internet/ansible-collections-openstack
3
0
Fork 0
mirror of https://opendev.org/openstack/ansible-collections-openstack.git synced 2026-03-27 14:03:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: internet:1.5.1-2
Branches Tags
internet:master internet:stable/1.0.0 internet:experimental
internet:2.5.0 internet:2.4.1 internet:2.4.0 internet:2.3.3 internet:2.3.2 internet:2.3.1 internet:2.3.0 internet:2.2.0 internet:2.1.0 internet:2.0.0 internet:1.10.0 internet:1.9.1 internet:1.9.0 internet:1.8.0 internet:1.7.2 internet:1.7.1 internet:1.7.0 internet:1.6.0 internet:1.5.3 internet:1.5.2 internet:1.5.1 internet:1.5.1-3 internet:1.5.1-2 internet:1.5.1-1 internet:1.5.0-1 internet:1.5.0 internet:1.4.0 internet:1.3.0 internet:1.2.1 internet:1.2.0 internet:1.1.0 internet:1.0.1 internet:1.0.0
...
compare: internet:1.7.2
Branches Tags
internet:master internet:stable/1.0.0 internet:experimental
internet:2.5.0 internet:2.4.1 internet:2.4.0 internet:2.3.3 internet:2.3.2 internet:2.3.1 internet:2.3.0 internet:2.2.0 internet:2.1.0 internet:2.0.0 internet:1.10.0 internet:1.9.1 internet:1.9.0 internet:1.8.0 internet:1.7.2 internet:1.7.1 internet:1.7.0 internet:1.6.0 internet:1.5.3 internet:1.5.2 internet:1.5.1 internet:1.5.1-3 internet:1.5.1-2 internet:1.5.1-1 internet:1.5.0-1 internet:1.5.0 internet:1.4.0 internet:1.3.0 internet:1.2.1 internet:1.2.0 internet:1.1.0 internet:1.0.1 internet:1.0.0

68 Commits
1.5.1-2 ... 1.7.2

Author SHA1 Message Date
Jakob Meng
bf939a4ce0 Release 1.7.2 version 
Primary reason for this new release is to fix the mess we did yesterday
when we accidentially merged release 1.7.1 and all changes from the
stable branch into the master branch. This release 1.7.2 does not really
change anything except fixing the guidelines.

Change-Id: I1ad23bd36746a180f8851df294df4e01213bdf2f
 2022-03-10 11:43:44 +01:00
Jakob Meng
24d6f36602 Release 1.7.1 version 
Change-Id: I958ba6890a54c59e0ccdb9249d959c745acfb8e9
(cherry picked from commit b640e6207c)
 2022-03-10 08:47:36 +00:00
Sagi Shnaidman
dd9cdde3d8 Fix docs for openstack fragment 
Change-Id: I7fef01dbd11137e26d3ff0bd0088dc405559b272
 2022-03-09 20:33:32 +00:00
Zuul
da4a68c188 Merge "Remove new SDK job from stable/1.0.0 CI" into stable/1.0.0 2022-03-09 17:45:08 +00:00
Zuul
a7a190f3c0 Merge "Fix inventory plugin doc for new ansible" into stable/1.0.0 2022-03-09 17:45:07 +00:00
Sagi Shnaidman
ce73c9db34 Remove new SDK job from stable/1.0.0 CI 
Change-Id: I04b45ec3dea19f3223929237cdbae702886a9982
 2022-03-09 18:54:28 +02:00
Jan Weiher
0e102b1411 [LB] Add support for setting monitor_address 
Change-Id: I4897c6343813519859bd19fa162829fe2a6dc573
(cherry picked from commit 37a51ec6ad)
 2022-03-09 14:06:29 +00:00
Sagi Shnaidman
9f58d54721 Fix inventory plugin doc for new ansible 
Change-Id: I8bd8767d2ac0117e03c9b23882494d45847b15cf
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
(cherry picked from commit 3c7a8f39a2)
 2022-03-09 14:06:03 +00:00
Sagi Shnaidman
79d7827d17 Run jobs on stable branch 
Disable temporarly train job since it fails.
Change-Id: I012b03fd8c9158a2280691f00304e5f013f045f6
 2022-02-23 23:07:02 +02:00
Piotr Parczewski
ba9aa9967f Fix os_quota docs 
Change-Id: Ic2717669d0e9e8bb48bb7ed81fd5f5f55928fa55
 2022-02-16 14:48:52 +02:00
Sagi Shnaidman
617e8fb552 Release 1.7.0 version 
Change-Id: Ic09e1bb4b072c79de8af6036afae5f99f63042c0
 2022-02-15 12:56:31 +02:00
Sagi Shnaidman
5abf89d805 Add CentOS 9 wallaby and master 
Change-Id: I7cf0014ea51cb42daa039d435fe65a58de35f4ff
 2022-02-15 11:50:59 +02:00
Sagi Shnaidman
0599d05103 Add CentOS 9 tripleo job 
Change-Id: Id7e6836e228ae9874e71b61c1cacaf4e10d3bda7
 2022-02-14 18:42:00 +02:00
Zuul
9c28af7d12 Merge "Adds use_name variable" 2022-02-13 12:09:57 +00:00
Alex Hussey
bcb5d18492 Adds use_name variable 
This commit adds the ability to specify whether the ansible_host and
ansible_ssh_host variables should use 'name' inplace of 'interface_ip'.

The primary use case for this, is if you want to access hosts using
the instance name defined in OpenStack instead of the floating IP.
This is usually when using a jump/bastion host.

Implements: use_names
Change-Id: I809cca0f27f16b37cb9c1c18121f468ccf5c805c
 2022-02-10 21:44:38 +11:00
Sagi Shnaidman
7aa626377b Remove project properties tests and support 
Keystone project doesn't have project "properties" documented and
discourage users to use them. Remove support for this feature and
tests for it. It was removed from new SDK as well.

Change-Id: I2e47ade56c3df5945e991d11d70f429760c0d852
 2022-02-10 12:05:17 +02:00
Harald Jensås
0a7889b9a2 Add openstack.cloud.baremetal_port module 
Create, Update, Remove ironic ports from OpenStack.

NOTE: Does not support 'is_smart_nic', afict this is
      not implemented in openstacksdk.

Change-Id: I6d9519988e98b10d0f7bd19b1387fb1f3b657046
 2022-02-09 23:41:19 +01:00
Harald Jensås
a1b920742f Add openstack.cloud.baremetal_port_info module 
Retrieve information about Bare Metal ports from OpenStack

NOTE: Does not support 'is_smart_nic', afict this is
      not implemented in openstacksdk.

Change-Id: I1d57ab976ac3b4c5552b9b21db7e90e25fd71764
 2022-02-09 14:23:01 +01:00
Zuul
bd55e1f905 Merge "Add openstack.cloud.baremetal_node_info" 2022-02-09 09:48:57 +00:00
Harald Jensås
20329c0329 Add openstack.cloud.baremetal_node_info 
Add module baremetal_node_info / os_ironic_info.
Retrieve information about Bare Metal nodes from OpenStack

Change-Id: I597a66b817bb6b53ecad7503e44f6818aec031a2
 2022-02-03 20:23:13 +01:00
Sagi Shnaidman
bdf472a53f Move identity domain to use proxy layer 
Make it compatible with new SDK and fix bug with "enabled"

Change-Id: I1f577fae27c24c257571d1cf90e49527470edace
 2022-02-02 19:35:37 +02:00
Sagi Shnaidman
b7fb23b097 Add zuul artifact 
Change-Id: I01a4b1bf8347461f47316f8b9e3571262cb080cc
 2022-01-30 20:42:17 +02:00
Sagi Shnaidman
6ed02eff2d Write tests log to a separate file 
Change-Id: I18649c24cb048c4ef5dbab85272975dad7584cd1
 2022-01-27 15:53:38 +02:00
Zuul
cb396cf03d Merge "Add dns_[name,domain] to the port module" 2022-01-26 12:56:10 +00:00
hamza alqtaishat
20c2633ea3 Add dns_[name,domain] to the port module 
The dns-integration extension adds the dns_name and dns_domain attributes
with this change updated/set operations can be done on those attributes

Change-Id: I4bb0f8692dec3fba5ab50f07571029f374761a5b
 2022-01-25 22:51:38 +00:00
Sagi Shnaidman
6569e07023 Add new SDK job non-voting 
Change-Id: I9cb89573cb0b6c206016c44b1261971586a57105
 2022-01-25 21:00:51 +02:00
Sagi Shnaidman
031475d42e Fix CI for new openstack SDK 
Change-Id: I14ced5861cac0656f8b2096a166a45f770d2bf35
 2022-01-25 12:39:31 +02:00
Ivan ROGER
5e2ab3d8c3 Fix identity user lookup with a domain 
Task: 44308
Story: 2009790
Change-Id: I3bc99ebdf8bc915d7b1ae5e98230058a3f43223f
 2022-01-18 15:39:32 +01:00
Sagi Shnaidman
f3b12fed68 Release 1.6.0 version 
Change-Id: Ia93e0c9ad892cafabfa43de1578800c099cb5804
 2022-01-13 14:46:19 +02:00
Zuul
39a627d4a0 Merge "Add Neutron RBAC modules" 2022-01-12 11:13:53 +00:00
hamza alqtaishat
4eb7c43539 Add compute services list module 
The module retrieve the nova compute services info
filters by
 * host
 * binary ( nova-compute, nova-conductor, ... )

Closes-Bug: 2009775
Change-Id: I0f9cac27a7a91727ba1d005e04431e8f83c46fa8
 2022-01-11 17:14:54 +00:00
Ashraf Hasson
8c6d1041fa Add Neutron RBAC modules 
Change-Id: Ibaff06561055c5cd024abb789dae075dd7871f08
 2022-01-11 11:59:58 -05:00
Zuul
26530ac97b Merge "Leave queens job only in experimental" 2021-12-18 23:25:14 +00:00
Zuul
b3e07a1864 Merge "quota: Adds metadata_items parameter" 2021-12-18 23:18:44 +00:00
Sagi Shnaidman
94933250e8 Leave queens job only in experimental 
Change-Id: Ibc77dfe72e972948c0b4b018c8f4b18dc7dec790
 2021-12-18 22:23:24 +02:00
Pierre Riteau
1582956dcd Remove failing job from gate 
Change-Id: I7920e99efd152c2f5a9839bdcbe96a14d6587688
 2021-12-17 23:40:05 +01:00
Sagi Shnaidman
b1952e0c4b Replace victoria job by xena one 
Move victoria job to experimental, add xena job to check/gate.
Change-Id: Ia0376bf253b9f0ce2f13222982e7e9b8582a93d6
 2021-12-16 22:08:44 +02:00
Sagi Shnaidman
9cd6d2f69a Move queens job to experimental 
Change-Id: I2df552e6fa98e642b9ccce891d730bb96dedb9a8
 2021-12-16 21:56:30 +02:00
Will Szumski
86a57498e8 quota: Adds metadata_items parameter 
This is used to set the maximum number of metadata items per instance.

Change-Id: Ib5b86126ec25e9e84436d7ee7f79e43e22637272
 2021-12-16 18:59:40 +00:00
Zuul
15f73aa72e Merge "Release 1.5.3 version with bugfixes" 2021-11-11 12:44:09 +00:00
Zuul
22a7f516f3 Merge "server_volume: check specified server is found" 2021-11-11 12:44:07 +00:00
Sagi Shnaidman
de54be5ecd Release 1.5.3 version with bugfixes 
Change-Id: I90f72c7ea5869331633ad655275722fdb69570aa
 2021-11-11 13:58:54 +02:00
Baptiste Mille-Mathias
3f1a693bd6 server_volume: check specified server is found 
... in order to fail nicely instead of throwing an exception.

Change-Id: I6d7f793b4058fdcaffd015724ae9b53aa21e5367
 2021-11-11 11:11:45 +01:00
Sagi Shnaidman
8e87ad651f Don't require allowed_address_pairs for port 
Port can miss allowed_address_pairs parameter.

Story: 2009192
Task: 43246
Resolves: rhbz#2021810

Change-Id: I8fcc19889eaaec6342c8d7910a55f06e98dbd368
 2021-11-10 18:11:43 +02:00
Sagi Shnaidman
b2f3cf3210 Release 1.5.2 version 
Change-Id: Id8eb73da64631e1f25b5febd8a9f6dbee9707476
 2021-11-09 13:39:40 +02:00
Sagi Shnaidman
11c7cd23f8 Fix issue with same host and group names 
When host and group name is the same, the inventory fails to run.
Use different method of adding host to inventory with this case.

Fixes rhbz#2017495
Change-Id: Iad288c3c11d0791be33b379554577eab8381b44d
 2021-11-02 11:39:24 +02:00
Zuul
59d0e4c3a4 Merge "Flavor properties are not deleted on changes and id will stay" 2021-11-01 09:57:08 +00:00
Jiri Stransky
014665ddac Add documentation links to README.md 
Change-Id: I04235d8485cf46038c979de799a9666429163fab
 2021-10-25 13:32:04 +02:00
Sven Anders
21b70f6b9b Flavor properties are not deleted on changes and id will stay 
Fixing a bug on compute_falvor that causes that extra_specs
are deleted and the id is changing when a property of the
falvor is changed.


Changing the id will cause that a server which is using the falvor is
afterwards not assigned to the falvor anymore.


Story: 2009260
Change-Id: If7cbce107ce99de79749359e257933e4247e3634
 2021-10-07 05:14:58 +00:00
Zuul
ecaff2a798 Merge "Add client and member listener timeouts for persistence (Ex. SSH)" 2021-10-05 15:44:50 +00:00
Sagi Shnaidman
02e9e87964 Clean up the old jobs for rocky,stein,queens 
And return voting to train job
Change-Id: I9e39b8a5862f2a93a12498e7dd5ea8e9b978fbb1
 2021-10-05 13:47:25 +03:00
Sagi Shnaidman
980536c32e Move CI to use Ansible 2.12 version as main 
Move only from victoria, since Ansible 2.12 is installed with
py > 3.8.
Remove ussuri from voting jobs, use it for experimental only.
Change-Id: I74b7272794ea5fbafb7d81a5cf0068c09130bb0d
 2021-10-04 15:05:51 +03:00
Alexandru Verdes
a9a0d23441 Add client and member listener timeouts for persistence (Ex. SSH) 
Add possibility to specify connection timeouts for SSH listeners.
These values are available in openstacksdk:
95ee95f52c/openstack/load_balancer/v2/listener.py (L89)

Change-Id: Ief1abd9018bb6dab73702cc416e5a916f8baa0d7
 2021-10-01 09:17:55 +00:00
Zuul
011515de2d Merge "Added missing warn() used in cloud.openstack.quota" 2021-09-21 16:40:31 +00:00
Daniel Speichert
4292a00f75 Added missing warn() used in cloud.openstack.quota 
Change-Id: Ic7ba09cb464049a9ce0db4bafdba30a67b4c8b86
 2021-09-15 14:38:30 -04:00
Zuul
bbefa8c156 Merge "Don't run functional jobs on galaxy.yml change" 2021-09-02 14:41:19 +00:00
Sagi Shnaidman
b023aa337a Don't run functional jobs on galaxy.yml change 
Change-Id: Ib736f927f448bd2d53cb7f3e3723a9bfc8ea3bf2
 2021-09-02 13:45:44 +03:00
Sagi Shnaidman
c13f02fd54 Release 1.5.1 version 
Change-Id: Ib87202496ed05a6d2717d13a787f389a9c8d1336
 2021-09-02 12:44:20 +03:00
Sagi Shnaidman
ae4e7f3c06 Remove tests directory from ansible-tests 
Because we don't include tests in collection tar.
Change-Id: I3697f7b0ccd115ff1859658417d51e1643e10be8
 2021-08-16 16:06:10 +03:00
Sagi Shnaidman
2d554d1e22 Add support check mode for all info modules 
As it's required by new ansible-test rules.
See https://github.com/ansible-collections/overview/issues/45#issuecomment-893543025
Change-Id: Ib6b73e810b972997b8de2b4a9eb8e07e246823d5
 2021-08-16 15:56:27 +03:00
Sagi Shnaidman
770b283593 Reenable octavia job to vote 
Add swap memory because octavia LB is killed by OOM killer.
Change-Id: I5cfb5b19cd2a11198a98993b86b8474310ee2cdc
 2021-08-11 13:55:17 +03:00
Zuul
42921c6d9f Merge "Changed minversion in tox to 3.18.0" 2021-08-09 15:52:36 +00:00
likui
292aabb477 Changed minversion in tox to 3.18.0 
The patch bumps min version of tox to 3.18.0 in order to
replace tox's whitelist_externals by allowlist_externals option:
https://github.com/tox-dev/tox/blob/master/docs/changelog.rst#v3180-2020-07-23

Change-Id: Ia8700e03773398bc9347259bc504ae56c0978882
 2021-08-09 20:08:27 +08:00
Jakob Meng
3a08a9c07c Allow to attach multiple floating ips to a server 
OpenStack allows to attach multiple floating ips to a single server.
Previously, only one floating ip was supported by this module. It
would call openstacksdk's get_server_public_ip(), which in turn
would return just one of the attached floating ips. If this floating
ip would not point to the right nat_destination or fixed_address,
then the module would fail.

If no floating ip had been attached to a server, then this module
would call openstacksdk's add_ips_to_server() with both parameters
"floating_ip_address" and "network" to attach a floating ip to the
server. But both parameters are mutually exclusive [1], i.e.
add_ips_to_server() will ignore "floating_ip_address" if "network"
is set and then choose any non-attached floating ip from "network".
If "floating_ip_address" has not been created in OpenStack and
"network" is not given, then this module would not create this
floating ip [2].

The new module code allows to create and add more than one floating
ip to a server. It priorizes more specific parameters over generic
ones, i.e. if both "floating_ip_address" and "network" are given,
then "floating_ip_address" precedes "network".

Parameter "network" is now required if "floating_ip_address" is
specified, because both are necessary when creating floating ips.

Module documentation and args have been updated accordingly.

Ref.:
[1] a6b0ece282/openstack/cloud/_floating_ip.py (L987)
[2] a6b0ece282/openstack/cloud/_floating_ip.py (L907)

Task: 40939
Story: 2008181
Change-Id: I1ada1be0994f526f72f81f7458782afbcca3c92c
 2021-08-06 15:02:20 +02:00
Jakob Meng
0e370b2c51 Only add or remove router interfaces when needed 
Previously, when updating a router all its interfaces where removed and
readded by Ansible's os_router module. As a unwanted side effect all
active connections of the router and nat'ed devices where dropped,
closing e.g. all active tcp sessions. Now, only necessary changes
are applied.

Task: 40136
Story: 2007845
Change-Id: I172caf360e6e342dd54865da5a5b72b0dc0205c8
 2021-08-03 13:22:13 +00:00
Sagi Shnaidman
0441403c42 Run ansible devel sanity tests on py38 
And fix some module typos.
Disable voting for octavia jobs till investigation.
Change-Id: Ie4cb69aa2337b0f951ac194cf456e4515dbc24fb
 2021-08-03 01:32:31 +03:00
Sagi Shnaidman
4160888887 Reenable ansible 2.11 linters job 
After PR fix[1] was merged, reenable 2.11 job.

