2016-06-30 15:28:21 +00:00
|
|
|
#!/usr/bin/python
|
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
2019-02-14 20:02:27 +00:00
|
|
|
# Copyright: (c) 2016, Hiroaki Nakamura <hnakamur@gmail.com>
|
Remove wildcard imports
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 05:55:24 +00:00
|
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
|
|
|
|
|
|
from __future__ import absolute_import, division, print_function
|
|
|
|
|
__metaclass__ = type
|
2016-06-30 15:28:21 +00:00
|
|
|
|
|
|
|
|
|
2017-08-16 03:16:38 +00:00
|
|
|
ANSIBLE_METADATA = {'metadata_version': '1.1',
|
2017-03-14 16:07:22 +00:00
|
|
|
'status': ['preview'],
|
|
|
|
|
'supported_by': 'community'}
|
|
|
|
|
|
2016-12-06 10:35:25 +00:00
|
|
|
|
2016-07-06 15:34:51 +00:00
|
|
|
DOCUMENTATION = '''
|
2016-06-30 15:28:21 +00:00
|
|
|
---
|
|
|
|
|
module: lxd_profile
|
|
|
|
|
short_description: Manage LXD profiles
|
2016-08-18 13:49:56 +00:00
|
|
|
version_added: "2.2"
|
2016-06-30 15:28:21 +00:00
|
|
|
description:
|
|
|
|
|
- Management of LXD profiles
|
|
|
|
|
author: "Hiroaki Nakamura (@hnakamur)"
|
|
|
|
|
options:
|
|
|
|
|
name:
|
|
|
|
|
description:
|
|
|
|
|
- Name of a profile.
|
|
|
|
|
required: true
|
2017-10-07 15:19:46 +00:00
|
|
|
description:
|
|
|
|
|
description:
|
|
|
|
|
- Description of the profile.
|
|
|
|
|
version_added: "2.5"
|
2016-06-30 15:28:21 +00:00
|
|
|
config:
|
|
|
|
|
description:
|
2016-07-06 15:34:51 +00:00
|
|
|
- 'The config for the container (e.g. {"limits.memory": "4GB"}).
|
|
|
|
|
See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#patch-3)'
|
2016-06-30 15:28:21 +00:00
|
|
|
- If the profile already exists and its "config" value in metadata
|
|
|
|
|
obtained from
|
|
|
|
|
GET /1.0/profiles/<name>
|
2016-07-06 15:34:51 +00:00
|
|
|
U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#get-19)
|
2016-06-30 15:28:21 +00:00
|
|
|
are different, they this module tries to apply the configurations.
|
|
|
|
|
- Not all config values are supported to apply the existing profile.
|
|
|
|
|
Maybe you need to delete and recreate a profile.
|
|
|
|
|
required: false
|
|
|
|
|
devices:
|
|
|
|
|
description:
|
2016-07-06 15:34:51 +00:00
|
|
|
- 'The devices for the profile
|
2016-06-30 15:28:21 +00:00
|
|
|
(e.g. {"rootfs": {"path": "/dev/kvm", "type": "unix-char"}).
|
2016-07-06 15:34:51 +00:00
|
|
|
See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#patch-3)'
|
2016-06-30 15:28:21 +00:00
|
|
|
required: false
|
|
|
|
|
new_name:
|
|
|
|
|
description:
|
|
|
|
|
- A new name of a profile.
|
|
|
|
|
- If this parameter is specified a profile will be renamed to this name.
|
2016-07-06 15:34:51 +00:00
|
|
|
See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-11)
|
2016-06-30 15:28:21 +00:00
|
|
|
required: false
|
|
|
|
|
state:
|
|
|
|
|
choices:
|
|
|
|
|
- present
|
|
|
|
|
- absent
|
|
|
|
|
description:
|
|
|
|
|
- Define the state of a profile.
|
|
|
|
|
required: false
|
|
|
|
|
default: present
|
|
|
|
|
url:
|
|
|
|
|
description:
|
|
|
|
|
- The unix domain socket path or the https URL for the LXD server.
|
|
|
|
|
required: false
|
|
|
|
|
default: unix:/var/lib/lxd/unix.socket
|
2019-02-22 09:24:07 +00:00
|
|
|
snap_url:
|
|
|
|
|
description:
|
|
|
|
|
- The unix domain socket path when LXD is installed by snap package manager.
