Reputation: 9041
python module firewall not found
- computer run ansible-playbook: MacBook, with python 3.9
- target machine: Debian 10 with python2.7.16 and python3.7.3
When I tried to open port in firewall:
- name: Open port 80 for http access
firewalld:
service: http
permanent: true
state: enabled
I got error:
fatal: [virtual_server]: FAILED! => {"changed": false, "msg": "Python Module not found: firewalld and its python module are required for this module, version 0.2.11 or newer required (0.3.9 or newer for offline operations)"}
I also tried to use ansible.posix.firewall, with ansible-galaxy collection install ansible.posix on macbook, and use ansible.posix.firewall, still got this error.
Can anybody tell me what is wrong?
Upvotes: 5
Views: 14043
Answers (5)
Reputation: 1
I've not used Debian 10, but it may be similar to the issue I had on Ubuntu 22.04 where I received the same error when trying to use the Ansible firewalld module to add a service.
The reason was that the host was running the UFW firewall and did not have firewalld installed.
The solution was to stop and disable UFW on the target host, and then install, enable and start firewalld in its place. The Ansible firewalld module then worked fine.
I used this playbook:
- name: firewall | disable and stop ufw
service:
name: ufw
enabled: false
state: stopped
- name: firewall | install required packages for firewalld
package:
name: '{{ item }}'
state: present
with_items:
- firewalld
- name: firewall | enable and start firewalld
service:
name: firewalld
enabled: true
state: started
- name: firewalld | allow incoming HTTP connections
firewalld:
service: http
permanent: true
immediate: yes
state: enabled
notify: reload_firewalld
with handler
- name: reload_firewalld
systemd:
name: firewalld
state: reloaded
Upvotes: 0
Reputation: 2728
I have fixed this problem by switch ansible_connection mode from paramiko to ssh on Ansible 5.10.0 x Ubuntu 22.04 .
My changes.
[ [email protected] ~ ]
$ vim ansible-pipeline.cfg
[defaults]
- ansible_connection = paramiko
- transport = paramiko
+ ansible_connection = ssh
+ transport = ssh
Ansible version.
[ [email protected] ~ ]
$ ansible --version
ansible [core 2.12.10]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/chusiang/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/chusiang/.local/lib/python3.10/site-packages/ansible
ansible collection location = /home/chusiang/.ansible/collections:/usr/share/ansible/collections
executable location = /home/chusiang/.local/bin/ansible
python version = 3.10.6 (main, Nov 2 2022, 18:53:38) [GCC 11.3.0]
jinja version = 3.0.3
libyaml = True
Pip versions of ansible.
[ [email protected] ~ ]
$ pip list | grep -i ansible
ansible 5.10.0
ansible-core 2.12.10
ansible-inventory-to-ssh-config 1.0.1
ansible-lint 3.5.1
Enjoy it.
Upvotes: 0
Reputation: 1
The problem is that you propably have awx installed on docker and he dont have that galaxy package do this :
1. go to main server
> docker images
find smt like this
ansible/awx 17.1.0 {here_id_of_image} 16 months ago 1.41GB
2. connect to that docker image
> docker run -it {here_id_of_image} bash
3. Run command to install pkg
> ansible-galaxy collection install ansible.posix
Done now run your playbook
Upvotes: 0
Reputation: 59
if you have your playbook vars like this
---
- hosts: testbench
vars:
ansible_python_interpreter: /usr/bin/python3
then your firewall task should be like this
- name: open ports
ansible.posix.firewalld:
permanent: true
immediate: true
port: "{{item}}/tcp"
state: enabled
become: true
vars:
ansible_python_interpreter: /usr/bin/python
with_items:
- tcp-port-1
- tcp-port-2
- tcp-port-3
Upvotes: 3
Reputation: 2823
ansible.posix.firewalld depends on the python firewalld bindings which are missing for the python version ansible is running under.
See https://bugzilla.redhat.com/show_bug.cgi?id=2091931 for a similar problem on systems using the EPEL8 ansible package, where the python3-firewall package is built against python 3.6 but ansible is using python 3.8.
ansible --version or head -1 $(which ansible) will tell you what version of Python ansible uses.
On redhat systems, dnf repoquery -l python3-firewall will tell you what version of Python python3-firewall is built against.
The solution is to install the appropriate python-firewalld package for your OS that matches the version of python ansible is using, if one exists.
If a compatible python-firewalld package does not exist, you can configure ansible to use a different version of python by setting the ansible_python_interpreter variable or the interpreter_python ansible.cfg setting (see https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html).
Upvotes: 4
Related Questions
- How to open firewall port with ansible firewalld task on Centos 7
- How to run ansible module in python
- Ansible script: python: ModuleNotFoundError
- Ansible Firewalld Module Not Found
- Ansible not able to find python module
- Ansible doesn't see an installed Python module
- Unable to stop and disable firewalld using Ansible
- Import error when running an Ansible Playbook with a Python module
- Ansible: How to Whitelist IPs using firewalld module?
- Ansible and Fedora23 - "firewalld required for this module"