提问人:Михаил Семчук 提问时间:11/17/2023 最后编辑:harshavmbМихаил Семчук 更新时间:11/17/2023 访问量:25
Ansible 在重新加载后不会在 firewalld 中配置接口
Ansible don't configure interfaces in firewalld past reload
问:
任务是编写一个 playbook 以将接口移动到其他区域,但是当 firewalld 守护程序重新启动时,接口将返回到标准区域。也许这是由于 NetworkManager 的配置,但我在 Internet 上找到的解决方案并不能满足任务。此外,主要的困难是,在设计 playbook 时,您不能使用 shell 插件。
如果您对解决此问题有任何想法,请写信。
Linux 发行版 - RedOs (I from Russia :) )
我的剧本:
############## NAT CONFIGURATION ##############
---
- name: NAT CONFIGURATION
hosts: RTR1
become: yes
become_user: root
become_method: sudo
tasks:
###### 防火墙######################
- name: firewalld installing
yum:
name: firewalld
state: latest
- name: firewalld enable and start
service:
name: firewalld
enabled: true
state: started
- name: Interfaces
firewalld:
zone: public
interface: ens33
state: disabled
permanent: true
immediate: true
firewalld:
zone: internal
interface: ens36
state: enabled
permanent: true
immediate: true
firewalld:
zone: external
interface: ens33
state: enabled
permanent: true
immediate: true
- name: protocols Internal
firewalld:
zone: internal
service: "{{ item }}"
state: enabled
permanent: true
immediate: true
with_items:
- ssh
- mysql
- dns
- name: protocols External
firewalld:
zone: external
service: "{{ item }}"
state: enabled
permanent: true
immediate: true
with_items:
- ssh
- mysql
- http
- https
- dns
- name: save and reload
service:
name: firewalld
state: reloaded
答: 暂无答案
评论