[1] https://github.com/ansible/ansible/pull/75358
Change-Id: Ida493c4316b682c3c2664bbe48c8dffc72f6ac8c
 2021-07-30 09:07:17 +03:00
Sagi Shnaidman
07374a1f0d Add mandatory requires_ansible version to metadata 
Disable ansible-test since it's broken in 2.11[1]

[1] https://github.com/ansible/ansible/issues/75353
Change-Id: Idd2f99ddfe507b5b02de206c1f8c75692d6a84a2
 2021-07-29 17:05:11 +03:00
60 changed files with 3658 additions and 487 deletions
Expand all files Collapse all files

256
.zuul.yaml
View File

@@ -3,6 +3,8 @@
- job:
name: ansible-collections-openstack-functional-devstack
parent: openstacksdk-functional-devstack
branches: ^(stable/1.0.0|master).*$
post-run: ci/playbooks/postlog.yaml
description: |
Run openstack collections functional tests against a master devstack
using master of openstacksdk with latest ansible release
@@ -11,6 +13,7 @@
- openstack/designate
irrelevant-files: &ignore_files
- changelogs/.*
- galaxy.*
- COPYING
- docs/.*
- .*\.md
@@ -18,19 +21,27 @@
- tools/run-ansible-sanity.sh
- tests/sanity/.*
- contrib/.*
- .zuul.yaml
vars:
zuul_work_dir: src/opendev.org/openstack/ansible-collections-openstack
tox_envlist: ansible
tox_install_siblings: true
tox_install_siblings: false
fetch_subunit: false
devstack_plugins:
designate: https://opendev.org/openstack/designate
devstack_services:
designate: true
neutron-dns: true
zuul_copy_output:
'{{ devstack_log_dir }}/test_output.log': 'logs'
extensions_to_txt:
log: true
- job:
name: ansible-collections-openstack-functional-devstack-octavia
parent: ansible-collections-openstack-functional-devstack
branches: ^(stable/1.0.0|master).*$
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
with Octavia plugin enabled, using releases of openstacksdk and latest
@@ -39,7 +50,7 @@
required-projects:
- openstack/octavia
- name: github.com/ansible/ansible
override-checkout: stable-2.11
override-checkout: stable-2.12
files:
- ^ci/roles/loadbalancer/.*$
- ^plugins/modules/lb_health_monitor.py
@@ -48,12 +59,14 @@
- ^plugins/modules/lb_pool.py
- ^plugins/modules/loadbalancer.py
vars:
configure_swap_size: 8192
tox_envlist: ansible
devstack_plugins:
designate: https://opendev.org/openstack/designate
octavia: https://opendev.org/openstack/octavia
devstack_services:
designate: true
neutron-dns: true
octavia: true
o-api: true
o-cw: true
@@ -67,6 +80,7 @@
- job:
name: ansible-collections-openstack-functional-devstack-releases
parent: ansible-collections-openstack-functional-devstack
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
using releases of openstacksdk and latest ansible release
@@ -78,6 +92,7 @@
- job:
name: ansible-collections-openstack-functional-devstack-ansible-2.9
parent: ansible-collections-openstack-functional-devstack
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
using master of openstacksdk and stable 2.9 branch of ansible
@@ -90,18 +105,33 @@
- job:
name: ansible-collections-openstack-functional-devstack-ansible-2.11
parent: ansible-collections-openstack-functional-devstack
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
using master of openstacksdk and stable 2.11 branch of ansible
using master of openstacksdk and stable 2.12 branch of ansible
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
vars:
tox_envlist: ansible
- job:
name: ansible-collections-openstack-functional-devstack-ansible-2.12
parent: ansible-collections-openstack-functional-devstack
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
using master of openstacksdk and stable 2.12 branch of ansible
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.12
vars:
tox_envlist: ansible
- job:
name: ansible-collections-openstack-functional-devstack-ansible-devel
parent: ansible-collections-openstack-functional-devstack
override-checkout: master
description: |
Run openstack collections functional tests against a master devstack
using master of openstacksdk and devel branch of ansible
@@ -110,40 +140,60 @@
- name: github.com/ansible/ansible
override-checkout: devel
vars:
tox_envlist: ansible-2.11
tox_envlist: ansible-2.12
# Stable branches tests
- job:
name: ansible-collections-openstack-functional-devstack-wallaby-ansible-2.11
name: ansible-collections-openstack-functional-devstack-xena-ansible-2.12
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a xena devstack
using xena brach of openstacksdk and stable 2.12 branch of ansible
voting: true
override-checkout: stable/xena
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.12
- name: openstack/openstacksdk
override-checkout: stable/xena
vars:
tox_envlist: ansible
tox_install_siblings: true
- job:
name: ansible-collections-openstack-functional-devstack-wallaby-ansible-2.12
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a wallaby devstack
using wallaby brach of openstacksdk and stable 2.11 branch of ansible
using wallaby brach of openstacksdk and stable 2.12 branch of ansible
voting: true
override-checkout: stable/wallaby
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
override-checkout: stable-2.12
- name: openstack/openstacksdk
override-checkout: stable/wallaby
vars:
tox_envlist: ansible
tox_install_siblings: true
- job:
name: ansible-collections-openstack-functional-devstack-victoria-ansible-2.11
name: ansible-collections-openstack-functional-devstack-victoria-ansible-2.12
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a victoria devstack
using victoria brach of openstacksdk and stable 2.11 branch of ansible
using victoria brach of openstacksdk and stable 2.12 branch of ansible
voting: true
override-checkout: stable/victoria
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
override-checkout: stable-2.12
- name: openstack/openstacksdk
override-checkout: stable/victoria
vars:
tox_envlist: ansible
tox_install_siblings: true
- job:
@@ -163,6 +213,7 @@
override-checkout: stable/ussuri
vars:
tox_envlist: ansible
tox_install_siblings: true
- job:
name: ansible-collections-openstack-functional-devstack-train-ansible-2.11
@@ -170,6 +221,7 @@
description: |
Run openstack collections functional tests against a train devstack
using train brach of openstacksdk and stable 2.11 branch of ansible
voting: true
override-checkout: stable/train
required-projects:
- name: github.com/ansible/ansible
@@ -180,6 +232,7 @@
override-checkout: stable/train
vars:
tox_envlist: ansible
tox_install_siblings: true
- job:
name: ansible-collections-openstack-functional-devstack-queens-ansible-2.11
@@ -197,69 +250,13 @@
override-checkout: stable/train
vars:
tox_envlist: ansible
- job:
name: ansible-collections-openstack-functional-devstack-queens-ansible-devel
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a queens devstack
using master branch of openstacksdk and devel branch of ansible
voting: false
override-checkout: stable/queens
required-projects:
- name: github.com/ansible/ansible
override-checkout: devel
- name: openstack/openstacksdk
# Run queens with highest possible py2 version of SDK
override-checkout: stable/train
vars:
tox_envlist: ansible-2.11
# Experimental pipeline jobs
- job:
name: ansible-collections-openstack-functional-devstack-stein-ansible-2.11
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a stein devstack
using stein brach of openstacksdk and stable 2.11 branch of ansible
voting: true
override-checkout: stable/stein
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
- name: openstack/openstacksdk
override-checkout: stable/stein
- name: openstack/os-client-config
override-checkout: stable/stein
vars:
tox_envlist: ansible
- job:
name: ansible-collections-openstack-functional-devstack-rocky-ansible-2.11
parent: ansible-collections-openstack-functional-devstack-ansible-devel
description: |
Run openstack collections functional tests against a rocky devstack
using rocky brach of openstacksdk and stable 2.11 branch of ansible
voting: true
override-checkout: stable/rocky
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
- name: openstack/openstacksdk
override-checkout: stable/rocky
- name: openstack/os-client-config
override-checkout: stable/rocky
- name: openstack/shade
override-checkout: stable/rocky
vars:
tox_envlist: ansible
tox_install_siblings: true
# Linters
- job:
name: openstack-tox-linters-ansible-devel
parent: openstack-tox-linters
nodeset: ubuntu-bionic
nodeset: ubuntu-focal
description: |
Run openstack collections linter tests using the devel branch of ansible
# non-voting because we can't prevent ansible devel from breaking us
@@ -268,18 +265,24 @@
- name: github.com/ansible/ansible
override-checkout: devel
vars:
tox_envlist: linters-2.11
tox_envlist: linters-2.12
python_version: 3.8
bindep_profile: test py38
- job:
name: openstack-tox-linters-ansible-2.11
name: openstack-tox-linters-ansible-2.12
parent: openstack-tox-linters
nodeset: ubuntu-bionic
nodeset: ubuntu-focal
description: |
Run openstack collections linter tests using the 2.11 branch of ansible
Run openstack collections linter tests using the 2.12 branch of ansible
voting: true
required-projects:
- name: github.com/ansible/ansible
override-checkout: stable-2.11
override-checkout: stable-2.12
vars:
tox_envlist: linters-2.12
python_version: 3.8
bindep_profile: test py38
- job:
name: openstack-tox-linters-ansible-2.9
@@ -310,10 +313,25 @@
# TripleO jobs
- job:
name: tripleo-ci-centos-8-standalone-osa
parent: tripleo-ci-centos-8-standalone
parent: tripleo-ci-base-standalone-centos-8
vars:
featureset: '052'
consumer_job: false
build_container_images: true
irrelevant-files: &irr_files
- .*molecule.*
- ^.*\.md$
- ^.*\.rst$
- ^docs/.*$
- ^contrib/.*$
- ^changelogs/.*$
- ^meta/.*$
- ^tests/.*$
- ^tools/.*$
- ^requirements.*$
- ^test-requirements.*$
- ^setup.*$
- tox.ini
# Run only on files used in TripleO
files: &ooo_files
- ^plugins/modules/catalog_service.*$
@@ -328,14 +346,42 @@
- ^plugins/modules/stack.*$
- ^plugins/module_utils/openstack.*$
- job:
name: tripleo-ci-centos-9-standalone-osa
parent: tripleo-ci-centos-8-standalone-osa
nodeset: single-centos-9-node
branches: ^(stable/1.0.0|master).*$
override-checkout: master
vars:
containers_base_image: quay.io/centos/centos:stream9
consumer_job: false
build_container_images: true
branch_override: master
files: *ooo_files
irrelevant-files: *irr_files
- job:
name: tripleo-ci-centos-8-standalone-train-osa
parent: tripleo-ci-centos-8-standalone-osa
voting: false
override-checkout: stable/train
vars:
branch_override: stable/train
- job:
name: tripleo-ci-centos-8-standalone-wallaby-osa
parent: tripleo-ci-centos-8-standalone-osa
override-checkout: stable/wallaby
vars:
branch_override: stable/wallaby
- job:
name: tripleo-ci-centos-9-standalone-wallaby-osa
parent: tripleo-ci-centos-9-standalone-osa
branches: ^(stable/1.0.0|master).*$
override-checkout: stable/wallaby
vars:
branch_override: stable/wallaby
- job:
name: ansible-collections-openstack-release
parent: base
@@ -364,32 +410,28 @@
jobs:
- tox-pep8
- openstack-tox-linters-ansible-devel
- openstack-tox-linters-ansible-2.11
- openstack-tox-linters-ansible-2.12
- openstack-tox-linters-ansible-2.9
- ansible-collections-openstack-functional-devstack:
dependencies: &deps_unit_lint
- tox-pep8
- openstack-tox-linters-ansible-2.9
- openstack-tox-linters-ansible-2.11
- openstack-tox-linters-ansible-2.12
- ansible-collections-openstack-functional-devstack-releases:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-ansible-2.9:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-ansible-2.11:
- ansible-collections-openstack-functional-devstack-ansible-2.12:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-ansible-devel:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.11:
- ansible-collections-openstack-functional-devstack-xena-ansible-2.12:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-victoria-ansible-2.11:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-ussuri-ansible-2.11:
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.12:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-train-ansible-2.11:
dependencies: *deps_unit_lint
- ansible-collections-openstack-functional-devstack-queens-ansible-2.11:
dependencies: *deps_unit_lint
voting: false
- ansible-collections-openstack-functional-devstack-octavia:
dependencies: *deps_unit_lint
@@ -403,55 +445,65 @@
dependencies: *deps_unit_lint
irrelevant-files: *ignore_files
- tripleo-ci-centos-8-standalone-osa:
- tripleo-ci-centos-8-standalone-wallaby-osa:
dependencies: *deps_unit_lint
- tripleo-ci-centos-8-standalone-train-osa:
voting: false
dependencies: *deps_unit_lint
- tripleo-ci-centos-9-standalone-osa:
voting: false
dependencies: *deps_unit_lint
- tripleo-ci-centos-9-standalone-wallaby-osa:
voting: false
dependencies: *deps_unit_lint
gate:
jobs:
- tox-pep8
- openstack-tox-linters-ansible-2.11
- openstack-tox-linters-ansible-2.12
- openstack-tox-linters-ansible-2.9
- ansible-collections-openstack-functional-devstack
- ansible-collections-openstack-functional-devstack-releases
- ansible-collections-openstack-functional-devstack-ansible-2.9
- ansible-collections-openstack-functional-devstack-ansible-2.11
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.11
- ansible-collections-openstack-functional-devstack-victoria-ansible-2.11
- ansible-collections-openstack-functional-devstack-ussuri-ansible-2.11
- ansible-collections-openstack-functional-devstack-train-ansible-2.11
# - ansible-collections-openstack-functional-devstack-queens-ansible-2.11
- ansible-collections-openstack-functional-devstack-ansible-2.12
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.12
- ansible-collections-openstack-functional-devstack-xena-ansible-2.12
# - ansible-collections-openstack-functional-devstack-train-ansible-2.11
- ansible-collections-openstack-functional-devstack-octavia
- tripleo-ci-centos-8-standalone-osa
- tripleo-ci-centos-8-standalone-wallaby-osa
periodic:
jobs:
- openstack-tox-linters-ansible-devel
- openstack-tox-linters-ansible-2.11
- openstack-tox-linters-ansible-2.12
- openstack-tox-linters-ansible-2.9
- ansible-collections-openstack-functional-devstack
- ansible-collections-openstack-functional-devstack-releases
- ansible-collections-openstack-functional-devstack-ansible-2.9
- ansible-collections-openstack-functional-devstack-ansible-2.11
- ansible-collections-openstack-functional-devstack-ansible-2.12
- ansible-collections-openstack-functional-devstack-ansible-devel
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.11
- ansible-collections-openstack-functional-devstack-victoria-ansible-2.11
- ansible-collections-openstack-functional-devstack-ussuri-ansible-2.11
- ansible-collections-openstack-functional-devstack-xena-ansible-2.12
- ansible-collections-openstack-functional-devstack-wallaby-ansible-2.12
- ansible-collections-openstack-functional-devstack-victoria-ansible-2.12
- ansible-collections-openstack-functional-devstack-train-ansible-2.11
- ansible-collections-openstack-functional-devstack-queens-ansible-2.11
- ansible-collections-openstack-functional-devstack-queens-ansible-devel
- bifrost-collections-src
- bifrost-keystone-collections-src
- ansible-collections-openstack-functional-devstack-octavia
- tripleo-ci-centos-9-standalone-wallaby-osa
- tripleo-ci-centos-9-standalone-osa
- tripleo-ci-centos-8-standalone-train-osa
- tripleo-ci-centos-8-standalone-wallaby-osa
experimental:
jobs:
- ansible-collections-openstack-functional-devstack-stein-ansible-2.11
- ansible-collections-openstack-functional-devstack-rocky-ansible-2.11
- ansible-collections-openstack-functional-devstack-queens-ansible-devel
- ansible-collections-openstack-functional-devstack-ansible-2.11
- ansible-collections-openstack-functional-devstack-victoria-ansible-2.12
- ansible-collections-openstack-functional-devstack-ussuri-ansible-2.11
- ansible-collections-openstack-functional-devstack-queens-ansible-2.11
tag:
jobs:

143
CHANGELOG.rst
View File

@@ -5,6 +5,147 @@ Openstack Cloud Ansilbe modules Release Notes
.. contents:: Topics
v1.7.2
======
Release Summary
---------------
Bugfixes
Bugfixes
--------
- Fix collection guidelines
v1.7.1
======
Release Summary
---------------
Bugfixes
Minor Changes
-------------
- lb_member - Add monitor_[address,port] parameter
Bugfixes
--------
- openstack_inventory - Fix documentation
- quota - Fix description of volumes_types parameter
v1.7.0
======
Release Summary
---------------
New modules for Ironic and bugfixes
Minor Changes
-------------
- openstack_inventory - Adds use_name variable
- port - Add dns_[name,domain] to the port module
- project - Remove project properties tests and support
Bugfixes
--------
- identity_user_info - Fix identity user lookup with a domain
- keystone_domain - Move identity domain to use proxy layer
New Modules
-----------
- openstack.cloud.baremetal_node_info - Retrieve information about Bare Metal nodes from OpenStack an object.
- openstack.cloud.baremetal_port - Create, Update, Remove ironic ports from OpenStack
- openstack.cloud.baremetal_port_info - Retrieve information about Bare Metal ports from OpenStack an object.
v1.6.0
======
Release Summary
---------------
New modules for RBAC and Nova services
Minor Changes
-------------
- quota - Adds metadata_items parameter
New Modules
-----------
- openstack.cloud.compute_service_info - Retrieve information about one or more OpenStack compute services
- openstack.cloud.neutron_rbac_policies_info - Fetch Neutron policies.
- openstack.cloud.neutron_rbac_policy - Create or delete a Neutron policy to apply a RBAC rule against an object.
v1.5.3
======
Release Summary
---------------
Bugfixes
Bugfixes
--------
- Don't require allowed_address_pairs for port
- server_volume - check specified server is found
v1.5.2
======
Release Summary
---------------
Bugfixes
Minor Changes
-------------
- Add documentation links to README.md
- Don't run functional jobs on galaxy.yml change
- Move CI to use Ansible 2.12 version as main
Bugfixes
--------
- Add client and member listener timeouts for persistence (Ex. SSH)
- Added missing warn() used in cloud.openstack.quota
- Fix issue with same host and group names
- Flavor properties are not deleted on changes and id will stay
v1.5.1
======
Release Summary
---------------
Bugfixes for networking modules
Minor Changes
-------------
- Changed minversion in tox to 3.18.0
- Update IRC server in README
Bugfixes
--------
- Add mandatory requires_ansible version to metadata
- Add protocol listener octavia
- Add support check mode for all info modules
- Allow to attach multiple floating ips to a server
- Only add or remove router interfaces when needed
- Wait for pool to be active and online
v1.5.0
======
@@ -74,9 +215,9 @@ Bugfixes
New Modules
-----------
- openstack.cloud.address_scope - Create or delete address scopes from OpenStack
- openstack.cloud.dns_zone_info - Getting information about dns zones
- openstack.cloud.floating_ip_info - Get information about floating ips
- openstack.cloud.address_scope - Create or delete address scopes from OpenStack
v1.4.0
======

