Ansibleでファイアウォールルールを作成するには、jinja2テンプレートを使用してプレイブックを作成する必要があります。このために私は書いた。
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address=" {{ source }} " protocol value="icmp" accept
permanent: no
state: enabled
テンプレートと
---
- name: Firewalld config
hosts: localhost
become: yes
vars:
source:
- 172.16.2.114
- 172.16.2.115
tasks:
- name: Rules
template:
src: playtem.yml.j2
dest: playbook.yml
スクリプトから。私の予想結果は
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="172.16.2.114" protocol value="icmp" accept
permanent: no
state: enabled
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="172.16.2.115" protocol value="icmp" accept
permanent: no
state: enabled
しかし、結果は
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address=" [u'172.16.2.114', u'172.16.2.115'] " protocol value="icmp" accept
permanent: no
state: enabled
誰でもこの問題を解決するのに役立ちますか?
答え1
代わりにテンプレートプレイブックを使用することをお勧めしますloop
。
---
- name: Firewalld check
hosts: localhost
become: yes
vars:
source:
- 172.16.2.114
- 172.16.2.115
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="{{ item }}" protocol value="icmp" accept
permanent: no
state: enabled
loop: "{{ source }}"