BASIS/decort-ansible
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 16 Wiki Activity

Compare commits

base: BASIS:rc-5.2
Branches Tags
BASIS:main BASIS:rc-5.3.0 BASIS:rc-5.2.6 BASIS:5.2.5.1 BASIS:rc-5.2.5.1 BASIS:rc-5.2.5 BASIS:rc-5.2.4 BASIS:rc-5.2.3 BASIS:rc-5.2.2 BASIS:rc-5.2.1 BASIS:rc-5.2 BASIS:rc-5.1 BASIS:rc-5.0 BASIS:rc-4.0 BASIS:rc-3.0 BASIS:rc-2.0 BASIS:master BASIS:rc-1.0
BASIS:10.0.1 BASIS:10.0.0 BASIS:9.0.0 BASIS:8.0.0 BASIS:7.2.0 BASIS:7.1.0 BASIS:7.0.0 BASIS:6.1.2 BASIS:6.1.1 BASIS:6.1.0 BASIS:6.0.0 BASIS:5.6.0 BASIS:5.5.0 BASIS:5.4.1 BASIS:5.4.0 BASIS:5.3.0
..
compare: BASIS:rc-5.2.3
Branches Tags
BASIS:main BASIS:rc-5.3.0 BASIS:rc-5.2.6 BASIS:5.2.5.1 BASIS:rc-5.2.5.1 BASIS:rc-5.2.5 BASIS:rc-5.2.4 BASIS:rc-5.2.3 BASIS:rc-5.2.2 BASIS:rc-5.2.1 BASIS:rc-5.2 BASIS:rc-5.1 BASIS:rc-5.0 BASIS:rc-4.0 BASIS:rc-3.0 BASIS:rc-2.0 BASIS:master BASIS:rc-1.0
BASIS:10.0.1 BASIS:10.0.0 BASIS:9.0.0 BASIS:8.0.0 BASIS:7.2.0 BASIS:7.1.0 BASIS:7.0.0 BASIS:6.1.2 BASIS:6.1.1 BASIS:6.1.0 BASIS:6.0.0 BASIS:5.6.0 BASIS:5.5.0 BASIS:5.4.1 BASIS:5.4.0 BASIS:5.3.0

56 Commits
rc-5.2 ... rc-5.2.3

Author SHA1 Message Date
Алексей Даньков
b03b82e492 Merge branch 'fix/rc-5.2.2' into 'master' 
Fix/rc 5.2.2

See merge request rudecs/decort-ansible!5
 2022-10-31 08:44:40 +00:00
Алексей Даньков
15893f58bb Merge branch 'feature/decort_rg_refactoring' into 'master' 
Feature/decort rg refactoring

See merge request rudecs/decort-ansible!4
 2022-10-31 08:44:18 +00:00
msbolshakov
3681949ea6 decort_rg fix 2022-10-25 14:37:42 +07:00
msbolshakov
8713ebe099 decort_rg ifx 2022-10-21 23:27:40 +07:00
msbolshakov
87ecb762aa decort_rg ifx 2022-10-21 22:36:46 +07:00
msbolshakov
b30d8f2b3c decort_rg ifx 2022-10-21 21:53:57 +07:00
msbolshakov
36d6fe092d add exampels 2022-10-21 20:43:08 +07:00
msbolshakov
8f737397de decort_rg module refactoring 2022-10-21 18:47:13 +07:00
msbolshakov
72d9da0234 add account id in osimage facts 2022-10-11 21:11:38 +07:00
msbolshakov
4b3f34376b add account id in osimage facts 2022-10-11 20:18:07 +07:00
Максим Большаков
72b591723f decort_disk bug fix 2022-09-22 16:10:43 +00:00
Максим Большаков
f0e9ac10cc Bug fix 2022-09-21 15:53:02 +00:00
Alex_geth
82eef4492d Merge branch 'feature/decort_lb' 2022-09-21 13:00:55 +03:00
Alex_geth
889618f843 added LB module & some other fix 2022-09-20 21:44:32 +03:00
msbolshakov
ef33532a83 fix module errors 2022-09-19 17:56:45 +07:00
msbolshakov
8f7c933fb8 decort_disk remake 2022-09-16 23:26:11 +07:00
Alex_geth
dd28084b76 Merge branch 'rc-5.0-demo' of ssh://git.digitalenergy.online:2221/rudecs/decort-ansible into rc-5.0-demo 2022-09-02 14:57:06 +03:00
Alex_geth
8d6ed618ab decort_vins update & k8 wg fix 2022-09-02 14:56:58 +03:00
Maksim Bolshakov
e2c9f591b8 Add new file 2022-08-23 10:07:44 +03:00
Maksim Bolshakov
ebdf9aa012 Add new file 2022-08-23 10:07:18 +03:00
Maksim Bolshakov
31d6774475 Add new example 2022-08-23 10:06:23 +03:00
Maksim Bolshakov
6148e67dd1 Add new file 2022-08-02 15:02:18 +03:00
Maksim Bolshakov
4c7922cb55 Add new file 2022-08-02 15:01:45 +03:00
Maksim Bolshakov
8d51555db1 Add new file 2022-08-02 15:00:52 +03:00
Maksim Bolshakov
ebfb465531 Add new file 2022-08-02 15:00:02 +03:00
Maksim Bolshakov
f3504a3d50 Add new file 2022-07-18 16:59:23 +03:00
Alex_geth
1c3558d6f3 Merge branch 'rc-5.0-demo' of ssh://git.digitalenergy.online:2221/rudecs/decort-ansible into rc-5.0-demo 2022-07-18 14:24:25 +03:00
Alex_geth
12a80e7cf4 vins connect 2022-07-18 14:21:38 +03:00
Maksim Bolshakov
38d24cfa0a Update kubernetes.yaml 2022-07-12 17:17:40 +03:00
Maksim Bolshakov
ebe1c76a43 Update basicservices.yaml 2022-07-12 11:32:10 +03:00
msbolshakov
224ac59779 osimage fix 2022-07-11 16:05:07 +07:00
msbolshakov
ff4273cbce module_utils_fix 2022-07-11 15:59:04 +07:00
msbolshakov
5e5b6f6b8a osimage examples 2022-07-11 15:48:02 +07:00
msbolshakov
c497979efa osimage update 2022-07-11 15:43:53 +07:00
msbolshakov
28876ae38d decort_osimage update 2022-07-08 19:12:17 +07:00
Aleksandr Malyavin
ebe1a9194f change directory name example>examples 2022-06-29 18:26:58 +03:00
msbolshakov
d9ad1fee21 examples 2022-06-29 20:13:09 +07:00
Alex_geth
4b23cf8bae bservice module fix 2022-06-29 15:54:21 +03:00
Alex_geth
5b809dee4f basic services addon 2022-06-28 03:55:28 +03:00
Maksim Bolshakov
ac93e76005 Add new file 2022-05-27 18:15:53 +03:00
Maksim Bolshakov
aae60a46b9 Add new file 2022-05-27 18:15:21 +03:00
Maksim Bolshakov
25af1b4428 Add new file 2022-05-27 18:14:37 +03:00
Alex_geth
e058925f9b fix 2 2022-05-27 17:45:12 +03:00
Alex_geth
f6b0da976b k8s update 2022-05-27 07:42:48 +03:00
Maksim Bolshakov
9b9b92ff07 Update cloud_init-example 2022-05-25 17:01:13 +03:00
Maksim Bolshakov
498b46b4f2 New example for DECORT kvmvm module 2022-05-25 17:00:45 +03:00
Maksim Bolshakov
85da544614 Add new directory 2022-05-25 16:52:01 +03:00
Alex_geth
be7841ba38 fix 1 2022-05-25 10:56:44 +03:00
Alex_geth
aabd5dab6e demo update 2022-05-20 14:37:13 +03:00
Alex_geth
4a9d181782 pyJWT > 2.0.0 2022-04-01 14:50:47 +03:00
Aleksandr Malyavin
ec7d1fd181 Fix if else statement 2022-04-01 14:35:20 +03:00
Aleksandr Malyavin
4f151e174b Some changes 2022-04-01 12:01:44 +03:00
Aleksandr Malyavin
0237c469c5 Change API for get task request cloudbroker>cloudapi 2022-04-01 12:00:50 +03:00
Alex_geth
ab44d18d21 pyJWT > 2.0.0 2022-03-29 15:01:15 +03:00
Alex_geth
75bda6d76d update pyJWT > 2.0.0 2022-03-29 14:59:32 +03:00
Aleksandr Malyavin
41ca42dcab add k8s library 2022-03-28 19:53:34 +03:00
40 changed files with 2706 additions and 1337 deletions
Expand all files Collapse all files

0
examples/.gitkeep Normal file
View File

38
examples/cloud_init.yaml Normal file
View File

@@ -0,0 +1,38 @@
#
# DECORT kvmvm module example
#
- hosts: ansible_master
tasks:
- name: create a VM named cloud-init_example
decort_kvmvm:
annotation: "VM managed by decort_kvmvm module"
authenticator: oauth2
app_id: "" # Application id from SSO Digital Energy
app_secret: "" # API key from SSO Digital Energy
controller_url: "" #"https://mr4.digitalenergy.online"
name: cloud-init_example
cpu: 2
ram: 2048
boot_disk: 10
image_name: "DECS Ubuntu 18.04 v1.2.3" #Name of OS image
networks:
- type: VINS
id: #VINS id
tags: "Ansible cloud init example"
state: present
rg_id: #Resource group id
ci_user_data:
- packages:
- apache2
- write_files:
- content: |
<div>
Hello World!
</div>
owner: user:user
path: /var/www/html/index.html
- hostname: test-apache
- ssh_keys:
- rsa_public: ssh-rsa AAAAOasDmLxnD= user@pc
delegate_to: localhost
register: simple_vm

22
examples/decort_disk/disk_create.yaml Normal file
View File

@@ -0,0 +1,22 @@
---
- hosts: localhost
tasks:
- name: manage data disk 01
decort_disk:
authenticator: oauth2
app_id: #Application id from SSO DigitalEnergy
app_secret: #Application secret from SSO DigitalEnergy
controller_url: "https://cloud.digitalenergy.online"
account_name: "account_name"
name: "example_disk"
sep_id: 1
pool: 0
gid: 0
size: 2
type: "D"
description: "Disk created by decort_disk module"
iops: 2000
state: present
verify_ssl: false
delegate_to: localhost

18
examples/decort_disk/disk_delete.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
- hosts: localhost
tasks:
- name: manage data disk 01
decort_disk:
authenticator: oauth2
app_id: #Application id from SSO DigitalEnergy
app_secret: #Application secret from SSO DigitalEnergy
controller_url: "https://cloud.digitalenergy.online"
account_name: "account_name"
name: "example_disk"
permanently: False
force_detach: True
reason: "Just to test module decort_disk"
state: absent
verify_ssl: false
delegate_to: localhost

