When the security groups specified to the os_server module change they
should be updated on the server. This will require shade 1.19 where the
server security group commands were added.
Fixes: #23206
These were deprecated back in the 1.x timeframe, so have been deprecated
for the 2 cycles required. They also do things wrong and should be
avoided anyway. Go ahead and remove them.
* Add examples in os_server module showing userdata
Added an example using Bash and also using Cloud-init. Also, showing using {% raw %} and {% endraw %} to provide a pointer to those hitting similar issues to the ones I had.
* Removed erronious whitespace
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
* fix module doc fields
* More module docs corrections
* More module docs corrections
* More module docs corrections
* More module docs corrections
* correct aliases
* Review comments
* Must quote ':'
* More authors
* Use suboptions:
* restore type: bool
* type should be in the same place
* More tidyups
* authors
* Use suboptions
* revert
* remove duplicate author
* More issues post rebase
* Add quota for the number of floating IP's to allow in Network.
* Add nova_floating_ips and neutron_floating_ips aliases to avoid confusion.
* rename aliases to compute_floating_ips and network_floating_ips.
* Update metadata on existing openstack instances
This adds or updates existing keys, but doesn't remove them
Fixes#5500
* Set meta to {} if None
* Move common metadata parsing into a method
* Move availability_zone docs to each OpenStack module
This argument is in the central list for hysterical raisins (mostly me
being a doofus) but is used in almost none of them. Document it
explicitly in each module to stop the confusion.
* Fix two docs formatting bugs
* Update validate-modules
* Validates ANSIBLE_METADATA
* Ensures imports happen after documentation vars
* Some pep8 cleanup
* Clean up some left over unneeded code
* Update modules for new module guidelines and validate-modules checks
* Update imports for ec2_vpc_route_table and ec2_vpc_nat_gateway
Prescribing types is not necessary as the underlying shade library
does not do so, and the Neutron API will inform us if a disallowed
or non existent type is used.
Fixes#20830
Without this patch, the os_keystone_domain module is not idempotent if
the description is empty because the description parameter is None in
ansible, but the keystone client returns an empty unicode string.
Following the example of other OpenStack modules, this patch fixes the
issue by checking whether the module parameter is None before going on
to check its value.
The password param conflicts with os-client-config's password grabbing.
The rest of the params really probably should also be popped - but
keeping this just to password for now. Will follow up with a change that
does an audit of all the os_ modules
This patch was previously contributed by @emonty to the former
ansible-modules-core repo however since the merge, it was closed
and not completed. This patch includes the necessary changes cleaned
up to work with the latest release of Ansible. This has been
tested to work internally
* Adding os_quota support to the OpenStack modules
* Updated descriptions in doc string
* Updated version_added to 2.2 based on CI test feedback
* ready_for_review
* Changed exit_json to remove updating host var facts
* Updated version_added and docs
* Added support for state:absent paramater
This includes:
- Updated the doc string with the paramater information
- Updated the example section showing how to reset a project quota
- Added code support to handle state:absent
- Encountered a bug in delete_network_quota where it returns
an error instead of the current quota. Added support code to
workaround that issue until a proper fix can be added.
* Updated security groups kwarg to reflect Neutron kwargs
* Updated iteritems to be items based on CI feedback
* Updated descriptions and import statements based on code review feedback
* Updated CHANGELOG.md to include os_quota under new mods.
Depending on the OpenStack installation it may be quicker to create a volume from an existing volume (copy-on-write) compared to from a snapshot (allocating a completely new volume).
This adds a new `volume_src` parameter to the `os_module` which accepts a volume id or name.
* Change example syntax on os_auth module
* Change example syntax on os_client_config module
* Change example syntax on os_image_facts module
* Change example syntax on os_networks_facts module
* Change example syntax on os_nova_flavor module
* Change example syntax on os_object module
* Change example syntax on os_server module
* Change example syntax on os_subnet_facts module
* Change example syntax on rax_files module
* Change example syntax on rax_files_objects module
* Change example syntax on mysql_db module
* Change example syntax on file module
* Change example syntax on uri module
* Change example syntax on cl_bond module
* Change example syntax on cl_bridge module
* Change example syntax on cl_img_install module
* Change example syntax on cl_interface module
* Change example syntax on cl_license module
* Change example syntax on cl_ports module
* Remove trailing colon
I broke backwards compat with the addition to define when a password
should be updated. It was requiring that a password value be passed when
deleting a user, which seems silly.
This moves the argument logic out of the argument spec and into when it
would be needed, when state is present.