|
|
|
|
|
required: false
|
|
|
|
|
default: unix:/var/snap/lxd/common/lxd/unix.socket
|
|
|
|
|
version_added: '2.8'
|
2019-03-28 05:19:28 +00:00
|
|
|
client_key:
|
2016-06-30 15:28:21 +00:00
|
|
|
description:
|
|
|
|
|
- The client certificate key file path.
|
|
|
|
|
required: false
|
2016-07-06 15:34:51 +00:00
|
|
|
default: '"{}/.config/lxc/client.key" .format(os.environ["HOME"])'
|
2019-03-28 05:19:28 +00:00
|
|
|
aliases: [ key_file ]
|
|
|
|
|
client_cert:
|
2016-06-30 15:28:21 +00:00
|
|
|
description:
|
|
|
|
|
- The client certificate file path.
|
|
|
|
|
required: false
|
2016-07-06 15:34:51 +00:00
|
|
|
default: '"{}/.config/lxc/client.crt" .format(os.environ["HOME"])'
|
2019-03-28 05:19:28 +00:00
|
|
|
aliases: [ cert_file ]
|
2016-06-30 15:28:21 +00:00
|
|
|
trust_password:
|
|
|
|
|
description:
|
|
|
|
|
- The client trusted password.
|
|
|
|
|
- You need to set this password on the LXD server before
|
|
|
|
|
running this module using the following command.
|
|
|
|
|
lxc config set core.trust_password <some random password>
|
2016-07-06 15:34:51 +00:00
|
|
|
See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/)
|
2016-06-30 15:28:21 +00:00
|
|
|
- If trust_password is set, this module send a request for
|
|
|
|
|
authentication before sending any requests.
|
|
|
|
|
required: false
|
|
|
|
|
notes:
|
|
|
|
|
- Profiles must have a unique name. If you attempt to create a profile
|
|
|
|
|
with a name that already existed in the users namespace the module will
|
|
|
|
|
simply return as "unchanged".
|
2016-07-06 15:34:51 +00:00
|
|
|
'''
|
2016-06-30 15:28:21 +00:00
|
|
|
|
2016-07-06 15:34:51 +00:00
|
|
|
EXAMPLES = '''
|
2016-06-30 15:28:21 +00:00
|
|
|
# An example for creating a profile
|
|
|
|
|
- hosts: localhost
|
|
|
|
|
connection: local
|
|
|
|
|
tasks:
|
|
|
|
|
- name: Create a profile
|
|
|
|
|
lxd_profile:
|
|
|
|
|
name: macvlan
|
|
|
|
|
state: present
|
|
|
|
|
config: {}
|
2016-12-05 04:15:23 +00:00
|
|
|
description: my macvlan profile
|
2016-06-30 15:28:21 +00:00
|
|
|
devices:
|
|
|
|
|
eth0:
|
|
|
|
|
nictype: macvlan
|
|
|
|
|
parent: br0
|
|
|
|
|
type: nic
|
|
|
|
|
|
|
|
|
|
# An example for creating a profile via http connection
|
|
|
|
|
- hosts: localhost
|
|
|
|
|
connection: local
|
|
|
|
|
tasks:
|
|
|
|
|
- name: create macvlan profile
|
|
|
|
|
lxd_profile:
