The task is to write a playbook to move interfaces to other zones, but when the firewalld daemon is restarted, the interface returns to the standard zone. Perhaps this is due to the configuration of NetworkManager, but the solutions that I found on the Internet do not satisfy the task. Also, the main difficulty is that when designing a playbook, you cannot use the shell plugin.
If you have any thoughts about solving this problem, write.
Linux Distribution - RedOs (I from Russia :) )
That my playbook:
############## NAT CONFIGURATION ##############
---
- name: NAT CONFIGURATION
hosts: RTR1
become: yes
become_user: root
become_method: sudo
tasks:
############## FIREWALLD ######################
- name: firewalld installing
yum:
name: firewalld
state: latest
- name: firewalld enable and start
service:
name: firewalld
enabled: true
state: started
- name: Interfaces
firewalld:
zone: public
interface: ens33
state: disabled
permanent: true
immediate: true
firewalld:
zone: internal
interface: ens36
state: enabled
permanent: true
immediate: true
firewalld:
zone: external
interface: ens33
state: enabled
permanent: true
immediate: true
- name: protocols Internal
firewalld:
zone: internal
service: "{{ item }}"
state: enabled
permanent: true
immediate: true
with_items:
- ssh
- mysql
- dns
- name: protocols External
firewalld:
zone: external
service: "{{ item }}"
state: enabled
permanent: true
immediate: true
with_items:
- ssh
- mysql
- http
- https
- dns
- name: save and reload
service:
name: firewalld
state: reloaded