ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ceph-ansible/roles/ceph-infra/tasks/dashboard_firewall.yml

71 lines
2.0 KiB
YAML
Raw Permalink Blame History

---
- name: Open node_exporter port
ansible.posix.firewalld:
port: "{{ node_exporter_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open dashboard port in firewalld
when:
- mgr_group_name is defined
- (groups.get(mgr_group_name,[]) | length > 0 and mgr_group_name in group_names) or
(groups.get(mgr_group_name,[]) | length == 0 and mon_group_name in group_names)
block:
- name: Open dashboard port
ansible.posix.firewalld:
port: "{{ dashboard_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open mgr/prometheus port
ansible.posix.firewalld:
port: "9283/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open monitoring stack tcp ports in firewalld
when:
- monitoring_group_name is defined
- monitoring_group_name in group_names
block:
- name: Open grafana port
ansible.posix.firewalld:
port: "{{ grafana_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open prometheus port
ansible.posix.firewalld:
port: "{{ prometheus_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open alertmanager port
ansible.posix.firewalld:
port: "{{ alertmanager_port }}/tcp"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
- name: Open alertmanager cluster port
ansible.posix.firewalld:
port: "{{ alertmanager_cluster_port }}/{{ item }}"
zone: "{{ ceph_dashboard_firewall_zone }}"
permanent: true
immediate: true
state: enabled
with_items:
- "tcp"
- "udp"
Reference in New Issue View Git Blame Copy Permalink