From 7b421516799722490ddffed9ce7e9179dd5fe2cc Mon Sep 17 00:00:00 2001
From: Kourosh Vivan <kourosh.vivan@alterway.fr>
Date: Tue, 9 Jul 2019 15:00:45 +0200
Subject: [PATCH] iptables save fix for centos 7

Centos 7 use systemd, we cannot use service save iptables anymore.
iptables can be stopped and disabled so we just save rules in
/etc/sysconfig/iptables with iptables-save

Change-Id: I55342afadea29a1a07fe50f30e0371b3367c3d7a
Closes-Bug: 1831175
---
 tasks/octavia_post_install.yml | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/tasks/octavia_post_install.yml b/tasks/octavia_post_install.yml
index 4c9db4ab..e1c7746b 100644
--- a/tasks/octavia_post_install.yml
+++ b/tasks/octavia_post_install.yml
@@ -28,11 +28,10 @@
   ignore_errors: yes
   when: ansible_os_family == 'Debian'
 
-- name: save iptables rules (CentOS & RHEL)
-  command: service iptables save
-  args:
-    warn: False # since we use save service module doesn't apply
-  when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
+- name: save iptables rules (CentOS)
+  shell: iptables-save > /etc/sysconfig/iptables
+  when:
+    - ansible_distribution == 'CentOS'
 
 - name: Create certs directory
   file: path=/etc/octavia/certs/ state=directory