28
examples/decort_disk/disk_limitIO.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
- hosts: localhost
tasks:
- name: manage data disk 01
decort_disk:
authenticator: oauth2
app_id: #Application id from SSO DigitalEnergy
app_secret: #Application secret from SSO DigitalEnergy
controller_url: "https://cloud.digitalenergy.online"
account_name: "account_name"
id: 111
limitIO:
read_bytes_sec: 100
read_bytes_sec_max: 100
read_iops_sec: 100
read_iops_sec_max: 100
size_iops_sec: 100
write_bytes_sec: 100
write_bytes_sec_max: 100
write_iops_sec: 100
write_iops_sec_max: 100
total_bytes_sec: 0
total_iops_sec: 0
total_bytes_sec_max: 0
total_iops_sec_max: 0
verify_ssl: false
delegate_to: localhost

15
examples/decort_disk/disk_rename.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
- hosts: localhost
tasks:
- name: manage data disk 01
decort_disk:
authenticator: oauth2
app_id: #Application id from SSO DigitalEnergy
app_secret: #Application secret from SSO DigitalEnergy
controller_url: "https://cloud.digitalenergy.online"
account_name: "account_name"
id: 111
name: "example_disk2"
verify_ssl: false
delegate_to: localhost

15
examples/decort_disk/disk_restore.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
- hosts: localhost
tasks:
- name: manage data disk 01
decort_disk:
authenticator: oauth2
app_id: #Application id from SSO DigitalEnergy
app_secret: #Application secret from SSO DigitalEnergy
controller_url: "https://cloud.digitalenergy.online"
account_name: "account_name"
id: 111
state: present
verify_ssl: false
delegate_to: localhost

0
examples/create-osimage.yaml → examples/decort_osimage/create-osimage.yaml
View File

0
examples/create-virtual-osimage.yaml → examples/decort_osimage/create-virtual-osimage.yaml
View File

0
examples/get-osimage.yaml → examples/decort_osimage/get-osimage.yaml
View File

0
examples/rename-osimage.yaml → examples/decort_osimage/rename-osimage.yaml
View File

20
examples/decort_rg/changeLimits_rg.yaml Normal file
View File

@@ -0,0 +1,20 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
quotas:
cpu: 8
ram: 4096
disk: 20
ext_ips: 10
net_transfer: 200
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

21
examples/decort_rg/changeResTypes_rg.yaml Normal file
View File

@@ -0,0 +1,21 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
resType:
- vins
- compute
- k8s
- openshift
- lb
- flipgroup
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

30
examples/decort_rg/create_rg.yaml Normal file
View File

@@ -0,0 +1,30 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
account_id: 99
owner: "user_1" #Leave blank to set current user as owner.
quotas:
cpu: 8
ram: 4096
disk: 20
ext_ips: 10
net_transfer: 200
access:
action: "grant"
user: "user_2"
right: "RCX"
def_netType: "PRIVATE"
ipcidr: "" "192.168.1.1"
extNetId: 0
extNetIp: "" "10.100.1.10"
resType:
- vins
- compute
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

15
examples/decort_rg/delete_rg.yaml Normal file
View File

@@ -0,0 +1,15 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "test_rg"
# or
#rg_id: 999
account_id: 99
state: present
permanently: True
verify_ssl: false
register: my_rg
delegate_to: localhost

12
examples/decort_rg/disable_rg.yaml Normal file
View File

@@ -0,0 +1,12 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_id: 999 # rg can be restored only by rg id
account_id: 99
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

14
examples/decort_rg/enable_rg.yaml Normal file
View File

@@ -0,0 +1,14 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
state: enabled
verify_ssl: false
register: my_rg
delegate_to: localhost

18
examples/decort_rg/grantAccess_rg.yaml Normal file
View File

@@ -0,0 +1,18 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
access:
action: "grant"
user: "new_user"
right: "R"
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

15
examples/decort_rg/rename_rg.yaml Normal file
View File

@@ -0,0 +1,15 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "old_rg_name"
# or
#rg_id: 1737
account_id: 99
rename: "new_rg_name"
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

17
examples/decort_rg/revokeAccess_rg.yaml Normal file
View File

@@ -0,0 +1,17 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
access:
action: "revoke"
user: "old_user"
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

16
examples/decort_rg/setDefNet_rg.yaml Normal file
View File

@@ -0,0 +1,16 @@
- hosts: localhost
tasks:
- name: create
decort_rg:
authenticator: oauth2
controller_url: "https://cloud.digitalenergy.online"
rg_name: "rg_created_by_module"
# or
#rg_id: 999
account_id: 99
def_netType: "PRIVATE"
def_netId: 199
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost

14
examples/hashivault/hashivault_create_engine.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
#
# This playbook create engine "test".
#
- hosts: localhost
tasks:
- hashivault_secret_engine:
url: "https://vault.domain.local"
authtype: ldap
username: "user"
password: "p@ssword"
state: present
name: test
backend: generic

17
examples/hashivault/hashivault_create_secret.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
#
# This playbook create secret "secret" with data foo:foe. If secret "secret" exists - add data foo:foe.
#
- hosts: localhost
tasks:
- hashivault_secret:
url: "https://vault.domain.local"
authtype: ldap
username: "user"
password: "p@ssword"
mount_point: "kv"
state: present
permanent: true
secret: secret
data:
foo: foe

35
examples/hashivault/hashivault_example.yaml Normal file
View File

@@ -0,0 +1,35 @@
---
- hosts: localhost
tasks:
- hashivault_read:
url: "https://vault.domain.local"
authtype: ldap
username: "user"
password: "p@ssword"
mount_point: kv
secret: secrets/myaccount
key: app_secret
version: 2
register: key
- name: create a VM using app_secret from hashicorp vault
decort_kvmvm:
annotation: "VM managed by decort_kvmvm module"
authenticator: oauth2
app_id: "" # Application id from SSO Digital Energy
app_secret: "{{ key }}" # API key from SSO Digital Energy
controller_url: "https://cloud.digitalenergy.online"
name: hashivault_read_example
cpu: 2
ram: 2048
boot_disk: 10
image_name: "DECS Ubuntu 18.04 v1.2.3" #Name of OS image
networks:
- type: VINS
id: 99 #VINS id
tags: "Ansible hashivault_read example"
state: present
rg_id: 99 #Resource group id
delegate_to: localhost
register: simple_vm

31
examples/hashivault/hashivault_plugin_example.yaml Normal file
View File

@@ -0,0 +1,31 @@
- hosts: localhost
tasks:
- name: Read a kv2 secret with kv mount point
vars:
ansible_hashi_vault_auth_method: ldap
ansible_hashi_vault_username: username
ansible_hashi_vault_password: pwd
ansible_hashi_vault_engine_mount_point: kv
ansible.builtin.set_fact:
response: "{{ lookup('community.hashi_vault.vault_kv2_get', 'secret', url='https://vault.domain.local') }}"
- name: create a VM using app_secret from hashicorp vault
decort_kvmvm:
annotation: "VM managed by decort_kvmvm module"
authenticator: oauth2
app_id: "" # Application id from SSO Digital Energy
app_secret: "{{ response.data.password }}" # API key from SSO Digital Energy
controller_url: "https://cloud.digitalenergy.online"
name: hashivault_read_example
cpu: 2
ram: 2048
boot_disk: 10
image_name: "DECS Ubuntu 18.04 v1.2.3" #Name of OS image
networks:
- type: VINS
id: 99 #VINS id
tags: "Ansible hashivault_read example"
state: present
rg_id: 99 #Resource group id
delegate_to: localhost
register: simple_vm

16
examples/hashivault/hashivault_plugin_login.yaml Normal file
View File

@@ -0,0 +1,16 @@
- hosts: localhost
tasks:
- name: Get auth token from vault
set_fact:
login_data: "{{ lookup('community.hashi_vault.vault_login', url='https://vault.domain.local', auth_method='ldap', username='username', password='pwd') }}"
- name: Perform multiple kv2 reads with a single Vault login, showing the secrets
vars:
ansible_hashi_vault_auth_method: token
ansible_hashi_vault_token: '{{ login_data | community.hashi_vault.vault_login_token }}'
ansible_hashi_vault_engine_mount_point: kv
paths:
- secret
- secret2
ansible.builtin.debug:
msg: "{{ lookup('community.hashi_vault.vault_kv2_get', *paths, auth_method='token', url='https://vault.domain.local') }}"

18
examples/hashivault/hashivault_plugin_read_secret.yaml Normal file
View File

@@ -0,0 +1,18 @@
- hosts: localhost
tasks:
- name: Read a kv2 secret with the default mount point
vars:
ansible_hashi_vault_auth_method: ldap
ansible_hashi_vault_username: username
ansible_hashi_vault_password: pwd
ansible_hashi_vault_engine_mount_point: kv
ansible.builtin.set_fact:
response: "{{ lookup('community.hashi_vault.vault_kv2_get', 'secret', url='https://vault.domain.local') }}"
- name: Display the results
ansible.builtin.debug:
msg:
- "Secret: {{ response.secret }}"
- "Data: {{ response.data }} (contains secret data & metadata in kv2)"
- "Metadata: {{ response.metadata }}"
- "Full response: {{ response.raw }}"

13
examples/hashivault/hashivault_read_secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
---
- hosts: localhost
tasks:
- hashivault_read:
url: "https://vault.domain.local"
authtype: ldap
username: "uset"
password: "p@ssword"
mount_point: kv
secret: secret
key: foo
version: 2
register: key

2
examples/inventory
View File

@@ -1,2 +0,0 @@
[all]
ansible_master ansible_host=<ansible host IP address> ansible_port=<SSH port on ansible host> ansible_user=root

18
examples/jwt.yaml
View File

@@ -1,18 +0,0 @@
#
# More details on how to use DECORT Ansible module can be found at:
# https://github.com/rudecs/decort-ansible/wiki
#
- hosts: ansible_master
tasks:
- name: obtain JWT
decort_jwt:
oauth2_url: "{{ decort_sso }}" # "https://sso.digitalenergy.online"
validity: 1200
register: my_jwt
delegate_to: localhost
- name: print out JWT
debug:
var: my_jwt.jwt
delegate_to: localhost

