mitogen 0.3.x: async with community.general.iptables_state does't workΒ #1343
Description
Hi, I have a reproducible issue where async execution does not work with the community.general.iptables_state module when using Mitogen.
Expected:
Rollback in case of access loss:
rollback iptables rules from backup file on the host
on the controller we see msg: " Failed to confirm state restored from /tmp/iptables.apply after 30s. Firewall has been rolled back to its initial state."
Actual:
There's no rollback:
the session is closed on the host after timeout
on the controller we see the error "ssh: connect to host 192.168.1.2 port 22: Connection refused"
code:
Module: iptables_state.py
Action plugin: iptables_state.py
controller_versions:
os: ubuntu 22.04.5
ansible: 2.16.14
python: 3.10.12
mitogen: 0.3.29
host_versions:
os: ubuntu 20.04.6
python: 3.8.10
ansible.cfg
[defaults]
gathering = smart
interpreter_python = /usr/bin/python3
timeout = 30
host_key_checking = false
[ssh_connection]
ssh_args =
-o ControlMaster=auto
-o ControlPersist=60s
-o PreferredAuthentications=publickey,password
-o StrictHostKeyChecking=no
pipelining = truerequirements-pip.txt
ansible-core>=2.16.0,<2.17
ansible-compat>=24.8.0,<25.0
mitogen>=0.3.7,<0.4
requirements-galaxy.yaml
---
collections:
- name: community.general
version: 6.5.0
source: https://galaxy.ansible.comtest playbook:
---
- name: test
tasks:
- name: create firewall file
ansible.builtin.copy:
dest: /tmp/iptables.apply
content: |
*filter
-D INPUT -p tcp --dport 22 -j ACCEPT -m comment --comment "ansible: 040 allow ssh"
-A INPUT -p tcp --dport 22 -j REJECT -m comment --comment "ansible: 040 reject ssh"
COMMIT
- name: apply firewall file
community.general.iptables_state:
state: restored
path: "/tmp/iptables.apply"
noflush: true
async: "{{ ansible_timeout }}"
poll: 0logs:
Controller mitogen log: ansible_mitogen.log
Host mitogen log: host_mitogen.log
Controller linear log: ansible_linear.log
Host linear log: host_linear.log