8
README.md
View File

@@ -83,6 +83,14 @@ Or you can add the full namespace and collection name in the `collections` eleme
device: /dev/vdb
```
### Usage
See the collection docs at Ansible site:
* [openstack.cloud collection docs (version released in Ansible package)](https://docs.ansible.com/ansible/latest/collections/openstack/cloud/index.html)
* [openstack.cloud collection docs (devel version)](https://docs.ansible.com/ansible/devel/collections/openstack/cloud/index.html)
## Contributing
For information on contributing, please see [CONTRIBUTING](https://opendev.org/openstack/ansible-collections-openstack/src/branch/master/CONTRIBUTING.rst)

93
changelogs/changelog.yaml
View File

@@ -222,13 +222,100 @@ releases:
- image - Add support to setting image tags
release_summary: New modules for DNS and FIPs and bugfixes.
modules:
- description: Create or delete address scopes from OpenStack
name: address_scope
namespace: ''
- description: Getting information about dns zones
name: dns_zone_info
namespace: ''
- description: Get information about floating ips
name: floating_ip_info
namespace: ''
- description: Create or delete address scopes from OpenStack
name: address_scope
namespace: ''
release_date: '2021-06-23'
1.5.1:
changes:
bugfixes:
- Add mandatory requires_ansible version to metadata
- Add protocol listener octavia
- Add support check mode for all info modules
- Allow to attach multiple floating ips to a server
- Only add or remove router interfaces when needed
- Wait for pool to be active and online
minor_changes:
- Changed minversion in tox to 3.18.0
- Update IRC server in README
release_summary: Bugfixes for networking modules
release_date: '2021-09-02'
1.5.2:
changes:
bugfixes:
- Add client and member listener timeouts for persistence (Ex. SSH)
- Added missing warn() used in cloud.openstack.quota
- Fix issue with same host and group names
- Flavor properties are not deleted on changes and id will stay
minor_changes:
- Add documentation links to README.md
- Don't run functional jobs on galaxy.yml change
- Move CI to use Ansible 2.12 version as main
release_summary: Bugfixes
release_date: '2021-11-09'
1.5.3:
changes:
bugfixes:
- Don't require allowed_address_pairs for port
- server_volume - check specified server is found
release_summary: Bugfixes
release_date: '2021-11-11'
1.6.0:
changes:
minor_changes:
- quota - Adds metadata_items parameter
release_summary: New modules for RBAC and Nova services
modules:
- description: Retrieve information about one or more OpenStack compute services
name: compute_service_info
namespace: ''
- description: Fetch Neutron policies.
name: neutron_rbac_policies_info
namespace: ''
- description: Create or delete a Neutron policy to apply a RBAC rule against
an object.
name: neutron_rbac_policy
namespace: ''
release_date: '2022-01-13'
1.7.0:
changes:
bugfixes:
- identity_user_info - Fix identity user lookup with a domain
- keystone_domain - Move identity domain to use proxy layer
minor_changes:
- openstack_inventory - Adds use_name variable
- port - Add dns_[name,domain] to the port module
- project - Remove project properties tests and support
release_summary: New modules for Ironic and bugfixes
modules:
- description: Retrieve information about Bare Metal nodes from OpenStack an object.
name: baremetal_node_info
namespace: ''
- description: Create, Update, Remove ironic ports from OpenStack
name: baremetal_port
namespace: ''
- description: Retrieve information about Bare Metal ports from OpenStack an object.
name: baremetal_port_info
namespace: ''
release_date: '2022-02-15'
1.7.1:
changes:
bugfixes:
- openstack_inventory - Fix documentation
- quota - Fix description of volumes_types parameter
minor_changes:
- lb_member - Add monitor_[address,port] parameter
release_summary: Bugfixes
release_date: '2022-03-08'
1.7.2:
changes:
bugfixes:
- Fix collection guidelines
release_summary: Bugfixes
release_date: '2022-03-10'

8
ci/playbooks/postlog.yaml Normal file
View File

@@ -0,0 +1,8 @@
- hosts: all
tasks:
- zuul_return:
data:
zuul:
artifacts:
- name: Test log
url: controller/logs/test_output_log.txt

466
ci/roles/floating_ip/tasks/main.yml Normal file
View File

@@ -0,0 +1,466 @@
---
# Prepare environment
- name: Gather information about public network
openstack.cloud.networks_info:
cloud: "{{ cloud }}"
name: public
register: public_network
- name: Assert that public network exists
assert:
that: public_network.openstack_networks|length == 1
- name: Create external network
openstack.cloud.network:
cloud: "{{ cloud }}"
state: present
name: ansible_external
external: true
- name: Create external subnet
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: ansible_external
name: ansible_external_subnet
cidr: 10.6.6.0/24
- name: Create external port 1
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: ansible_external_port1
network: ansible_external
fixed_ips:
- ip_address: 10.6.6.50
- name: Create external port 2
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: ansible_external_port2
network: ansible_external
fixed_ips:
- ip_address: 10.6.6.51
- name: Create internal network
openstack.cloud.network:
cloud: "{{ cloud }}"
state: present
name: ansible_internal
external: false
- name: Create internal subnet
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: ansible_internal
name: ansible_internal_subnet
cidr: 10.7.7.0/24
- name: Create internal port 1
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: ansible_internal_port1
network: ansible_internal
fixed_ips:
- ip_address: 10.7.7.100
- name: Create internal port 2
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: ansible_internal_port2
network: ansible_internal
fixed_ips:
- ip_address: 10.7.7.101
- name: Create internal port 3
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: ansible_internal_port3
network: ansible_internal
fixed_ips:
- ip_address: 10.7.7.102
- name: Create router 1
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: ansible_router1
network: ansible_external
external_fixed_ips:
- subnet: ansible_external_subnet
ip: 10.6.6.10
interfaces:
- net: ansible_internal
subnet: ansible_internal_subnet
portip: 10.7.7.1
# Router 2 is required for the simplest, first test that assigns a new floating IP to server
# from first available external network or nova pool which is DevStack's public network
- name: Create router 2
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: ansible_router2
network: public
interfaces:
- net: ansible_internal
subnet: ansible_internal_subnet
portip: 10.7.7.10
- name: Get all floating ips
openstack.cloud.floating_ip_info:
cloud: "{{ cloud }}"
register: fips
- name: Check if public network has any floating ips
set_fact:
public_network_had_fips: "{{ fips.floating_ips|
selectattr('floating_network_id', '==', public_network.openstack_networks.0.id)|
list|length > 0 }}"
# TODO: Replace with appropriate Ansible module once available
- name: Create a floating ip on public network (required for simplest, first floating ip test)
command: openstack --os-cloud={{ cloud }} floating ip create public
when: not public_network_had_fips
# TODO: Replace with appropriate Ansible module once available
- name: Create floating ip 1 on external network
command: >
openstack --os-cloud={{ cloud }} floating ip create
--subnet ansible_external_subnet
--floating-ip-address 10.6.6.150
ansible_external
when: fips.floating_ips|length == 0 or
"10.6.6.150" not in fips.floating_ips|map(attribute="floating_ip_address")|list
- name: Create server with one nic
openstack.cloud.server:
cloud: "{{ cloud }}"
state: present
name: ansible_server1
image: "{{ image }}"
flavor: m1.tiny
nics:
# one nic only else simple, first floating ip test does not work
- port-name: ansible_internal_port1
auto_ip: false
wait: true
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server1
register: info
- name: Assert one internal port and no floating ips on server 1
# If this assertion fails because server has an public ipv4 address (public_v4) then make sure
# that no floating ip on public network is associated with "10.7.7.100" before running this role
assert:
that:
- info.openstack_servers|length == 1
- info.openstack_servers.0.public_v4|length == 0
- info.openstack_servers.0.public_v6|length == 0
- info.openstack_servers.0.addresses.ansible_internal|length == 1
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="addr")|sort|list == ["10.7.7.100"]
- name: Create server with two nics
openstack.cloud.server:
cloud: "{{ cloud }}"
state: present
name: ansible_server2
image: "{{ image }}"
flavor: m1.tiny
nics:
- port-name: ansible_internal_port2
- port-name: ansible_internal_port3
auto_ip: false
wait: true
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server2
register: info
- name: Assert two internal ports and no floating ips on server 2
assert:
that:
- info.openstack_servers|length == 1
- info.openstack_servers.0.public_v4|length == 0
- info.openstack_servers.0.public_v6|length == 0
- info.openstack_servers.0.addresses.ansible_internal|length == 2
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="addr")|sort|list ==
["10.7.7.101", "10.7.7.102"]
# Tests
- name: Assign new floating IP to server from first available external network or nova pool
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: present
server: ansible_server1
wait: true
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server1
register: info
- name: Assert one internal port and one floating ip on server 1
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 2
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="OS-EXT-IPS:type")|sort|list ==
["fixed", "floating"]
- name: Detach floating IP from server
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: absent
server: ansible_server1
network: public
floating_ip_address: "{{ (info.openstack_servers.0.addresses.ansible_internal|
selectattr('OS-EXT-IPS:type', '==', 'floating')|map(attribute='addr')|list)[0] }}"
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server1
register: info
# When detaching a floating ip from an instance there might be a delay until openstack.cloud.server_info
# does not list it any more in info.openstack_servers.0.addresses.ansible_internal, so retry if necessary.
retries: 10
delay: 3
until: info.openstack_servers.0.addresses.ansible_internal|length == 1
- name: Assert one internal port on server 1
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 1
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="addr")|list == ["10.7.7.100"]
- name: Assign floating IP to server
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: present
reuse: yes
server: ansible_server2
network: public
fixed_address: 10.7.7.101
wait: true
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server2
register: info
- name: Assert two internal ports and one floating ip on server 2
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 3
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="OS-EXT-IPS:type")|sort|list ==
["fixed", "fixed", "floating"]
- name: Assign a second, specific floating IP to server
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: present
reuse: yes
server: ansible_server2
network: ansible_external
fixed_address: 10.7.7.102
floating_ip_address: "10.6.6.150"
# We cannot wait for second floating ip to be attached because OpenStackSDK checks only for first floating ip
# Ref.: https://github.com/openstack/openstacksdk/blob/e0372b72af8c5f471fc17e53434d7a814ca958bd/openstack/cloud/_floating_ip.py#L733
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server2
register: info
# retry because we cannot wait for second floating ip
retries: 10
delay: 3
until: info.openstack_servers.0.addresses.ansible_internal|length == 4
- name: Assert two internal ports and two floating ips on server 2
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 4
- ("10.6.6.150" in info.openstack_servers.0.addresses.ansible_internal|map(attribute="addr")|sort|list)
- name: Detach second floating IP from server
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: absent
server: ansible_server2
network: ansible_external
floating_ip_address: "10.6.6.150"
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server2
register: info
# When detaching a floating ip from an instance there might be a delay until openstack.cloud.server_info
# does not list it any more in info.openstack_servers.0.addresses.ansible_internal, so retry if necessary.
retries: 10
delay: 3
until: info.openstack_servers.0.addresses.ansible_internal|length == 3
- name: Assert two internal ports and one floating ip on server 2
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 3
- name: Detach remaining floating IP from server
openstack.cloud.floating_ip:
cloud: "{{ cloud }}"
state: absent
server: ansible_server2
network: public
floating_ip_address: "{{ (info.openstack_servers.0.addresses.ansible_internal|
selectattr('OS-EXT-IPS:type', '==', 'floating')|map(attribute='addr')|list)[0] }}"
- name: Get info about server
openstack.cloud.server_info:
cloud: "{{ cloud }}"
server: ansible_server2
register: info
# When detaching a floating ip from an instance there might be a delay until openstack.cloud.server_info
# does not list it any more in info.openstack_servers.0.addresses.ansible_internal, so retry if necessary.
retries: 10
delay: 3
until: info.openstack_servers.0.addresses.ansible_internal|length == 2
- name: Assert two internal ports on server 2
assert:
that:
- info.openstack_servers.0.addresses.ansible_internal|length == 2
- info.openstack_servers.0.addresses.ansible_internal|map(attribute="addr")|list == ["10.7.7.101", "10.7.7.102"]
# Clean environment
- name: Delete server with two nics
openstack.cloud.server:
cloud: "{{ cloud }}"
state: absent
name: ansible_server2
wait: true
- name: Delete server with one nic
openstack.cloud.server:
cloud: "{{ cloud }}"
state: absent
name: ansible_server1
wait: true
- name: Get all floating ips
openstack.cloud.floating_ip_info:
cloud: "{{ cloud }}"
register: fips
# TODO: Replace with appropriate Ansible module once available
- name: Delete floating ip on public network if we created it
when: not public_network_had_fips
command: >
openstack --os-cloud={{ cloud }} floating ip delete
{{ fips.floating_ips|selectattr('floating_network_id', '==', public_network.openstack_networks.0.id)|
map(attribute="floating_ip_address")|list|join(' ') }}
# TODO: Replace with appropriate Ansible module once available
- name: Delete floating ip 1
command: openstack --os-cloud={{ cloud }} floating ip delete 10.6.6.150
when: fips.floating_ips|length > 0 and "10.6.6.150" in fips.floating_ips|map(attribute="floating_ip_address")|list
- name: Get remaining floating ips on external network
openstack.cloud.floating_ip_info:
cloud: "{{ cloud }}"
floating_network: ansible_external
register: fips
# TODO: Replace with appropriate Ansible module once available
# The first, simple floating ip test might have allocated a floating ip on the external network.
# This floating ip must be removed before external network can be deleted.
- name: Delete remaining floating ips on external network
when: fips.floating_ips|length > 0
command: >
openstack --os-cloud={{ cloud }} floating ip delete
{{ fips.floating_ips|map(attribute="floating_ip_address")|list|join(' ') }}
# Remove routers after floating ips have been detached and disassociated else removal fails with
# Error detaching interface from router ***: Client Error for url: ***,
# Router interface for subnet *** on router *** cannot be deleted,
# as it is required by one or more floating IPs.
- name: Delete router 2
openstack.cloud.router:
cloud: "{{ cloud }}"
state: absent
name: ansible_router2
- name: Delete router 1
openstack.cloud.router:
cloud: "{{ cloud }}"
state: absent
name: ansible_router1
- name: Delete internal port 3
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: ansible_internal_port3
- name: Delete internal port 2
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: ansible_internal_port2
- name: Delete internal port 1
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: ansible_internal_port1
- name: Delete internal subnet
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: absent
name: ansible_internal_subnet
- name: Delete internal network
openstack.cloud.network:
cloud: "{{ cloud }}"
state: absent
name: ansible_internal
- name: Delete external port 2
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: ansible_external_port2
- name: Delete external port 1
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: ansible_external_port1
- name: Delete external subnet
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: absent
name: ansible_external_subnet
- name: Delete external network
openstack.cloud.network:
cloud: "{{ cloud }}"
state: absent
name: ansible_external

37
ci/roles/keystone_domain/tasks/main.yml
View File

@@ -1,19 +1,36 @@
---
- name: Create keystone domain
openstack.cloud.identity_domain:
cloud: "{{ cloud }}"
state: present
name: "{{ domain_name }}"
description: "test description"
cloud: "{{ cloud }}"
state: present
name: "{{ domain_name }}"
description: "test description"
register: os_domain
- name: Test output
assert:
that:
- "'domain' in os_domain"
- os_domain.domain.name == "{{ domain_name }}"
- >-
('enabled' in os_domain.domain.keys() and os_domain.domain['enabled']|bool) or
('is_enabled' in os_domain.domain and os_domain.domain['is_enabled']|bool)
- os_domain.domain.description == "test description"
- name: Update keystone domain
openstack.cloud.identity_domain:
cloud: "{{ cloud }}"
name: "{{ domain_name }}"
description: "updated description"
cloud: "{{ cloud }}"
name: "{{ domain_name }}"
description: "updated description"
register: os_domain_updated
- name: Test output
assert:
that:
- os_domain_updated.domain.description == "updated description"
- name: Delete keystone domain
openstack.cloud.identity_domain:
cloud: "{{ cloud }}"
state: absent
name: "{{ domain_name }}"
cloud: "{{ cloud }}"
state: absent
name: "{{ domain_name }}"

85
ci/roles/neutron_rbac/tasks/main.yml Normal file
View File

@@ -0,0 +1,85 @@
---
# General run of tests
# - Prepare projects/network objects
# - Create rbac object
# - Get rbac object info
# - Verify RBAC object match
# - Delete rbac object
# - Get rbac object info
# - Verify RBAC object deleted
- name: Create source project
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: source_project
description: Source project for network RBAC test
domain_id: default
enabled: True
register: source_project
- name: Create network - generic
openstack.cloud.network:
cloud: "{{ cloud }}"
name: "{{ network_name }}"
state: present
project: "{{ source_project.project.id }}"
shared: false
external: "{{ network_external }}"
register: network
- name: Create target project
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: Target project for network RBAC test
domain_id: default
enabled: True
register: target_project
- name: Create a new network RBAC policy
openstack.cloud.neutron_rbac_policy:
cloud: "{{ cloud }}"
object_id: "{{ network.network.id }}"
object_type: 'network'
action: 'access_as_shared'
target_project_id: "{{ target_project.project.id }}"
project_id: "{{ source_project.project.id }}"
register: rbac_policy
- name: Get all rbac policies for {{ source_project.project.name }} - after creation
openstack.cloud.neutron_rbac_policies_info:
cloud: "{{ cloud }}"
project_id: "{{ source_project.project.id }}"
register: rbac_policies
- name: Capture all existing policy IDs
set_fact:
rbac_policy_ids: "{{ rbac_policies.policies | map(attribute='id') | list }}"
- name: Verify policy exists - after creation
assert:
that:
- rbac_policy.policy.id in rbac_policy_ids
- name: Delete RBAC policy
openstack.cloud.neutron_rbac_policy:
cloud: "{{ cloud }}"
policy_id: "{{ rbac_policy.policy.id }}"
state: absent
- name: Get all rbac policies for {{ source_project.project.name }} - after deletion
openstack.cloud.neutron_rbac_policies_info:
cloud: "{{ cloud }}"
project_id: "{{ source_project.project.id }}"
register: rbac_policies_remaining
- name: Capture all remaining policy IDs
set_fact:
remaining_rbac_policy_ids: "{{ rbac_policies_remaining.policies | map(attribute='id') | list }}"
- name: Verify policy does not exist - after deletion
assert:
that:
- not rbac_policy.policy.id in remaining_rbac_policy_ids

15
ci/roles/nova_services/tasks/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Get nova compute services info
openstack.cloud.compute_service_info:
cloud: "{{ cloud }}"
binary: "nova-compute"
register: result
failed_when: "result.openstack_compute_services | length <= 0"
- name: Get nova conductor services info
openstack.cloud.compute_service_info:
cloud: "{{ cloud }}"
binary: "nova-conductor"
register: result
failed_when: "result.openstack_compute_services | length <= 0"

22
ci/roles/port/tasks/main.yml
View File

@@ -60,6 +60,26 @@
state: absent
name: "{{ port_name }}"
- name: Create port (with dns_name, dns_domain)
openstack.cloud.port:
cloud: "{{ cloud }}"
state: present
name: "{{ port_name }}"
network: "{{ network_name }}"
fixed_ips:
- ip_address: 10.5.5.69
dns_name: "dns-port-name"
dns_domain: "example.com."
register: port
- debug: var=port
