Hello A Manzer and thank you for your suggesion,
I tried to remove the quotes but no more success...
root@srv-eldpupet-02 manifests]# cat site.pp
node 'centos7-dev01.xxx.local' { # Applies only to mentioned node; if
nothing mentioned, applies to all.
include snmp
include firewalld
include 'add_user'
firewalld_service { 'Close dhcpv6-client':
ensure => 'present',
service => 'dhcpv6-client',
zone => 'public',
}
firewalld_port { 'Open port 161 in the public zone':
ensure => 'present',
zone => 'public',
port => 161,
protocol => 'udp',
}
The output on the node:
[root@centos7-dev01 ~]# puppet agent -tv
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Info: Caching catalog for centos7-dev01.xxxx.local
Info: Applying configuration version '1567171673'
/opt/puppetlabs/puppet/cache/lib/puppet/type/firewalld_zone.rb:148: warning:
key :port is duplicated and overwritten on line 150
Info: Redefining firewalld_service in Puppet::Type
Info: Redefining firewalld_port in Puppet::Type
Error: /Stage[main]/Main/Node[centos7-dev01.xxx.local]/Firewalld_port[Open
port 161 in the public zone]: Could not evaluate: no implicit conversion of
String into Integer
Notice: /Stage[main]/Firewalld/Exec[firewalld::reload]: Dependency
Firewalld_port[Open port 161 in the public zone] has failures: true
Warning: /Stage[main]/Firewalld/Exec[firewalld::reload]: Skipping because
of failed dependencies
Notice: Applied catalog in 1.10 seconds
[root@centos7-dev01 ~]#
Again the message about conversion of String into Integer...
I followed the syntax given in the documentation...
Thanks again !
Le mercredi 28 août 2019 22:34:45 UTC+2, Jean Berthold a écrit :
>
> Hello everyone,
>
> ’m currently learning about Puppet and I can’t see where is the error in
> my configuration…
>
>
> I tested The following module to manage the CentOS firewall, firewalld.
>
> I
>
>
>
> Ok, following the instructions in the webpage:
> https://forge.puppet.com/crayfishx/firewalld
>
>
>
> I installed themodule on the server (without special configuration)
>
> I included the following configuration on my node :
>
>
>
> *[root@srv-eldpupet-02 manifests]# cat site.pp*
>
> *node 'centos7-dev01.xxxx.local' { # Applies only to mentioned node; if
> nothing mentioned, applies to all.*
>
> *include snmp*
>
> *include firewalld*
>
>
>
> *firewalld_service { 'Close dhcpv6-client':*
>
> * ensure => 'absent',*
>
> * service => 'dhcpv6-client',*
>
> * zone => 'public',*
>
> *}*
>
> *[root@srv-eldpupet-02 manifests]#*
>
>
>
> This configuration works correctly, the snmp service/package and the
> firewalld service/package are installed.
>
> And the service « dhcpv6-client is deactivated correctly, so the
> firewalld_service function correctly.
>
>
>
> Now, following the documentation, if I try to use the « firewall_port »
> instruction, I have the following error on the client and the configuration
> defined for firewalld_port is not applied :
>
>
>
> è *Don’t work !!!*
>
>
>
> *firewalld_port { 'Open port 161 in the public zone':*
>
> * ensure => 'present',*
>
> * zone => 'public',*
>
> * port => '161',*
>
> * protocol => 'tcp',*
>
> *}*
>
>
>
> è (Ffor opening the port dedicated to snmp…)
>
>
>
>
>
> With this configuration, I have the following error on my client :
>
>
>
> *[root@centos7-dev01 ~]# puppet agent -tv*
>
> *Info: Using configured environment 'production'*
>
> *Info: Retrieving pluginfacts*
>
> *Info: Retrieving plugin*
>
> *Info: Retrieving locales*
>
> *Info: Loading facts*
>
> *Info: Caching catalog for centos7-dev01.eldora.local*
>
> *Info: Applying configuration version '1566830315'*
>
> */opt/puppetlabs/puppet/cache/lib/puppet/type/firewalld_zone.rb:148:
> warning: key :port is duplicated and overwritten on line 150*
>
> *Info: Redefining firewalld_service in Puppet::Type*
>
> *Info: Redefining firewalld_port in Puppet::Type*
>
> *Error: Execution of '/usr/bin/firewall-cmd --permanent --zone public
> --add-port /' returned 102: Error: INVALID_PORT*
>
> *Error:
> /Stage[main]/Main/Node[centos7-dev01.eldora.local]/Firewalld_port[Open port
> 161 in the public zone]/ensure: change from 'absent' to 'present' failed:
> Execution of '/usr/bin/firewall-cmd --permanent --zone public --add-port /'
> returned 102: Error: INVALID_PORT*
>
> *Notice: /Stage[main]/Firewalld/Exec[firewalld::reload]: Dependency
> Firewalld_port[Open port 161 in the public zone] has failures: true*
>
> *Warning: /Stage[main]/Firewalld/Exec[firewalld::reload]: Skipping because
> of failed dependencies*
>
> *Notice: Applied catalog in 1.85 seconds*
>
> *[root@centos7-dev01 ~]#*
>
>
>
>
>
> When the « *firewalld_service »* instruction works without more
> configuration, the « firewall_port » instruction fail due to « failed
> dependencies »…
>
> I’m sure this is a newbie question… but I don’t find any documentation
> about that error !
>
>
>
> When I try to open the port by command line, no problem:
>
>
>
> *[root@centos7-dev01 ~]# firewall-cmd --zone=public --add-port=161/udp
> --permanent*
>
> *success*
>
> *[root@centos7-dev01 ~]# firewall-cmd --zone=public --add-port=161/tcp
> --permanent*
>
> *success*
>
> *[root@centos7-dev01 ~]#*
>
>
>
> Is there something to configure in the module itself before using
> « firewalld_port » instruction ?
>
>
>
> By advance, thanks for your help and have a nice day !
>
>
>
> Jean
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/782b0f68-6dbb-4606-9661-dd3c9a131fef%40googlegroups.com.