|
|
|
|
|
url: https://127.0.0.1:8443
|
2019-03-28 05:19:28 +00:00
|
|
|
# These client_cert and client_key values are equal to the default values.
|
|
|
|
|
#client_cert: "{{ lookup('env', 'HOME') }}/.config/lxc/client.crt"
|
|
|
|
|
#client_key: "{{ lookup('env', 'HOME') }}/.config/lxc/client.key"
|
2016-06-30 15:28:21 +00:00
|
|
|
trust_password: mypassword
|
|
|
|
|
name: macvlan
|
|
|
|
|
state: present
|
|
|
|
|
config: {}
|
2016-12-05 04:15:23 +00:00
|
|
|
description: my macvlan profile
|
2016-06-30 15:28:21 +00:00
|
|
|
devices:
|
|
|
|
|
eth0:
|
|
|
|
|
nictype: macvlan
|
|
|
|
|
parent: br0
|
|
|
|
|
type: nic
|
|
|
|
|
|
|
|
|
|
# An example for deleting a profile
|
|
|
|
|
- hosts: localhost
|
|
|
|
|
connection: local
|
|
|
|
|
tasks:
|
|
|
|
|
- name: Delete a profile
|
|
|
|
|
lxd_profile:
|
|
|
|
|
name: macvlan
|
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
|
|
# An example for renaming a profile
|
|
|
|
|
- hosts: localhost
|
|
|
|
|
connection: local
|
|
|
|
|
tasks:
|
|
|
|
|
- name: Rename a profile
|
|
|
|
|
lxd_profile:
|
|
|
|
|
name: macvlan
|
|
|
|
|
new_name: macvlan2
|
|
|
|
|
state: present
|
2016-07-06 15:34:51 +00:00
|
|
|
'''
|
2016-06-30 15:28:21 +00:00
|
|
|
|
2017-10-07 15:19:46 +00:00
|
|
|
RETURN = '''
|
2016-07-06 15:34:51 +00:00
|
|
|
old_state:
|
|
|
|
|
description: The old state of the profile
|
2016-06-30 15:28:21 +00:00
|
|
|
returned: success
|
2018-12-18 21:25:30 +00:00
|
|
|
type: str
|
2016-07-06 15:34:51 +00:00
|
|
|
sample: "absent"
|
|
|
|
|
logs:
|
|
|
|
|
description: The logs of requests and responses.
|
|
|
|
|
returned: when ansible-playbook is invoked with -vvvv.
|
|
|
|
|
type: list
|
|
|
|
|
sample: "(too long to be placed here)"
|
|
|
|
|
actions:
|
|
|
|
|
description: List of actions performed for the profile.
|
|
|
|
|
returned: success
|
|
|
|
|
type: list
|
|
|
|
|
sample: '["create"]'
|
|
|
|
|
'''
|
2016-06-30 15:28:21 +00:00
|
|
|
|
|
|
|
|
import os
|
Remove wildcard imports
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 05:55:24 +00:00
|
|
|
|
|
|
|
|
from ansible.module_utils.basic import AnsibleModule
|
2016-08-18 13:47:38 +00:00
|
|
|
from ansible.module_utils.lxd import LXDClient, LXDClientException
|
2016-06-30 15:28:21 +00:00
|
|
|
|
Remove wildcard imports
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 05:55:24 +00:00
|
|
|
|
2016-06-30 15:28:21 +00:00
|
|
|
# PROFILE_STATES is a list for states supported
|
|
|
|
|
PROFILES_STATES = [
|
|
|
|
|
'present', 'absent'
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# CONFIG_PARAMS is a list of config attribute names.
|
|
|
|
|
CONFIG_PARAMS = [
|
|
|
|
|
'config', 'description', 'devices'
|
|
|
|
|
]
|
|
|
|
|
|
Remove wildcard imports
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 05:55:24 +00:00
|
|
|
|
2016-06-30 15:28:21 +00:00
|
|
|
class LXDProfileManagement(object):
|
|
|
|
|
def __init__(self, module):
|
|
|
|
|
"""Management of LXC containers via Ansible.
|
|
|
|
|
|
|
|
|
|
:param module: Processed Ansible Module.
|
|
|
|
|
:type module: ``object``
|
|
|
|
|
"""
|
|
|
|
|
self.module = module
|
|
|
|
|
self.name = self.module.params['name']
|
|
|
|
|
self._build_config()
|
|
|
|
|
self.state = self.module.params['state']
|
|
|
|
|
self.new_name = self.module.params.get('new_name', None)
|
|
|
|
|
|
2019-03-28 05:19:28 +00:00
|
|
|
self.key_file = self.module.params.get('client_key', None)
|
|
|
|
|
self.cert_file = self.module.params.get('client_cert', None)
|
2016-07-01 14:23:14 +00:00
|
|
|
self.debug = self.module._verbosity >= 4
|
2019-02-22 09:24:07 +00:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
if os.path.exists(self.module.params['snap_url'].replace('unix:', '')):
|
|
|
|
|
self.url = self.module.params['snap_url']
|
|
|
|
|
else:
|
|
|
