diff options
Diffstat (limited to 'playbooks/common/openshift-cluster/upgrades')
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/init.yml | 14 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml | 2 |
2 files changed, 15 insertions, 1 deletions
diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml index b62557550..a3b8c489e 100644 --- a/playbooks/common/openshift-cluster/upgrades/init.yml +++ b/playbooks/common/openshift-cluster/upgrades/init.yml @@ -65,3 +65,17 @@ when: not openshift.common.is_atomic | bool args: warn: no + +- name: Ensure firewall is not switched during upgrade + hosts: oo_all_hosts + tasks: + - name: Check if iptables is running + command: systemctl status iptables + ignore_errors: true + changed_when: false + register: service_iptables_status + + - name: Set fact os_firewall_use_firewalld FALSE for iptables + set_fact: + os_firewall_use_firewalld: false + when: "'Active: active' in service_iptables_status.stdout" diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index 23b976192..9cad931af 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -32,7 +32,7 @@ include: ./etcd/main.yml # Create service signer cert when missing. Service signer certificate -# is added to master config in the master config hook for v3_3. +# is added to master config in the master_config_upgrade hook. - name: Determine if service signer cert must be created hosts: oo_first_master tasks: |