Add the ability to completely delete a floating IP from the pool
when disassociating it from a server. When state is absent and
purge is true, the IP will be completely deleted. The default
keeps the current behavior, which is to only disassociate the IP
from the server.
The exception message, when shade fails, will contain much more
specific information about the failure if the exception is treated
as a string. The 'message' attribute alone is usually not helpful.
Otherwise CDN (Akamai) downloads file without the headers. The sequence
is following:
1. Ansible uploads file to CF.
2. Akamai downloads the file and caches it in CDN.
3. Ansible sets headers.
As a result Akamai serves file without headers.
This is backwards incompatible change, because headers keys are not
prefixed with `x-object-meta-`. Which allows user to set headers like
`Access-Control-Allow-Origin`.
Previously the logging module hard coded the default logging driver. This means
if the docker daemon is started with a different logging driver, the ansible
module would continually restart it when run.
This fix adds a call to docker.Client.info(), which is inspected if a logging
driver is not supplied in the playbook, and the container only restarted if
the logging driver applied differs from the configured default.
In usage, this has solved issues with using alternative logging drivers.
Now module will assume that if the argument is a string it is already formated as json
and will only try to convert non strings into json string.
Also removed unused 'msg' var declarations and the ifs that set them
fixes#2009
Since we now have several exceptions to the assumption that the
result of the pull would be on the last status line returned by
docker-py's pull(), I've changed the function so that it looks
through the status lines and returns what if finds on it.
Despite the repeated `break`s, the code seems simpler and a little
more coherent like this. From what I've checked using
`https://github.com/jlafon/ansible-profile`, the execution time is
mostly the same.
If this parameter was not of the right type, the module would fail with a
traceback, with a "AttributeError: 'str' object has no attribute 'get'"
exception.
It now gives a proper error message on type errors.
Before this patch:
- Command was matched if 'Command' field of docker-py
representation of Docker container ends with 'command' passed
to Ansible docker module by user.
- That can give false positives and false negatives.
- For example:
a) If 'command' was set up with more than one spaces,
like 'command=sleep 123', it would be never matched again
with a container(s) launched by this task.
Because after launching, command would be normalized and
appear, in docker-py API call, just as 'sleep 123' - with one
space. This is false negative case.
b) If 'entrypoint + command = command', for example
'sleep + 123 = sleep 123', module would give false positive
match.
This patch fixes it, by making matching more explicit - against
'Config'->Cmd' field of 'docker inspect' output, provided by docker-py
API and with proper normalization of user input by splitting it to
tokens with 'shlex.split()'.
nics is a great flexible parameter, but it's wordy. Shade now supports
a simple parameter too, which is just "network" and takes a name or id.
Add passthrough support.
In addition to supporting booting from a pre-existing volume, nova and
shade both support the concept of booting from volume based on an image.
Pass the parameters through.
Shade supports boot-time attachment of additional volumes for OpenStack
instances. Pass through the parameter so that ansible users can also
take advantage of this.
If this is not set, Ansible parses the parameter as a string.
This is fine if the parameter is not provided by the caller, but
if it is set to False or True explicitly, ec2_vol receives this as
the string 'False' or the string 'True', both of which are truthy.
Thus, without this fix, setting the parameter results in encryption
always enabled.
Previously, the `promote` command in the `rds` module would always return OK and never actually promote an instance. This was because `promote_db_instance()` had its conditions backwards: if the instance had the `replication_source` attribute indicating that it **was** a replica, it would set `changed = False` and do nothing. If the instance **wasn't** a replica, it would attempt to run `boto.rds.promote_read_replica()`, which would always fail.
'exact_count' and 'state' are mutually exclusive options they should not be in the following examples:
- # Enforce that 5 running instances named "database" with a "dbtype" of "postgres" example and
- # Enforce that 5 instances with a tag "foo" are running
The min_disk and min_ram parameters were not being passed to
the shade API. They also need to be integer values. Also
updated the description of these parameters for better
clarification.
There was no db restore example. I've provided one that shows how to do the restore, then add a security group (you cannot add the security group during the restore step -- it has to be done in a modify step afterward). Also, I show how to get the endpoint.
Absent unction was not working on user with login profile
also fixed the exception handling
fixed the delete user function
now works with or without loginprofile (password)
typo
have `os_server_facts` call `list_servers` rather than `get_server`, and
treat the `server` parameter as a wildcard pattern. This permits one to
get facts on a single server:
- os_server:
server: webserver1
On mutiple servers:
- os_server:
server: webserver*
Or on all servers:
- os_server:
Introduces a `detailed` parameter to request additional server details
at the cost of additional API calls.
