Comment 22 for bug 1204579
Revision history for this message
| Raynald de Lahondès (raynald) wrote | #22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
ufw does not support rule removal. For a particular project (a task queue on a cloud adhoc HPC cluster), I have had the occasion to test it in a relatively massive parallel rate (20 concurrent uses). I have experienced:
- nice behaviour when adding rules,
- bad behaviour when removing rules.
I was triggering ufw with ansible parallel playbooks execution.
When removing rules the defect rate was high (as soon as more than two playbooks were launched together, some of the rules were not deleted). In that case, ufw fails silently, which is quite bad.
As a counter measure I used task-spooler (apt install task-spooler) I changed my ansible task from:
```yaml
community.
from_ip: "{{ hostvars[
rule: allow
delete: yes
```
to
```yaml
ansible.
cmd: /usr/bin/tsp /usr/sbin/ufw delete allow from "{{ hostvars[
become: true
```
This solved the issue.