Closed gleeman2 closed 4 years ago
If you are Red Hat Ansible customer, please file issue to Red Hat.
Thank you, Ilkka I'll open a case and report back here on the findings.
The issue was with the port values set container_firewall_ports
in var. From the stdout, we found that the return port value for the item is ("item": "8052/tcp/tcp") which is the reason this error is being thrown. The port value should be "8052/tcp
I'm still running into this. What was the actual solution, @gleeman?
Hi
Playbook fails at below task. It seems to be an noted issue in RHEL 8.1b, but there seems to be no working resolution I could find. Possible solution, but not working https://github.com/ansible/ansible/issues/63254
Anyone have a workaround?
TASK [podman_container_systemd : ensure container's exposed ports firewall state] **** task path: /data/Containers/awx_pod/roles/podman_container_systemd/tasks/main.yml:179 <127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root <127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0' <127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "
_ansiballz_main()
File "/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py", line 106, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py", line 49, in invoke_module
imp.load_module('main', mod, module, MOD_DESC)
File "/usr/lib64/python3.6/imp.py", line 235, in load_module
return load_source(name, filename, file)
File "/usr/lib64/python3.6/imp.py", line 170, in load_source
module = _exec(spec, sys.modules[name])
File "", line 618, in _exec
File "", line 678, in exec_module
File "", line 219, in _call_with_frames_removed
File "/tmp/ansible_firewalld_payload_mcrd1b1l/main.py", line 869, in
File "/tmp/ansible_firewalld_payload_mcrd1b1l/main.py", line 686, in main
ValueError: too many values to unpack (expected 2)
echo /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819
" && echo ansible-tmp-1588203708.2969663-77036133413819="echo /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819
" ) && sleep 0' Using module file /usr/lib/python3.6/site-packages/ansible/modules/system/firewalld.py <127.0.0.1> PUT /root/.ansible/tmp/ansible-local-13423frx74i3t/tmpysi5h_je TO /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py <127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/ /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py && sleep 0' <127.0.0.1> EXEC /bin/sh -c '/usr/libexec/platform-python /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py && sleep 0' <127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/ > /dev/null 2>&1 && sleep 0' The full traceback is: Traceback (most recent call last): File "/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py", line 114, infailed: [127.0.0.1] (item=8052/tcp/tcp) => { "ansible_loop_var": "item", "changed": false, "item": "8052/tcp/tcp", "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py\", line 114, in\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py\", line 106, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-tmp-1588203708.2969663-77036133413819/AnsiballZ_firewalld.py\", line 49, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File \"/usr/lib64/python3.6/imp.py\", line 235, in load_module\n return load_source(name, filename, file)\n File \"/usr/lib64/python3.6/imp.py\", line 170, in load_source\n module = _exec(spec, sys.modules[name])\n File \"\", line 618, in _exec\n File \"\", line 678, in exec_module\n File \"\", line 219, in _call_with_frames_removed\n File \"/tmp/ansible_firewalld_payload_mcrd1b1l/main.py\", line 869, in \n File \"/tmp/ansible_firewalld_payload_mcrd1b1l/main.py\", line 686, in main\nValueError: too many values to unpack (expected 2)\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
Snippit of playbook that fails.
-
--
-`-name: configure firewall if container_firewall_ports is defined block:
name: set firewall ports state to enabled when container state is running set_fact: fw_state: enabled when: container_state == "running"
name: set firewall ports state to disabled when container state is not running set_fact: fw_state: disabled when: container_state != "running"
name: ensure firewalld is installed tags: firewall package: name=firewalld state=installed
name: ensure firewall service is running tags: firewall service: name=firewalld state=started
name: ensure container's exposed ports firewall state tags: firewall firewalld: port: "{{ item }}" permanent: yes immediate: yes state: "{{ fw_state }}" with_items: "{{ container_firewall_ports }}"
when: container_firewall_ports is defined
-
---
--
-`-[@container01 ~]$ sudo firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens192 sources: services: cockpit dhcpv6-client ssh ports: 7937-9986/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
[@container01 ~]$ uname -a Linux container01.mtsu.edu 4.18.0-147.3.1.el8_1.x86_64 #1 SMP Wed Nov 27 01:11:44 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
[@container01 ~]$ cat /etc/os-release NAME="Red Hat Enterprise Linux" VERSION="8.1 (Ootpa)" ID="rhel" ID_LIKE="fedora" VERSION_ID="8.1" PLATFORM_ID="platform:el8" PRETTY_NAME="Red Hat Enterprise Linux 8.1 (Ootpa)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:redhat:enterprise_linux:8.1:GA" HOME_URL="https://www.redhat.com/" BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8" REDHAT_BUGZILLA_PRODUCT_VERSION=8.1 REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux" REDHAT_SUPPORT_PRODUCT_VERSION="8.1"
Possible solution: https://github.com/ansible/ansible/issues/63254