|
|
self.url = self.module.params['url']
|
|
|
|
|
except Exception as e:
|
|
|
|
|
self.module.fail_json(msg=e.msg)
|
|
|
|
|
|
2016-06-30 15:28:21 +00:00
|
|
|
try:
|
|
|
|
|
self.client = LXDClient(
|
|
|
|
|
self.url, key_file=self.key_file, cert_file=self.cert_file,
|
|
|
|
|
debug=self.debug
|
|
|
|
|
)
|
|
|
|
|
except LXDClientException as e:
|
|
|
|
|
self.module.fail_json(msg=e.msg)
|
|
|
|
|
self.trust_password = self.module.params.get('trust_password', None)
|
|
|
|
|
self.actions = []
|
|
|
|
|
|
|
|
|
|
def _build_config(self):
|
|
|
|
|
self.config = {}
|
|
|
|
|
for attr in CONFIG_PARAMS:
|
|
|
|
|
param_val = self.module.params.get(attr, None)
|
|
|
|
|
if param_val is not None:
|
|
|
|
|
self.config[attr] = param_val
|
|
|
|
|
|
|
|
|
|
def _get_profile_json(self):
|
|
|
|
|
return self.client.do(
|
|
|
|
|
'GET', '/1.0/profiles/{0}'.format(self.name),
|
|
|
|
|
ok_error_codes=[404]
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
|
def _profile_json_to_module_state(resp_json):
|
|
|
|
|
if resp_json['type'] == 'error':
|
|
|
|
|
return 'absent'
|
|
|
|
|
return 'present'
|
|
|
|
|
|
|
|
|
|
def _update_profile(self):
|
|
|
|
|
if self.state == 'present':
|
|
|
|
|
if self.old_state == 'absent':
|
|
|
|
|
if self.new_name is None:
|
|
|
|
|
self._create_profile()
|
|
|
|
|
else:
|
|
|
|
|
self.module.fail_json(
|
|
|
|
|
msg='new_name must not be set when the profile does not exist and the specified state is present',
|
|
|
|
|
changed=False)
|
|
|
|
|
else:
|
|
|
|
|
if self.new_name is not None and self.new_name != self.name:
|
|
|
|
|
self._rename_profile()
|
|
|
|
|
if self._needs_to_apply_profile_configs():
|
|
|
|
|
self._apply_profile_configs()
|
|
|
|
|
elif self.state == 'absent':
|
|
|
|
|
if self.old_state == 'present':
|
|
|
|
|
if self.new_name is None:
|
|
|
|
|
self._delete_profile()
|
|
|
|
|
else:
|
|
|
|
|
self.module.fail_json(
|
|
|
|
|
msg='new_name must not be set when the profile exists and the specified state is absent',
|
|
|
|
|
changed=False)
|
|
|
|
|
|
|
|
|
|
def _create_profile(self):
|
|
|
|
|
config = self.config.copy()
|
|
|
|
|
config['name'] = self.name
|
|
|
|
|
self.client.do('POST', '/1.0/profiles', config)
|
|
|
|
|
self.actions.append('create')
|
|
|
|
|
|
|
|
|
|
def _rename_profile(self):
|
|
|
|
|
config = {'name': self.new_name}
|
2019-02-14 20:02:27 +00:00
|
|
|
self.client.do('POST', '/1.0/profiles/{0}'.format(self.name), config)
|
2016-06-30 15:28:21 +00:00
|
|
|
self.actions.append('rename')
|
|
|
|
|
self.name = self.new_name
|
|
|
|
|
|
|
|
|
|
def _needs_to_change_profile_config(self, key):
|
|
|
|
|
if key not in self.config:
|
|
|
|
|
return False
|
|
|
|
|
old_configs = self.old_profile_json['metadata'].get(key, None)
|
|
|
|
|
return self.config[key] != old_configs
|
|
|
|
|
|
|
|
|
|
def _needs_to_apply_profile_configs(self):
|
|
|
|
|
return (
|
|
|
|
|
self._needs_to_change_profile_config('config') or
|
|
|
|
|
self._needs_to_change_profile_config('description') or
|
|
|
|
|
self._needs_to_change_profile_config('devices')
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
def _apply_profile_configs(self):
|
|
|
|
|
config = self.old_profile_json.copy()
|
2016-12-12 23:16:23 +00:00
|
|
|
for k, v in self.config.items():
|
2016-06-30 15:28:21 +00:00
|
|
|
config[k] = v
|
2019-02-14 20:02:27 +00:00
|
|
|
self.client.do('PUT', '/1.0/profiles/{0}'.format(self.name), config)
|
2016-06-30 15:28:21 +00:00
|
|
|
self.actions.append('apply_profile_configs')
|
|
|
|
|
|
|
|
|
|
def _delete_profile(self):
|
2019-02-14 20:02:27 +00:00
|
|
|
self.client.do('DELETE', '/1.0/profiles/{0}'.format(self.name))
|
2016-06-30 15:28:21 +00:00
|
|
|
self.actions.append('delete')
|
|
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
|
"""Run the main method."""
