diff options
| author | Scott Dodson <sdodson@redhat.com> | 2017-09-13 22:31:25 -0400 |
|---|---|---|
| committer | Scott Dodson <sdodson@redhat.com> | 2017-09-13 22:31:25 -0400 |
| commit | fbe584a902a10214270cf7060d60aaa911e7ffa7 (patch) | |
| tree | b1dab559d8ce27046531e32073f462229f540b0b /roles/os_firewall/tasks | |
| parent | 461d13747238b9ebddbc370de79bee0ece38b7a8 (diff) | |
| download | openshift-fbe584a902a10214270cf7060d60aaa911e7ffa7.tar.gz openshift-fbe584a902a10214270cf7060d60aaa911e7ffa7.tar.bz2 openshift-fbe584a902a10214270cf7060d60aaa911e7ffa7.tar.xz openshift-fbe584a902a10214270cf7060d60aaa911e7ffa7.zip | |
Only attempt to start iptables on hosts in the current batch
If os_firewall role is called from within a play that uses serial then
it was attempting to start iptables on hosts that may not have had
iptables installed on them yet. So limit the hosts to the current batch.
According to the ansible docs on plays where serial is unused this is
the same as ansible_play_hosts.
See http://docs.ansible.com/ansible/latest/playbooks_variables.html
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1490739
Diffstat (limited to 'roles/os_firewall/tasks')
| -rw-r--r-- | roles/os_firewall/tasks/iptables.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/os_firewall/tasks/iptables.yml b/roles/os_firewall/tasks/iptables.yml index 0af5abf38..2d74f2e48 100644 --- a/roles/os_firewall/tasks/iptables.yml +++ b/roles/os_firewall/tasks/iptables.yml @@ -33,7 +33,7 @@ register: result delegate_to: "{{item}}" run_once: true - with_items: "{{ ansible_play_hosts }}" + with_items: "{{ ansible_play_batch }}" - name: need to pause here, otherwise the iptables service starting can sometimes cause ssh to fail pause: |