ca116a15c Mon Sep 17 00:00:00 2001
From: Daniel Gryniewicz <dang@redhat.com>
Date: Wed, 22 Jun 2016 10:10:16 -0400
Subject: [PATCH] Only check ports if NMAP exists

Signed-off-by: Daniel Gryniewicz <dang@redhat.com>
---
 roles/ceph-common/tasks/checks/check_firewall.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/ceph-common/tasks/checks/check_firewall.yml b/roles/ceph-common/tasks/checks/check_firewall.yml
index 7eb493a1b..3d829e893 100644
--- a/roles/ceph-common/tasks/checks/check_firewall.yml
+++ b/roles/ceph-common/tasks/checks/check_firewall.yml
@@ -27,8 +27,8 @@
       msg: "Please allow port 6789 on your firewall"
   when:
     - mon_group_name in group_names
-    - monportstate.rc == 0
     - nmapexist.rc == 0
+    - monportstate.rc == 0
 
 - name: check if osd and mds range is not filtered (osd hosts)
   local_action: shell set -o pipefail && nmap -p 6800-7300 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -44,8 +44,8 @@
       msg: "Please allow range from 6800 to 7300 on your firewall"
   when:
     - osd_group_name in group_names
-    - osdrangestate.rc == 0
     - nmapexist.rc == 0
+    - osdrangestate.rc == 0
 
 - name: check if osd and mds range is not filtered (mds hosts)
   local_action: shell set -o pipefail && nmap -p 6800-7300 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -61,8 +61,8 @@
       msg: "Please allow range from 6800 to 7300 on your firewall"
   when:
     - mds_group_name in group_names
-    - mdsrangestate.rc == 0
     - nmapexist.rc == 0
+    - mdsrangestate.rc == 0
 
 - name: check if rados gateway port is not filtered
   local_action: shell set -o pipefail && nmap -p {{ radosgw_civetweb_port }} {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -78,8 +78,8 @@
       msg: "Please allow port {{ radosgw_civetweb_port }} on your firewall"
   when:
     - rgw_group_name in group_names
-    - rgwportstate.rc == 0
     - nmapexist.rc == 0
+    - rgwportstate.rc == 0
 
 - name: check if NFS ports are not filtered
   local_action: shell set -o pipefail && nmap -p 111,2049 {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} | grep -sqo -e filtered -e '0 hosts up'
@@ -95,5 +95,5 @@
       msg: "Please allow ports 111 and 2049 on your firewall"
   when:
     - nfs_group_name in group_names
-    - nfsportstate.rc == 0
     - nmapexist.rc == 0
+    - nfsportstate.rc == 0