323
examples/main.yaml
View File

@@ -1,323 +0,0 @@
#
# More details on how to use DECORT Ansible module can be found at:
# https://github.com/rudecs/decort-ansible/wiki
#
- hosts: ansible_master
vars_files:
- vars.yaml
tasks:
- name: obtain JWT
decort_jwt:
oauth2_url: "{{ decort_sso }}"
validity: 1200
register: token
delegate_to: localhost
- name: obtain OS image
decort_osimage:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
image_name: "{{ os_image_name }}"
account_name: "{{ target_account_name }}"
verify_ssl: false
register: my_image
delegate_to: localhost
- name: print out the result
debug:
var: my_image.facts
delegate_to: localhost
- name: manage RG
decort_rg:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
account_id: 32
rg_name: "{{ target_rg_name }}"
state: present
verify_ssl: false
register: my_rg
delegate_to: localhost
- name: print out the result
debug:
var: my_rg.facts
delegate_to: localhost
- name: manage ViNS 01
decort_vins:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
vins_name: "{{ vins01_name }}"
rg_id: "{{ my_rg.facts.id }}"
ext_net_id: "{{ target_ext_net_id }}"
state: present
verify_ssl: false
register: my_vins01
delegate_to: localhost
- name: print out the result
debug:
var: my_vins01.facts
delegate_to: localhost
- name: manage ViNS 02
decort_vins:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
vins_name: "{{ vins02_name }}"
rg_id: "{{ my_rg.facts.id }}"
ext_net_id: -1
state: present
verify_ssl: false
register: my_vins02
delegate_to: localhost
- name: print out the result
debug:
var: my_vins02.facts
delegate_to: localhost
- name: manage data disk 01
decort_disk:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
name: "{{ datadisk01_name }}"
size: "{{ datadisk01_size }}"
account_name: "{{ target_account_name }}"
pool: data01
place_with: "{{ my_image.facts.id }}"
state: present
verify_ssl: false
register: my_disk01
delegate_to: localhost
- name: print out the result
debug:
var: my_disk01.facts
delegate_to: localhost
- name: manage data disk 02
decort_disk:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
name: "{{ datadisk02_name }}"
size: "{{ datadisk02_size }}"
account_name: "{{ target_account_name }}"
pool: data01
place_with: "{{ my_image.facts.id }}"
state: present
verify_ssl: false
register: my_disk02
delegate_to: localhost
- name: print out the result
debug:
var: my_disk02.facts
delegate_to: localhost
- name: manage KVM X86 VM
decort_kvmvm:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
name: "{{ vm01_name }}"
arch: KVM_X86
ram: "{{ vm01_ram }}"
cpu: "{{ vm01_cpu }}"
image_id: "{{ my_image.facts.id }}"
boot_disk: "{{ vm01_boot_disk }}"
data_disks:
- "{{ my_disk01.facts.id }}"
- "{{ my_disk02.facts.id }}"
networks:
- type: VINS
id: "{{ my_vins01.facts.id }}"
- type: VINS
id: "{{ my_vins02.facts.id }}"
- type: EXTNET
id: "{{ target_ext_net_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: present
verify_ssl: false
register: my_kvmvm
delegate_to: localhost
- name: print out the result
debug:
var: my_kvmvm.facts
delegate_to: localhost
- name: manage PFW rules on Compute
decort_pfw:
authenticator: jwt
jwt: "{{ token.jwt }}"
oauth2_url: "{{ decort_sso }}"
controller_url: "{{ decort_ctrl }}"
compute_id: "{{ my_kvmvm.facts.id }}"
vins_id: "{{ my_vins01.facts.id }}"
rules:
- public_port_start: 30022
local_port: 22
proto: tcp
- public_port_start: 30080
public_port_end: 30085
local_port: 30080
proto: tcp
state: present
verify_ssl: false
register: my_pfw
delegate_to: localhost
- name: print out the result
debug:
var: my_pfw.facts
delegate_to: localhost
- name: Create k8s cluster with params
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
master_count: 1
master_cpu: 2
master_ram_mb: 2048
master_disk_gb: 20
worker_count: 3
worker_cpu: 1
worker_ram_mb: 1024
worker_disk_gb: 20
extnet_id: "{{ target_ext_net_id }}"
with_lb: True
state: present
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost
- name: Disable k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: disabled
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost
- name: Delete in trash k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: absent
permanent: False
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost
- name: Restore from trash deleted k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: enabled
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost
- name: Enable k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: enabled
register: k8s
delegate_to: localhost
- name: Enable k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: enabled
started: True
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost
- name: Destroy k8s cluster
decort_k8s:
authenticator: jwt
jwt: "{{ token.jwt }}"
controller_url: "{{ decort_ctrl }}"
k8s_name: "k8s_cluster_name"
wg_name: "k8s_wg_name"
k8ci_id: "{{ k8ci_id }}"
rg_id: "{{ my_rg.facts.id }}"
state: absent
permanent: True
register: k8s
delegate_to: localhost
- name: print out the result
debug:
var: k8s
delegate_to: localhost

21
examples/prepenv.sh
View File

@@ -1,21 +0,0 @@
#!/bin/bash
# 1. As this file will contain sensitive data (application ID & Secret pair) put this file
# in a directory, where only you will have access to it, e.g. your ~/.ssh directory.
# 2. Make sure this file is not readable by anybody else (chmod 400).
# 3. Paste your Application ID (obtained from DECORT SSO application) to DECORT_APP_ID.
# 4. Paste your Application Secret (obtained from DECORT SSO application) to DECORT_APP_SECRET.
# 5. Paste DECORT SSO application URL to DECORT_OAUTH2_URL.
#
# Source this file into shell to prepare environment for running DECORT Ansible module, e.g.
# . ~/.ssh/prepenv.sh
#
# More informaiton on DECORT Ansible module can be found at:
# https://github.com/rudecs/decort-ansible/wiki
#
export DECORT_APP_ID="put your application ID here"
export DECORT_APP_SECRET="put your application secret here"
export DECORT_OAUTH2_URL="put DECORT SSO URL here" # "https://sso.digitalenergy.online"
export ANSIBLE_HOST_KEY_CHEKCING=False

26
examples/vars.yaml
View File

@@ -1,26 +0,0 @@
#
# More details on how to use DECORT Ansible module can be found at:
# https://github.com/rudecs/decort-ansible/wiki
#
decort_sso: "put DECORT SSO application URL here" # "https://sso.digitalenergy.online"
decort_ctrl: "put DECORT controller URL here" # "https://ds1.digitalenergy.online"
target_account_name: "your account name"
target_rg_name: "target resource group name"
os_image_name: "OS image name"
vins01_name: "Vins01-ansible"
vins02_name: "Vins02-ansible"
target_ext_net_id: 0
datadisk01_name: "Data01-ansible"
datadisk01_size: 5
datadisk02_name: "Data02-ansible"
datadisk02_size: 5
vm01_name: "Vm01-ansible"
vm01_cpu: 1
vm01_ram: 1024
vm01_boot_disk: 10

