lookup inside another dictionary

14 views
Skip to first unread message

Reza Azimi

unread,
Feb 13, 2019, 11:30:33 PM2/13/19
to Ansible Project
Hi,

I have this playbook:



---
- hosts: localhost
  connection: local
  gather_facts: False
  vars_files:
    - nsxanswer.yml
    - "firewall-rules.yml"
  tasks:
  - name: Add multiple firewall rules
    nsx_edge_firewall:
        nsxmanager_spec: "{{ nsxmanager_spec }}"
        mode: "create"
        edge_id: '{{ edge_id }}'
        global_config:
          tcpPickOngoingConnections: true
          dropInvalidTraffic: false
          tcpTimeoutEstablished: 3600
          enableSynFloodProtection: true
        default_action: reject
        rules: '{{ fwRules }}'






Also this is a my firewall-rules file:

fwRules:
          -
            name: "Allow windows updates"
            ruleType: user
            enabled: true
            loggingEnabled: false
            action: accept
            source:
              vnicGroupId: internal
            destination:
              groupingObjectId: "{{ lookup(vars,'mysource') }}"
            service:
              -
                 protocol: tcp
                 dstPort: 135
                 srcPort: any
              -
                 protocol: udp
                 dstPort: "137-138"
                 srcPort: any
              -
                 protocol: tcp
                 dstPort: 139
                 srcPort: any
              -
                 protocol: tcp
                 dstPort: 445
                 srcPort: any



But i can't get this working as i get this error:

TASK [Add multiple firewall rules] **************************************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while templating '[{u'ruleType': u'user', u'name': u'Allow windows updates', u'service': [{u'protocol': u'tcp', u'dstPort': 135, u'srcPort': u'any'}, {u'protocol': u'udp', u'dstPort': u'137-138', u'srcPort': u'any'}, {u'protocol': u'tcp', u'dstPort': 139, u'srcPort': u'any'}, {u'protocol': u'tcp', u'dstPort': 445, u'srcPort': u'any'}], u'loggingEnabled': False, u'destination': {u'groupingObjectId': u\"{{ lookup(vars,'mysource') }}\"}, u'enabled': True, u'source': {u'vnicGroupId': u'internal'}, u'action': u'accept'}]'. Error was a <type 'exceptions.AttributeError'>, original message: 'dict' object has no attribute 'lower'"}
        to retry, use: --limit @/etc/ansible/vcd/edg-fw.retry



What i need to do is lookup to go and find mysource variable form another file but it doesn't work

Can anyone see what is the problem here/T
Thanks


Reply all
Reply to author
Forward
0 new messages