- name: Delete port (with dns name,domain)
openstack.cloud.port:
cloud: "{{ cloud }}"
state: absent
name: "{{ port_name }}"
- name: Create port (with allowed_address_pairs and extra_dhcp_opts)
openstack.cloud.port:
cloud: "{{ cloud }}"
@@ -101,7 +121,7 @@
- name: Assert binding:profile exists in created port
assert:
that: "port.port['binding:profile']"
that: "port.port['binding_profile']"
- debug: var=port

2
ci/roles/project_properties/defaults/main.yml
View File

@@ -1,2 +0,0 @@
dummy_value: 'test-value'
dummy_value_updated: 'test-value-updated'

142
ci/roles/project_properties/tasks/main.yml
View File

@@ -1,142 +0,0 @@
---
- name: 'Create project with properties - CHECK_MODE'
check_mode: yes
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: dummy description
domain_id: default
enabled: True
properties:
dummy_key: '{{ dummy_value }}'
register: create_project_cm
- assert:
that:
- create_project_cm is successful
- create_project_cm is changed
- name: 'Create project with properties'
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: dummy description
domain_id: default
enabled: True
properties:
dummy_key: '{{ dummy_value }}'
register: create_project
- assert:
that:
- create_project is successful
- create_project is changed
- '"project" in create_project'
- '"dummy_key" in create_project["project"]'
- create_project["project"].dummy_key == dummy_value
- name: 'Create project with properties (retry - no change) - CHECK_MODE'
check_mode: yes
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: dummy description
domain_id: default
enabled: True
properties:
dummy_key: '{{ dummy_value }}'
register: create_project_retry_cm
- assert:
that:
- create_project_retry_cm is successful
- create_project_retry_cm is not changed
- name: 'Create project with properties (retry - no change)'
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: dummy description
domain_id: default
enabled: True
properties:
dummy_key: '{{ dummy_value }}'
register: create_project_retry
- assert:
that:
- create_project_retry is successful
- create_project_retry is not changed
- '"project" in create_project_retry'
- '"dummy_key" in create_project_retry["project"]'
- create_project_retry["project"].dummy_key == dummy_value
- name: 'Update project with properties - CHECK_MODE'
check_mode: yes
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: new description
properties:
dummy_key: '{{ dummy_value_updated }}'
register: updated_project_cm
- assert:
that:
- updated_project_cm is successful
- updated_project_cm is changed
- name: 'Update project with properties'
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: new description
properties:
dummy_key: '{{ dummy_value_updated }}'
register: updated_project
- assert:
that:
- updated_project is successful
- updated_project is changed
- '"project" in updated_project'
- '"dummy_key" in updated_project["project"]'
- updated_project["project"].dummy_key == dummy_value_updated
- name: 'Update project with properties (retry - no change) - CHECK_MODE'
check_mode: yes
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: new description
properties:
dummy_key: '{{ dummy_value_updated }}'
register: updated_project_retry_cm
- assert:
that:
- updated_project_retry_cm is successful
- updated_project_retry_cm is not changed
- name: 'Update project with properties (retry - no change)'
openstack.cloud.project:
cloud: "{{ cloud }}"
state: present
name: ansible_project
description: new description
properties:
dummy_key: '{{ dummy_value_updated }}'
register: updated_project_retry
- assert:
that:
- updated_project_retry is successful
- updated_project_retry is not changed
- '"project" in updated_project_retry'
- '"dummy_key" in updated_project_retry["project"]'
- updated_project_retry["project"].dummy_key == dummy_value_updated
- name: Delete project with properties
openstack.cloud.project:
cloud: "{{ cloud }}"
state: absent
name: ansible_project

282
ci/roles/router/tasks/main.yml
View File

@@ -15,6 +15,30 @@
name: shade_subnet1
cidr: 10.7.7.0/24
- name: Create subnet2
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: "{{ network_name }}"
name: shade_subnet2
cidr: 10.8.8.0/24
- name: Create subnet3
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: "{{ network_name }}"
name: shade_subnet3
cidr: 10.9.9.0/24
- name: Create subnet4
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: "{{ network_name }}"
name: shade_subnet4
cidr: 10.10.10.0/24
- name: Create router
openstack.cloud.router:
cloud: "{{ cloud }}"
@@ -29,6 +53,19 @@
interfaces:
- shade_subnet1
- name: Update router (add interface) again
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
register: result
- name: Assert idempotent module
assert:
that: result is not changed
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
@@ -43,6 +80,93 @@
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.interfaces_info|length) == 1
- name: Update router (change interfaces)
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- net: '{{ network_name }}'
subnet: shade_subnet2
portip: 10.8.8.1
- net: '{{ network_name }}'
subnet: shade_subnet3
- shade_subnet4
- name: Update router (change interfaces) again
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- net: '{{ network_name }}'
subnet: shade_subnet2
portip: 10.8.8.1
- net: '{{ network_name }}'
subnet: shade_subnet3
- shade_subnet4
register: result
- name: Assert idempotent module
assert:
that: result is not changed
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
name: "{{ router_name }}"
filters:
admin_state_up: true
register: result
- name: Verify routers info
assert:
that:
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.interfaces_info|length) == 3
- result.openstack_routers.0.interfaces_info|map(attribute='ip_address')|sort|list ==
['10.10.10.1', '10.8.8.1', '10.9.9.1']
- name: Update router (remove interface)
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- net: '{{ network_name }}'
subnet: shade_subnet1
portip: 10.7.7.1
- name: Update router (remove interface) again
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- net: '{{ network_name }}'
subnet: shade_subnet1
portip: 10.7.7.1
register: result
- name: Assert idempotent module
assert:
that: result is not changed
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
name: "{{ router_name }}"
filters:
admin_state_up: true
register: result
- name: Verify routers info
assert:
that:
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.interfaces_info|length) == 1
- result.openstack_routers.0.interfaces_info.0.ip_address == '10.7.7.1'
# Admin operation
- name: Create external network
openstack.cloud.network:
@@ -53,12 +177,12 @@
when:
- network_external
- name: Create subnet2
- name: Create subnet5
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: present
network_name: "{{ external_network_name }}"
name: shade_subnet2
name: shade_subnet5
cidr: 10.6.6.0/24
when:
- network_external
@@ -88,6 +212,142 @@
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.interfaces_info|length) == 1
- name: Update router (change external fixed ips)
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
network: "{{ external_network_name }}"
external_fixed_ips:
- subnet: shade_subnet5
ip: 10.6.6.100
when:
- network_external
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
name: "{{ router_name }}"
filters:
admin_state_up: true
register: result
- name: Verify routers info
assert:
that:
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.external_gateway_info.external_fixed_ips|length) == 1
- result.openstack_routers.0.external_gateway_info.external_fixed_ips.0.ip_address == "10.6.6.100"
when:
- network_external
- name: Update router (add external fixed ips)
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
network: "{{ external_network_name }}"
external_fixed_ips:
- subnet: shade_subnet5
ip: 10.6.6.100
- subnet: shade_subnet5
ip: 10.6.6.101
when:
- network_external
- name: Update router (add external fixed ips) again
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
network: "{{ external_network_name }}"
external_fixed_ips:
- subnet: shade_subnet5
ip: 10.6.6.100
- subnet: shade_subnet5
ip: 10.6.6.101
when:
- network_external
register: result
- name: Assert idempotent module
assert:
that: result is not changed
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
name: "{{ router_name }}"
filters:
admin_state_up: true
register: result
- name: Verify routers info
assert:
that:
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.external_gateway_info.external_fixed_ips|length) == 2
- result.openstack_routers.0.external_gateway_info.external_fixed_ips|map(attribute='ip_address')|sort|list ==
["10.6.6.100", "10.6.6.101"]
when:
- network_external
- name: Update router (remove external fixed ips)
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
network: "{{ external_network_name }}"
external_fixed_ips:
- subnet: shade_subnet5
ip: 10.6.6.101
when:
- network_external
- name: Update router (remove external fixed ips) again
openstack.cloud.router:
cloud: "{{ cloud }}"
state: present
name: "{{ router_name }}"
interfaces:
- shade_subnet1
network: "{{ external_network_name }}"
external_fixed_ips:
- subnet: shade_subnet5
ip: 10.6.6.101
when:
- network_external
register: result
- name: Assert idempotent module
assert:
that: result is not changed
- name: Gather routers info
openstack.cloud.routers_info:
cloud: "{{ cloud }}"
name: "{{ router_name }}"
filters:
admin_state_up: true
register: result
- name: Verify routers info
assert:
that:
- "result.openstack_routers.0.name == router_name"
- (result.openstack_routers.0.external_gateway_info.external_fixed_ips|length) == 1
- result.openstack_routers.0.external_gateway_info.external_fixed_ips.0.ip_address == "10.6.6.101"
when:
- network_external
- name: Delete router
openstack.cloud.router:
cloud: "{{ cloud }}"
@@ -105,6 +365,24 @@
cloud: "{{ cloud }}"
state: absent
name: shade_subnet2
- name: Delete subnet3
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: absent
name: shade_subnet3
- name: Delete subnet4
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: absent
name: shade_subnet4
- name: Delete subnet5
openstack.cloud.subnet:
cloud: "{{ cloud }}"
state: absent
name: shade_subnet5
when:
- network_external

3
ci/run-ansible-tests-collection.sh
View File

@@ -131,8 +131,9 @@ fi
SDK_VER=$(python -c "import openstack; print(openstack.version.__version__)")
pushd ci/
# run tests
set -o pipefail
ANSIBLE_COLLECTIONS_PATHS=$TEST_COLLECTIONS_PATHS ansible-playbook \
-vvv ./run-collection.yml \
-e "sdk_version=${SDK_VER} cloud=${CLOUD} image=${IMAGE} ${ANSIBLE_VARS}" \
${tag_opt}
${tag_opt} 2>&1 | sudo tee /opt/stack/logs/test_output.log
popd

11
ci/run-collection.yml
View File

@@ -30,13 +30,17 @@
when: sdk_version is version(0.44, '>=')
- { role: keystone_role, tags: keystone_role }
- { role: network, tags: network }
- role: neutron_rbac
tags:
- rbac
- neutron_rbac
- { role: nova_flavor, tags: nova_flavor }
- role: nova_services
tags: nova_services
when: sdk_version is version(0.44, '>=')
- { role: object, tags: object }
- { role: port, tags: port }
- { role: project, tags: project }
- role: project_properties
tags: project_properties
when: sdk_version is version("0.45.01", '>')
- { role: router, tags: router }
- { role: security_group, tags: security_group }
- { role: server, tags: server }
@@ -50,3 +54,4 @@
when: sdk_version is version("0.53.0", '>=')
- role: loadbalancer
tags: loadbalancer
- { role: floating_ip, tags: floating_ip }

5
docs/openstack_guidelines.rst
View File

@@ -13,7 +13,7 @@ Naming
------
* This is a collection named ``openstack.cloud``. There is no need for further namespace prefixing.
* Name any module that a cloud consumer would expect to use after the logical resource it manages:
* Name any module that a cloud consumer would expect to use after the logical resource it manages:
``server`` not ``nova``. This naming convention acknowledges that the end user does not care
which service manages the resource - that is a deployment detail. For example cloud consumers may
not know whether their floating IPs are managed by Nova or Neutron.
@@ -24,6 +24,7 @@ Interface
* If the resource being managed has an id, it should be returned.
* If the resource being managed has an associated object more complex than
an id, it should also be returned.
* Return format shall be a dictionary or list
Interoperability
----------------
@@ -53,7 +54,7 @@ Libraries
* All complex cloud interaction or interoperability code should be housed in
the `openstacksdk <https://opendev.org/openstack/openstacksdk>`_
library.
* All OpenStack API interactions should happen via the openstacksdk and not via
* All OpenStack API interactions should happen via the openstackSDK and not via
OpenStack Client libraries. The OpenStack Client libraries do no have end
users as a primary audience, they are for intra-server communication.
* All modules should be registered in ``meta/action_groups.yml`` for enabling the

2
galaxy.yml
View File

@@ -33,4 +33,4 @@ build_ignore:
- ansible_collections_openstack.egg-info
- contrib
- changelogs
version: 1.5.1-dev
version: 1.7.2

6
meta/runtime.yml
View File

@@ -1,3 +1,4 @@
requires_ansible: ">=2.8"
action_groups:
openstack:
- address_scope
@@ -8,6 +9,9 @@ action_groups:
- baremetal_node
- baremetal_node_action
- baremetal_node_action
- baremetal_node_info
- baremetal_port_info
- baremetal_port
- catalog_endpoint
- catalog_service
- catalog_service
@@ -18,6 +22,8 @@ action_groups:
- compute_flavor
- compute_flavor_info
- compute_flavor_info
- compute_service_info
- compute_service_info
- config
- config
- dns_zone

33
plugins/inventory/openstack.py
View File

@@ -9,7 +9,6 @@
DOCUMENTATION = '''
---
name: openstack
plugin_type: inventory
author: OpenStack Ansible SIG
short_description: OpenStack inventory source
requirements:
@@ -42,6 +41,13 @@ options:
- name
- uuid
default: "name"
use_names:
description: |
Use the host's 'name' instead of 'interface_ip' for the 'ansible_host' and
'ansible_ssh_host' facts. This might be desired when using jump or
bastion hosts and the name is the FQDN of the host.
type: bool
default: 'no'
expand_hostvars:
description: |
Run extra commands on each host to fill in additional
@@ -237,6 +243,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
expand_hostvars = self._config_data.get('expand_hostvars', False)
fail_on_errors = self._config_data.get('fail_on_errors', False)
all_projects = self._config_data.get('all_projects', False)
self.use_names = self._config_data.get('use_names', False)
source_data = []
try:
@@ -311,7 +318,11 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
for group_name, group_hosts in groups.items():
gname = self.inventory.add_group(group_name)
for host in group_hosts:
self.inventory.add_child(gname, host)
if gname == host:
display.vvvv("Same name for host %s and group %s" % (host, gname))
self.inventory.add_host(host, gname)
else:
self.inventory.add_child(gname, host)
def _get_groups_from_server(self, server_vars, namegroup=True):
groups = []
@@ -359,10 +370,20 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
def _append_hostvars(self, hostvars, groups, current_host,
server, namegroup=False):
hostvars[current_host] = dict(
ansible_ssh_host=server['interface_ip'],
ansible_host=server['interface_ip'],
openstack=server)
if not self.use_names:
hostvars[current_host] = dict(
ansible_ssh_host=server['interface_ip'],
ansible_host=server['interface_ip'],
openstack=server,
)
if self.use_names:
hostvars[current_host] = dict(
ansible_ssh_host=server['name'],
ansible_host=server['name'],
openstack=server,
)
self.inventory.add_host(current_host)
if self.get_option('legacy_groups'):

1
plugins/module_utils/openstack.py
View File

@@ -261,6 +261,7 @@ class OpenStackModule:
self.results = {'changed': False}
self.exit = self.exit_json = self.ansible.exit_json
self.fail = self.fail_json = self.ansible.fail_json
self.warn = self.ansible.warn
self.sdk, self.conn = self.openstack_cloud_from_module()
self.check_deprecated_names()

5
plugins/modules/baremetal_node.py
View File

@@ -299,7 +299,10 @@ def main():
required=False,
type='bool',
aliases=['skip_update_of_driver_password'],
deprecated_aliases=[dict(name='skip_update_of_driver_password', version='2.0.0')]
deprecated_aliases=[dict(
name='skip_update_of_driver_password',
version='2.0.0',
collection_name='openstack.cloud')]
),
state=dict(required=False, default='present', choices=['present', 'absent'])
)

555
plugins/modules/baremetal_node_info.py Normal file
View File

@@ -0,0 +1,555 @@
#!/usr/bin/python
# coding: utf-8 -*-
# Copyright (c) 2021 by Red Hat, Inc.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = '''
module: baremetal_node_info
short_description: Retrieve information about Bare Metal nodes from OpenStack
author: OpenStack Ansible SIG
description:
- Retrieve information about Bare Metal nodes from OpenStack.
options:
node:
description:
- Name or globally unique identifier (UUID) to identify the host.
type: str
mac:
description:
- Unique mac address that is used to attempt to identify the host.
type: str
ironic_url:
description:
- If noauth mode is utilized, this is required to be set to the
endpoint URL for the Ironic API. Use with "auth" and "auth_type"
settings set to None.
type: str
requirements:
- "python >= 3.6"
- "openstacksdk"
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = '''
# Gather information about all baremeal nodes
- openstack.cloud.baremetal_node_info:
cloud: "devstack"
register: result
- debug:
msg: "{{ result.baremetal_nodes }}"
# Gather information about a baremeal node
- openstack.cloud.baremetal_node_info:
cloud: "devstack"
node: "00000000-0000-0000-0000-000000000002"
register: result
- debug:
msg: "{{ result.baremetal_nodes }}"
'''
RETURN = '''
baremetal_nodes:
description: Bare Metal node list. A subset of the dictionary keys
listed below may be returned, depending on your cloud
provider.
returned: always, but can be null
type: complex
contains:
allocation_uuid:
description: The UUID of the allocation associated with the node.
If not null, will be the same as instance_uuid (the
opposite is not always true). Unlike instance_uuid,
this field is read-only. Please use the Allocation API
to remove allocations.
returned: success
type: str
automated_clean:
description: Indicates whether the node will perform automated
clean or not.
returned: success
type: bool
bios_interface:
description: The bios interface to be used for this node.
returned: success
type: str
boot_interface:
description: The boot interface for a Node, e.g. "pxe".
returned: success
type: str
boot_mode:
description: The boot mode for a node, either "uefi" or "bios"
returned: success
type: str
chassis_uuid:
description: UUID of the chassis associated with this Node. May be
empty or None.
returned: success
type: str
clean_step:
description: The current clean step.
returned: success
type: str
conductor:
description: The conductor currently servicing a node. This field
is read-only.
returned: success
type: str
conductor_group:
description: The conductor group for a node. Case-insensitive
string up to 255 characters, containing a-z, 0-9, _,
-, and ..
returned: success
type: str
console_enabled:
description: Indicates whether console access is enabled or
disabled on this node.
returned: success
type: bool
console_interface:
description: The console interface for a node, e.g. "no-console".
returned: success
type: str
created_at:
description: Bare Metal node created at timestamp.
returned: success
type: str
deploy_interface:
description: The deploy interface for a node, e.g. "direct".
returned: success
type: str
deploy_step:
description: The current deploy step.
returned: success
type: str
driver:
description: The name of the driver.
returned: success
type: str
driver_info:
description: All the metadata required by the driver to manage this
Node. List of fields varies between drivers, and can
be retrieved from the
/v1/drivers/<DRIVER_NAME>/properties resource.
returned: success
type: dict
driver_internal_info:
description: Internal metadata set and stored by the Node's driver.
returned: success
type: dict
extra:
description: A set of one or more arbitrary metadata key and value
pairs.
returned: success
type: dict
fault:
description: The fault indicates the active fault detected by
ironic, typically the Node is in "maintenance mode".
None means no fault has been detected by ironic.
"power failure" indicates ironic failed to retrieve
power state from this node. There are other possible
types, e.g., "clean failure" and "rescue abort
failure".
returned: success
type: str
id:
description: The UUID for the resource.
returned: success
type: str
inspect_interface:
description: The interface used for node inspection.
returned: success
type: str
instance_info:
description: Information used to customize the deployed image. May
include root partition size, a base 64 encoded config
drive, and other metadata. Note that this field is
erased automatically when the instance is deleted
(this is done by requesting the Node provision state
be changed to DELETED).
returned: success
type: dict
instance_uuid:
