skip to Main Content
  • computer run ansible-playbook: MacBook, with python 3.9
  • target machine: Debian 10 with python2.7.16 and python3.7.3

When I tried to open port in firewall:

- name: Open port 80 for http access
  service: http
  permanent: true
  state: enabled

I got error:

fatal: [virtual_server]: FAILED! => {"changed": false, "msg": "Python
Module not found: firewalld and its python module are required for
this module, version 0.2.11 or newer required
(0.3.9 or newer for offline operations)"}

I also tried to use ansible.posix.firewall, with ansible-galaxy collection install ansible.posix on macbook, and use ansible.posix.firewall, still got this error.

Can anybody tell me what is wrong?



  1. ansible.posix.firewalld depends on the python firewalld bindings which are missing for the python version ansible is running under.

    See for a similar problem on systems using the EPEL8 ansible package, where the python3-firewall package is built against python 3.6 but ansible is using python 3.8.

    ansible --version or head -1 $(which ansible) will tell you what version of Python ansible uses.

    On redhat systems, dnf repoquery -l python3-firewall will tell you what version of Python python3-firewall is built against.

    The solution is to install the appropriate python-firewalld package for your OS that matches the version of python ansible is using, if one exists.

    If a compatible python-firewalld package does not exist, you can configure ansible to use a different version of python by setting the ansible_python_interpreter variable or the interpreter_python ansible.cfg setting (see

    Login or Signup to reply.
  2. if you have your playbook vars like this

    - hosts: testbench
        ansible_python_interpreter: /usr/bin/python3

    then your firewall task should be like this

    - name: open ports
          permanent: true
            immediate: true
            port: "{{item}}/tcp"
            state: enabled
          become: true
            ansible_python_interpreter: /usr/bin/python
            - tcp-port-1
            - tcp-port-2
            - tcp-port-3
    Login or Signup to reply.
  3. The problem is that you propably have awx installed on docker and he dont have that galaxy package do this :

    1. go to main server

     > docker images

    find smt like this

    ansible/awx    17.1.0    {here_id_of_image}   16 months ago    1.41GB

    2. connect to that docker image

    > docker run -it {here_id_of_image} bash

    3. Run command to install pkg

    > ansible-galaxy collection install ansible.posix

    Done now run your playbook

    Login or Signup to reply.
  4. I have fixed this problem by switch ansible_connection mode from paramiko to ssh on Ansible 5.10.0 x Ubuntu 22.04 .

    My changes.

      [ [email protected] ~ ]
      $ vim ansible-pipeline.cfg
    - ansible_connection = paramiko
    - transport = paramiko
    + ansible_connection = ssh
    + transport = ssh

    Ansible version.

    [ [email protected] ~ ]
    $ ansible --version
    ansible [core 2.12.10]
      config file = /etc/ansible/ansible.cfg
      configured module search path = ['/home/chusiang/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
      ansible python module location = /home/chusiang/.local/lib/python3.10/site-packages/ansible
      ansible collection location = /home/chusiang/.ansible/collections:/usr/share/ansible/collections
      executable location = /home/chusiang/.local/bin/ansible
      python version = 3.10.6 (main, Nov  2 2022, 18:53:38) [GCC 11.3.0]
      jinja version = 3.0.3
      libyaml = True

    Pip versions of ansible.

    [ [email protected] ~ ]
    $ pip list | grep -i ansible
    ansible                         5.10.0
    ansible-core                    2.12.10
    ansible-inventory-to-ssh-config 1.0.1
    ansible-lint                    3.5.1

    Enjoy it.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top