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
if self.trust_password is not None:
|
|
|
|
|
self.client.authenticate(self.trust_password)
|
|
|
|
|
|
|
|
|
|
self.old_profile_json = self._get_profile_json()
|
|
|
|
|
self.old_state = self._profile_json_to_module_state(self.old_profile_json)
|
|
|
|
|
self._update_profile()
|
|
|
|
|
|
|
|
|
|
state_changed = len(self.actions) > 0
|
|
|
|
|
result_json = {
|
|
|
|
|
'changed': state_changed,
|
|
|
|
|
'old_state': self.old_state,
|
|
|
|
|
'actions': self.actions
|
|
|
|
|
}
|
|
|
|
|
if self.client.debug:
|
|
|
|
|
result_json['logs'] = self.client.logs
|
|
|
|
|
self.module.exit_json(**result_json)
|
|
|
|
|
except LXDClientException as e:
|
|
|
|
|
state_changed = len(self.actions) > 0
|
|
|
|
|
fail_params = {
|
|
|
|
|
'msg': e.msg,
|
|
|
|
|
'changed': state_changed,
|
|
|
|
|
'actions': self.actions
|
|
|
|
|
}
|
|
|
|
|
if self.client.debug:
|
|
|
|
|
fail_params['logs'] = e.kwargs['logs']
|
|
|
|
|
self.module.fail_json(**fail_params)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
|
"""Ansible Main module."""
|
|
|
|
|
|
|
|
|
|
module = AnsibleModule(
|
|
|
|
|
argument_spec=dict(
|
|
|
|
|
name=dict(
|
|
|
|
|
type='str',
|
|
|
|
|
required=True
|
|
|
|
|
),
|
|
|
|
|
new_name=dict(
|
|
|
|
|
type='str',
|
|
|
|
|
),
|
|
|
|
|
config=dict(
|
|
|
|
|
type='dict',
|
|
|
|
|
),
|
|
|
|
|
description=dict(
|
|
|
|
|
type='str',
|
|
|
|
|
),
|
|
|
|
|
devices=dict(
|
|
|
|
|
type='dict',
|
|
|
|
|
),
|
|
|
|
|
state=dict(
|
|
|
|
|
choices=PROFILES_STATES,
|
|
|
|
|
default='present'
|
|
|
|
|
),
|
|
|
|
|
url=dict(
|
|
|
|
|
type='str',
|
|
|
|
|
default='unix:/var/lib/lxd/unix.socket'
|
|
|
|
|
),
|
2019-02-22 09:24:07 +00:00
|
|
|
snap_url=dict(
|
|
|
|
|
type='str',
|
|
|
|
|
default='unix:/var/snap/lxd/common/lxd/unix.socket'
|
|
|
|
|
),
|
2019-03-28 05:19:28 +00:00
|
|
|
client_key=dict(
|
2016-06-30 15:28:21 +00:00
|
|
|
type='str',
|
2019-03-28 05:19:28 +00:00
|
|
|
default='{0}/.config/lxc/client.key'.format(os.environ['HOME']),
|
|
|
|
|
aliases=['key_file']
|
2016-06-30 15:28:21 +00:00
|
|
|
),
|
2019-03-28 05:19:28 +00:00
|
|
|
client_cert=dict(
|
2016-06-30 15:28:21 +00:00
|
|
|
type='str',
|
2019-03-28 05:19:28 +00:00
|
|
|
default='{0}/.config/lxc/client.crt'.format(os.environ['HOME']),
|
|
|
|
|
aliases=['cert_file']
|
2016-06-30 15:28:21 +00:00
|
|
|
),
|
2017-10-07 15:19:46 +00:00
|
|
|
trust_password=dict(type='str', no_log=True)
|
2016-06-30 15:28:21 +00:00
|
|
|
),
|
|
|
|
|
supports_check_mode=False,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
lxd_manage = LXDProfileManagement(module=module)
|
|
|
|
|
lxd_manage.run()
|
|
|
|
|
|
Remove wildcard imports
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
2017-07-28 05:55:24 +00:00
|
|
|
|
2016-06-30 15:28:21 +00:00
|
|
|
if __name__ == '__main__':
|
|
|
|
|
main()
|
