Debian Question posted in
The oficial documentation can be found here.

python module firewall not found – Debian

  • computer run ansible-playbook: MacBook, with python 3.9
  • target machine: Debian 10 with python2.7.16 and python3.7.3

When I tried to open port in firewall:

- name: Open port 80 for http access
firewalld:
  service: http
  permanent: true
  state: enabled

I got error:

fatal: [virtual_server]: FAILED! => {"changed": false, "msg": "Python
Module not found: firewalld and its python module are required for
this module, version 0.2.11 or newer required
(0.3.9 or newer for offline operations)"}

I also tried to use ansible.posix.firewall, with ansible-galaxy collection install ansible.posix on macbook, and use ansible.posix.firewall, still got this error.

Can anybody tell me what is wrong?

Tags:

4

Answers


  1. 0

    ansible.posix.firewalld depends on the python firewalld bindings which are missing for the python version ansible is running under.

    See https://bugzilla.redhat.com/show_bug.cgi?id=2091931 for a similar problem on systems using the EPEL8 ansible package, where the python3-firewall package is built against python 3.6 but ansible is using python 3.8.

    ansible --version or head -1 $(which ansible) will tell you what version of Python ansible uses.

    On redhat systems, dnf repoquery -l python3-firewall will tell you what version of Python python3-firewall is built against.

    The solution is to install the appropriate python-firewalld package for your OS that matches the version of python ansible is using, if one exists.

    If a compatible python-firewalld package does not exist, you can configure ansible to use a different version of python by setting the ansible_python_interpreter variable or the interpreter_python ansible.cfg setting (see https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html).

    Login or Signup to reply.
  2. 0

    if you have your playbook vars like this

    ---
- hosts: testbench
  vars:
    ansible_python_interpreter: /usr/bin/python3

    then your firewall task should be like this

    - name: open ports
  ansible.posix.firewalld:
      permanent: true
        immediate: true
        port: "{{item}}/tcp"
        state: enabled
      become: true
      vars:
        ansible_python_interpreter: /usr/bin/python
      with_items:
        - tcp-port-1
        - tcp-port-2
        - tcp-port-3
    Login or Signup to reply.
  3. 0

    The problem is that you propably have awx installed on docker and he dont have that galaxy package do this :

    1. go to main server

     > docker images

    find smt like this

    ansible/awx    17.1.0    {here_id_of_image}   16 months ago    1.41GB

    2. connect to that docker image

    > docker run -it {here_id_of_image} bash

    3. Run command to install pkg

    > ansible-galaxy collection install ansible.posix

    Done now run your playbook

    Login or Signup to reply.
  4. 0

    I have fixed this problem by switch ansible_connection mode from paramiko to ssh on Ansible 5.10.0 x Ubuntu 22.04 .

    My changes.

      [ [email protected] ~ ]
  $ vim ansible-pipeline.cfg
  [defaults]
- ansible_connection = paramiko
- transport = paramiko
+ ansible_connection = ssh
+ transport = ssh

    Ansible version.

    [ [email protected] ~ ]
$ ansible --version
ansible [core 2.12.10]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/chusiang/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/chusiang/.local/lib/python3.10/site-packages/ansible
  ansible collection location = /home/chusiang/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/chusiang/.local/bin/ansible
  python version = 3.10.6 (main, Nov  2 2022, 18:53:38) [GCC 11.3.0]
  jinja version = 3.0.3
  libyaml = True

    Pip versions of ansible.

    [ [email protected] ~ ]
$ pip list | grep -i ansible
ansible                         5.10.0
ansible-core                    2.12.10
ansible-inventory-to-ssh-config 1.0.1
ansible-lint                    3.5.1

    Enjoy it.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search