* Change example syntax on supervisorctl module
* Change example syntax or _ec2_ami_search module
* Change example syntax on cloudformation module
* Change example syntax on ec2 module
* Change example syntax on ec2_facts module
* Change example syntax on ec2_eip module
* Change example syntax on rds module
* Change example syntax on route53 module
* Change example syntax on s3 module
* Change example syntax on digital_ocean module
* Change example syntax on docker_service module
* Change example syntax on cloudformation module
* Change example syntax on gc_storage module
* Change example syntax on gce module
* Change example syntax on gce_mig module
* Change example syntax on _glance_image module
* Change example syntax on _keystone_user module
* Change example syntax on _nova_keypair module
* Change example syntax on _quantum_floating module
* Change example syntax on _quantum_floating_ip_associate module
* Change example syntax on _quantum_network module
* Change example syntax on _quantum_router module
* Change example syntax on _quantum_router_gateway module
* Change example syntax on _quantum_router_interface module
* Change example syntax on _quantum_subnet module
* SQUASH _quantum_subnet
* Add missing quotes
* Expose internal_network in os_floating_ip
Shade project has finally exposed this argument so now this module
matches old quantum_floatingip module's capabilities.
Use "nat_destination" term instead of "internal_network" to match shade
terminology.
* Add (private|internal)_network aliases to os_floating_ip
* Fix typo in os_floating_ip
There is a desire to not have this module always result in a change if a
password argument is supplied. The OpenStack API does not return a
password back when we get a user, so we've been assuming that if a
password argument was supplied, we should attempt to change the password
(even if nothing else is changing), and that results in a "changed"
state. Now we will only send along a password change attempt if the user
wants one (the default to match history).
Fixes#5217
The keys returned by user objects for default domain and
default project are respectively default_domain_id and
default_project_id.
We need to gather those IDs in case the user passed names, so we
can then compare with the user object on the needs_update helper
function.
A value for the project_id parameter to shade's create_network()
call was always being sent, even if no value for 'project' was
supplied. This was breaking folks with older versions of shade
(< 1.6).
Fixes PR https://github.com/ansible/ansible-modules-core/issues/3567
Current module fails when tries to assign floating-ips to server that
already have them and either fails or reports "changed=True" when no
ip was added
Removing floating-ip doesn't require address
Server name/id is enough to remove a floating ip.
This parameter was actually added in 2.0. It's just that the
documentation in previous versions of the module were wrong (it said the
name was "network" rather than "name.) I've renamed the parameter in
the documentation of prior versions so ansible-module-validate should no
longer think that this is a new parameter.
The shade update_router() call will return None if the router is
not actually updated. This will cause the module to fail if we
do not protect against that.
The os_server module could automatically generate a floating IP for
the user with auto_ip=true, but we didn't allow for this FIP to be
automatically deleted when deleting the instance, which is a bug.
Add a new option called delete_fip that enables this.
Without this, ansible 2.1 will convert some arguments that are
meant to be dict or list type to their str representation.
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Change documented options for os_networks_facts
os_network_facts currently lists 'network' as an available option, taking the Name or ID. In Ansible 2.0.2 to 2.2.0, this is not valid. Options 'name' and 'id' should be used instead.
* Update os_networks_facts.py
* Update os_networks_facts.py
Set version_added to the only accepted value
* Update os_networks_facts.py
Removed inappropriate 'ID' parameter
A cloud/domain admin should be able to create a subnet on any
project it is granted on.
This change adds the 'project' parameter that accepts either
a name (admin-only) or id.
A cloud/domain admin should be able to create a network on any project
it is granted to.
This changes adds the possibility to pass either a project ID or
project name.
A change was merged to the main Ansible core code that can cause
a potential hang if any libraries are called that use threading.
This change was:
4b0aa1214c
This affected the os_object module by causing a hang on the shade
create_object() API call (which in turn calls swiftclient which
uses threading). The fix is to make sure all modules have a main()
that is wrapped with an "if __name__ == '__main__'" check.
The default_project is checked at the beginning of the module.
This raises an exception if the project passed does not exist.
This logic only makes sense on resource creation, if a user
puts state=absent the module fails, even though the default
project is not relevant
If a server already exists when os_server is run, but a floating
IP was not assigned to the server when one was requested, the
module will attempt to add an IP to the existing server. But it
would not pass the wait/timeout params to the floating IP APIs.
If wait was True, you could get back a server dict that did not
show the floating IP because it did not wait.
Commit f71542c set the incorrect type for these two parameters to
dict when they are actually list of dicts.
Also, the extra_dhcp_opts was incorrectly named (without the terminal
's') and NEVER worked, so this was corrected.
Fixes#3301
A change is coming to Ansible where module params will default to str.
Many of our modules were taking advantage of this by not being explicit
about the type, so they will break when that change merges. This hopefully
catches those cases.
Fix the OpenStack os_server module for when region_name is specified.
This should not be passed through to the shade create_server() call
as it's only used with the auth parameters.
Fixes bug: https://github.com/ansible/ansible-modules-core/issues/2797
Add the ability to completely delete a floating IP from the pool
when disassociating it from a server. When state is absent and
purge is true, the IP will be completely deleted. The default
keeps the current behavior, which is to only disassociate the IP
from the server.