When this was treated as a boolean, sphinx was leaving the Default
column on http://docs.ansible.com/ansible/ec2_module.html blank,
implying it would use AWS's default. In reality, it passes False, which
overrides the defaults at AWS (it's possible to boot an instance which
AWS claims will always have EBS optimization without it because of this
silently passed False).
The pysphere VIVirtualMachine.clone() method supports specifying a VM
folder to place the VM in after the clone has completed. This exposes
that functionality to playbooks.
Also documents that creating VMs could always place VMs in a specific
folder.
This PR #1950 implements duplicate functionality to #1353
This reverts commit b04efa22c4403ca869e94e7918721306d23afa8d.
Conflicts:
cloud/amazon/elasticache.py
Give user a course of action in the case where the suggestions do not
work. This will hopefully allow us to work through any further issues
much faster.
Check commit enables using tls when using the docker_image module. It
also removes the default for docker_url which doesn't allow us to check
for DOCKER_HOST which is a more sane default. This allows you to use
docker_image on OSX but more documentation is needed.
with this commit, the `security_groups` attribute for `os_port` will
accept either a common-delimited string or ` YAML list. That is, either
this:
- os_port:
[...]
security_groups: group1,group2
Or this:
- os_port:
[...]
security_groups:
- group1
- group2
This commit allows the `security_groups` parameter of the `os_server`
module to be either a YAML list or a common-delimited string (much like
the `nics` attribute). E.g., this:
- os_nova_server:
[...]
security_groups:
- default
- webserver
Or this:
- os_nova_server:
[...]
security_groups: default,webserver
The `os_security_group` module would fail if there was no `description:`
attribute:
localhost | FAILED! => {
"changed": false,
"failed": true,
"msg": "Error creating security group larstest: Invalid input for
description. Reason: 'None' is not a valid string."
}
This commit makes the default description `''` rather than `None`.
The `os_network` module was incorrectly returning changed=False whether
or not the network was created. This commit makes the changed return
value useful.
make os_subnet behave like os_network in terms of returning information
about the created resource. With this commit, os_subnet will return the
created subnet in `subnet` and the subnet id in `id`.
Allow the 'interfaces' attribute to represent internal router
interfaces, composed of subnet names, and the 'external_fixed_ips'
attribute to represent external interface subnet/IP.
The existing code was receiving a list of strings and erroneously
assuming it was being given a list of dictionaries, leading it to fail
with:
AttributeError: 'str' object has no attribute 'get'
This commit corrects the list handling code to check the type of each
item and handle it appropriately. Also, based on bcoca's comment
in #2253, thie code removes the special case for a string-only argument.
By transforming string arguments into dicts and then handling them like
any other dict argument, this also permits arguments of the form:
nics: net-name=mynet
Or:
nics: port-name=mynet
Previous versions of this code only supported `net-id` and `port-id` in
string specifications.
There was a parameter in the docs called 'public_ip' that didn't
actually exist. Additionally, auto_floating_ip is not consistent with
the underlying parameter which is auto_ip - for no good reason.
Add auto_ip as the real parameter, and then make public_ip and
auto_floating_ip as aliases for it for backwards compatability.
Fixes#2301
This patch adds support to setting metadata key/value through a string
argument. Variables can now be used for both the metadata key and
value.
example:
meta: "{{ var1 }}:SomeValue,key:{{ var2 }}"
Changed=true now reported on new volume.
Only detach volume when instance is specified as 'None' or '' rather than whenever instance is not specified at all
Fix regression caused by 6b27cdc where by no volume is created if id or Name is not supplied
Remove unnecessary empty aliases
Corrected example to use acceptable parameter for ions
Added exception handling to get_all_instances call
Moved the attachment state validation code to attach_volume function rather than create_volume function
Refactored attach_volume and detach_volume so that changed state can be passed back to call
Created get_volume_info function so that state=present and state=list can return the same data. Also added instance_id as a returned value in attachment_set dict
Updated aws connection method so that boto profile can be used
When pulling an image using Docker 1.8, it seems the output
JSON stream has an empty dict at the very end. This causes
ansible to fail when pulling an image, as it's expecting a
status message in that dict which it uses to determine whether
it had to download the image or not. As a bit of an ugly hack
for that which remains backward compatible, try the last item
in the stream, and if it's an empty dict, take the last-but-one
item instead.
The strip() is needed as the exact value appears to be '{}/r/n';
we could just match that, but it seems like the kind of thing
where maybe it'd happen to just be '{}/n' or '{}' or something
in some cases, so let's just use strip() in case.
