Hey Kathy,
I've been trying to reproduce the problem without success. However, I
think you've got one level of indirection too many going on. You have
iptables_directory:
CentOS: "/etc/sysconfig"
Fedora: "/etc/sysconfig"
Rocky: "/etc/sysconfig"
Debian: "/etc/iptables"
Ubuntu: "/etc/iptables"
iptables_v4_rules:
CentOS: "{{ iptables_directory[ansible_distribution] }}/iptables"
Fedora: "{{ iptables_directory[ansible_distribution] }}/iptables"
Rocky: "{{ iptables_directory[ansible_distribution] }}/iptables"
Debian: "{{ iptables_directory[ansible_distribution] }}/rules.v4"
Ubuntu: "{{ iptables_directory[ansible_distribution] }}/rules.v4"
(I added "Fedora" because that's what I'm testing on; otherwise this
doesn't work at all.)
But, surly, the iptables_v4_rules['Rocky'] value is not going to change
if I'm running on "Debian"? The way its written, if I'm on a Debian
host, all of the iptables_v4_rules values will be "/etc/iptables/rules.v4".
I think what it should be is this:
iptables_directory:
CentOS: "/etc/sysconfig"
Fedora: "/etc/sysconfig"
Rocky: "/etc/sysconfig"
Debian: "/etc/iptables"
Ubuntu: "/etc/iptables"
iptables_v4_rules:
CentOS: "{{ iptables_directory['CentOS'] }}/iptables"
Fedora: "{{ iptables_directory['Fedora'] }}/iptables"
Rocky: "{{ iptables_directory['Rocky'] }}/iptables"
Debian: "{{ iptables_directory['Debian'] }}/rules.v4"
Ubuntu: "{{ iptables_directory['Ubuntu'] }}/rules.v4"
In any case, it looks like somehow you've tricked the "lazy evaluation"
engine to be even more lazy than it's supposed to be, because it looks
like it isn't resolving the templates in the values. Not sure how you've
managed that, but I'd really like to know!
Hope this helps. Cheers,
--
Todd
On 2/13/24 8:22 AM, Kathy L wrote:
I've been working this issue for a week now. The code used to work
perfectly and now it fails. Here is the error I get:
The task includes an option with an undefined variable. The error was:
{'CentOS': '{{ iptables_directory[ansible_distribution] }}/iptables',
'Rocky': '{{ iptables_directory[ansible_distribution] }}/iptables',
'Debian': '{{ iptables_directory[ansible_distribution] }}/rules.v4',
'Ubuntu': '{{ iptables_directory[ansible_distribution] }}/rules.v4'}:
'dict object' has no attribute 'Debian'. 'dict object' has no
attribute 'Debian'.
The error appears to be in '/work/armory/roles/xxx/tasks/xxx.yml':
line 266, column 3, but may be elsewhere in the file depending on the
exact syntax problem.
The offending line appears to be:
- name: Save new iptables - IPv4
^ here
-------------------------------------------------------------------------------
This is the ansible task I have:
- name: Save new iptables - IPv4
shell: "{{ iptables_save }} > {{
iptables_v4_rules[ansible_distribution] }}"
when: firewall == "iptables"
And in my default.yml file I have:
iptables_directory:
CentOS: "/etc/sysconfig"
Rocky: "/etc/sysconfig"
Debian: "/etc/iptables"
Ubuntu: "/etc/iptables"
iptables_v4_rules:
CentOS: "{{ iptables_directory[ansible_distribution] }}/iptables"
Rocky: "{{ iptables_directory[ansible_distribution] }}/iptables"
Debian: "{{ iptables_directory[ansible_distribution] }}/rules.v4"
Ubuntu: "{{ iptables_directory[ansible_distribution] }}/rules.v4"
-------------------------------------------------------------
I get a similar error when I target CentOS 9.
ansible-core 2.14.3
python 3.11.2
jinja version = 3.1.2
default.yml is being read in as I refer to other variables in the same
file. Can anyone see an error that I've missed?
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/2b5899b2-0215-421a-a400-46a083014a62%40gmail.com.
