Start using this to construct shade OpenStack Cloud objects in a
consistent manner. This will let us centralize things like dealing with
password arguments and whatnot. It also allows us to introduce the
ability to pass a fully formed config dict directly to the module.
Migrate all OpenStack modules to use openstack_cloud_from_module.
Have it return the shade library since it's responsible for
importing shade and shade is needed for the exceptions.
Only pull specific OpenStack arguments for the constructor
Rather than passing **module.params to the shade constructor, pull out
only the values that make sense. This should prevent the issues with
module parameters stepping on shade parameters.
Replace module.params.pop with module.params.get
We don't need to pop these anymore since the shade constructor is now
using opt-in values.
Using real urls is ungood. Use example.com domains. Also, get rid of the
antiquated port numbers.
We're being too strict - there is a third possibility, which is that a
user will have defined the OS_* environment variables and expect them to
pass through.
The rest of ansible uses validate_certs, so make that the main
documented parameter. However, leave verify as an alias since that's the
passthrough value to the underlying libraries.
There is an old PR that shows a great use case for having a different
set of states for the server module. Before the other modules start
being in real use, pull this out so that we don't get ourselves into a
pickle.
It turns out that this can actually already be handled by the existing
auth plugin framework and does not need its own parameter. Remove before
it sees usage and causes confusion.
Incoming cloud config for OpenStack is complex due to plugins and
deployer choices. Rather than having the logic spread all over the
OpenStack modules, centralize it in the module_utils code.
Taking a page out of the ec2 config, make sure that all of the
OpenStack modules handle the inbound auth config in the same way.
The one outlier is keystone wrt auth_url.
The provisioning module knows more about how nova deals with IP
addresses now. Ensure that the inventory module is similarly as smart
by separating out the logic into the openstack/module_utils.
Taking a page out of the ec2 config, make sure that all of the
OpenStack modules handle the inbound auth config in the same way.
The one outlier is keystone wrt auth_url.
Monty Taylor
Jeff Li
Dag Wieers
Toshio Kuratomi
Monty Taylor
Ben Cordero
David Shrewsbury
Yair Fried
Michael DeHaan