A recent change [1] in docker between v1.8.2 and v1.8.3 changed what
is returned in the json when inspecting an image. Five variables which
could have been expected before will now be omited when empty. Only
one of those variables is being addressed in the docker, ExposedPorts.
Unfortunately there was also no API version change on this so this
can't be easily corrected with pinning the API to the older version.
This does a get() which will return None if the variable is not in the
dict formed from the json that was returned. Everything else works the
same way.
[1] 9098628b29
Without this, «ec2: state=stopped instance_ids=…» would fail with a
traceback like this:
if inst.get_attribute('sourceDestCheck')['sourceDestCheck'] != source_dest_check:
NameError: global name 'source_dest_check' is not defined
Both `source_dest_check` and `termination_protection` variables are not
available within the scope of the startstopec2 instance method. This just
pulls them from module.params.
With shade > 0.13.0, networks can be created that are externally
accessible. This adds a parameter for that.
Also, add RETURN documentation and 'if __name__' check around call
to main().
I think in this commit 720aeffca2bd2ae1eca158abc2d1463a8597afb6
There was bug introduced where the ElastiCacheManager init method has
a number of positional arguments like so.
```py
def __init__(self, module, name, engine, cache_engine_version, node_type,
num_nodes, cache_port, parameter_group, cache_subnet_group,
cache_security_groups, security_group_ids, zone, wait,
hard_modify, region, **aws_connect_kwargs):
```
But then later in the code the positional arguments are passed in
like this.
```py
elasticache_manager = ElastiCacheManager(module, name, engine,
cache_engine_version, node_type,
num_nodes, cache_port,
cache_subnet_group,
cache_security_groups,
security_group_ids, parameter_group, zone, wait,
hard_modify, region, **aws_connect_kwargs)
```
If you count, you can see that cache_subnet_group, is being passed in
where the manager expects to see parameter_group.
There can be instances during an Ansible play where the list of subnets
currently available from OpenStack is required. This update provides
subnet list functionality as a new os_subnets_facts module.
There can be instances during an Ansible play where the list of networks
currently available from OpenStack is required. This update provides
network list functionality as a new os_networks_facts module.
By default `.get()` will return `None` on a key that doesn't exist. This
causes a `TypeError` in the `for` loop a few lines down. This change simply
returns an iterable type to avoid the error.
Some things cannot be updated via the API, so check for those and fail
if the user is wanting to update them. Also don't try to update ipv6
stuff, as that doesn't work and will cause a traceback.
If `docker.__version__` contains non-digit characters, such as:
>>> import docker
>>> docker.__version__
'1.4.0-dev'
Then `get_docker_py_versioninfo` will fail with:
ValueError: invalid literal for int() with base 10: '0-de'
This patch corrects the parsing of the version string so that
`get_docker_py_versioninfo` in this example would return:
(1, 4, 0, '-dev')
My project is using Ansible to automate cloud build process. Ansible has a core module gce.py for managing GCE instances.
We've come across a use case that's not yet supported - when executing ansible-playbook, if a child template is included, then metadata which is defined in and propagated from the mother template is treated as string type and not parsed correctly(which instead is dictionary type), and triggers release flow failure.
We currently put some fix by explicitly casting metadata to string type in our own branch, but would like to contribute the fix to Ansible so that everyone onboarding GCE and using Ansible for release management could benefit from it, or hear owner's opinion on fixing the issue if there's a better fix in owner's mind:)
This is mlosev's patch (from #1208), rebased against devel as of
2790af2. It resolves#1707, which was caused by an API incompatibility
between the docker module and server API version 1.19.
There was a catch-all `except` statement in `create_containers`:
try:
containers = do_create(count, params)
except:
self.pull_image()
containers = do_create(count, params)
This would mask a variety of errors that should be exposed, including
API compatability errors (as in #1707) and common Python exceptions (KeyError, ValueError, etc) that could result from errors in the code.
This change makes the `except` statement more specific, and only attempts to pull the image and start a container if the original create attempt failed due to a 404 error from the docker API.
The `docker` Python module only accepts `None` or `'host'` as arguments.
This makes it difficult to conditionally set the `pid` attribute using
standard Ansible syntax.
This change converts any value that evaluates as boolean `False` to
`None`, which includes empty strings:
pid:
As well as an explicit `false`:
pid: false
This permits the following to work as intended:
- hosts: localhost
tasks:
- name: starting container
docker:
docker_api_version: 1.18
image: larsks/mini-httpd
name: web
pid: "{{ container_pid|default('') }}"
If `container_pid` is set to `host` somewhere, this will create a
Docker container with `pid=host`; otherwise, this will create a
container with normal isolated pid namespace.
