baremetal: Install iptables for Docker if enabled

If iptables is not installed, e.g. in the CentOS 8 cloud image, and
Docker iptables management is enabled, we get the following errors:

Failed to find iptables: exec: \"iptables\": executable file not found
in $PATH failed to start daemon: Error initializing network controller:
error obtaining controller instance: failed to create NAT chain DOCKER:
Iptables not found

This change installs the iptables package Docker iptables management is
enabled.

Change-Id: I3ba5318debccafb28c3cbce8e4e9813c28b086fc
Closes-Bug: #1899060

ansible/roles/baremetal/defaults/main.yml

@@ -45,6 +45,7 @@ debian_pkg_install:
  - "{% if virtualenv is not none %}python3-virtualenv{% endif %}"
  - "{% if enable_host_ntp | bool %}ntp{% endif %}"
  - "{% if enable_multipathd|bool %}sg3-utils-udev{% endif %}"
+ - "{% if not docker_disable_default_iptables_rules | bool %}iptables{% endif %}"
 
 redhat_pkg_install:
  - "{{ docker_yum_package }}"
@@ -53,6 +54,7 @@ redhat_pkg_install:
  - "{% if virtualenv is not none %}python3-virtualenv{% endif %}"
  - "{% if enable_host_ntp | bool %}ntp{% endif %}"
  - sudo
+ - "{% if not docker_disable_default_iptables_rules | bool %}iptables{% endif %}"
 
 ubuntu_pkg_removals:
  - lxd

releasenotes/notes/docker-install-iptables-f24fef8ce2418963.yaml

@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixes an issue where Docker may fail to start if ``iptables`` is not
+    installed. `LP#1899060
+    <https://bugs.launchpad.net/kolla-ansible/+bug/1899060>`__