Add contrib playbook to disable service firewall (#7431)

Basically we need to make necessary TCP/UDP ports open.
However the necessary ports are so many, and sometimes it is difficult
to figure out that is due to firewall issues or not if facing deployment
issues.
To distinguish a root problem on such situation, this adds contrib
playbook to disable the service firewall for Kubespray development
and test.

contrib/os-services/os-services.yml

@@ -0,0 +1,4 @@
+---
+- hosts: all
+  roles:
+    - { role: prepare }

contrib/os-services/roles/prepare/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+disable_service_firewall: false

contrib/os-services/roles/prepare/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+- block:
+  - name: List services
+    service_facts:
+
+  - name: Disable service firewalld
+    systemd:
+      name: firewalld
+      state: stopped
+      enabled: no
+    when:
+      "'firewalld.service' in services"
+
+  - name: Disable service ufw
+    systemd:
+      name: ufw
+      state: stopped
+      enabled: no
+    when:
+      "'ufw.service' in services"
+
+  when:
+  - disable_service_firewall