627
library/decort_disk.py
View File

@@ -157,6 +157,16 @@ options:
- `If specified for an existing disk, and it is greater than current disk size, platform will try to resize
the disk on the fly. Downsizing disk is not allowed.`
required: no
limitIO:
description:
- Disk input / output limit, used to limit the speed of interaction with the disk.
required: no
type:
description:
- Type of the disk.
- `Disks can be of the following types: "D"-Data, "B"-Boot, "T"-Tmp.`
default: "D"
required: no
state:
description:
- Specify the desired state of the disk at the exit of the module.
@@ -234,103 +244,277 @@ facts:
gid: 1001
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.basic import env_fallback
from ansible.module_utils.decort_utils import *
class decort_disk(DecortController):
def __init__(self,amodule):
super(decort_disk, self).__init__(amodule)
def decort_disk_package_facts(disk_facts, check_mode=False):
"""Package a dictionary of disk facts according to the decort_disk module specification.
This dictionary will be returned to the upstream Ansible engine at the completion of
the module run.
self.validated_account_id = 0
self.validated_disk_id = 0
self.disk_facts = None # will hold Disk facts
self.acc_facts = None # will hold Account facts
@param (dict) disk_facts: dictionary with Disk facts as returned by API call to .../disks/get
@param (bool) check_mode: boolean that tells if this Ansible module is run in check mode
"""
# limitIO check for exclusive parameters
if amodule.params['limitIO']:
limit = amodule.params['limitIO']
if limit['total_bytes_sec'] > 0 and limit['read_bytes_sec'] > 0 or \
limit['total_bytes_sec'] > 0 and limit['write_bytes_sec'] > 0:
self.result['failed'] = True
self.result['msg'] = ("total and read/write of bytes_sec cannot be set at the same time.")
amodule.fail_json(**self.result)
elif limit['total_iops_sec'] > 0 and limit['read_iops_sec'] > 0 or \
limit['total_iops_sec'] > 0 and limit['write_iops_sec'] > 0:
self.result['failed'] = True
self.result['msg'] = ("total and read/write of iops_sec cannot be set at the same time.")
amodule.fail_json(**self.result)
elif limit['total_bytes_sec_max'] > 0 and limit['read_bytes_sec_max'] > 0 or \
limit['total_bytes_sec_max'] > 0 and limit['write_bytes_sec_max'] > 0:
self.result['failed'] = True
self.result['msg'] = ("total and read/write of bytes_sec_max cannot be set at the same time.")
amodule.fail_json(**self.result)
elif limit['total_iops_sec_max'] > 0 and limit['read_iops_sec_max'] > 0 or \
limit['total_iops_sec_max'] > 0 and limit['write_iops_sec_max'] > 0:
self.result['failed'] = True
self.result['msg'] = ("total and read/write of iops_sec_max cannot be set at the same time.")
amodule.fail_json(**self.result)
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
size=0,
account_id=0,
sep_id=0,
pool="none",
attached_to=0,
gid=0
)
if check_mode:
# in check mode return immediately with the default values
if amodule.params['account_id']:
self.validated_account_id = amodule.params['account_id']
elif amodule.params['account_name']:
self.validated_account_id, _ = self.account_find(amodule.params['account_name'])
elif not amodule.params['id'] and not amodule.params['account_name']:
self.result['failed'] = True
self.result['msg'] = ("Cannot found disk without account id or name.")
amodule.fail_json(**self.result)
if self.validated_account_id == 0 and not amodule.params['id']:
# we failed either to find or access the specified account - fail the module
self.result['failed'] = True
self.result['msg'] = ("Cannot find account '{}'").format(amodule.params['account_name'])
amodule.fail_json(**self.result)
if amodule.params['id'] or amodule.params['name']:
self.validated_disk_id, self.disk_facts = self.decort_disk_find(amodule)
else:
self.result['failed'] = True
self.result['msg'] = ("Cannot find or create disk without disk name or disk id")
amodule.fail_json(**self.result)
if amodule.params['place_with'] > 0:
image_id, image_facts = self.image_find(amodule.params['place_with'], "", 0)
amodule.params['sep_id']= image_facts['sepId']
def decort_disk_create(self, amodule):
if not self.disk_facts:
self.disk_id = self.disk_create(accountId=self.validated_account_id, gid=amodule.params['gid'],
name=amodule.params['name'], description=amodule.params['description'],
size=amodule.params['size'], type=amodule.params['type'],
iops=amodule.params['iops'],
sep_id=amodule.params['sep_id'], pool=amodule.params['pool'])
self.result['msg'] = ("Disk with id '{}' successfully created.").format(self.disk_id)
elif self.disk_facts['status'] in ["DESTROYED", "PURGED"]:
if not amodule.params['limitIO']:
amodule.params['limitIO'] = self.disk_facts['iotune']
if amodule.params['sep_id'] == 0:
validated_sep_id = self.disk_facts['sepId']
else:
validated_sep_id = amodule.params['sep_id']
if amodule.params['pool'] == 0:
validated_pool = self.disk_facts['pool']
else:
validated_pool = amodule.params['pool']
if amodule.params['size'] == 0:
validated_size = self.disk_facts['sizeMax']
else:
validated_size = amodule.params['size']
if amodule.params['gid'] == 0:
validated_gid = self.disk_facts['gid']
else:
validated_gid = amodule.params['gid']
self.disk_id = self.disk_create(accountId=self.validated_account_id, gid=validated_gid,
name=self.disk_facts['name'], description=amodule.params['description'],
size=validated_size, type=self.disk_facts['type'],
iops=self.disk_facts['iotune']['total_iops_sec'],
sep_id=validated_sep_id, pool=validated_pool)
if not amodule.params['limitIO']:
amodule.params['limitIO'] = self.disk_facts['iotune']
self.result['msg'] = ("Disk with id '{}' successfully recreated.").format(self.disk_id)
self.result['failed'] = False
self.result['changed'] = True
return self.disk_id
def decort_disk_delete(self, amodule):
self.disk_id = self.disk_delete(disk_id=self.validated_disk_id,
detach=amodule.params['force_detach'],
permanently=amodule.params['permanently'],
reason=amodule.params['reason'])
return
def decort_disk_find(self, amodule):
if amodule.params['name'] and not amodule.params['id']:
self.disk_id, self.disk_facts = self.disk_find(disk_id=self.validated_disk_id,
name=amodule.params['name'],
account_id=self.validated_account_id)
elif self.validated_disk_id > 0:
self.disk_id, self.disk_facts = self.disk_find(disk_id=self.validated_disk_id,
name=self.disk_facts['name'],
account_id=0)
elif amodule.params['id']:
self.disk_id, self.disk_facts = self.disk_find(disk_id=amodule.params['id'],
name=amodule.params['name'],
account_id=0)
if not self.disk_id and not amodule.params['name']:
self.result['failed'] = True
self.result['msg'] = "Specified Disk ID {} not found.".format(amodule.params['id'])
amodule.fail_json(**self.result)
self.result['facts'] = decort_disk.decort_disk_package_facts(self.disk_facts)
return self.disk_id, self.disk_facts
def decort_disk_limitIO(self, amodule):
self.limits = amodule.params['limitIO']
self.disk_limitIO(limits = self.limits,
diskId = self.validated_disk_id)
self.disk_facts['iotune'] = amodule.params['limitIO']
self.result['facts'] = decort_disk.decort_disk_package_facts(self.disk_facts)
return
def decort_disk_rename(self, amodule):
self.disk_rename(diskId = self.validated_disk_id,
name = amodule.params['name'])
self.disk_facts['name'] = amodule.params['name']
self.result['facts'] = decort_disk.decort_disk_package_facts(self.disk_facts)
self.result['msg'] = ("Disk with id '{}',successfully renamed to '{}'.").format(self.validated_disk_id, amodule.params['name'])
return
def decort_disk_package_facts(disk_facts, check_mode=False):
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
size=0,
account_id=0,
sep_id=0,
pool="none",
attached_to=0,
gid=0
)
if check_mode:
# in check mode return immediately with the default values
return ret_dict
if disk_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
ret_dict['id'] = disk_facts['id']
ret_dict['name'] = disk_facts['name']
ret_dict['size'] = disk_facts['sizeMax']
ret_dict['state'] = disk_facts['status']
ret_dict['account_id'] = disk_facts['accountId']
ret_dict['sep_id'] = disk_facts['sepId']
ret_dict['pool'] = disk_facts['pool']
ret_dict['attached_to'] = disk_facts['vmid']
ret_dict['gid'] = disk_facts['gid']
ret_dict['iotune'] = disk_facts['iotune']
return ret_dict
if disk_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
def decort_disk_parameters():
"""Build and return a dictionary of parameters expected by decort_disk module in a form accepted
by AnsibleModule utility class."""
ret_dict['id'] = disk_facts['id']
ret_dict['name'] = disk_facts['name']
ret_dict['size'] = disk_facts['sizeMax']
ret_dict['state'] = disk_facts['status']
ret_dict['account_id'] = disk_facts['accountId']
ret_dict['sep_id'] = disk_facts['sepId']
ret_dict['pool'] = disk_facts['pool']
ret_dict['attached_to'] = disk_facts['vmid']
ret_dict['gid'] = disk_facts['gid']
return ret_dict
def decort_disk_parameters():
"""Build and return a dictionary of parameters expected by decort_disk module in a form accepted
by AnsibleModule utility class."""
return dict(
account_id=dict(type='int', required=False, default=0),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default='Disk by decort_disk'),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
return dict(
account_id=dict(type='int', required=False, default=0),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default='Disk by decort_disk'),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
id=dict(type='int', required=False, default=0),
name=dict(type='str', required=False),
force_detach=dict(type='bool', required=False, default=False),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
id=dict(type='int', required=False, default=0),
name=dict(type='str', required=False),
force_detach=dict(type='bool', required=False, default=False),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
place_with=dict(type='int', default=0),
pool=dict(type='str', default=''),
sep_id=dict(type='int', default=0),
gid=dict(type='int', default=0),
size=dict(type='int', default=0),
type=dict(type='str',
required=False,
default="D",
choices=['B', 'D', 'T']),
iops=dict(type='int', default=2000),
limitIO=dict(type='dict',
options=dict(
total_bytes_sec=dict(default=0,type='int'),
read_bytes_sec=dict(default=0,type='int'),
write_bytes_sec=dict(default=0,type='int'),
total_iops_sec=dict(default=0,type='int'),
read_iops_sec=dict(default=0,type='int'),
write_iops_sec=dict(default=0,type='int'),
total_bytes_sec_max=dict(default=0,type='int'),
read_bytes_sec_max=dict(default=0,type='int'),
write_bytes_sec_max=dict(default=0,type='int'),
total_iops_sec_max=dict(default=0,type='int'),
read_iops_sec_max=dict(default=0,type='int'),
write_iops_sec_max=dict(default=0,type='int'),
size_iops_sec=dict(default=0,type='int'),)),
permanently=dict(type='bool', required=False, default=False),
reason=dict(type='int', required=False),
description=dict(type='str', required=False,
default="Disk created with Ansible Decort_disk module."),
state=dict(type='str',
default='present',
choices=['absent', 'present']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
place_with=dict(type='int', required=False, default=0),
pool=dict(type='str', required=False, default=''),
sep_id=dict(type='int', required=False, default=0),
size=dict(type='int', required=False),
state=dict(type='str',
default='present',
choices=['absent', 'present']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_USER'])),
verify_ssl=dict(type='bool', required=False, default=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
fallback=(env_fallback, ['DECORT_USER'])),
verify_ssl=dict(type='bool', required=False, default=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
def main():
module_parameters = decort_disk_parameters()
module_parameters = decort_disk.decort_disk_parameters()
amodule = AnsibleModule(argument_spec=module_parameters,
supports_check_mode=True,
@@ -345,197 +529,106 @@ def main():
],
)
decon = DecortController(amodule)
decon = decort_disk(amodule)
disk_id = 0
disk_facts = None # will hold Disk facts
validated_acc_id = 0
acc_facts = None # will hold Account facts
if amodule.params['id']:
# expect existing Disk with the specified ID
# This call to disk_find will abort the module if no Disk with such ID is present
disk_id, disk_facts = decon.disk_find(amodule.params['id'])
if not disk_id:
decon.result['failed'] = True