The exception message, when shade fails, will contain much more
specific information about the failure if the exception is treated
as a string. The 'message' attribute alone is usually not helpful.
If this parameter was not of the right type, the module would fail with a
traceback, with a "AttributeError: 'str' object has no attribute 'get'"
exception.
It now gives a proper error message on type errors.
nics is a great flexible parameter, but it's wordy. Shade now supports
a simple parameter too, which is just "network" and takes a name or id.
Add passthrough support.
In addition to supporting booting from a pre-existing volume, nova and
shade both support the concept of booting from volume based on an image.
Pass the parameters through.
Shade supports boot-time attachment of additional volumes for OpenStack
instances. Pass through the parameter so that ansible users can also
take advantage of this.
The min_disk and min_ram parameters were not being passed to
the shade API. They also need to be integer values. Also
updated the description of these parameters for better
clarification.
have `os_server_facts` call `list_servers` rather than `get_server`, and
treat the `server` parameter as a wildcard pattern. This permits one to
get facts on a single server:
- os_server:
server: webserver1
On mutiple servers:
- os_server:
server: webserver*
Or on all servers:
- os_server:
Introduces a `detailed` parameter to request additional server details
at the cost of additional API calls.
with this commit, the `security_groups` attribute for `os_port` will
accept either a common-delimited string or ` YAML list. That is, either
this:
- os_port:
[...]
security_groups: group1,group2
Or this:
- os_port:
[...]
security_groups:
- group1
- group2
This commit allows the `security_groups` parameter of the `os_server`
module to be either a YAML list or a common-delimited string (much like
the `nics` attribute). E.g., this:
- os_nova_server:
[...]
security_groups:
- default
- webserver
Or this:
- os_nova_server:
[...]
security_groups: default,webserver
The `os_security_group` module would fail if there was no `description:`
attribute:
localhost | FAILED! => {
"changed": false,
"failed": true,
"msg": "Error creating security group larstest: Invalid input for
description. Reason: 'None' is not a valid string."
}
This commit makes the default description `''` rather than `None`.
The `os_network` module was incorrectly returning changed=False whether
or not the network was created. This commit makes the changed return
value useful.
make os_subnet behave like os_network in terms of returning information
about the created resource. With this commit, os_subnet will return the
created subnet in `subnet` and the subnet id in `id`.
Allow the 'interfaces' attribute to represent internal router
interfaces, composed of subnet names, and the 'external_fixed_ips'
attribute to represent external interface subnet/IP.
The existing code was receiving a list of strings and erroneously
assuming it was being given a list of dictionaries, leading it to fail
with:
AttributeError: 'str' object has no attribute 'get'
This commit corrects the list handling code to check the type of each
item and handle it appropriately. Also, based on bcoca's comment
in #2253, thie code removes the special case for a string-only argument.
By transforming string arguments into dicts and then handling them like
any other dict argument, this also permits arguments of the form:
nics: net-name=mynet
Or:
nics: port-name=mynet
Previous versions of this code only supported `net-id` and `port-id` in
string specifications.
There was a parameter in the docs called 'public_ip' that didn't
actually exist. Additionally, auto_floating_ip is not consistent with
the underlying parameter which is auto_ip - for no good reason.
Add auto_ip as the real parameter, and then make public_ip and
auto_floating_ip as aliases for it for backwards compatability.
Fixes#2301
This patch adds support to setting metadata key/value through a string
argument. Variables can now be used for both the metadata key and
value.
example:
meta: "{{ var1 }}:SomeValue,key:{{ var2 }}"
Andrea Tartaglia
Jamie Lennox
Matt Clay
Monty Taylor
Jon "The Nice Guy" Spriggs
Matt Martz
Toshio Kuratomi
John R Barker
Kamil Cholewiński
Ricardo Carrillo Cruz
Chenjun Shen
kulawczukmarcin
Simon Li
Dave Buckley
kuboj
camradal
Colleen Murphy
Paulo Matias
Brian Coca
Tatsuya Hoshino
Logan V
David Shrewsbury
Alberto Murillo Silva
Mohammed Naser
Michael
Paulo Matias
Mike Perez
Simon Li
Carlos E. Garcia
James Cammarata
Fabio Alessandro Locati
Sam Doran
Jesse Keating
Lars Van Casteren
jctanner
Yair Fried
Abel Boldú
indispeq
David J Peacock
Arun prasath
Karthik Suresh
Monty Taylor
yfried-redhat
Toshio Kuratomi
Rene Moser
Patrick Uiterwijk
Graham Goldstein
Mario David
@
Ghe Rivero
Alvaro Aleman
tonyqui
Donovan Jones
Brian Coca
David Shrewsbury
Michael Scherer
David Hocky
Terry Howe
Julia Kreger
Timothy R. Chavez
Dmitry Labutin
Sam Thursfield
Alberto Gireud
Markus Suonto
Lars Kellogg-Stedman
Greg DeKoenigsberg
dagnello