我正在尝试将iptable规则应用于一组主机,在此我希望所有端口都为特定组中的主机打开。 但是我无法在生产环境中为所有主机一起运行此配方。所以我正在使用--limit标志来运行剧本。 但是它失败并给出以下错误:
fatal: [test-vm1]: FAILED! => {"changed": false, "msg": "AnsibleUndefinedVariable: 'ansible.vars.hostvars.HostVarsVars object' has no attribute 'ansible_default_ipv4'"}
库存文件
[all]
test-vm1 ansible_ssh_host=10.x.x.x
test-vm2 ansible_ssh_host=10.x.x.x
test-vm3 ansible_ssh_host=10.x.x.x
my-playbook.yml
- hosts: all
become: yes
gather_facts: yes
roles:
- iptables
rules-list.j2
#Allow communication within hosts in a group
{% for host in groups['all'] %}
iptables -A INPUT -s {{ hostvars[host]['ansible_default_ipv4']['address'] }} -j ACCEPT
{% endfor %}
角色/iptables/tasks/main.yml
- name: Prepare iptables rules
template: dest='/etc/sysconfig/iptable-config' src=rules-list.j2 owner=root group=root mode=0744
notify: save iptables rules
我要运行的命令是-
ansible-playbook -i inventory-file my-playbook.yml --limit test-vm1
如果我在没有限制标志的情况下运行上述命令,则它可以正常运行而不会失败。
ansible-playbook -i inventory-file my-playbook.yml
答案 0 :(得分:1)
我认为您的模板在//Monthly Marketing Cost Report
$.get('/dashboard/costs', function(data){
$.each(data,function(i,value){
var leads = $('#leads');
var budget_total_year = $('#fyc');
var budget_total_month = $('#soc');
var budget_per_lead = $('#cpl');
leads.append('<td>' + value.olxTotal + '</td>');
budget_total_year.append('<td>' + value.budget_total_year + '</td>');
budget_total_month.append('<td>' + value.budget_total_month + '</td>');
budget_per_lead.append('<td>' + value.budget_per_lead + '</td>');
})
})
个主机上循环,其中包括所有主机,而不仅仅是有限的主机。
而且由于您限于某些主机,ansible不会收集其余主机的事实,并且您的模板无法找到其余主机的ipv4。
您尝试过groups[all]还是ansible_play_batch吗?
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html