decon.result['msg'] = "Specified Disk ID {} not found.".format(amodule.params['id'])
if decon.validated_disk_id == 0 and amodule.params['state'] == 'present':
# if sep_id or place_with not specified, then exit with error
if amodule.params['sep_id'] == 0 and amodule.params['place_with'] == 0:
decon.result['msg'] = ("To create a disk, you must specify sep_id or place_with.")\
.format(decon.validated_disk_id)
amodule.fail_json(**decon.result)
validated_acc_id =disk_facts['accountId']
elif amodule.params['account_id'] > 0 or amodule.params['account_name'] != "":
# Make sure disk name is specified, if not - fail the module
if amodule.params['name'] == "":
decon.result['failed'] = True
decon.result['msg'] = ("Cannot manage disk if both ID is 0 and disk name is empty.")
amodule.fail_json(**decon.result)
# Specified account must be present and accessible by the user, otherwise abort the module
validated_acc_id, acc_facts = decon.account_find(amodule.params['account_name'], amodule.params['account_id'])
if not validated_acc_id:
decon.result['failed'] = True
decon.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
amodule.fail_json(**decon.result)
# This call to disk_find may return disk_id=0 if no Disk with this name found in
disk_id, disk_facts = decon.disk_find(disk_id=0, disk_name=amodule.params['name'],
account_id=validated_acc_id,
check_state=False)
else:
# this is "invalid arguments combination" sink
# if we end up here, it means that module was invoked with disk_id=0 and undefined account
decon.result['failed'] = True
if amodule.params['account_id'] == 0 and amodule.params['account_name'] == "":
decon.result['msg'] = "Cannot find Disk by name when account name is empty and account ID is 0."
if amodule.params['name'] == "":
decon.result['msg'] = "Cannot find Disk by empty name."
amodule.fail_json(**decon.result)
#
# Initial validation of module arguments is complete
#
# At this point non-zero disk_id means that we will be managing pre-existing Disk
# Otherwise we are about to create a new disk
#
# Valid Disk model statii are as follows:
#
# "CREATED", "ASSIGNED", DELETED", "DESTROYED", "PURGED"
#
disk_should_exist = False
target_sep_id = 0
# target_pool = ""
# if id cannot cannot be found and have a state 'present', then create a new disk
decon.validated_disk_id = decon.decort_disk_create(amodule)
_, decon.disk_facts = decon.decort_disk_find(amodule)
decon.result['changed'] = True
decon.result['msg'] = ("Disk with id '{}' successfully created.").format(decon.validated_disk_id)
if disk_id:
disk_should_exist = True
if disk_facts['status'] in ["MODELED", "CREATING" ]:
# error: nothing can be done to existing Disk in the listed statii regardless of
# the requested state
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("No change can be done for existing Disk ID {} because of its current "
"status '{}'").format(disk_id, disk_facts['status'])
elif disk_facts['status'] in ["CREATED", "ASSIGNED"]:
if amodule.params['state'] == 'absent':
decon.disk_delete(disk_id, True, amodule.params['force_detach']) # delete permanently
disk_facts['status'] = 'DESTROYED'
disk_should_exist = False
elif amodule.params['state'] == 'present':
# resize Disk as necessary & if possible
if decon.check_amodule_argument('size', False):
decon.disk_resize(disk_facts, amodule.params['size'])
elif disk_facts['status'] == "DELETED":
if amodule.params['state'] == 'present':
# restore
decon.disk_restore(disk_id)
_, disk_facts = decon.disk_find(disk_id)
decon.disk_resize(disk_facts, amodule.params['size'])
disk_should_exist = True
elif amodule.params['state'] == 'absent':
# destroy permanently
decon.disk_delete(disk_id, permanently=True)
disk_facts['status'] = 'DESTROYED'
disk_should_exist = False
elif disk_facts['status'] in ["DESTROYED", "PURGED"]:
if amodule.params['state'] == 'present':
# Need to re-provision this Disk.
# Some attributes may change, some must stay the same:
# - disk name - stays, take from disk_facts
# - account ID - stays, take from validated account ID
# - size - may change, take from module arguments
# - SEP ID - may change, build based on module arguments
# - pool - may change, take from module arguments
# - annotation - may change, take from module arguments
#
# First validate required parameters:
decon.check_amodule_argument('size') # this will fail the module if size is not specified
target_sep_id = 0
if decon.check_amodule_argument('sep_id', False) and amodule.params['sep_id'] > 0:
# non-zero sep_id is explicitly passed in module arguments
target_sep_id = amodule.params['sep_id']
elif decon.check_amodule_argument('place_with', False) and amodule.params['place_with'] > 0:
# request to place this disk on the same SEP as the specified OS image
# validate specified OS image and assign SEP ID accordingly
image_id, image_facts = decon.image_find(amodule.params['place_with'], "", 0)
target_sep_id = image_facts['sepId']
else:
# no new SEP ID is explicitly specified, and no place_with option - use sepId from the disk_facts
target_sep_id = disk_facts['sepId']
disk_id = decon.disk_provision(disk_name=disk_facts['name'], # as this disk was found, its name is in the facts
size=amodule.params['size'],
account_id=validated_acc_id,
sep_id=target_sep_id,
pool=amodule.params['pool'],
desc=amodule.params['annotation'],
location="")
disk_should_exist = True
elif amodule.params['state'] == 'absent':
# nop
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("No state change required for Disk ID {} because of its "
"current status '{}'").format(disk_id,
disk_facts['status'])
disk_should_exist = False
else:
# disk_id =0 -> pre-existing Disk was not found.
disk_should_exist = False # we will change it back to True if Disk is created successfully
# If requested state is 'absent' - nothing to do
if amodule.params['state'] == 'absent':
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("Nothing to do as target state 'absent' was requested for "
"non-existent Disk name '{}'").format(amodule.params['name'])
elif amodule.params['state'] == 'present':
decon.check_amodule_argument('name') # if disk name not specified, fail the module
decon.check_amodule_argument('size') # if disk size not specified, fail the module
# as we already have account ID, we can create Disk and get disk id on success
if decon.check_amodule_argument('sep_id', False) and amodule.params['sep_id'] > 0:
# non-zero sep_id is explicitly passed in module arguments
target_sep_id = amodule.params['sep_id']
elif decon.check_amodule_argument('place_with', False) and amodule.params['place_with'] > 0:
# request to place this disk on the same SEP as the specified OS image
# validate specified OS image and assign SEP ID accordingly
image_id, image_facts = decon.image_find(amodule.params['place_with'], "", 0)
target_sep_id = image_facts['sepId']
else:
# no SEP ID is explicitly specified, and no place_with option - we do not know where
# to place the new disk - fail the module
decon.result['failed'] = True
decon.result['msg'] = ("Cannot create new Disk name '{}': no SEP ID specified and "
"no 'place_with' option used.").format(amodule.params['name'])
amodule.fail_json(**decon.result)
disk_id = decon.disk_provision(disk_name=amodule.params['name'],
size=amodule.params['size'],
account_id=validated_acc_id,
sep_id=target_sep_id,
pool_name=amodule.params['pool'],
desc=amodule.params['annotation'],
location="")
disk_should_exist = True
elif amodule.params['state'] == 'disabled':
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for non-existent "
"Disk name '{}'").format(amodule.params['state'],
amodule.params['name'])
#
# conditional switch end - complete module run
#
if decon.result['failed']:
amodule.fail_json(**decon.result)
else:
# prepare Disk facts to be returned as part of decon.result and then call exit_json(...)
if disk_should_exist:
if decon.result['changed']:
# If we arrive here, there is a good chance that the Disk is present - get fresh Disk
# facts by Disk ID.
# Otherwise, Disk facts from previous call (when the Disk was still in existence) will
# be returned.
_, disk_facts = decon.disk_find(disk_id)
decon.result['facts'] = decort_disk_package_facts(disk_facts, amodule.check_mode)
elif decon.validated_disk_id == 0 and amodule.params['state'] == 'absent' and amodule.params['name']:
# if disk with specified name cannot be found and have a state 'absent', then nothing to do,
# specified disk already deleted
decon.result['msg'] = ("Disk with name '{}' has already been deleted or your account does not have"
" access to it.")\
.format(amodule.params['name'])
amodule.exit_json(**decon.result)
elif decon.validated_disk_id == 0 and amodule.params['state'] == 'absent' and amodule.params['id']:
# if disk with specified id cannot be found and have a state 'absent', then nothing to do,
# specified disk already deleted
decon.result['msg'] = ("Disk with name '{}' has already been deleted or your account does not have"
" access to it.")\
.format(decon.validated_disk_id)
amodule.exit_json(**decon.result)
elif decon.disk_facts['status'] == "CREATED":
if amodule.params['state'] == 'present':
# if disk status in condition "CREATED" and state "present", nothing to do,
# specified disk already created
decon.result['msg'] = "Specified Disk ID {} already created.".format(decon.validated_disk_id)
if amodule.params['state'] == 'absent':
# if disk status in condition "CREATED" and state "absent", delete the disk
decon.validated_disk_id = decon.decort_disk_delete(amodule)
decon.disk_facts['status'] = "DESTROYED"
decon.result['msg'] = ("Disk with id '{}' successfully deleted.").format(decon.disk_facts['id'])
decon.result['facts'] = decon.decort_disk_package_facts(decon.disk_facts)
amodule.exit_json(**decon.result)
elif decon.disk_facts['status'] in ["MODELED", "CREATING" ]:
# if disk in status "MODELED" or "CREATING",
# then we cannot do anything, while disk in this status
decon.result['changed'] = False
decon.result['msg'] = ("Cannot do anything with disk id '{}',please wait until disk will be created.")\
.format(decon.validated_disk_id)
amodule.fail_json(**decon.result)
elif decon.disk_facts['status'] == "DELETED":
if amodule.params['state'] == 'present':
# if disk in "DELETED" status and "present" state, restore
decon.disk_restore(decon.validated_disk_id)
_, decon.disk_facts = decon.decort_disk_find(amodule)
decon.result['changed'] = True
decon.result['msg'] = ("Disk with id '{}',restored successfully.").format(decon.validated_disk_id)
elif amodule.params['state'] == 'absent':
# if disk in "DELETED" status and "absent" state, nothing to do
decon.result['msg'] = "Specified Disk ID {} already destroyed.".format(decon.validated_disk_id)
amodule.exit_json(**decon.result)
elif decon.disk_facts['status'] in ["DESTROYED", "PURGED"]:
if amodule.params['state'] == 'present':
decon.validated_disk_id = decon.decort_disk_create(amodule)
_, decon.disk_facts = decon.decort_disk_find(amodule)
elif amodule.params['state'] == 'absent':
decon.result['msg'] = "Specified Disk ID {} already destroyed.".format(decon.validated_disk_id)
amodule.exit_json(**decon.result)
if amodule.params['state'] == "present":
if decon.disk_facts['sizeMax'] != amodule.params['size']:
if decon.disk_facts['sizeMax'] > amodule.params['size'] and amodule.params['size'] != 0:
decon.result['failed'] = True
decon.result['msg'] = ("Disk id '{}', cannot reduce disk size.").format(decon.validated_disk_id)
amodule.fail_json(**decon.result)
elif decon.disk_facts['sizeMax'] < amodule.params['size']:
decon.disk_resize(disk_facts=decon.disk_facts,
new_size=amodule.params['size'])
decon.result['changed'] = True
decon.disk_facts['size'] = amodule.params['size']
decon.result['msg'] = ("Disk with id '{}',resized successfully.").format(decon.validated_disk_id)
if amodule.params['limitIO'] and amodule.params['limitIO'] != decon.disk_facts['iotune']:
decon.decort_disk_limitIO(amodule)
decon.result['changed'] = True
decon.result['msg'] = ("Disk with id '{}',limited successfully.").format(decon.validated_disk_id)
if amodule.params['name'] and amodule.params['id']:
if amodule.params['name'] != decon.disk_facts['name']:
decon.decort_disk_rename(amodule)
decon.result['changed'] = True
decon.result['msg'] = ("Disk with id '{}',renamed successfully from '{}' to '{}'.")\
.format(decon.validated_disk_id, decon.disk_facts['name'], amodule.params['name'])
amodule.exit_json(**decon.result)
if __name__ == "__main__":
main()

