Ansible에서 방화벽 규칙을 작성하려면 jinja2 탬플레이트를 사용하여 플레이북을 작성해야 합니다. 이를 위해 나는 썼다.
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address=" {{ source }} " protocol value="icmp" accept
permanent: no
state: enabled
템플릿과
---
- name: Firewalld config
hosts: localhost
become: yes
vars:
source:
- 172.16.2.114
- 172.16.2.115
tasks:
- name: Rules
template:
src: playtem.yml.j2
dest: playbook.yml
스크립트에서. 내 예상 결과는
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="172.16.2.114" protocol value="icmp" accept
permanent: no
state: enabled
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="172.16.2.115" protocol value="icmp" accept
permanent: no
state: enabled
하지만 결과는
---
- name: Firewalld check
hosts: localhost
become: yes
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address=" [u'172.16.2.114', u'172.16.2.115'] " protocol value="icmp" accept
permanent: no
state: enabled
누구든지 이 문제를 해결하도록 도와줄 수 있나요?
답변1
대신 템플릿 플레이북을 사용하는 것이 좋습니다 loop.
---
- name: Firewalld check
hosts: localhost
become: yes
vars:
source:
- 172.16.2.114
- 172.16.2.115
tasks:
- name: Allow ICMP traffic
firewalld:
rich_rule: rule family='ipv4' source address="{{ item }}" protocol value="icmp" accept
permanent: no
state: enabled
loop: "{{ source }}"