description: UUID of the Nova instance associated with this Node.
returned: success
type: str
last_error:
description: Any error from the most recent (last) transaction that
started but failed to finish.
returned: success
type: str
maintenance:
description: Whether or not this Node is currently in "maintenance
mode". Setting a Node into maintenance mode removes it
from the available resource pool and halts some
internal automation. This can happen manually (eg, via
an API request) or automatically when Ironic detects a
hardware fault that prevents communication with the
machine.
returned: success
type: bool
maintenance_reason:
description: User-settable description of the reason why this Node
was placed into maintenance mode
returned: success
type: str
management_interface:
description: Interface for out-of-band node management.
returned: success
type: str
name:
description: Human-readable identifier for the Node resource. May
be undefined. Certain words are reserved.
returned: success
type: str
network_interface:
description: Which Network Interface provider to use when plumbing
the network connections for this Node.
returned: success
type: str
owner:
description: A string or UUID of the tenant who owns the object.
returned: success
type: str
portgroups:
description: List of ironic portgroups on this node.
returned: success
type: list
elements: dict
contains:
address:
description: Physical hardware address of this Portgroup,
typically the hardware MAC address.
returned: success
type: str
created_at:
description: The UTC date and time when the resource was
created, ISO 8601 format.
returned: success
type: str
extra:
description: A set of one or more arbitrary metadata key and
value pairs.
returned: success
type: dict
id:
description: The UUID for the resource.
returned: success
type: str
internal_info:
description: Internal metadata set and stored by the Portgroup.
This field is read-only.
returned: success
type: dict
is_standalone_ports_supported:
description: Indicates whether ports that are members of this
portgroup can be used as stand-alone ports.
returned: success
type: bool
mode:
description: Mode of the port group. For possible values, refer
to https://www.kernel.org/doc/Documentation/networking/bonding.txt.
If not specified in a request to create a port
group, it will be set to the value of the
[DEFAULT]default_portgroup_mode configuration
option. When set, can not be removed from the port
group.
returned: success
type: str
name:
description: Human-readable identifier for the Portgroup
resource. May be undefined.
returned: success
type: str
node_id:
description: UUID of the Node this resource belongs to.
returned: success
type: str
ports:
description: List of port UUID's of ports belonging to this
portgroup.
returned: success
type: list
properties:
description: Key/value properties related to the port group's
configuration.
returned: success
type: dict
updated_at:
description: The UTC date and time when the resource was
updated, ISO 8601 format. May be "null".
returned: success
type: str
ports:
description: List of ironic ports on this node.
returned: success
type: list
elements: dict
contains:
address:
description: Physical hardware address of this network Port,
typically the hardware MAC address.
returned: success
type: str
created_at:
description: The UTC date and time when the resource was
created, ISO 8601 format.
returned: success
type: str
extra:
description: A set of one or more arbitrary metadata key and
value pairs.
returned: success
type: dict
id:
description: The UUID for the resource.
returned: success
type: str
internal_info:
description: Internal metadata set and stored by the Port. This
field is read-only.
returned: success
type: dict
local_link_connection:
description: The Port binding profile. If specified, must
contain switch_id (only a MAC address or an
OpenFlow based datapath_id of the switch are
accepted in this field) and port_id (identifier of
the physical port on the switch to which node's
port is connected to) fields. switch_info is an
optional string field to be used to store any
vendor-specific information.
returned: success
type: dict
name:
description: The name of the resource.
returned: success
type: str
node_uuid:
description: UUID of the Node this resource belongs to.
returned: success
type: str
physical_network:
description: The name of the physical network to which a port
is connected. May be empty.
returned: success
type: str
portgroup_uuid:
description: UUID of the Portgroup this resource belongs to.
returned: success
type: str
pxe_enabled:
description: Indicates whether PXE is enabled or disabled on
the Port.
returned: success
type: str
updated_at:
description: The UTC date and time when the resource was
updated, ISO 8601 format. May be "null".
returned: success
type: str
uuid:
description: The UUID for the resource.
returned: success
type: str
power_interface:
description: Interface used for performing power actions on the
node, e.g. "ipmitool".
returned: success
type: str
power_state:
description: The current power state of this Node. Usually, "power
on" or "power off", but may be "None" if Ironic is
unable to determine the power state (eg, due to
hardware failure).
returned: success
type: str
properties:
description: Physical characteristics of this Node. Populated by
ironic-inspector during inspection. May be edited via
the REST API at any time.
returned: success
type: dict
protected:
description: Whether the node is protected from undeploying,
rebuilding and deletion.
returned: success
type: bool
protected_reason:
description: The reason the node is marked as protected.
returned: success
type: str
provision_state:
description: The current provisioning state of this Node.
returned: success
type: str
raid_config:
description: Represents the current RAID configuration of the node.
Introduced with the cleaning feature.
returned: success
type: dict
raid_interface:
description: Interface used for configuring RAID on this node.
returned: success
type: str
rescue_interface:
description: The interface used for node rescue, e.g. "no-rescue".
returned: success
type: str
reservation:
description: The name of an Ironic Conductor host which is holding
a lock on this node, if a lock is held. Usually
"null", but this field can be useful for debugging.
returned: success
type: str
resource_class:
description: A string which can be used by external schedulers to
identify this Node as a unit of a specific type of
resource. For more details, see
https://docs.openstack.org/ironic/latest/install/configure-nova-flavors.html
returned: success
type: str
retired:
description: Whether the node is retired and can hence no longer be
provided, i.e. move from manageable to available, and
will end up in manageable after cleaning (rather than
available).
returned: success
type: bool
retired_reason:
description: The reason the node is marked as retired.
returned: success
type: str
secure_boot:
description: Indicates whether node is currently booted with
secure_boot turned on.
returned: success
type: bool
storage_interface:
description: Interface used for attaching and detaching volumes on
this node, e.g. "cinder".
returned: success
type: str
target_power_state:
description: If a power state transition has been requested, this
field represents the requested (ie, "target") state,
either "power on" or "power off".
returned: success
type: str
target_provision_state:
description: If a provisioning action has been requested, this
field represents the requested (ie, "target") state.
Note that a Node may go through several states during
its transition to this target state. For instance,
when requesting an instance be deployed to an
AVAILABLE Node, the Node may go through the following
state change progression, AVAILABLE -> DEPLOYING ->
DEPLOYWAIT -> DEPLOYING -> ACTIVE
returned: success
type: str
target_raid_config:
description: Represents the requested RAID configuration of the
node, which will be applied when the Node next
transitions through the CLEANING state. Introduced
with the cleaning feature.
returned: success
type: dict
traits:
description: List of traits for this node.
returned: success
type: list
updated_at:
description: Bare Metal node updated at timestamp.
returned: success
type: str
uuid:
description: The UUID for the resource.
returned: success
type: str
vendor_interface:
description: Interface for vendor-specific functionality on this
node, e.g. "no-vendor".
returned: success
type: str
'''
from ansible_collections.openstack.cloud.plugins.module_utils.ironic import (
IronicModule,
ironic_argument_spec,
)
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import (
openstack_module_kwargs,
openstack_cloud_from_module
)
def cleanup_node_properties(machine, cloud):
# states are links, not useful
machine.pop('states', None)
for port in machine.ports:
# links are not useful
port.pop('links', None)
# redundant, location is in on machine as well
port.pop('location', None)
for portgroup in machine.portgroups:
# links are not useful
portgroup.pop('links', None)
# redundant, location is in on machine as well
portgroup.pop('location', None)
# links to ports are not useful, replace with list of port uuid's
portgroup['ports'] = [x.id for x in list(
cloud.baremetal.ports(portgroup=portgroup['id']))]
def get_ports_and_portgroups(cloud, machine):
machine.ports = cloud.list_nics_for_machine(machine.uuid)
machine.portgroups = [dict(x) for x in
list(cloud.baremetal.port_groups(node=machine.uuid,
details=True))]
def main():
argument_spec = ironic_argument_spec(
node=dict(required=False),
mac=dict(required=False),
)
module_kwargs = openstack_module_kwargs()
module_kwargs['supports_check_mode'] = True
module = IronicModule(argument_spec, **module_kwargs)
machine = None
machines = list()
sdk, cloud = openstack_cloud_from_module(module)
try:
if module.params['node']:
machine = cloud.get_machine(module.params['node'])
elif module.params['mac']:
machine = cloud.get_machine_by_mac(module.params['mac'])
# Fail if node not found
if (module.params['node'] or module.params['mac']) and not machine:
module.fail_json(msg='The baremetal node was not found')
if machine:
machines.append(machine)
else:
machines = cloud.list_machines()
for machine in machines:
get_ports_and_portgroups(cloud, machine)
cleanup_node_properties(machine, cloud)
module.exit_json(changed=False, baremetal_nodes=machines)
except sdk.exceptions.OpenStackCloudException as e:
module.fail_json(msg=str(e))
if __name__ == "__main__":
main()

373
plugins/modules/baremetal_port.py Normal file
View File

@@ -0,0 +1,373 @@
#!/usr/bin/python
# coding: utf-8 -*-
# Copyright (c) 2021 by Red Hat, Inc.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = '''
module: baremetal_port
short_description: Create/Delete Bare Metal port Resources from OpenStack
author: OpenStack Ansible SIG
description:
- Create, Update and Remove ironic ports from OpenStack.
options:
state:
description:
- Indicates desired state of the resource
choices: ['present', 'absent']
default: present
type: str
uuid:
description:
- globally unique identifier (UUID) to be given to the resource. Will
be auto-generated if not specified.
type: str
node:
description:
- UUID or Name of the Node this resource belongs to.
type: str
address:
description:
- Physical hardware address of this network Port, typically the
hardware MAC address.
type: str
portgroup:
description:
- UUID or Name of the Portgroup this resource belongs to.
type: str
local_link_connection:
description:
- The Port binding profile.
type: dict
suboptions:
switch_id:
description:
- A MAC address or an OpenFlow based datapath_id of the switch.
type: str
port_id:
description:
- Identifier of the physical port on the switch to which node's
port is connected to.
type: str
switch_info:
description:
- An optional string field to be used to store any vendor-specific
information.
type: str
is_pxe_enabled:
description:
- Whether PXE should be enabled or disabled on the Port.
type: bool
physical_network:
description:
- The name of the physical network to which a port is connected.
type: str
extra:
description:
- A set of one or more arbitrary metadata key and value pairs.
type: dict
ironic_url:
description:
- If noauth mode is utilized, this is required to be set to the
endpoint URL for the Ironic API. Use with "auth" and "auth_type"
settings set to None.
type: str
requirements:
- "python >= 3.6"
- "openstacksdk"
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = '''
# Create Bare Metal port
- name: Create Bare Metal port
openstack.cloud.baremetal_port:
cloud: devstack
state: present
node: bm-0
address: fa:16:3e:aa:aa:aa
pxe_enabled: True
local_link_connection:
switch_id: 0a:1b:2c:3d:4e:5f
port_id: Ethernet3/1
switch_info: switch1
extra:
something: extra
physical_network: datacenter
register: result
# Delete Bare Metal port
- name: Delete Bare Metal port
openstack.cloud.baremetal_port:
cloud: devstack
state: absent
address: fa:16:3e:aa:aa:aa
register: result
# Update Bare Metal port
- name: Update Bare Metal port
openstack.cloud.baremetal_port:
cloud: devstack
state: present
uuid: 1a85ebca-22bf-42eb-ad9e-f640789b8098
pxe_enabled: False
local_link_connection:
switch_id: a0:b1:c2:d3:e4:f5
port_id: Ethernet4/12
switch_info: switch2
'''
RETURN = '''
id:
description: Unique UUID of the port.
returned: always, but can be null
type: str
result:
description: A short text describing the result.
returned: success
type: str
changes:
description: Map showing from -> to values for properties that was changed
after port update.
returned: success
type: dict
port:
description: A port dictionary, subset of the dictionary keys listed below
may be returned, depending on your cloud provider.
returned: success
type: complex
contains:
address:
description: Physical hardware address of this network Port,
typically the hardware MAC address.
returned: success
type: str
created_at:
description: Bare Metal port created at timestamp.
returned: success
type: str
extra:
description: A set of one or more arbitrary metadata key and value
pairs.
returned: success
type: dict
id:
description: The UUID for the Baremetal Port resource.
returned: success
type: str
internal_info:
description: Internal metadata set and stored by the Port. This
field is read-only.
returned: success
type: dict
is_pxe_enabled:
description: Whether PXE is enabled or disabled on the Port.
returned: success
type: bool
local_link_connection:
description: The Port binding profile. If specified, must contain
switch_id (only a MAC address or an OpenFlow based
datapath_id of the switch are accepted in this field
and port_id (identifier of the physical port on the
switch to which node's port is connected to) fields.
switch_info is an optional string field to be used to
store any vendor-specific information.
returned: success
type: dict
location:
description: Cloud location of this resource (cloud, project,
region, zone)
returned: success
type: dict
name:
description: Bare Metal port name.
returned: success
type: str
node_id:
description: UUID of the Bare Metal Node this resource belongs to.
returned: success
type: str
physical_network:
description: The name of the physical network to which a port is
connected.
returned: success
type: str
port_group_id:
description: UUID of the Portgroup this resource belongs to.
returned: success
type: str
updated_at:
description: Bare Metal port updated at timestamp.
returned: success
type: str
'''
from ansible_collections.openstack.cloud.plugins.module_utils.ironic import (
IronicModule,
ironic_argument_spec,
)
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import (
openstack_module_kwargs,
openstack_cloud_from_module
)
_PROP_TO_ATTR_MAP = {
'pxe_enabled': 'is_pxe_enabled',
'address': 'address',
'extra': 'extra',
'local_link_connection': 'local_link_connection',
'physical_network': 'physical_network',
'node_uuid': 'node_id',
'portgroup_uuid': 'port_group_id',
'uuid': 'id',
}
def find_port(module, cloud):
port = None
if module.params['uuid']:
port = cloud.baremetal.find_port(module.params['uuid'])
elif module.params['address']:
ports = list(cloud.baremetal.ports(address=module.params['address'],
details=True))
if ports and len(ports) == 1:
port = ports[0]
elif len(ports) > 1:
module.fail_json(
msg="Multiple ports with address {address} found. A uuid must "
"be defined in order to identify the correct port"
.format(address=module.params['address']))
return port
def add_port(module, cloud):
port = find_port(module, cloud)
if port:
update_port(module, cloud, port=port)
if not module.params['node'] or not module.params['address']:
module.fail_json(
msg="A Bare Metal node (name or uuid) and an address is required "
"to create a port")
machine = cloud.get_machine(module.params['node'])
if not machine:
module.fail_json(
msg="Bare Metal node {node} could not be found".format(
node=module.params['node']))
module.params['node_uuid'] = machine.id
props = {k: module.params[k] for k in _PROP_TO_ATTR_MAP.keys()
if k in module.params}
port = cloud.baremetal.create_port(**props)
port_dict = port.to_dict()
port_dict.pop('links', None)
module.exit_json(
changed=True,
result="Port successfully created",
changes=None,
port=port_dict,
id=port_dict['id'])
def update_port(module, cloud, port=None):
if not port:
port = find_port(module, cloud)
if module.params['node']:
machine = cloud.get_machine(module.params['node'])
if machine:
module.params['node_uuid'] = machine.id
old_props = {k: port[v] for k, v in _PROP_TO_ATTR_MAP.items()}
new_props = {k: module.params[k] for k in _PROP_TO_ATTR_MAP.keys()
if k in module.params and module.params[k] is not None}
prop_diff = {k: new_props[k] for k in _PROP_TO_ATTR_MAP.keys()
if k in new_props and old_props[k] != new_props[k]}
if not prop_diff:
port_dict = port.to_dict()
port_dict.pop('links', None)
module.exit_json(
changed=False,
result="No port update required",
changes=None,
port=port_dict,
id=port_dict['id'])
port = cloud.baremetal.update_port(port.id, **prop_diff)
port_dict = port.to_dict()
port_dict.pop('links', None)
module.exit_json(
changed=True,
result="Port successfully updated",
changes={k: {'to': new_props[k], 'from': old_props[k]}
for k in prop_diff},
port=port_dict,
id=port_dict['id'])
def remove_port(module, cloud):
if not module.params['uuid'] and not module.params['address']:
module.fail_json(
msg="A uuid or an address value must be defined in order to "
"remove a port.")
if module.params['uuid']:
port = cloud.baremetal.delete_port(module.params['uuid'])
if not port:
module.exit_json(
changed=False,
result="Port not found",
changes=None,
id=module.params['uuid'])
else:
port = find_port(module, cloud)
if not port:
module.exit_json(
changed=False,
result="Port not found",
changes=None,
id=None)
port = cloud.baremetal.delete_port(port.id)
module.exit_json(
changed=True,
result="Port successfully removed",
changes=None,
id=port.id)
def main():
argument_spec = ironic_argument_spec(
uuid=dict(required=False),
node=dict(required=False),
address=dict(required=False),
portgroup=dict(required=False),
local_link_connection=dict(required=False, type='dict'),
is_pxe_enabled=dict(required=False, type='bool'),
physical_network=dict(required=False),
extra=dict(required=False, type='dict'),
state=dict(required=False,
default='present',
choices=['present', 'absent'])
)
module_kwargs = openstack_module_kwargs()
module = IronicModule(argument_spec, **module_kwargs)
module.params['pxe_enabled'] = module.params.pop('is_pxe_enabled', None)
sdk, cloud = openstack_cloud_from_module(module)
try:
if module.params['state'] == 'present':
add_port(module, cloud)
if module.params['state'] == 'absent':
remove_port(module, cloud)
except sdk.exceptions.OpenStackCloudException as e:
module.fail_json(msg=str(e))
if __name__ == "__main__":
main()

208
plugins/modules/baremetal_port_info.py Normal file
View File

@@ -0,0 +1,208 @@
#!/usr/bin/python
# coding: utf-8 -*-
# Copyright (c) 2021 by Red Hat, Inc.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = '''
module: baremetal_port_info
short_description: Retrieve information about Bare Metal ports from OpenStack
author: OpenStack Ansible SIG
description:
- Retrieve information about Bare Metal ports from OpenStack.
options:
uuid:
description:
- Name or globally unique identifier (UUID) to identify the port.
type: str
address:
description:
- Physical hardware address of this network Port, typically the
hardware MAC address.
type: str
node:
description:
- Name or globally unique identifier (UUID) to identify a Baremetal
Node.
type: str
ironic_url:
description:
- If noauth mode is utilized, this is required to be set to the
endpoint URL for the Ironic API. Use with "auth" and "auth_type"
settings set to None.
type: str
requirements:
- "python >= 3.6"
- "openstacksdk"
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = '''
# Gather information about all baremetal ports
- openstack.cloud.baremetal_port_info:
cloud: devstack
register: result
# Gather information about a baremetal port by address
- openstack.cloud.baremetal_port_info:
cloud: devstack
address: fa:16:3e:aa:aa:aa
register: result
# Gather information about a baremetal port by address
- openstack.cloud.baremetal_port_info:
cloud: devstack
uuid: a2b6bd99-77b9-43f0-9ddc-826568e68dec
register: result
# Gather information about a baremetal ports associated with a baremetal node
- openstack.cloud.baremetal_port_info:
cloud: devstack
node: bm-0
register: result
'''
RETURN = '''
baremetal_ports:
description: Bare Metal port list. A subset of the dictionary keys
listed below may be returned, depending on your cloud
provider.
returned: always, but can be null
type: list
elements: dict
contains:
address:
description: Physical hardware address of this network Port,
typically the hardware MAC address.
returned: success
type: str
created_at:
description: Bare Metal port created at timestamp.
returned: success
type: str
extra:
description: A set of one or more arbitrary metadata key and
value pairs.
returned: success
type: dict
id:
description: The UUID for the Baremetal Port resource.
returned: success
type: str
internal_info:
description: Internal metadata set and stored by the Port. This
field is read-only.
returned: success
type: dict
is_pxe_enabled:
description: Whether PXE is enabled or disabled on the Port.
returned: success
type: bool
local_link_connection:
description: The Port binding profile.
returned: success
type: dict
contains:
switch_id:
description: A MAC address or an OpenFlow based datapath_id of
the switch.
type: str
port_id:
description: Identifier of the physical port on the switch to
which node's port is connected to.
type: str
switch_info:
description: An optional string field to be used to store any
vendor-specific information.
type: str
location:
description: Cloud location of this resource (cloud, project,
region, zone)
returned: success
type: dict
name:
description: Bare Metal port name.
returned: success
type: str
node_id:
description: UUID of the Bare Metal Node this resource belongs to.
returned: success
type: str
physical_network:
description: The name of the physical network to which a port is
connected.
returned: success
type: str
port_group_id:
description: UUID of the Portgroup this resource belongs to.
returned: success
type: str
updated_at:
description: Bare Metal port updated at timestamp.
returned: success
type: str
'''
from ansible_collections.openstack.cloud.plugins.module_utils.ironic import (
IronicModule,
ironic_argument_spec,
)
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import (
openstack_module_kwargs,
openstack_cloud_from_module
)
def main():
argument_spec = ironic_argument_spec(
uuid=dict(required=False),
address=dict(required=False),
node=dict(required=False),
)
module_kwargs = openstack_module_kwargs()
module_kwargs['supports_check_mode'] = True
module = IronicModule(argument_spec, **module_kwargs)
ports = list()
sdk, cloud = openstack_cloud_from_module(module)
try:
if module.params['uuid']:
port = cloud.baremetal.find_port(module.params['uuid'])
if not port:
module.fail_json(
msg='Baremetal port with uuid {uuid} was not found'
.format(uuid=module.params['uuid']))
ports.append(port)
elif module.params['address']:
ports = list(
cloud.baremetal.ports(address=module.params['address'],
details=True))
if not ports:
module.fail_json(
msg='Baremetal port with address {address} was not found'
.format(address=module.params['address']))
elif module.params['node']:
machine = cloud.get_machine(module.params['node'])
if not machine:
module.fail_json(
msg='Baremetal node {node} was not found'
.format(node=module.params['node']))
ports = list(
cloud.baremetal.ports(node_uuid=machine.uuid, details=True))
else:
ports = list(cloud.baremetal.ports(details=True))
# Convert ports to dictionaries and cleanup properties
ports = [port.to_dict() for port in ports]
for port in ports:
# links are not useful
port.pop('links', None)
module.exit_json(changed=False, baremetal_ports=ports)
except sdk.exceptions.OpenStackCloudException as e:
module.fail_json(msg=str(e))
if __name__ == "__main__":
main()

7
plugins/modules/compute_flavor.py
View File

@@ -220,9 +220,12 @@ class ComputeFlavorModule(OpenStackModule):
if self.params[param_key] != flavor[param_key]:
require_update = True
break
flavorid = self.params['flavorid']
if flavor and require_update:
self.conn.delete_flavor(name)
old_extra_specs = {}
if flavorid == 'auto':
flavorid = flavor['id']
flavor = None
if not flavor:
@@ -231,7 +234,7 @@ class ComputeFlavorModule(OpenStackModule):
ram=self.params['ram'],
vcpus=self.params['vcpus'],
disk=self.params['disk'],
flavorid=self.params['flavorid'],
flavorid=flavorid,
ephemeral=self.params['ephemeral'],
swap=self.params['swap'],
rxtx_factor=self.params['rxtx_factor'],

3
plugins/modules/compute_flavor_info.py
View File

@@ -174,7 +174,8 @@ class ComputeFlavorInfoModule(OpenStackModule):
['name', 'ram'],
['name', 'vcpus'],
['name', 'ephemeral']
]
],
supports_check_mode=True
)
deprecated_names = ('openstack.cloud.compute_flavor_facts')

111
plugins/modules/compute_service_info.py Normal file
View File

@@ -0,0 +1,111 @@
#!/usr/bin/python
# Copyright (c) 2016 Hewlett-Packard Enterprise Corporation
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = '''
---
module: compute_service_info
short_description: Retrieve information about one or more OpenStack compute services
author: OpenStack Ansible SIG
description:
- Retrieve information about nova compute services
options:
binary:
description:
- Filter by service binary type
type: str
host:
description:
- Filter by service host
type: str
requirements:
- "python >= 3.6"
- "openstacksdk"
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = '''
# Gather information about compute services
- openstack.cloud.compute_service_info:
cloud: awesomecloud
binary: "nova-compute"
host: "localhost"
register: result
- openstack.cloud.compute_service_info:
cloud: awesomecloud
register: result
- debug:
msg: "{{ result.openstack_compute_services }}"
'''
RETURN = '''
openstack_compute_services:
description: has all the OpenStack information about compute services
returned: always, but can be null
type: complex
contains:
id:
description: Unique UUID.
returned: success
type: str
binary:
description: The binary name of the service.
returned: success
type: str
host:
description: The name of the host.
returned: success
type: str
zone:
description: The availability zone name.
returned: success
type: str
status:
description: The status of the service. One of enabled or disabled.
returned: success
type: str
state:
description: The state of the service. One of up or down.
returned: success
type: str
update:
description: The date and time when the resource was updated
returned: success
type: str
'''
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
class ComputeServiceInfoModule(OpenStackModule):
argument_spec = dict(
binary=dict(required=False, default=None),
host=dict(required=False, default=None),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
binary = self.params['binary']
host = self.params['host']
filters = {}
if binary:
filters['binary'] = binary
if host:
filters['host'] = host
services = self.conn.compute.services(**filters)
services = list(services)
self.exit_json(changed=False, openstack_compute_services=services)
def main():
module = ComputeServiceInfoModule()
module()
if __name__ == '__main__':
main()

3
plugins/modules/dns_zone_info.py
View File

@@ -136,6 +136,9 @@ class DnsZoneInfoModule(OpenStackModule):
description=dict(required=False, type='str'),
ttl=dict(required=False, type='int')
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

179
plugins/modules/floating_ip.py
View File

@@ -11,6 +11,7 @@ short_description: Add/Remove floating IP from an instance
description:
- Add or Remove a floating IP to an instance.
- Returns the floating IP when attaching only if I(wait=true).
- When detaching a floating IP there might be a delay until an instance does not list the floating IP any more.
options:
server:
description:
@@ -24,9 +25,9 @@ options:
type: str
floating_ip_address:
description:
- A floating IP address to attach or to detach. Required only if I(state)
is absent. When I(state) is present can be used to specify a IP address
to attach.
- A floating IP address to attach or to detach. When I(state) is present
can be used to specify a IP address to attach. I(floating_ip_address)
requires I(network) to be set.
type: str
reuse:
description:
@@ -49,7 +50,7 @@ options:
wait:
description:
- When attaching a floating IP address, specify whether to wait for it to appear as attached.
- Must be set to C(yes) for the module to return the value of the floating IP.
- Must be set to C(yes) for the module to return the value of the floating IP when attaching.
type: bool
default: 'no'
timeout:
@@ -118,8 +119,8 @@ EXAMPLES = '''
server: cattle001
'''
from ansible.module_utils.basic import remove_values
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
import itertools
class NetworkingFloatingIPModule(OpenStackModule):
@@ -137,16 +138,57 @@ class NetworkingFloatingIPModule(OpenStackModule):
purge=dict(required=False, type='bool', default=False),
)
module_kwargs = dict()
module_kwargs = dict(
required_if=[
['state', 'absent', ['floating_ip_address']]
],
required_by=dict(
floating_ip_address=('network',)
)
)
def _get_floating_ip(self, floating_ip_address):
f_ips = self.conn.search_floating_ips(
filters={'floating_ip_address': floating_ip_address})
if not f_ips:
return None
return f_ips[0]
def _list_floating_ips(self, server):
return itertools.chain.from_iterable([
(addr['addr'] for addr in server.addresses[net] if addr['OS-EXT-IPS:type'] == 'floating')
for net in server.addresses
])
def _match_floating_ip(self, server,
floating_ip_address,
network_id,
fixed_address,
nat_destination):
if floating_ip_address:
return self._get_floating_ip(floating_ip_address)
elif not fixed_address and nat_destination:
nat_destination_name = self.conn.get_network(nat_destination)['name']
return next(
(self._get_floating_ip(addr['addr'])
for addr in server.addresses.get(nat_destination_name, [])
if addr['OS-EXT-IPS:type'] == 'floating'),
None)
else:
# not floating_ip_address and (fixed_address or not nat_destination)
# get any of the floating ips that matches fixed_address and/or network
f_ip_addrs = self._list_floating_ips(server)
f_ips = [f_ip for f_ip in self.conn.list_floating_ips() if f_ip['floating_ip_address'] in f_ip_addrs]
return next(
(f_ip for f_ip in f_ips
if ((fixed_address and f_ip.fixed_ip_address == fixed_address) or not fixed_address)
and ((network_id and f_ip.network == network_id) or not network_id)),
None)
def run(self):
server_name_or_id = self.params['server']
state = self.params['state']
@@ -160,83 +202,96 @@ class NetworkingFloatingIPModule(OpenStackModule):
purge = self.params['purge']
server = self.conn.get_server(server_name_or_id)
if server is None:
if not server:
self.fail_json(
msg="server {0} not found".format(server_name_or_id))
# Extract floating ips from server
f_ip_addrs = self._list_floating_ips(server)
# Get details about requested floating ip
f_ip = self._get_floating_ip(floating_ip_address) if floating_ip_address else None
if network:
network_id = self.conn.get_network(name_or_id=network)["id"]
else:
network_id = None
if state == 'present':
# If f_ip already assigned to server, check that it matches
# requirements.
public_ip = self.conn.get_server_public_ip(server)
f_ip = self._get_floating_ip(public_ip) if public_ip else public_ip
if f_ip:
if network:
network_id = self.conn.get_network(name_or_id=network)["id"]
else:
network_id = None
# check if we have floating ip on given nat_destination network
if nat_destination:
nat_floating_addrs = [
addr for addr in server.addresses.get(
self.conn.get_network(nat_destination)['name'], [])
if addr['addr'] == public_ip
and addr['OS-EXT-IPS:type'] == 'floating'
]
if floating_ip_address and f_ip and floating_ip_address in f_ip_addrs:
# Floating ip address has been assigned to server
self.exit_json(changed=False, floating_ip=f_ip)
if len(nat_floating_addrs) == 0:
self.fail_json(
msg="server {server} already has a "
"floating-ip on a different "
"nat-destination than '{nat_destination}'"
.format(server=server_name_or_id,
nat_destination=nat_destination))
if f_ip and f_ip['attached'] and floating_ip_address not in f_ip_addrs:
# Requested floating ip has been attached to different server
self.fail_json(msg="floating-ip {floating_ip_address} already has been attached to different server"
.format(floating_ip_address=floating_ip_address))
if all([fixed_address, f_ip.fixed_ip_address == fixed_address,
network, f_ip.network != network_id]):
# Current state definitely conflicts with requirements
self.fail_json(
msg="server {server} already has a "
"floating-ip on requested "
"interface but it doesn't match "
"requested network {network}: {fip}"
.format(server=server_name_or_id,
network=network,
fip=remove_values(f_ip, self.no_log_values)))
if not network or f_ip.network == network_id:
# Requirements are met
self.exit_json(changed=False, floating_ip=f_ip)
if not floating_ip_address:
# No specific floating ip requested, i.e. if any floating ip is already assigned to server,
# check that it matches requirements.
# Requirements are vague enough to ignore existing f_ip and try
# to create a new f_ip to the server.
if not fixed_address and nat_destination:
# Check if we have any floating ip on the given nat_destination network
nat_destination_name = self.conn.get_network(nat_destination)['name']
for addr in server.addresses.get(nat_destination_name, []):
if addr['OS-EXT-IPS:type'] == 'floating':
# A floating ip address has been assigned to the requested nat_destination
f_ip = self._get_floating_ip(addr['addr'])
self.exit_json(changed=False, floating_ip=f_ip)
# else fixed_address or not nat_destination, hence an
# analysis of all floating ips of server is required
f_ips = [f_ip for f_ip in self.conn.list_floating_ips() if f_ip['floating_ip_address'] in f_ip_addrs]
for f_ip in f_ips:
if network_id and f_ip.network != network_id:
# requested network does not match network of floating ip
continue
if not fixed_address and not nat_destination:
# any floating ip will fullfil these requirements
self.exit_json(changed=False, floating_ip=f_ip)
if fixed_address and f_ip.fixed_ip_address == fixed_address:
# a floating ip address has been assigned that points to the requested fixed_address
self.exit_json(changed=False, floating_ip=f_ip)
if floating_ip_address and not f_ip:
# openstacksdk's create_ip requires floating_ip_address and floating_network_id to be set
self.conn.network.create_ip(floating_ip_address=floating_ip_address, floating_network_id=network_id)
# Else floating ip either does not exist or has not been attached yet
# Both floating_ip_address and network are mutually exclusive in add_ips_to_server, i.e.
# add_ips_to_server will ignore floating_ip_address if network is set
# Ref.: https://github.com/openstack/openstacksdk/blob/a6b0ece2821ea79330c4067100295f6bdcbe456e/openstack/cloud/_floating_ip.py#L987
server = self.conn.add_ips_to_server(
server=server, ips=floating_ip_address, ip_pool=network,
reuse=reuse, fixed_address=fixed_address, wait=wait,
server=server,
ips=floating_ip_address,
ip_pool=network if not floating_ip_address else None,
reuse=reuse,
fixed_address=fixed_address,
wait=wait,
timeout=timeout, nat_destination=nat_destination)
fip_address = self.conn.get_server_public_ip(server)
# Update the floating IP status
f_ip = self._get_floating_ip(fip_address)
# Update the floating ip status
f_ip = self._match_floating_ip(server, floating_ip_address, network_id, fixed_address, nat_destination)
self.exit_json(changed=True, floating_ip=f_ip)
elif state == 'absent':
if floating_ip_address is None:
if not server_name_or_id:
self.fail_json(msg="either server or floating_ip_address are required")
server = self.conn.get_server(server_name_or_id)
floating_ip_address = self.conn.get_server_public_ip(server)
f_ip = self._get_floating_ip(floating_ip_address)
f_ip = self._match_floating_ip(server, floating_ip_address, network_id, fixed_address, nat_destination)
if not f_ip:
# Nothing to detach
self.exit_json(changed=False)
changed = False
if f_ip["fixed_ip_address"]:
self.conn.detach_ip_from_server(
server_id=server['id'], floating_ip_id=f_ip['id'])
self.conn.detach_ip_from_server(server_id=server['id'], floating_ip_id=f_ip['id'])
# OpenStackSDK sets {"port_id": None} to detach a floating ip from an instance,
# but there might be a delay until a server does not list it in addresses any more.
# Update the floating IP status
f_ip = self.conn.get_floating_ip(id=f_ip['id'])
changed = True
if purge:
self.conn.delete_floating_ip(f_ip['id'])
self.exit_json(changed=True)

3
plugins/modules/floating_ip_info.py
View File

@@ -150,6 +150,9 @@ class FloatingIPInfoModule(OpenStackModule):
router=dict(required=False),
status=dict(required=False, choices=['active', 'down']),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

10
plugins/modules/identity_domain.py
View File

@@ -104,7 +104,8 @@ class IdentityDomainModule(OpenStackModule):
if self.params['description'] is not None and \
domain.description != self.params['description']:
return True
if domain.enabled != self.params['enabled']:
if domain.get(
"is_enabled", domain.get("enabled")) != self.params['enabled']:
return True
return False
@@ -126,7 +127,7 @@ class IdentityDomainModule(OpenStackModule):
enabled = self.params['enabled']
state = self.params['state']
domains = self.conn.search_domains(filters=dict(name=name))
domains = list(self.conn.identity.domains(name=name))
if len(domains) > 1:
self.fail_json(msg='Domain name %s is not unique' % name)
@@ -151,7 +152,10 @@ class IdentityDomainModule(OpenStackModule):
changed = True
else:
changed = False
self.exit_json(changed=changed, domain=domain, id=domain.id)
if hasattr(domain, "to_dict"):
domain = domain.to_dict()
domain.pop("location")
self.exit_json(changed=changed, domain=domain, id=domain['id'])
elif state == 'absent':
if domain is None:

3
plugins/modules/identity_domain_info.py
View File

@@ -92,7 +92,8 @@ class IdentityDomainInfoModule(OpenStackModule):
module_kwargs = dict(
mutually_exclusive=[
['name', 'filters'],
]
],
supports_check_mode=True
)
deprecated_names = ('openstack.cloud.identity_domain_facts')

3
plugins/modules/identity_group_info.py
View File

@@ -119,6 +119,9 @@ class IdentityGroupInfoModule(OpenStackModule):
domain=dict(required=False, default=None),
filters=dict(required=False, type='dict', default=None),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
name = self.params['name']

10
plugins/modules/identity_user_info.py
View File

@@ -116,6 +116,9 @@ class IdentityUserInfoModule(OpenStackModule):
domain=dict(required=False, default=None),
filters=dict(required=False, type='dict', default=None),
)
module_kwargs = dict(
supports_check_mode=True
)
deprecated_names = ('openstack.cloud.identity_user_facts')
@@ -138,12 +141,7 @@ class IdentityUserInfoModule(OpenStackModule):
else:
self.fail_json(msg='Domain name or ID does not exist')
if not filters:
filters = {}
filters['domain_id'] = domain
users = self.conn.search_users(name, filters)
users = self.conn.search_users(name, filters, domain_id=domain)
self.exit_json(changed=False, openstack_users=users)

3
plugins/modules/image_info.py
View File

@@ -157,6 +157,9 @@ class ImageInfoModule(OpenStackModule):
image=dict(type='str', required=False),
properties=dict(type='dict', required=False),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

3
plugins/modules/keypair_info.py
View File

@@ -115,6 +115,9 @@ class KeyPairInfoModule(OpenStackModule):
limit=dict(type='int', required=False),
marker=dict(type='str', required=False)
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
name = self.params['name']

4
plugins/modules/lb_health_monitor.py
View File

@@ -223,10 +223,10 @@ class HealthMonitorModule(OpenStackModule):
expected_codes=dict(required=False, default="200"),
admin_state_up=dict(required=False, default=True, type='bool'),
state=dict(default='present', choices=['absent', 'present']),
http_method=dict(default="GET", requried=False, choices=["GET", "CONNECT", "DELETE",
http_method=dict(default="GET", required=False, choices=["GET", "CONNECT", "DELETE",
"HEAD", "OPTIONS", "PATCH",
"POST", "PUT", "TRACE"]),
url_path=dict(default="/", requires=False),
url_path=dict(default="/", required=False),
type=dict(default='HTTP',
choices=['HTTP', 'HTTPS', 'PING', 'SCTP', 'TCP', 'TLS-HELLO', 'UDP-CONNECT']))

34
plugins/modules/lb_listener.py
View File

@@ -38,6 +38,16 @@ options:
- The protocol port number for the listener.
default: 80
type: int
timeout_client_data:
description:
- Client inactivity timeout in milliseconds.
default: 50000
type: int
timeout_member_data:
description:
- Member inactivity timeout in milliseconds.
default: 50000
type: int
wait:
description:
- If the module should wait for the load balancer to be ACTIVE.
@@ -108,6 +118,14 @@ listener:
description: The protocol port number for the listener.
type: int
sample: 80
timeout_client_data:
description: Client inactivity timeout in milliseconds.
type: int
sample: 50000
timeout_member_data:
description: Member inactivity timeout in milliseconds.
type: int
sample: 50000
'''
EXAMPLES = '''
@@ -139,6 +157,18 @@ EXAMPLES = '''
state: absent
name: test-listener