6
library/decort_k8s.py
View File

@@ -114,10 +114,10 @@ class decort_k8s(DecortController):
return ret_dict
def nop(self):
"""No operation (NOP) handler for Compute management by decort_kvmvm module.
"""No operation (NOP) handler for k8s cluster management by decort_k8s module.
This function is intended to be called from the main switch construct of the module
when current state -> desired state change logic does not require any changes to
the actual Compute state.
the actual k8s cluster state.
"""
self.result['failed'] = False
self.result['changed'] = False
@@ -319,7 +319,7 @@ def main():
if amodule.params['state'] == 'absent':
subj.nop()
if amodule.params['state'] in ('present','started'):
subj.create()
subj.create()
elif amodule.params['state'] in ('stopped', 'disabled','enabled'):
subj.error()

328
library/decort_lb.py Normal file
View File

@@ -0,0 +1,328 @@
#!/usr/bin/python
#
# Digital Enegry Cloud Orchestration Technology (DECORT) modules for Ansible
# Copyright: (c) 2018-2022 Digital Energy Cloud Solutions LLC
#
# Apache License 2.0 (see http://www.apache.org/licenses/LICENSE-2.0.txt)
#
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = '''
TODO
'''
EXAMPLES = '''
TODO
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.basic import env_fallback
from ansible.module_utils.decort_utils import *
class decort_lb(DecortController):
def __init__(self,arg_amodule) -> None:
super(decort_lb,self).__init__(arg_amodule)
self.lb_id = 0
self.lb_facts = None
self.vins_id = 0
self.vins_facts = None
self.rg_id = 0
self.rg_facts = None
self.acc_id = 0
self.acc_facts = None
self.default_server_check = "enabled"
self.default_alg = "roundrobin"
self.default_settings = {
"downinter": 10000,
"fall": 2,
"inter": 5000,
"maxconn": 250,
"maxqueue": 256,
"rise": 2,
"slowstart": 60000,
"weight": 100,
}
if arg_amodule.params['lb_id']:
self.lb_id, self.lb_facts = self.lb_find(arg_amodule.params['lb_id'])
if not self.lb_id:
self.result['failed'] = True
self.result['msg'] = "Specified LB ID {} not found."\
.format(arg_amodule.params['lb _id'])
self.fail_json(**self.result)
self.acc_id = self.lb_facts['accountId']
self.rg_id = self.lb_facts['rgId']
self.vins_id = self.lb_facts['vinsId']
return
if arg_amodule.params['rg_id']:
self.rg_id, self.rg_facts = self.rg_find(0,arg_amodule.params['rg_id'], arg_rg_name="")
if not self.rg_id:
self.result['failed'] = True
self.result['msg'] = "Specified RG ID {} not found.".format(arg_amodule.params['vins_id'])
self.fail_json(**self.result)
if arg_amodule.params['vins_id']:
self.vins_id, self.vins_facts = self.vins_find(arg_amodule.params['vins_id'])
if not self.vins_id:
self.result['failed'] = True
self.result['msg'] = "Specified ViNS ID {} not found.".format(arg_amodule.params['vins_id'])
self.fail_json(**self.result)
elif arg_amodule.params['account_id'] or arg_amodule.params['account_name'] != "":
if arg_amodule.params['rg_name']:
self.result['failed'] = True
self.result['msg'] = ("RG name must be specified with account present")
self.fail_json(**self.result)
self.acc_id, self.acc_facts = self.account_find(arg_amodule.params['account_name'],
arg_amodule.params['account_id'])
if not self.acc_id:
self.result['failed'] = True
self.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
self.fail_json(**self.result)
self.rg_id, self.rg_facts = self.rg_find(self._acc_id,0, arg_rg_name=arg_amodule.params['rg_name'])
if self.rg_id and self.vins_id:
self.lb_id, self.lb_facts = self.lb_find(0,arg_amodule.params['lb_name'],self.rg_id)
return
def create(self):
self.lb_id = self.lb_provision(self.amodule.params['lb_name'],
self.rg_id,self.vins_id,
self.amodule.params['ext_net_id'],
self.amodule.params['annotation'])
if self.amodule.params['backends'] or self.amodule.params['frontends']:
self.lb_id, self.lb_facts = self.lb_find(0,self.amodule.params['lb_name'],self.rg_id)
self.lb_update(
self.lb_facts['backends'],
self.lb_facts['frontends'],
self.amodule.params['backends'],
self.amodule.params['servers'],
self.amodule.params['frontends']
)
return
def action(self,d_state='',restore=False):
if restore == True:
self.lb_restore(arg_vins_id=self.lb_id)
self.lb_state(self.vins_facts, 'enabled')
self.lb_facts['status'] = "ENABLED"
self.lb_facts['techStatus'] = "STARTED"
self.lb_update(
self.lb_facts['backends'],
self.lb_facts['frontends'],
self.amodule.params['backends'],
self.amodule.params['servers'],
self.amodule.params['frontends']
)
if d_state != '':
self.lb_state(self.lb_facts, d_state)
return
def delete(self):
self.lb_delete(self.lb_id, self.amodule.params['permanently'])
self.lb_facts['status'] = 'DESTROYED'
return
def nop(self):
"""No operation (NOP) handler for LB management by decort_lb module.
This function is intended to be called from the main switch construct of the module
when current state -> desired state change logic does not require any changes to
the actual LB state.
"""
self.result['failed'] = False
self.result['changed'] = False
if self.lb_id:
self.result['msg'] = ("No state change required for LB ID {} because of its "
"current status '{}'.").format(self.lb_id, self.vins_facts['status'])
else:
self.result['msg'] = ("No state change to '{}' can be done for "
"non-existent LB instance.").format(self.amodule.params['state'])
return
def error(self):
self.result['failed'] = True
self.result['changed'] = False
if self.vins_id:
self.result['failed'] = True
self.result['changed'] = False
self.result['msg'] = ("Invalid target state '{}' requested for LB ID {} in the "
"current status '{}'").format(self.lb_id,
self.amodule.params['state'],
self.lb_facts['status'])
else:
self.result['failed'] = True
self.result['changed'] = False
self.result['msg'] = ("Invalid target state '{}' requested for non-existent "
"LB name '{}'").format(self.amodule.params['state'],
self.amodule.params['lb_name'])
return
def package_facts(self, arg_check_mode=False):
"""Package a dictionary of LB facts according to the decort_lb module specification.
This dictionary will be returned to the upstream Ansible engine at the completion of
the module run.
@param arg_check_mode: boolean that tells if this Ansible module is run in check mode
"""
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
)
if arg_check_mode:
# in check mode return immediately with the default values
return ret_dict
if self.vins_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
ret_dict['id'] = self.lb_facts['id']
ret_dict['name'] = self.lb_facts['name']
ret_dict['state'] = self.lb_facts['status']
#ret_dict['account_id'] = self.lb_facts['accountId']
ret_dict['rg_id'] = self.lb_facts['rgId']
ret_dict['gid'] = self.lb_facts['gid']
if self.amodule.params['state']!="absent":
ret_dict['backends'] = self.lb_facts['backends']
ret_dict['frontends'] = self.lb_facts['frontends']
return ret_dict
@staticmethod
def build_parameters():
"""Build and return a dictionary of parameters expected by decort_vins module in a form accepted
by AnsibleModule utility class."""
return dict(
account_id=dict(type='int', required=False),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default='Managed by Ansible module decort_lb'),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
# datacenter=dict(type='str', required=False, default=''),
ext_net_id=dict(type='int', required=False, default=-1),
ext_ip_addr=dict(type='str', required=False, default=''),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
state=dict(type='str',
default='present',
choices=['absent', 'disabled', 'enabled', 'present','restart']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_USER'])),
rg_id=dict(type='int', required=False, default=0),
rg_name=dict(type='str', required=False, default=''),
vins_name=dict(type='str', required=False, default=''),
vins_id=dict(type='int', required=False, default=0),
verify_ssl=dict(type='bool', required=False, default=True),
lb_id=dict(type='int', required=False, default=0),
lb_name=dict(type='str', required=True),
backends=dict(type='list',required=False,default=[]),
frontends=dict(type='list',required=False,default=[]),
servers=dict(type='list',required=False,default=[]),
permanently=dict(type='bool', required=False, default=False),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
def main():
module_parameters = decort_lb.build_parameters()
amodule = AnsibleModule(argument_spec=module_parameters,
supports_check_mode=True,
mutually_exclusive=[
['oauth2', 'password'],
['password', 'jwt'],
['jwt', 'oauth2'],
],
required_together=[
['app_id', 'app_secret'],
['user', 'password']
],
required_one_of=[
['rg_id','rg_name'],
['lb_id','lb_name'],
['vins_id','vins_name']
]
)
decon = decort_lb(amodule)
if decon.lb_id:
if decon.lb_facts['status'] in ["MODELED", "DISABLING", "ENABLING", "DELETING","DESTROYING","RESTORING"]:
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("No change can be done for existing LB ID {} because of its current "
"status '{}'").format(decon.lb_id, decon.lb_facts['status'])
elif decon.lb_facts['status'] == "DISABLED":
if amodule.params['state'] == 'absent':
decon.delete()
elif amodule.params['state'] in ('present', 'disabled'):
decon.action()
elif amodule.params['state'] == 'enabled':
decon.action('enabled')
elif decon.lb_facts['status'] in ["CREATED", "ENABLED"]:
if amodule.params['state'] == 'absent':
decon.delete()
elif amodule.params['state'] in ('present', 'enabled'):
decon.action()
elif amodule.params['state'] == 'disabled':
decon.action('disabled')
elif amodule.params['state'] in ('stopped', 'started','restart'):
decon.action(amodule.params['state'])
elif decon.lb_facts['status'] == "DELETED":
if amodule.params['state'] in ['present', 'enabled']:
decon.action(restore=True)
elif amodule.params['state'] == 'absent':
decon.delete()
elif amodule.params['state'] == 'disabled':
decon.error()
elif decon.lb_facts['status'] == "DESTROYED":
if amodule.params['state'] in ('present', 'enabled'):
decon.create()
elif amodule.params['state'] == 'absent':
decon.nop()
elif amodule.params['state'] == 'disabled':
decon.error()
else:
if amodule.params['state'] == 'absent':
decon.nop()
elif amodule.params['state'] in ('present', 'enabled'):
decon.create()
elif amodule.params['state'] == 'disabled':
decon.error()
if decon.result['failed']:
amodule.fail_json(**decon.result)
else:
if decon.result['changed'] and amodule.params['state'] != 'absent':
_, decon.lb_facts = decon.lb_find(decon.lb_id)
if decon.lb_id:
decon.result['facts'] = decon.package_facts(amodule.check_mode)
amodule.exit_json(**decon.result)
if __name__ == "__main__":
main()

9
library/decort_osimage.py
View File

@@ -424,6 +424,7 @@ class decort_osimage(DecortController):
ret_dict['pool'] = arg_osimage_facts['pool']
ret_dict['state'] = arg_osimage_facts['status']
ret_dict['linkto'] = arg_osimage_facts['linkTo']
ret_dict['accountId'] = arg_osimage_facts['accountId']
return ret_dict
@@ -521,9 +522,11 @@ def main():
decon.validated_image_id = decort_osimage.decort_osimage_package_facts(image_facts)['id']
elif amodule.params['state'] == "absent" and amodule.params['image_name'] or amodule.params['image_id'] and decort_osimage.decort_osimage_package_facts(image_facts)['accountId'] == amodule.params['account_Id']:
amodule.image_id_delete = decon.validated_image_id
decort_osimage.decort_image_delete(decon,amodule)
elif amodule.params['state'] == "absent":
if amodule.params['image_name'] or amodule.params['image_id'] and\
decort_osimage.decort_osimage_package_facts(image_facts)['accountId'] == amodule.params['account_Id']:
amodule.image_id_delete = decon.validated_image_id
decort_osimage.decort_image_delete(decon,amodule)