Port matching logic did not take into account recent shade change
to equate (None, None) to (1, 65535) when Nova is the backend.
Also, this encapsulates the port matching logic into a single function
and heavily documents the logic.
Port range min/max values are at times represented as string and
compared to int equivalents. This fix explicitly ensures all
port range values are ints for proper comparisons.
This allows the rules module to work against either nova or neutron
for handling security groups. New parameters for 'direction' and
'ethertype' are added.
Check mode is supported with this version.
Shade 0.7.0 normalized the security group data that is returned,
when using nova, to look more like neutron security group data.
This adjusts for that change.
Uses the latest version of shade for cleaner code. Also, always
return the key dict whether we create the key, or it already exists.
The example using public_key_file is corrected to use a full path
since ~ is not converted for us.
If bind-volumes are submitted to docker >= 1.4.0 with the volumes set in addition to the binds, docker will create a regular volume and not bind-mount the specified path.
make all properties available when registering the result
which is useful when wanting to launch a stand-alone instance based upon
an existing Launch Config.
It is now possible to pass various routing policies if an identity is
provided.
This commit also introduces multiple optimisations:
* Only fetch records for the given domain
* Use UPSERT instead of DELETE+CREATE to update existing records
vsphere_guest now can deploy a template using a datacenter and hostname
as the target, instead of requiring a cluster and resource_pool.
This commit fixes#951.
Signed-off-by: Vyronas Tsingaras <vtsingaras@it.auth.gr>
port mapping with this module only works for ports that are exposed either in the Dockerfile or via an additional arguments. This is different from the command line docker client, that is willing to also map ports that are not exposed.
This comments makes the behaviour more obvious.
Updating os_ironic module to the most recent version accounting for
changes in Ansible devel branch and the shade library since the
original creation of the module.
All of the ansible OpenStack modules are driven by a clouds.yaml config
file which is processed by os-client-config. Expose the data returned by
that library to enable playbooks to iterate over available clouds.
Since the YAML data format is a subset of JSON, it is trivial to convert
the former to the latter. This means that we can use YAML templates to
build cloudformation stacks, as long as we translate them before passing
them to the AWS API. I figure this could potentially be quite popular in
the Ansible world, since we already use so much YAML for our playbooks.
boto can throw SSLError when timeouts occur (among other SSL errors). Catch these so proper JSON can be returned, and also add the ability to retry the operation.
There's an open issue in boto for this: https://github.com/boto/boto/issues/2409
Here's a sample stacktrace that inspired me to work on this. I'm on 1.7, but there's no meaningful differences in the 1.8 release that would affect this. I've added line breaks to the trace for readability.
failed to parse: Traceback (most recent call last):
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 2031, in <module> main()
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 353, in main download_s3file(module, s3, bucket, obj, dest)
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1419895753.17-160808281985012/s3", line 234, in download_s3file key.get_contents_to_filename(dest)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1665, in get_contents_to_filename response_headers=response_headers)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1603, in get_contents_to_file response_headers=response_headers)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1435, in get_file query_args=None)
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 1488, in _get_file_internal for bytes in self:
File "/usr/local/lib/python2.7/dist-packages/boto/s3/key.py", line 368, in next data = self.resp.read(self.BufferSize)
File "/usr/local/lib/python2.7/dist-packages/boto/connection.py", line 416, in read return httplib.HTTPResponse.read(self, amt)
File "/usr/lib/python2.7/httplib.py", line 567, in read s = self.fp.read(amt)
File "/usr/lib/python2.7/socket.py", line 380, in read data = self._sock.recv(left)
File "/usr/lib/python2.7/ssl.py", line 341, in recv return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 260, in read return self._sslobj.read(len) ssl.SSLError: The read operation timed out
By default docker-py uses latest version of Docker API. This is not
always desireable, and this patch adds option to specify version, that
should be used.
This module supports a few of the server actions that are easy to
initially impiment. Other actions require input and provide return
values in the API calls that will be more difficult to impliment, and
thus are not part of this initial commit.
removing policy if enabled is no
adding sanity checks
removing debuging
check if policy exists before deleting
updating version_added to 2.0
adding stickiness support to ec2_elb_lb.py (squashed commit)
* Fix docs to specify when python2.6+ is required (due to a library
dep). This helps us know when it is okay to use python2.6+ syntax in
the file.
* remove BabyJson returns. See #1211 This commit fixes all but the
openstack modules.
* Use if __name__ == '__main__' to only run the main part of the module
if the module is run as a program. This allows for the potential to
unittest the code later.