loadbalancer: test-loadbalancer
# Create a listener, increase timeouts for connection persistence (for SSH for example).
- openstack.cloud.lb_listener:
cloud: mycloud
endpoint_type: admin
state: present
name: test-listener
loadbalancer: test-loadbalancer
protocol: TCP
protocol_port: 22
timeout_client_data: 1800000
timeout_member_data: 1800000
'''
import time
@@ -154,6 +184,8 @@ class LoadbalancerListenerModule(OpenStackModule):
protocol=dict(default='HTTP',
choices=['HTTP', 'HTTPS', 'TCP', 'TERMINATED_HTTPS', 'UDP', 'SCTP']),
protocol_port=dict(default=80, type='int', required=False),
timeout_client_data=dict(default=50000, type='int', required=False),
timeout_member_data=dict(default=50000, type='int', required=False),
)
module_kwargs = dict()
@@ -205,6 +237,8 @@ class LoadbalancerListenerModule(OpenStackModule):
loadbalancer_id=loadbalancer_id,
protocol=self.params['protocol'],
protocol_port=self.params['protocol_port'],
timeout_client_data=self.params['timeout_client_data'],
timeout_member_data=self.params['timeout_member_data'],
)
changed = True

14
plugins/modules/lb_member.py
View File

@@ -51,6 +51,14 @@ options:
into ACTIVE state.
default: 180
type: int
monitor_address:
description:
- IP address used to monitor this member
type: str
monitor_port:
description:
- Port used to monitor this member
type: int
requirements:
- "python >= 3.6"
- "openstacksdk"
@@ -141,6 +149,8 @@ class LoadbalancerMemberModule(OpenStackModule):
address=dict(default=None),
protocol_port=dict(default=80, type='int'),
subnet_id=dict(default=None),
monitor_address=dict(default=None),
monitor_port=dict(default=None, type='int')
)
module_kwargs = dict()
@@ -191,7 +201,9 @@ class LoadbalancerMemberModule(OpenStackModule):
address=self.params['address'],
name=name,
protocol_port=self.params['protocol_port'],
subnet_id=self.params['subnet_id']
subnet_id=self.params['subnet_id'],
monitor_address=self.params['monitor_address'],
monitor_port=self.params['monitor_port']
)
changed = True

3
plugins/modules/networks_info.py
View File

@@ -124,6 +124,9 @@ class NetworkInfoModule(OpenStackModule):
name=dict(required=False, default=None),
filters=dict(required=False, type='dict', default=None)
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

237
plugins/modules/neutron_rbac_policies_info.py Normal file
View File

@@ -0,0 +1,237 @@
#!/usr/bin/python
# coding: utf-8 -*-
# Copyright: Ansible Project
# (c) 2021, Ashraf Hasson <ahasson@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = r'''
---
module: neutron_rbac_policies_info
short_description: Fetch Neutron policies.
author: OpenStack Ansible SIG
description:
- Get RBAC policies against a network, security group or a QoS Policy for one or more projects.
- If a C(policy_id) was not provided, this module will attempt to fetch all available policies.
- Accepts same arguments as OpenStackSDK network proxy C(find_rbac_policy) and C(rbac_policies) functions which are ultimately passed over to C(RBACPolicy)
- All parameters passed in to this module act as a filter for when no C(policy_id) was provided, otherwise they're ignored.
- Returns None if no matching policy was found as opposed to failing.
options:
policy_id:
description:
- The RBAC policy ID
- If provided, all other filters are ignored
type: str
object_id:
description:
- The object ID (the subject of the policy) to which the RBAC rules applies
- This would be the ID of a network, security group or a qos policy
- Mutually exclusive with the C(object_type)
type: str
object_type:
description:
- Can be one of the following object types C(network), C(security_group) or C(qos_policy)
- Mutually exclusive with the C(object_id)
choices: ['network', 'security_group', 'qos_policy']
type: str
target_project_id:
description:
- Filters the RBAC rules based on the target project id
- Logically AND'ed with other filters
- Mutually exclusive with C(project_id)
type: str
project_id:
description:
- Filters the RBAC rules based on the project id to which the object belongs to
- Logically AND'ed with other filters
- Mutually exclusive with C(target_project_id)
type: str
project:
description:
- Filters the RBAC rules based on the project name
- Logically AND'ed with other filters
type: str
action:
description:
- Can be either of the following options C(access_as_shared) | C(access_as_external)
- Logically AND'ed with other filters
choices: ['access_as_shared', 'access_as_external']
type: str
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = r'''
# Gather all rbac policies for a project
- name: Get all rbac policies for {{ project }}
openstack.cloud.neutron_rbac_policies_info:
project_id: "{{ project.id }}"
'''
RETURN = r'''
# return value can either be plural or signular depending on what was passed in as parameters
policies:
description:
- List of rbac policies, this could also be returned as a singular element, i.e., 'policy'
type: complex
returned: always
contains:
object_id:
description:
- The UUID of the object to which the RBAC rules apply
type: str
sample: "7422172b-2961-475c-ac68-bd0f2a9960ad"
target_project_id:
description:
- The UUID of the target project
type: str
sample: "c201a689c016435c8037977166f77368"
project_id:
description:
- The UUID of the project to which access is granted
type: str
sample: "84b8774d595b41e89f3dfaa1fd76932c"
object_type:
description:
- The object type to which the RBACs apply
type: str
sample: "network"
action:
description:
- The access model specified by the RBAC rules
type: str
sample: "access_as_shared"
id:
description:
- The ID of the RBAC rule/policy
type: str
sample: "4154ce0c-71a7-4d87-a905-09762098ddb9"
name:
description:
- The name of the RBAC rule; usually null
type: str
sample: null
location:
description:
- A dictionary of the project details to which access is granted
type: dict
sample: >-
{
"cloud": "devstack",
"region_name": "",
"zone": null,
"project": {
"id": "84b8774d595b41e89f3dfaa1fd76932c",
"name": null,
"domain_id": null,
"domain_name": null
}
}
'''
import re
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
class NeutronRbacPoliciesInfo(OpenStackModule):
argument_spec = dict(
policy_id=dict(),
object_id=dict(), # ID of the object that this RBAC policy affects.
object_type=dict(choices=['security_group', 'qos_policy', 'network']), # Type of the object that this RBAC policy affects.
target_project_id=dict(), # The ID of the project this RBAC will be enforced.
project_id=dict(), # The owner project ID.
project=dict(),
action=dict(choices=['access_as_external', 'access_as_shared']), # Action for the RBAC policy.
)
module_kwargs = dict(
supports_check_mode=True,
)
def _filter_policies_by(self, policies, key, value):
filtered = []
regexp = re.compile(r"location\.project\.([A-Za-z]+)")
if regexp.match(key):
attribute = key.split('.')[-1]
for p in policies:
if p['location']['project'][attribute] == value:
filtered.append(p)
else:
for p in policies:
if getattr(p, key) == value:
filtered.append(p)
return filtered
def _get_rbac_policies(self):
object_type = self.params.get('object_type')
project_id = self.params.get('project_id')
action = self.params.get('action')
search_attributes = {}
if object_type is not None:
search_attributes['object_type'] = object_type
if project_id is not None:
search_attributes['project_id'] = project_id
if action is not None:
search_attributes['action'] = action
try:
policies = []
generator = self.conn.network.rbac_policies(**search_attributes)
for p in generator:
policies.append(p)
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to get RBAC policies: {0}'.format(str(ex)))
return policies
def run(self):
policy_id = self.params.get('policy_id')
object_id = self.params.get('object_id')
object_type = self.params.get('object_type')
project_id = self.params.get('project_id')
project = self.params.get('project')
target_project_id = self.params.get('target_project_id')
if self.ansible.check_mode:
self.exit_json(changed=False)
if policy_id is not None:
try:
policy = self.conn.network.get_rbac_policy(policy_id)
self.exit_json(changed=False, policy=policy)
except self.sdk.exceptions.ResourceNotFound:
self.exit_json(changed=False, policy=None)
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to get RBAC policy: {0}'.format(str(ex)))
else:
if object_id is not None and object_type is not None:
self.fail_json(msg='object_id and object_type are mutually exclusive, please specify one of the two.')
if project_id is not None and target_project_id is not None:
self.fail_json(msg='project_id and target_project_id are mutually exclusive, please specify one of the two.')
filtered_policies = self._get_rbac_policies()
if project is not None:
filtered_policies = self._filter_policies_by(filtered_policies, 'location.project.name', project)
if object_id is not None:
filtered_policies = self._filter_policies_by(filtered_policies, 'object_id', object_id)
if target_project_id is not None:
filtered_policies = self._filter_policies_by(filtered_policies, 'target_project_id', target_project_id)
self.exit_json(policies=filtered_policies, changed=False)
def main():
module = NeutronRbacPoliciesInfo()
module()
if __name__ == '__main__':
main()

308
plugins/modules/neutron_rbac_policy.py Normal file
View File

@@ -0,0 +1,308 @@
#!/usr/bin/python
# Copyright: Ansible Project
# (c) 2021, Ashraf Hasson <ahasson@redhat.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
DOCUMENTATION = r'''
---
module: neutron_rbac_policy
short_description: Create or delete a Neutron policy to apply a RBAC rule against an object.
author: OpenStack Ansible SIG
description:
- Create a policy to apply a RBAC rule against a network, security group or a QoS Policy or update/delete an existing policy.
- If a C(policy_id) was provided but not found, this module will attempt to create a new policy rather than error out when updating an existing rule.
- Accepts same arguments as OpenStackSDK network proxy C(find_rbac_policy) and C(rbac_policies) functions which are ultimately passed over to C(RBACPolicy)
options:
policy_id:
description:
- The RBAC policy ID
- Required when deleting or updating an existing RBAC policy rule, ignored otherwise
type: str
object_id:
description:
- The object ID (the subject of the policy) to which the RBAC rule applies
- Cannot be changed when updating an existing policy
- Required when creating a RBAC policy rule, ignored when deleting a policy
type: str
object_type:
description:
- Can be one of the following object types C(network), C(security_group) or C(qos_policy)
- Cannot be changed when updating an existing policy
- Required when creating a RBAC policy rule, ignored when deleting a policy
choices: ['network', 'security_group', 'qos_policy']
type: str
target_project_id:
description:
- The project to which access to be allowed or revoked/disallowed
- Can be specified/changed when updating an existing policy
- Required when creating or updating a RBAC policy rule, ignored when deleting a policy
type: str
project_id:
description:
- The project to which the object_id belongs
- Cannot be changed when updating an existing policy
- Required when creating a RBAC policy rule, ignored when deleting a policy
type: str
action:
description:
- Can be either of the following options C(access_as_shared) | C(access_as_external)
- Cannot be changed when updating an existing policy
- Required when creating a RBAC policy rule, ignored when deleting a policy
choices: ['access_as_shared', 'access_as_external']
type: str
state:
description:
- Whether the RBAC rule should be C(present) or C(absent).
choices: ['present', 'absent']
default: present
type: str
extends_documentation_fragment:
- openstack.cloud.openstack
'''
EXAMPLES = r'''
# Ensure network RBAC policy exists
- name: Create a new network RBAC policy
neutron_rbac_policy:
object_id: '7422172b-2961-475c-ac68-bd0f2a9960ad'
object_type: 'network'
target_project_id: 'a12f9ce1de0645e0a0b01c2e679f69ec'
project_id: '84b8774d595b41e89f3dfaa1fd76932d'
# Update network RBAC policy
- name: Update an existing network RBAC policy
neutron_rbac_policy:
policy_id: 'f625242a-6a73-47ac-8d1f-91440b2c617f'
target_project_id: '163c89e065a94e069064e551e15daf0e'
# Delete an existing RBAC policy
- name: Delete RBAC policy
openstack.cloud.openstack.neutron_rbac_policy:
policy_id: 'f625242a-6a73-47ac-8d1f-91440b2c617f'
state: absent
'''
RETURN = r'''
policy:
description:
- A hash representing the policy
type: complex
returned: always
contains:
object_id:
description:
- The UUID of the object to which the RBAC rules apply
type: str
sample: "7422172b-2961-475c-ac68-bd0f2a9960ad"
target_project_id:
description:
- The UUID of the target project
type: str
sample: "c201a689c016435c8037977166f77368"
project_id:
description:
- The UUID of the project to which access is granted
type: str
sample: "84b8774d595b41e89f3dfaa1fd76932c"
object_type:
description:
- The object type to which the RBACs apply
type: str
sample: "network"
action:
description:
- The access model specified by the RBAC rules
type: str
sample: "access_as_shared"
id:
description:
- The ID of the RBAC rule/policy
type: str
sample: "4154ce0c-71a7-4d87-a905-09762098ddb9"
name:
description:
- The name of the RBAC rule; usually null
type: str
sample: null
location:
description:
- A dictionary of the project details to which access is granted
type: dict
sample: >-
{
"cloud": "devstack",
"region_name": "",
"zone": null,
"project": {
"id": "84b8774d595b41e89f3dfaa1fd76932c",
"name": null,
"domain_id": null,
"domain_name": null
}
}
'''
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
class NeutronRbacPolicy(OpenStackModule):
argument_spec = dict(
policy_id=dict(),
object_id=dict(), # ID of the object that this RBAC policy affects.
object_type=dict(choices=['security_group', 'qos_policy', 'network']), # Type of the object that this RBAC policy affects.
target_project_id=dict(), # The ID of the project this RBAC will be enforced.
project_id=dict(), # The owner project ID.
action=dict(choices=['access_as_external', 'access_as_shared']), # Action for the RBAC policy.
state=dict(default='present', choices=['absent', 'present'])
)
module_kwargs = dict(
supports_check_mode=True,
)
def _delete_rbac_policy(self, policy):
"""
Delete an existing RBAC policy
returns: the "Changed" state
"""
if policy is None:
self.fail_json(msg='Must specify policy_id for delete')
try:
self.conn.network.delete_rbac_policy(policy.id)
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to delete RBAC policy: {0}'.format(str(ex)))
return True
def _create_rbac_policy(self):
"""
Creates a new RBAC policy
returns: the "Changed" state of the RBAC policy
"""
object_id = self.params.get('object_id')
object_type = self.params.get('object_type')
target_project_id = self.params.get('target_project_id')
project_id = self.params.get('project_id')
action = self.params.get('action')
attributes = {
'object_id': object_id,
'object_type': object_type,
'target_project_id': target_project_id,
'project_id': project_id,
'action': action
}
if not all(attributes.values()):
self.fail_json(msg='Missing one or more required parameter for creating a RBAC policy')
try:
search_attributes = dict(attributes)
del search_attributes['object_id']
del search_attributes['target_project_id']
policies = self.conn.network.rbac_policies(**search_attributes)
for p in policies:
if p.object_id == object_id and p.target_project_id == target_project_id:
return (False, p)
# if no matching policy exists, attempt to create one
policy = self.conn.network.create_rbac_policy(**attributes)
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to create RBAC policy: {0}'.format(str(ex)))
return (True, policy)
def _update_rbac_policy(self, policy):
"""
Updates an existing RBAC policy
returns: the "Changed" state of the RBAC policy
"""
object_id = self.params.get('object_id')
object_type = self.params.get('object_type')
target_project_id = self.params.get('target_project_id')
project_id = self.params.get('project_id')
action = self.params.get('action')
allowed_attributes = {
'rbac_policy': policy.id,
'target_project_id': target_project_id
}
disallowed_attributes = {
'object_id': object_id,
'object_type': object_type,
'project_id': project_id,
'action': action
}
if not all(allowed_attributes.values()):
self.fail_json(msg='Missing one or more required parameter for updating a RBAC policy')
if any(disallowed_attributes.values()):
self.fail_json(msg='Cannot change disallowed parameters while updating a RBAC policy: ["object_id", "object_type", "project_id", "action"]')
try:
policy = self.conn.network.update_rbac_policy(**allowed_attributes)
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to update the RBAC policy: {0}'.format(str(ex)))
return (True, policy)
def _policy_state_change(self, policy):
state = self.params['state']
if state == 'present':
if not policy:
return True
if state == 'absent' and policy:
return True
return False
def run(self):
policy_id = self.params.get('policy_id')
state = self.params.get('state')
if policy_id is not None:
try:
policy = self.conn.network.get_rbac_policy(policy_id)
except self.sdk.exceptions.ResourceNotFound:
policy = None
except self.sdk.exceptions.OpenStackCloudException as ex:
self.fail_json(msg='Failed to get RBAC policy: {0}'.format(str(ex)))
else:
policy = None
if self.ansible.check_mode:
self.exit_json(changed=self._policy_state_change(policy), policy=policy)
if state == 'absent':
if policy is None and policy_id:
self.exit_json(changed=False)
if policy_id is None:
self.fail_json(msg='Must specify policy_id when state is absent')
if policy is not None:
changed = self._delete_rbac_policy(policy)
self.exit_json(changed=changed)
# state == 'present'
else:
if policy is None:
(changed, new_policy) = self._create_rbac_policy()
else:
(changed, new_policy) = self._update_rbac_policy(policy)
self.exit_json(changed=changed, policy=new_policy)
def main():
module = NeutronRbacPolicy()
module()
if __name__ == '__main__':
main()

42
plugins/modules/port.py
View File

@@ -123,6 +123,14 @@ options:
description:
- Binding profile dict that the port should be created with.
type: dict
dns_name:
description:
- The dns name of the port ( only with dns-integration enabled )
type: str
dns_domain:
description:
- The dns domain of the port ( only with dns-integration enabled )
type: str
requirements:
- "python >= 3.6"
- "openstacksdk"
@@ -302,7 +310,9 @@ class NetworkPortModule(OpenStackModule):
choices=['normal', 'direct', 'direct-physical',
'macvtap', 'baremetal', 'virtio-forwarder']),
port_security_enabled=dict(default=None, type='bool'),
binding_profile=dict(default=None, type='dict')
binding_profile=dict(default=None, type='dict'),
dns_name=dict(type='str', default=None),
dns_domain=dict(type='str', default=None)
)
module_kwargs = dict(
@@ -312,6 +322,13 @@ class NetworkPortModule(OpenStackModule):
supports_check_mode=True
)
def _is_dns_integration_enabled(self):
""" Check if dns-integraton is enabled """
for ext in self.conn.network.extensions():
if ext.alias == 'dns-integration':
return True
return False
def _needs_update(self, port):
"""Check for differences in the updatable values.
@@ -324,10 +341,18 @@ class NetworkPortModule(OpenStackModule):
'binding:vnic_type',
'port_security_enabled',
'binding:profile']
compare_dns = ['dns_name', 'dns_domain']
compare_list_dict = ['allowed_address_pairs',
'extra_dhcp_opts']
compare_list = ['security_groups']
if self.conn.has_service('dns') and \
self._is_dns_integration_enabled():
for key in compare_dns:
if self.params[key] is not None and \
self.params[key] != port[key]:
return True
for key in compare_simple:
if self.params[key] is not None and self.params[key] != port[key]:
return True
@@ -340,11 +365,11 @@ class NetworkPortModule(OpenStackModule):
for key in compare_list_dict:
if not self.params[key]:
if port[key]:
if port.get(key):
return True
if self.params[key]:
if not port[key]:
if not port.get(key):
return True
# sort dicts in list
@@ -410,6 +435,11 @@ class NetworkPortModule(OpenStackModule):
'binding:vnic_type',
'port_security_enabled',
'binding:profile']
if self.conn.has_service('dns') and \
self._is_dns_integration_enabled():
optional_parameters.extend(['dns_name', 'dns_domain'])
for optional_param in optional_parameters:
if self.params[optional_param] is not None:
port_kwargs[optional_param] = self.params[optional_param]
@@ -473,12 +503,14 @@ class NetworkPortModule(OpenStackModule):
msg="Specified network was not found."
)
port = self.conn.create_port(network_id, **port_kwargs)
port_kwargs['network_id'] = network_id
port = self.conn.network.create_port(**port_kwargs)
changed = True
else:
if self._needs_update(port):
port_kwargs = self._compose_port_args()
port = self.conn.update_port(port['id'], **port_kwargs)
port = self.conn.network.update_port(port['id'],
**port_kwargs)
changed = True
self.exit_json(changed=changed, id=port['id'], port=port)

1
plugins/modules/port_info.py
View File

@@ -188,6 +188,7 @@ class NetworkPortInfoModule(OpenStackModule):
filters=dict(type='dict', required=False),
)
module_kwargs = dict(
supports_check_mode=True
)
deprecated_names = ('openstack.cloud.port_facts')

7
plugins/modules/quota.py
View File

@@ -69,6 +69,9 @@ options:
loadbalancer:
description: Number of load balancers to allow.
type: int
metadata_items:
description: Number of metadata items allowed per instance.
type: int
network:
description: Number of networks to allow.
type: int
@@ -125,7 +128,7 @@ options:
volumes_types:
description:
- Per-driver volume count quotas. Keys should be
prefixed with C(gigabytes_) values should be ints.
prefixed with C(volumes_) values should be ints.
type: dict
project:
description: Unused, kept for compatability
@@ -183,6 +186,7 @@ EXAMPLES = '''
instances: "{{ item.instances }}"
key_pairs: "{{ item.key_pairs }}"
loadbalancer: "{{ item.loadbalancer }}"
metadata_items: "{{ item.metadata_items }}"
per_volume_gigabytes: "{{ item.per_volume_gigabytes }}"
pool: "{{ item.pool }}"
port: "{{ item.port }}"
@@ -277,6 +281,7 @@ class QuotaModule(OpenStackModule):
instances=dict(required=False, type='int', default=None),
key_pairs=dict(required=False, type='int', default=None, no_log=False),
loadbalancer=dict(required=False, type='int', default=None),
metadata_items=dict(required=False, type='int', default=None),
network=dict(required=False, type='int', default=None),
per_volume_gigabytes=dict(required=False, type='int', default=None),
pool=dict(required=False, type='int', default=None),

332
plugins/modules/router.py
View File

@@ -211,13 +211,7 @@ router:
'''
from ansible_collections.openstack.cloud.plugins.module_utils.openstack import OpenStackModule
ROUTER_INTERFACE_OWNERS = set([
'network:router_interface',
'network:router_interface_distributed',
'network:ha_router_replicated_interface'
])
import itertools
class RouterModule(OpenStackModule):
@@ -232,14 +226,17 @@ class RouterModule(OpenStackModule):
project=dict(default=None)
)
def _router_internal_interfaces(self, router):
for port in self.conn.list_router_interfaces(router, 'internal'):
if port['device_owner'] in ROUTER_INTERFACE_OWNERS:
yield port
def _get_subnet_ids_from_ports(self, ports):
return [fixed_ip['subnet_id'] for fixed_ip in
itertools.chain.from_iterable(port['fixed_ips'] for port in ports if 'fixed_ips' in port)]
def _needs_update(self, router, network, internal_subnet_ids, internal_port_ids, filters=None):
"""Decide if the given router needs an update.
"""
def _needs_update(self, router, net,
missing_port_ids,
requested_subnet_ids,
existing_subnet_ids,
router_ifs_cfg,
filters=None):
"""Decide if the given router needs an update."""
if router['admin_state_up'] != self.params['admin_state_up']:
return True
if router['external_gateway_info']:
@@ -247,68 +244,76 @@ class RouterModule(OpenStackModule):
if self.params['enable_snat'] is not None:
if router['external_gateway_info'].get('enable_snat', True) != self.params['enable_snat']:
return True
if network:
if net:
if not router['external_gateway_info']:
return True
elif router['external_gateway_info']['network_id'] != network['id']:
elif router['external_gateway_info']['network_id'] != net['id']:
return True
# check external interfaces
if self.params['external_fixed_ips']:
for new_iface in self.params['external_fixed_ips']:
subnet = self.conn.get_subnet(new_iface['subnet'], filters)
exists = False
# check if external_fixed_ip has to be added
for external_fixed_ip in router_ifs_cfg['external_fixed_ips']:
exists = False
# compare the requested interface with existing, looking for an existing match
for existing_iface in router['external_gateway_info']['external_fixed_ips']:
if existing_iface['subnet_id'] == subnet['id']:
if 'ip' in new_iface:
if existing_iface['ip_address'] == new_iface['ip']:
# compare the requested interface with existing, looking for an existing match
for existing_if in router['external_gateway_info']['external_fixed_ips']:
if existing_if['subnet_id'] == external_fixed_ip['subnet_id']:
if 'ip' in external_fixed_ip:
if existing_if['ip_address'] == external_fixed_ip['ip']:
# both subnet id and ip address match
exists = True
break
else:
# only the subnet was given, so ip doesn't matter
exists = True
break
# this interface isn't present on the existing router
if not exists:
return True
# check if external_fixed_ip has to be removed
if router_ifs_cfg['external_fixed_ips']:
for external_fixed_ip in router['external_gateway_info']['external_fixed_ips']:
obsolete = True
# compare the existing interface with requested, looking for an requested match
for requested_if in router_ifs_cfg['external_fixed_ips']:
if external_fixed_ip['subnet_id'] == requested_if['subnet_id']:
if 'ip' in requested_if:
if external_fixed_ip['ip_address'] == requested_if['ip']:
# both subnet id and ip address match
exists = True
obsolete = False
break
else:
# only the subnet was given, so ip doesn't matter
exists = True
obsolete = False
break
# this interface isn't present on the existing router
if not exists:
if obsolete:
return True
# check internal interfaces
if self.params['interfaces']:
existing_subnet_ids = []
for port in self._router_internal_interfaces(router):
if 'fixed_ips' in port:
for fixed_ip in port['fixed_ips']:
existing_subnet_ids.append(fixed_ip['subnet_id'])
for iface in self.params['interfaces']:
if isinstance(iface, dict):
for p_id in internal_port_ids:
p = self.conn.get_port(name_or_id=p_id)
if 'fixed_ips' in p:
for fip in p['fixed_ips']:
internal_subnet_ids.append(fip['subnet_id'])
if set(internal_subnet_ids) != set(existing_subnet_ids):
else:
# no external fixed ips requested
if router['external_gateway_info'] \
and router['external_gateway_info']['external_fixed_ips'] \
and len(router['external_gateway_info']['external_fixed_ips']) > 1:
# but router has several external fixed ips
return True
return False
def _system_state_change(self, router, network, internal_ids, internal_portids, filters=None):
"""Check if the system state would be changed."""
state = self.params['state']
if state == 'absent' and router:
# check if internal port has to be added
if router_ifs_cfg['internal_ports_missing']:
return True
if state == 'present':
if not router:
return True
return self._needs_update(router, network, internal_ids, internal_portids, filters)
if missing_port_ids:
return True
# check if internal subnet has to be added or removed
if set(requested_subnet_ids) != set(existing_subnet_ids):
return True
return False
def _build_kwargs(self, router, network):
def _build_kwargs(self, router, net):
kwargs = {
'admin_state_up': self.params['admin_state_up'],
}
@@ -318,8 +323,8 @@ class RouterModule(OpenStackModule):
else:
kwargs['name'] = self.params['name']
if network:
kwargs['ext_gateway_net_id'] = network['id']
if net:
kwargs['ext_gateway_net_id'] = net['id']
# can't send enable_snat unless we have a network
if self.params.get('enable_snat') is not None:
kwargs['enable_snat'] = self.params['enable_snat']
@@ -332,56 +337,83 @@ class RouterModule(OpenStackModule):
if 'ip' in iface:
d['ip_address'] = iface['ip']
kwargs['ext_fixed_ips'].append(d)
else:
# no external fixed ips requested
if router \
and router['external_gateway_info'] \
and router['external_gateway_info']['external_fixed_ips'] \
and len(router['external_gateway_info']['external_fixed_ips']) > 1:
# but router has several external fixed ips
# keep first external fixed ip only
fip = router['external_gateway_info']['external_fixed_ips'][0]
kwargs['ext_fixed_ips'] = [fip]
return kwargs
def _validate_subnets(self, filters=None):
external_subnet_ids = []
internal_subnet_ids = []
internal_port_ids = []
existing_port_ips = []
def _build_router_interface_config(self, filters=None):
external_fixed_ips = []
internal_subnets = []
internal_ports = []
internal_ports_missing = []
# Build external interface configuration
if self.params['external_fixed_ips']:
for iface in self.params['external_fixed_ips']:
subnet = self.conn.get_subnet(iface['subnet'])
subnet = self.conn.get_subnet(iface['subnet'], filters)
if not subnet:
self.fail_json(msg='subnet %s not found' % iface['subnet'])
external_subnet_ids.append(subnet['id'])
self.fail(msg='subnet %s not found' % iface['subnet'])
new_external_fixed_ip = {'subnet_name': subnet.name, 'subnet_id': subnet.id}
if 'ip' in iface:
new_external_fixed_ip['ip'] = iface['ip']
external_fixed_ips.append(new_external_fixed_ip)
# Build internal interface configuration
if self.params['interfaces']:
internal_ips = []
for iface in self.params['interfaces']:
if isinstance(iface, str):
subnet = self.conn.get_subnet(iface, filters)
if not subnet:
self.fail(msg='subnet %s not found' % iface)
internal_subnet_ids.append(subnet['id'])
internal_subnets.append(subnet)
elif isinstance(iface, dict):
subnet = self.conn.get_subnet(iface['subnet'], filters)
if not subnet:
self.fail(msg='subnet %s not found' % iface['subnet'])
net = self.conn.get_network(iface['net'])
if not net:
self.fail(msg='net %s not found' % iface['net'])
if "portip" not in iface:
internal_subnet_ids.append(subnet['id'])
# portip not set, add any ip from subnet
internal_subnets.append(subnet)
elif not iface['portip']:
self.fail(msg='put an ip in portip or remove it from list to assign default port to router')
# portip is set but has invalid value
self.fail(msg='put an ip in portip or remove it from list to assign default port to router')
else:
# portip has valid value
# look for ports whose fixed_ips.ip_address matchs portip
for existing_port in self.conn.list_ports(filters={'network_id': net.id}):
for fixed_ip in existing_port['fixed_ips']:
if iface['portip'] == fixed_ip['ip_address']:
internal_port_ids.append(existing_port.id)
existing_port_ips.append(fixed_ip['ip_address'])
if iface['portip'] not in existing_port_ips:
p = self.conn.create_port(network_id=net.id, fixed_ips=[
{
'ip_address': iface['portip'],
'subnet_id': subnet.id
}
])
if p:
internal_port_ids.append(p.id)
# portip exists in net already
internal_ports.append(existing_port)
internal_ips.append(fixed_ip['ip_address'])
if iface['portip'] not in internal_ips:
# no port with portip exists hence create a new port
internal_ports_missing.append({
'network_id': net.id,
'fixed_ips': [{'ip_address': iface['portip'], 'subnet_id': subnet.id}]
})
return external_subnet_ids, internal_subnet_ids, internal_port_ids
return {
'external_fixed_ips': external_fixed_ips,
'internal_subnets': internal_subnets,
'internal_ports': internal_ports,
'internal_ports_missing': internal_ports_missing
}
def run(self):
@@ -391,7 +423,7 @@ class RouterModule(OpenStackModule):
project = self.params['project']
if self.params['external_fixed_ips'] and not network:
self.fail_json(msg='network is required when supplying external_fixed_ips')
self.fail(msg='network is required when supplying external_fixed_ips')
if project is not None:
proj = self.conn.get_project(project)
@@ -412,67 +444,125 @@ class RouterModule(OpenStackModule):
# Validate and cache the subnet IDs so we can avoid duplicate checks
# and expensive API calls.
external_ids, subnet_internal_ids, internal_portids = self._validate_subnets(filters)
router_ifs_cfg = self._build_router_interface_config(filters)
requested_subnet_ids = [subnet.id for subnet in router_ifs_cfg['internal_subnets']] + \
self._get_subnet_ids_from_ports(router_ifs_cfg['internal_ports'])
requested_port_ids = [i['id'] for i in router_ifs_cfg['internal_ports']]
if router:
router_ifs_internal = self.conn.list_router_interfaces(router, 'internal')
existing_subnet_ids = self._get_subnet_ids_from_ports(router_ifs_internal)
obsolete_subnet_ids = set(existing_subnet_ids) - set(requested_subnet_ids)
existing_port_ids = [i['id'] for i in router_ifs_internal]
else:
router_ifs_internal = []
existing_subnet_ids = []
obsolete_subnet_ids = []
existing_port_ids = []
missing_port_ids = set(requested_port_ids) - set(existing_port_ids)
if self.ansible.check_mode:
self.exit_json(
changed=self._system_state_change(router, net, subnet_internal_ids, internal_portids, filters)
)
# Check if the system state would be changed
if state == 'absent' and router:
changed = True
elif state == 'absent' and not router:
changed = False
elif state == 'present' and not router:
changed = True
else: # if state == 'present' and router
changed = self._needs_update(router, net,
missing_port_ids,
requested_subnet_ids,
existing_subnet_ids,
router_ifs_cfg,
filters)
self.exit_json(changed=changed)
if state == 'present':
changed = False
if not router:
changed = True
kwargs = self._build_kwargs(router, net)
if project_id:
kwargs['project_id'] = project_id
router = self.conn.create_router(**kwargs)
for int_s_id in subnet_internal_ids:
self.conn.add_router_interface(router, subnet_id=int_s_id)
# add interface by port id as well
for int_p_id in internal_portids:
self.conn.add_router_interface(router, port_id=int_p_id)
changed = True
# add interface by subnet id, because user did not specify a port id
for subnet in router_ifs_cfg['internal_subnets']:
self.conn.add_router_interface(router, subnet_id=subnet.id)
# add interface by port id if user did specify a valid port id
for port in router_ifs_cfg['internal_ports']:
self.conn.add_router_interface(router, port_id=port.id)
# add port and interface if user did specify an ip address but port is missing yet
for missing_internal_port in router_ifs_cfg['internal_ports_missing']:
p = self.conn.create_port(**missing_internal_port)
if p:
self.conn.add_router_interface(router, port_id=p.id)
else:
if self._needs_update(router, net, subnet_internal_ids, internal_portids, filters):
if self._needs_update(router, net,
missing_port_ids,
requested_subnet_ids,
existing_subnet_ids,
router_ifs_cfg,
filters):
changed = True
kwargs = self._build_kwargs(router, net)
updated_router = self.conn.update_router(**kwargs)
# Protect against update_router() not actually
# updating the router.
# Protect against update_router() not actually updating the router.
if not updated_router:
changed = False
# On a router update, if any internal interfaces were supplied,
# just detach all existing internal interfaces and attach the new.
if internal_portids or subnet_internal_ids:
else:
router = updated_router
ports = self._router_internal_interfaces(router)
for port in ports:
self.conn.remove_router_interface(router, port_id=port['id'])
if internal_portids:
external_ids, subnet_internal_ids, internal_portids = self._validate_subnets(filters)
for int_p_id in internal_portids:
self.conn.add_router_interface(router, port_id=int_p_id)
changed = True
if subnet_internal_ids:
for s_id in subnet_internal_ids:
self.conn.add_router_interface(router, subnet_id=s_id)
# delete internal subnets i.e. ports
if obsolete_subnet_ids:
for port in router_ifs_internal:
if 'fixed_ips' in port:
for fip in port['fixed_ips']:
if fip['subnet_id'] in obsolete_subnet_ids:
self.conn.remove_router_interface(router, port_id=port['id'])
changed = True
# add new internal interface by subnet id, because user did not specify a port id
for subnet in router_ifs_cfg['internal_subnets']:
if subnet.id not in existing_subnet_ids:
self.conn.add_router_interface(router, subnet_id=subnet.id)
changed = True
# add new internal interface by port id if user did specify a valid port id
for port_id in missing_port_ids:
self.conn.add_router_interface(router, port_id=port_id)
changed = True
self.exit(changed=changed, router=router, id=router['id'])
# add new port and new internal interface if user did specify an ip address but port is missing yet
for missing_internal_port in router_ifs_cfg['internal_ports_missing']:
p = self.conn.create_port(**missing_internal_port)
if p:
self.conn.add_router_interface(router, port_id=p.id)
changed = True
self.exit_json(changed=changed, router=router)
elif state == 'absent':
if not router:
self.exit(changed=False)
self.exit_json(changed=False)
else:
# We need to detach all internal interfaces on a router before
# we will be allowed to delete it.
ports = self._router_internal_interfaces(router)
router_id = router['id']
for port in ports:
# We need to detach all internal interfaces on a router
# before we will be allowed to delete it. Deletion can
# still fail if e.g. floating ips are attached to the
# router.
for port in router_ifs_internal:
self.conn.remove_router_interface(router, port_id=port['id'])
self.conn.delete_router(router_id)
self.exit_json(changed=True)
self.conn.delete_router(router['id'])
self.exit_json(changed=True, router=router)
def main():

3
plugins/modules/routers_info.py
View File

@@ -155,6 +155,9 @@ class RouterInfoModule(OpenStackModule):
name=dict(required=False, default=None),
filters=dict(required=False, type='dict', default=None)
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

3
plugins/modules/security_group_info.py
View File

@@ -148,6 +148,9 @@ class SecurityGroupInfoModule(OpenStackModule):
not_tags=dict(required=False, type='list', elements='str'),
not_any_tags=dict(required=False, type='list', elements='str')
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
description = self.params['description']

3
plugins/modules/security_group_rule_info.py
View File

@@ -177,7 +177,8 @@ class SecurityGroupRuleInfoModule(OpenStackModule):
module_kwargs = dict(
mutually_exclusive=[
['remote_ip_prefix', 'remote_group'],
]
],
supports_check_mode=True
)
def run(self):

3
plugins/modules/server_info.py
View File

@@ -70,6 +70,9 @@ class ServerInfoModule(OpenStackModule):
filters=dict(required=False, type='dict', default=None),
all_projects=dict(required=False, type='bool', default=False),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

3
plugins/modules/server_volume.py
View File

@@ -89,6 +89,9 @@ class ServerVolumeModule(OpenStackModule):
server = self.conn.get_server(self.params['server'])
volume = self.conn.get_volume(self.params['volume'])
if not server:
self.fail(msg='server %s is not found' % self.params['server'])
if not volume:
self.fail(msg='volume %s is not found' % self.params['volume'])

3
plugins/modules/stack_info.py
View File

@@ -80,6 +80,9 @@ class StackInfoModule(OpenStackModule):
project_id=dict(required=False, type='str'),
owner_id=dict(required=False, type='str')
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
data = []

3
plugins/modules/subnets_info.py
View File

@@ -140,6 +140,9 @@ class SubnetInfoModule(OpenStackModule):
name=dict(required=False, default=None, aliases=['subnet']),
filters=dict(required=False, type='dict', default=None)
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
kwargs = self.check_versioned(

3
plugins/modules/volume_backup_info.py
View File

@@ -90,6 +90,9 @@ class VolumeBackupInfoModule(OpenStackModule):
name=dict(required=False, type='str'),
volume=dict(required=False, type='str')
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
name_filter = self.params['name']

3
plugins/modules/volume_info.py
View File

@@ -124,6 +124,9 @@ class VolumeInfoModule(OpenStackModule):
name=dict(type='str', required=False),
status=dict(type='str', required=False),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):
kwargs = self.check_versioned(

3
plugins/modules/volume_snapshot_info.py
View File

@@ -96,6 +96,9 @@ class VolumeSnapshotInfoModule(OpenStackModule):
'deleting', 'error_deleting', 'rollbacking',
'backing-up']),
)
module_kwargs = dict(
supports_check_mode=True
)
def run(self):

11
test-requirements-2.12.txt Normal file
View File

@@ -0,0 +1,11 @@
openstacksdk
ansible-core
pycodestyle
flake8
pylint
voluptuous
yamllint
rstcheck
ruamel.yaml
#galaxy-importer # see https://review.opendev.org/#/c/743054
tox

0
tests/sanity/ignore-2.13.txt Normal file
View File

7
tools/run-ansible-sanity.sh
View File

@@ -19,6 +19,9 @@ echo "Executing ansible-test sanity checks in ${ANSIBLE_COLLECTIONS_PATH}"
trap "rm -rf ${ANSIBLE_COLLECTIONS_PATH}" err exit
PY_VER=$(python3 -c "from platform import python_version;print(python_version())" | cut -f 1,2 -d".")
echo "Running test with Python version ${PY_VER}"
rm -rf "${ANSIBLE_COLLECTIONS_PATH}"
mkdir -p ${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/openstack/cloud
cp -a ${TOXDIR}/{plugins,meta,scripts,tests,docs} ${ANSIBLE_COLLECTIONS_PATH}/ansible_collections/openstack/cloud
@@ -27,7 +30,7 @@ echo "Running ansible-test with version:"
ansible --version
ansible-test sanity -v \
--venv \
--python 3.6 \
--python ${PY_VER} \
--skip-test metaclass-boilerplate \
--skip-test future-import-boilerplate \
plugins/ docs/ meta/ scripts/ tests/
plugins/ docs/ meta/ scripts/

16
tox.ini
View File

@@ -1,5 +1,5 @@
[tox]
minversion = 3.1
minversion = 3.18.0
envlist = pep8
skipsdist = True
ignore_basepython_conflict = True
@@ -15,7 +15,7 @@ setenv =
VIRTUAL_ENV={envdir}
LANG=en_US.UTF-8
LANGUAGE=en_US:en
LC_ALL=C
LC_ALL=en_US.utf-8
OS_LOG_CAPTURE={env:OS_LOG_CAPTURE:true}
OS_STDOUT_CAPTURE={env:OS_STDOUT_CAPTURE:true}
OS_STDERR_CAPTURE={env:OS_STDERR_CAPTURE:true}
@@ -65,6 +65,12 @@ commands = {[testenv:linters]commands}
deps =
-r{toxinidir}/test-requirements-2.11.txt
[testenv:linters-2.12]
passenv = {[testenv:linters]passenv}
commands = {[testenv:linters]commands}
deps =
-r{toxinidir}/test-requirements-2.12.txt
[testenv:venv]
deps =
-r{toxinidir}/test-requirements.txt
@@ -112,6 +118,12 @@ deps =
passenv = {[testenv:ansible]passenv}
commands = {[testenv:ansible]commands}
[testenv:ansible-2.12]
deps =
-r{toxinidir}/test-requirements-2.12.txt
passenv = {[testenv:ansible]passenv}
commands = {[testenv:ansible]commands}
[testenv:galaxy-release]
deps =
ansible-core