492
library/decort_rg.py
View File

@@ -209,90 +209,253 @@ from ansible.module_utils.basic import env_fallback
from ansible.module_utils.decort_utils import *
class decort_rg(DecortController):
def __init__(self,amodule):
super(decort_rg, self).__init__(amodule)
def decort_rg_package_facts(arg_rg_facts, arg_check_mode=False):
"""Package a dictionary of RG facts according to the decort_rg module specification. This dictionary will
be returned to the upstream Ansible engine at the completion of the module run.
self.validated_acc_id = 0
self.validated_rg_id = 0
self.validated_rg_facts = None
@param arg_rg_facts: dictionary with RG facts as returned by API call to .../rg/get
@param arg_check_mode: boolean that tells if this Ansible module is run in check mode
"""
if self.amodule.params['account_id']:
self.validated_acc_id, _ = self.account_find("", amodule.params['account_id'])
elif amodule.params['account_name']:
self.validated_acc_id, _ = self.account_find(amodule.params['account_name'])
if not self.validated_acc_id:
# we failed to locate account by either name or ID - abort with an error
self.result['failed'] = True
self.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
self.fail_json(**self.result)
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
)
if amodule.params['rg_id'] > 0:
self.validated_rg_id = amodule.params['rg_id']
# Check if the RG with the specified parameters already exists
self.validated_rg_id, self.rg_facts = self.rg_find(self.validated_acc_id,
arg_rg_id = self.validated_rg_id,
arg_rg_name=amodule.params['rg_name'],
arg_check_state=False)
if amodule.params['state'] != "absent":
self.rg_should_exist = True
else:
self.rg_should_exist = False
def access(self):
should_change_access = False
acc_granted = False
for rg_item in self.rg_facts['acl']:
if rg_item['userGroupId'] == self.amodule.params['access']['user']:
acc_granted = True
if self.amodule.params['access']['action'] == 'grant':
if rg_item['right'] != self.amodule.params['access']['right']:
should_change_access = True
if self.amodule.params['access']['action'] == 'revoke':
should_change_access = True
if acc_granted == False and self.amodule.params['access']['action'] == 'grant':
should_change_access = True
if should_change_access == True:
self.rg_access(self.validated_rg_id, self.amodule.params['access'])
self.rg_facts['access'] = self.amodule.params['access']
self.rg_should_exist = True
return
def error(self):
self.result['failed'] = True
self.result['changed'] = False
if self.validated_rg_id > 0:
self.result['msg'] = ("Invalid target state '{}' requested for rg ID {} in the "
"current status '{}'.").format(self.validated_rg_id,
self.amodule.params['state'],
self.rg_facts['status'])
else:
self.result['msg'] = ("Invalid target state '{}' requested for non-existent rg name '{}' "
"in account ID {} ").format(self.amodule.params['state'],
self.amodule.params['rg_name'],
self.validated_acc_id)
return
def update(self):
resources = self.rg_facts['Resources']['Reserved']
incorrect_quota = dict(Requested=dict(),
Reserved=dict(),)
query_key_map = dict(cpu='cpu',
ram='ram',
disk='disksize',
ext_ips='extips',
net_transfer='exttraffic',)
if self.amodule.params['quotas']:
for quota_item in self.amodule.params['quotas']:
if self.amodule.params['quotas'][quota_item] < resources[query_key_map[quota_item]]:
incorrect_quota['Requested'][quota_item]=self.amodule.params['quotas'][quota_item]
incorrect_quota['Reserved'][quota_item]=resources[query_key_map[quota_item]]
if incorrect_quota['Requested']:
self.result['msg'] = ("Cannot limit less than already reserved'{}'").format(incorrect_quota)
self.result['failed'] = True
if self.result['failed'] != True:
self.rg_update(self.rg_facts, self.amodule.params['quotas'],
self.amodule.params['resType'], self.amodule.params['rename'])
self.rg_should_exist = True
return
def setDefNet(self):
if self.amodule.params['def_netId'] != self.rg_facts['def_net_id']:
self.rg_setDefNet(self.validated_rg_id,
self.amodule.params['def_netType'],
self.amodule.params['def_netId'])
self.rg_should_exist = True
return
def create(self):
self.validated_rg_id = self.rg_provision(self.validated_acc_id,
self.amodule.params['rg_name'],
self.amodule.params['owner'],
self.amodule.params['annotation'],
self.amodule.params['resType'],
self.amodule.params['def_netType'],
self.amodule.params['ipcidr'],
self.amodule.params['extNetId'],
self.amodule.params['extNetIp'],
self.amodule.params['quotas'],
"", # this is location code. TODO: add module argument
)
self.validated_rg_id, self.rg_facts = self.rg_find(self.validated_acc_id,
self.validated_rg_id,
arg_rg_name="",
arg_check_state=False)
self.rg_should_exist = True
return
def enable(self):
self.rg_enable(self.validated_rg_id,
self.amodule.params['state'])
if self.amodule.params['state'] == "enabled":
self.rg_facts['status'] = 'CREATED'
else:
self.rg_facts['status'] = 'DISABLED'
self.rg_should_exist = True
return
def restore(self):
self.rg_restore(self.validated_rg_id)
self.rg_facts['status'] = 'DISABLED'
self.rg_should_exist = True
return
def destroy(self):
self.rg_delete(self.validated_rg_id, self.amodule.params['permanently'])
if self.amodule.params['permanently'] == True:
self.rg_facts['status'] = 'DESTROYED'
else:
self.rg_facts['status'] = 'DELETED'
self.rg_should_exist = False
return
def package_facts(self, check_mode=False):
"""Package a dictionary of RG facts according to the decort_rg module specification. This dictionary will
be returned to the upstream Ansible engine at the completion of the module run.
@param arg_rg_facts: dictionary with RG facts as returned by API call to .../rg/get
@param arg_check_mode: boolean that tells if this Ansible module is run in check mode
"""
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
)
if check_mode:
# in check mode return immediately with the default values
return ret_dict
#if arg_rg_facts is None:
# # if void facts provided - change state value to ABSENT and return
# ret_dict['state'] = "ABSENT"
# return ret_dict
ret_dict['id'] = self.rg_facts['id']
ret_dict['name'] = self.rg_facts['name']
ret_dict['state'] = self.rg_facts['status']
ret_dict['account_id'] = self.rg_facts['accountId']
ret_dict['gid'] = self.rg_facts['gid']
ret_dict['quota'] = self.rg_facts['resourceLimits']
ret_dict['resTypes'] = self.rg_facts['resourceTypes']
ret_dict['defNetId'] = self.rg_facts['def_net_id']
ret_dict['defNetType'] = self.rg_facts['def_net_type']
if arg_check_mode:
# in check mode return immediately with the default values
return ret_dict
if arg_rg_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
def parameters():
"""Build and return a dictionary of parameters expected by decort_rg module in a form accepted
by AnsibleModule utility class."""
ret_dict['id'] = arg_rg_facts['id']
ret_dict['name'] = arg_rg_facts['name']
ret_dict['state'] = arg_rg_facts['status']
ret_dict['account_id'] = arg_rg_facts['accountId']
ret_dict['gid'] = arg_rg_facts['gid']
return ret_dict
def decort_rg_parameters():
"""Build and return a dictionary of parameters expected by decort_rg module in a form accepted
by AnsibleModule utility class."""
return dict(
account_id=dict(type='int', required=False),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default=''),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
return dict(
account_id=dict(type='int', required=False),
account_name=dict(type='str', required=False, default=''),
access=dict(type='dict'),
annotation=dict(type='str', required=False, default=''),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
# datacenter=dict(type='str', required=False, default=''),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
# datacenter=dict(type='str', required=False, default=''),
def_netType=dict(type='str', choices=['PRIVATE','PUBLIC', 'NONE'], default='PRIVATE'),
def_netId=dict(type='int', default=0),
extNetId=dict(type='int', default=0),
extNetIp=dict(type='str', default=""),
owner=dict(type='str', default=""),
ipcidr=dict(type='str', default=""),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
rename=dict(type='str', default=""),
password=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
quotas=dict(type='dict', required=False),
resType=dict(type='list'),
state=dict(type='str',
default='present',
choices=['absent', 'disabled', 'enabled', 'present']),
permanently=dict(type='bool',
default='False'),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
quotas=dict(type='dict', required=False),
state=dict(type='str',
default='present',
choices=['absent', 'disabled', 'enabled', 'present']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_USER'])),
rg_name=dict(type='str', required=True,),
verify_ssl=dict(type='bool', required=False, default=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
fallback=(env_fallback, ['DECORT_USER'])),
rg_name=dict(type='str', required=False,),
rg_id=dict(type='int', required=False, default=0),
verify_ssl=dict(type='bool', required=False, default=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
# Workflow digest:
# 1) authenticate to DECORT controller & validate authentication by issuing API call - done when creating DECORTController
# 2) check if the RG with the specified id or rg_name:name exists
# 3) if RG does not exist -> deploy
# 4) if RG exists: check desired state, desired configuration -> initiate action accordingly
# 5) report result to Ansible
# Workflow digest:
# 1) authenticate to DECORT controller & validate authentication by issuing API call - done when creating DECORTController
# 2) check if the RG with the specified id or rg_name:name exists
# 3) if RG does not exist -> deploy
# 4) if RG exists: check desired state, desired configuration -> initiate action accordingly
# 5) report result to Ansible
def main():
module_parameters = decort_rg_parameters()
module_parameters = decort_rg.parameters()
amodule = AnsibleModule(argument_spec=module_parameters,
supports_check_mode=True,
@@ -307,157 +470,52 @@ def main():
],
)
decon = DecortController(amodule)
# We need valid Account ID to manage RG.
# Account may be specified either by account_id or account_name. In both cases we
# have to validate account presence and accesibility by the current user.
validated_acc_id = 0
if decon.check_amodule_argument('account_id', False):
validated_acc_id, _ = decon.account_find("", amodule.params['account_id'])
else:
decon.check_amodule_argument('account_name') # if no account_name, this function will abort module
validated_acc_id, _ = decon.account_find(amodule.params['account_name'])
if not validated_acc_id:
# we failed to locate account by either name or ID - abort with an error
decon.result['failed'] = True
decon.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
decon.fail_json(**decon.result)
# Check if the RG with the specified parameters already exists
rg_id, rg_facts = decon.rg_find(validated_acc_id,
0, arg_rg_name=amodule.params['rg_name'],
arg_check_state=False)
rg_should_exist = True
if rg_id:
if rg_facts['status'] in ["MODELED", "DISABLING", "ENABLING", "DELETING", "DESTROYING"]:
# error: nothing can be done to existing RG in the listed statii regardless of
# the requested state
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("No change can be done for existing RG ID {} because of its current "
"status '{}'").format(rg_id, rg_facts['status'])
elif rg_facts['status'] == "DISABLED":
decon = decort_rg(amodule)
#amodule.check_mode=True
if decon.validated_rg_id > 0:
if decon.rg_facts['status'] in ["MODELED", "DISABLING", "ENABLING", "DELETING", "DESTROYING", "CONFIRMED"]:
decon.error()
elif decon.rg_facts['status'] in ("CREATED"):
if amodule.params['state'] == 'absent':
decon.rg_delete(arg_rg_id=rg_id, arg_permanently=True)
rg_facts['status'] = 'DESTROYED'
rg_should_exist = False
elif amodule.params['state'] in ('present', 'disabled'):
# update quotas
decon.rg_quotas(rg_facts, amodule.params['quotas'])
elif amodule.params['state'] == 'enabled':
# update quotas and enable
decon.rg_quotas(rg_facts, amodule.params['quotas'])
decon.rg_state(rg_facts, 'enabled')
elif rg_facts['status'] == "CREATED":
if amodule.params['state'] == 'absent':
decon.rg_delete(arg_rg_id=rg_id, arg_permanently=True)
rg_facts['status'] = 'DESTROYED'
rg_should_exist = False
elif amodule.params['state'] in ('present', 'enabled'):
# update quotas
decon.rg_quotas(rg_facts, amodule.params['quotas'])
elif amodule.params['state'] == 'disabled':
# disable and update quotas
decon.rg_state(rg_facts, 'disabled')
decon.rg_quotas(rg_facts, amodule.params['quotas'])
elif rg_facts['status'] == "DELETED":
decon.destroy()
elif amodule.params['state'] == "disabled":
decon.enable()
if amodule.params['state'] in ['present', 'enabled']:
# restore and enable
# TODO: check if restore RG API returns the new RG ID of the restored RG instance.
decon.rg_restore(arg_rg_id=rg_id)
decon.rg_state(rg_facts, 'enabled')
# TODO: Not sure what to do with the quotas after RG is restored. May need to update rg_facts.
rg_should_exist = True
elif amodule.params['state'] == 'absent':
# destroy permanently
decon.rg_delete(arg_rg_id=rg_id, arg_permanently=True)
rg_facts['status'] = 'DESTROYED'
rg_should_exist = False
elif amodule.params['state'] == 'disabled':
# error
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for RG ID {} in the "
"current status '{}'").format(rg_id,
amodule.params['state'],
rg_facts['status'])
rg_should_exist = False
elif rg_facts['status'] == "DESTROYED":
if amodule.params['state'] in ('present', 'enabled'):
# need to re-provision RG
decon.check_amodule_argument('rg_name')
# As we already have validated account ID we can create RG and get rg_id on success
# pass empty string for location code, rg_provision will select the 1st location
rg_id = decon.rg_provision(validated_acc_id,
amodule.params['rg_name'], decon.decort_username,
amodule.params['quotas'],
"", # this is location code. TODO: add module argument
amodule.params['annotation'])
rg_should_exist = True
elif amodule.params['state'] == 'absent':
# nop
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("No state change required for RG ID {} because of its "
"current status '{}'").format(rg_id,
rg_facts['status'])
rg_should_exist = False
elif amodule.params['state'] == 'disabled':
# error
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for RG ID {} in the "
"current status '{}'").format(rg_id,
amodule.params['state'],
rg_facts['status'])
if amodule.params['quotas'] or amodule.params['resType'] or amodule.params['rename'] != "":
decon.update()
if amodule.params['access']:
decon.access()
if amodule.params['def_netId'] > 0:
decon.setDefNet()
elif decon.rg_facts['status'] == "DELETED":
if amodule.params['state'] == 'absent' and amodule.params['permanently'] == True:
decon.destroy()
elif amodule.params['state'] == 'present':
decon.restore()
elif decon.rg_facts['status'] in ("DISABLED"):
if amodule.params['state'] == 'absent':
decon.destroy()
elif amodule.params['state'] == ("enabled"):
decon.enable()
else:
# Preexisting RG was not found.
rg_should_exist = False # we will change it back to True if RG is explicitly created or restored
# If requested state is 'absent' - nothing to do
if amodule.params['state'] == 'absent':
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("Nothing to do as target state 'absent' was requested for "
"non-existent RG name '{}'").format(amodule.params['rg_name'])
elif amodule.params['state'] in ('present', 'enabled'):
# Target RG does not exist yet - create it and store the returned ID in rg_id variable for later use
# To create RG we need account name (or account ID) and RG name - check
# that these parameters are present and proceed.
decon.check_amodule_argument('rg_name')
# as we already have account ID we can create RG and get rg_id on success
# pass empty string for location code, rg_provision will select the 1st location
rg_id = decon.rg_provision(validated_acc_id,
amodule.params['rg_name'], decon.decort_username,
amodule.params['quotas'],
"", # this is location code. TODO: add module argument
amodule.params['annotation'])
rg_should_exist = True
elif amodule.params['state'] == 'disabled':
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for non-existent "
"RG name '{}' ").format(amodule.params['state'],
amodule.params['rg_name'])
#
# conditional switch end - complete module run
if amodule.params['state'] in ('present', 'enabled'):
decon.create()
if amodule.params['access']:
decon.access()
elif amodule.params['state'] in ('disabled'):
decon.error()
if decon.result['failed']:
amodule.fail_json(**decon.result)
else:
# prepare RG facts to be returned as part of decon.result and then call exit_json(...)
# rg_facts = None
if rg_should_exist:
if decon.result['changed']:
# If we arrive here, there is a good chance that the RG is present - get fresh RG facts from
# the cloud by RG ID.
# Otherwise, RG facts from previous call (when the RG was still in existence) will be returned.
_, rg_facts = decon.rg_find(arg_account_id=0, arg_rg_id=rg_id)
decon.result['facts'] = decort_rg_package_facts(rg_facts, amodule.check_mode)
amodule.exit_json(**decon.result)
if decon.rg_should_exist:
decon.result['facts'] = decon.package_facts(amodule.check_mode)
amodule.exit_json(**decon.result)
else:
amodule.exit_json(**decon.result)
if __name__ == "__main__":
main()