Brian Coca
Julia Kreger
Tom Bamford
David Shrewsbury
Ben Visser
Yoichi Imai
Jason Paige
Bermudez, Jaime
daniel-sc
Vladimir Mihailenco
bobgroves
Henrique Rodrigues
Constantin07
Matt Ferrante
jefferson fermo
autotune
Joost Cassee
Timothy R. Chavez
Marios Andreopoulos
Alexey Wasilyev
krdlab
Will Rouesnel
Pavel Derendyaev
Jon Hadfield
Dmitry Labutin
Vic Iglesias
Charles Paul
tksarah
Etherdaemon
luto
Mike Buzzetti
sebi
Michael Scherer
Manuel Tiago Pereira
Sam Thursfield
Toshio Kuratomi
Andrew Pashkin
Omar Khan
Joe Quadrino
Yann Hamon
Andy Nelson
HAMSIK Adam
Pedro Romano
Alberto Gireud
Donovan Jones
Tobias Smolka
Monty Taylor
Michel Alexandre Salim
Steve Spencer
Leonty
Aaron Boushley
Jumpei Ogawa
Arthur Clement
Markus Suonto
Jay Rogers
Lippy Lee
Michel Alexandre Salim
Max Rothman
joshuaeke
Keith Hassen
Daniel Donckers
Mike Riddle
Tom Paine
Marcin Stolarek
J Levitt
Rabenstein
Stewart Rutledge
Lars Kellogg-Stedman
Kevin Falcone
whiter
Adrian Bridgett
Kai Webber
Michael Fenn
Mike
Mike Christofilopoulos
Philippe Jandot
Greg DeKoenigsberg
Gilad Peleg
Sarah Haskins
Michael Schuett
Constantin Bugneac
Val Komarov
dagnello
Rob
Adam Williamson
Sam Yaple
Abhijit Menon-Sen
Frank van Tol
fperks
Adrian Lopez
Gerard Lynch
Colin Hutchinson
Matias De Carli
Shayne Clausson
justnom
Alex Kessinger
Jens Carl
Shawn Silva
Selivanov Pavel
Nathaniel Felsen
Abitha Palaniappan
evanccnyc@users.noreply.github.com
Evan Carter
wimnat
Tom Fotherby
Victor Costan
Yanchek99
David Dyball
Taneli Lepp
Bret Martin
James Martin
Chrrrles Paul
Tony Kinsley
Bruno Galindro da Costa
Rick Mendes
Luke
Timothy Appnel
Till Backhaus
Omri Iluz
James Cammarata
Brian Richards
Nithy Renganathan
Jason Cowley
Ilya Epifanov
David M. Lee
Shobhit Srivastava
brannon
Scot Spinner
Guto Andreollo
Nikolay Ivanko
Mehul Ved
Michael J. Schultz
Ted Timmons
Kamil Madac
Jamie Hannaford
Rowan Wookey
Robb Wagoner
Matt Ferrante
Hideki Saito
Robert Jailall
Hagai Kariti
Micheal Waltz
Luke Rohde
Jaime Gago
Jesse Keating
Feanil Patel
billwanjohi
Mike Putnam
Ash Caire
khassen
Johan Haals
Artur Cygan
Baraa Basata
Christian Hammerl
ayush
Daniel Kerwin
Alan Scherger
HelenaTian
nemunaire
Herby Gillot
Eero Niemi
otdw
Maksim Losev
Brian Coca
Nicholas O'Connor
Apoorva Kulkarni
vanga
Chris Meyers
Joel Thompson
Ian Babrou
Simon Olofsson
Juho-Mikko Pellinen
Flyte
Davide Guerri
Scott Miller
Jonathan Davila
Patrick Roby
Andrea Mandolo
Michael Weinrich
Ash Wilson
Ed Hein
Andrew Davis
Stefan Junker
Ryan Walls
Jay Taylor
zimbatm
Michal Smereczynski
toninog
Vasyl Kaigorodov
Dan Abel
Vyronas Tsingaras
Matt Martz
Benno Joy
Colin Hutchinson
Robin Roth
Philip Kirkland
nitzmahone
Robert Estelle
Tyler Cross
Ching Yi, Chan
Soenke Ruempler
Bruce Pennypacker
Alex Gandy
Tim Mahoney
Sankalp Khare
Trevor Pounds
Raghu Udiyar
tedder
xiaclo
Wang Qiang
marko
Jonathan Mainguy
Pierre Baillet
Martin Froehlich
Jan Brauer
Matt Schurenko
Jell
Chris Lundquist
Ratnadeep Debnath