---
- name: Activating cgroup support
  lineinfile:
    path: /boot/cmdline.txt
    regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
    backrefs: true
  notify: reboot

- name: Flush iptables before changing to iptables-legacy
  iptables:
    flush: true
  changed_when: false   # iptables flush always returns changed

- name: Changing to iptables-legacy
  alternatives:
    path: /usr/sbin/iptables-legacy
    name: iptables
  register: ip4_legacy

- name: Changing to ip6tables-legacy
  alternatives:
    path: /usr/sbin/ip6tables-legacy
    name: ip6tables
  register: ip6_legacy