--- - name: Open node_exporter port ansible.posix.firewalld: port: "{{ node_exporter_port }}/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open dashboard port in firewalld when: - mgr_group_name is defined - (groups.get(mgr_group_name,[]) | length > 0 and mgr_group_name in group_names) or (groups.get(mgr_group_name,[]) | length == 0 and mon_group_name in group_names) block: - name: Open dashboard port ansible.posix.firewalld: port: "{{ dashboard_port }}/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open mgr/prometheus port ansible.posix.firewalld: port: "9283/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open monitoring stack tcp ports in firewalld when: - monitoring_group_name is defined - monitoring_group_name in group_names block: - name: Open grafana port ansible.posix.firewalld: port: "{{ grafana_port }}/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open prometheus port ansible.posix.firewalld: port: "{{ prometheus_port }}/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open alertmanager port ansible.posix.firewalld: port: "{{ alertmanager_port }}/tcp" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled - name: Open alertmanager cluster port ansible.posix.firewalld: port: "{{ alertmanager_cluster_port }}/{{ item }}" zone: "{{ ceph_dashboard_firewall_zone }}" permanent: true immediate: true state: enabled with_items: - "tcp" - "udp"