playbook 동일한 구문에 변수값만 변경하면서 넣으려면
with_items를 쓰면된다.
iptables 정책을 넣기위한 yml 예제는 다음과 같다
---
- name: iptables add
hosts: 10.128.0.37
gather_facts: false
become: yes
vars:
ansible_become_password: "Dlatldkagh1!"
tasks:
- name : 'add iptables dport {{ item.port }}'
iptables:
chain: INPUT
source: '{{ item.addhost }}'
protocol: '{{ item.proto }}'
destination_port: '{{ item.port }}'
ctstate: NEW
jump: '{{ item.jump }}'
with_items:
- { addhost: '1.1.1.1', jump: 'ACCEPT', proto: 'tcp', port: '88' }
- { addhost: '2.2.2.2', jump: 'ACCEPT', proto: 'tcp', port: '3389' }
- { addhost: '3.3.3.3', jump: 'ACCEPT', proto: 'udp', port: '443' }
- { addhost: '4.4.4.4', jump: 'ACCEPT', proto: 'tcp', port: '389' }
- { addhost: '5.5.5.5', jump: 'ACCEPT', proto: 'udp', port: '22' }
- name: print iptables -nL
become: yes
vars:
ansible_become_password: "Dlatldkagh1!"
shell: iptables -nL
register: print_iptables
- name: show iptables -nL
debug:
msg: '{{ print_iptables.stdout_lines}}'
iptables 관련 playbook 문법 참조:
https://docs.ansible.com/ansible/2.9/modules/iptables_module.html
반응형
댓글