当我尝试为该区域设置多个服务时,我发现了这个问题。
仅设置了第一个,另一个总是出现以下错误:
TASK [Set services] *******************************************************************************************************************************************************************************************************************************
changed: [localhost] => (item=ssh)
failed: [localhost] (item= samba) => {"ansible_loop_var": "item", "changed": false, "item": " samba", "msg": "ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception: INVALID_SERVICE: Zone 'work': ' samba' not among existing services Permanent operation, Services are defined by port/tcp relationship and named as they are in /etc/services (on most systems)"}
如果我切换服务并将 samba 作为第一个,那么 ssh 会生成相同的错误
主要剧本:
- name: Configure Firewalld
hosts: localhost
gather_facts: no
vars:
firewall:
- zone: work
service: ssh, samba
- zone: public
service: samba
tasks:
- name: Set services
include_tasks: ./service.yml
loop: "{{firewall | selectattr('service', 'defined') | list}}"
loop_control:
loop_var: service
服务手册:
- set_fact:
zone: "{{service.zone}}"
- name: "Servcie name"
debug:
var: item
with_items: "{{service.service | split(',')}}"
- name: Set services
ansible.posix.firewalld:
zone: "{{zone}}"
service: "{{item}}"
state: enabled
permanent: yes
with_items: "{{service.service | split(',')}}"
register: result
有什么建议如何解决这个问题吗?
答案1
我能够找出问题出在哪里。
在服务剧本中,您需要替换:
老的:
- name: Set services
ansible.posix.firewalld:
zone: "{{zone}}"
service: "{{item}}"
state: enabled
permanent: yes
with_items: "{{service.service | split(',')}}"
register: result
新的:
- name: Set services
ansible.posix.firewalld:
zone: "{{zone}}"
service: "{{item}}"
state: enabled
permanent: yes
with_items: "{{service.service | split(',') | map('trim')}}"
register: result
空旷的空间是问题所在