diff options
Diffstat (limited to 'roles/os_firewall')
-rwxr-xr-x | roles/os_firewall/library/os_firewall_manage_iptables.py | 4 | ||||
-rw-r--r-- | roles/os_firewall/tasks/firewall/firewalld.yml | 5 |
2 files changed, 6 insertions, 3 deletions
diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py index 8ba650994..8d4878fa7 100755 --- a/roles/os_firewall/library/os_firewall_manage_iptables.py +++ b/roles/os_firewall/library/os_firewall_manage_iptables.py @@ -223,7 +223,9 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes def gen_cmd(self): cmd = 'iptables' if self.ip_version == 'ipv4' else 'ip6tables' - return ["/usr/sbin/%s" % cmd] + # Include -w (wait for xtables lock) in default arguments. + default_args = ['-w'] + return ["/usr/sbin/%s" % cmd] + default_args def gen_save_cmd(self): # pylint: disable=no-self-use return ['/usr/libexec/iptables/iptables.init', 'save'] diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index 1101870be..c4db197ca 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -1,7 +1,8 @@ --- - name: Install firewalld packages - package: name=firewalld state=present - when: not openshift.common.is_containerized | bool + package: + name: firewalld + state: present - name: Ensure iptables services are not enabled systemd: |