560
library/decort_vins.py
View File

@@ -242,110 +242,289 @@ facts:
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.basic import env_fallback
import paramiko
from ansible.module_utils.decort_utils import *
class decort_vins(DecortController):
def __init__(self,arg_amodule):
super(decort_vins, self).__init__(arg_amodule)
def decort_vins_package_facts(arg_vins_facts, arg_check_mode=False):
"""Package a dictionary of ViNS facts according to the decort_vins module specification.
This dictionary will be returned to the upstream Ansible engine at the completion of
the module run.
self.vins_id = 0
self.vins_level = "" # "ID" if specified by ID, "RG" - at resource group, "ACC" - at account level
vins_facts = None # will hold ViNS facts
validated_rg_id = 0
rg_facts = None # will hold RG facts
validated_acc_id = 0
acc_facts = None # will hold Account facts
@param arg_vins_facts: dictionary with viNS facts as returned by API call to .../vins/get
@param arg_check_mode: boolean that tells if this Ansible module is run in check mode
"""
if arg_amodule.params['vins_id']:
# expect existing ViNS with the specified ID
# This call to vins_find will abort the module if no ViNS with such ID is present
self.vins_id, self.vins_facts = self.vins_find(arg_amodule.params['vins_id'])
if not self.vins_id:
self.result['failed'] = True
self.result['msg'] = "Specified ViNS ID {} not found.".format(arg_amodule.params['vins_id'])
self.fail_json(**self.result)
self.vins_level = "ID"
validated_acc_id = vins_facts['accountId']
validated_rg_id = vins_facts['rgId']
elif arg_amodule.params['rg_id']:
# expect ViNS @ RG level in the RG with specified ID
self.vins_level = "RG"
# This call to rg_find will abort the module if no RG with such ID is present
validated_rg_id, rg_facts = self.rg_find(0, # account ID set to 0 as we search for RG by RG ID
arg_amodule.params['rg_id'], arg_rg_name="")
# This call to vins_find may return vins_id=0 if no ViNS found
self.vins_id, self.vins_facts = self.vins_find(vins_id=0, vins_name=arg_amodule.params['vins_name'],
account_id=0,
rg_id=arg_amodule.params['rg_id'],
rg_facts=rg_facts,
check_state=False)
# TODO: add checks and setup ViNS presence flags accordingly
pass
elif arg_amodule.params['account_id'] or arg_amodule.params['account_name'] != "":
# Specified account must be present and accessible by the user, otherwise abort the module
validated_acc_id, acc_facts = self.account_find(arg_amodule.params['account_name'], arg_amodule.params['account_id'])
if not validated_acc_id:
self.result['failed'] = True
self.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
self.fail_json(**self.result)
if arg_amodule.params['rg_name'] != "": # at this point we know that rg_id=0
# expect ViNS @ RG level in the RG with specified name under specified account
# RG with the specified name must be present under the account, otherwise abort the module
validated_rg_id, rg_facts = self.rg_find(validated_acc_id, 0, arg_amodule.params['rg_name'])
if (not validated_rg_id or
rg_facts['status'] in ["DESTROYING", "DESTROYED", "DELETING", "DELETED", "DISABLING", "ENABLING"]):
self.result['failed'] = True
self.result['msg'] = "RG name '{}' not found or has invalid state.".format(arg_amodule.params['rg_name'])
self.fail_json(**self.result)
# This call to vins_find may return vins_id=0 if no ViNS with this name found under specified RG
self.vins_id, self.vins_facts = self.vins_find(vins_id=0, vins_name=arg_amodule.params['vins_name'],
account_id=0, # set to 0, as we are looking for ViNS under RG
rg_id=validated_rg_id,
rg_facts=rg_facts,
check_state=False)
self.vins_level = "RG"
# TODO: add checks and setup ViNS presence flags accordingly
else: # At this point we know for sure that rg_name="" and rg_id=0
# So we expect ViNS @ account level
# This call to vins_find may return vins_id=0 if no ViNS found
self.vins_id, self.vins_facts = self.vins_find(vins_id=0, vins_name=arg_amodule.params['vins_name'],
account_id=validated_acc_id,
rg_id=0,
rg_facts=rg_facts,
check_state=False)
self.vins_level = "ACC"
# TODO: add checks and setup ViNS presence flags accordingly
else:
# this is "invalid arguments combination" sink
# if we end up here, it means that module was invoked with vins_id=0 and rg_id=0
self.result['failed'] = True
if arg_amodule.params['account_id'] == 0 and arg_amodule.params['account_name'] == "":
self.result['msg'] = "Cannot find ViNS by name when account name is empty and account ID is 0."
if arg_amodule.params['rg_name'] == "":
# rg_name without account specified
self.result['msg'] = "Cannot find ViNS by name when RG name is empty and RG ID is 0."
self.fail_json(**self.result)
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
)
return
self.rg_id = validated_rg_id
self.acc_id = validated_acc_id
return
def create(self):
self.vins_id = self.vins_provision(self.amodule.params['vins_name'],
self.acc_id, self.rg_id,
self.amodule.params['ipcidr'],
self.amodule.params['ext_net_id'], self.amodule.params['ext_ip_addr'],
self.amodule.params['annotation'])
if self.amodule.params['mgmtaddr'] or self.amodule.params['connect_to']:
_, self.vins_facts = self.vins_find(self.vins_id)
if self.amodule.params['connect_to']:
self.vins_update_ifaces(self.vins_facts,self.amodule.params['connect_to'],)
if self.amodule.params['mgmtaddr']:
self.vins_update_mgmt(self.vins_facts,self.amodule.params['mgmtaddr'])
return
def action(self,d_state='',restore=False):
if restore == True:
self.vins_restore(arg_vins_id=self.vins_id)
self.vins_state(self.vins_facts, 'enabled')
self.vins_facts['status'] = "ENABLED"
self.vins_facts['VNFDev']['techStatus'] = "STARTED"
self.vins_update_extnet(self.vins_facts,
self.amodule.params['ext_net_id'],
self.amodule.params['ext_ip_addr'],
)
if d_state == 'enabled' and self.vins_facts['status'] == "DISABLED":
self.vins_state(self.vins_facts, d_state)
self.vins_facts['status'] = "ENABLED"
self.vins_facts['VNFDev']['techStatus'] = "STARTED"
d_state = ''
if self.vins_facts['status'] == "ENABLED" and self.vins_facts['VNFDev']['techStatus'] == "STARTED":
self.vins_update_ifaces(self.vins_facts,
self.amodule.params['connect_to'],
)
if self.result['changed']:
_, self.vins_facts = self.vins_find(self.vins_id)
self.vins_update_mgmt(self.vins_facts,
self.amodule.params['mgmtaddr'],
)
if d_state != '':
self.vins_state(self.vins_facts, d_state)
return
def delete(self):
self.vins_delete(self.vins_id, permanently=True)
self.vins_facts['status'] = 'DESTROYED'
return
def nop(self):
"""No operation (NOP) handler for ViNS management by decort_vins module.
This function is intended to be called from the main switch construct of the module
when current state -> desired state change logic does not require any changes to
the actual ViNS state.
"""
self.result['failed'] = False
self.result['changed'] = False
if self.vins_id:
self.result['msg'] = ("No state change required for ViNS ID {} because of its "
"current status '{}'.").format(self.vins_id, self.vins_facts['status'])
else:
self.result['msg'] = ("No state change to '{}' can be done for "
"non-existent ViNS instance.").format(self.amodule.params['state'])
return
def error(self):
self.result['failed'] = True
self.result['changed'] = False
if self.vins_id:
self.result['failed'] = True
self.result['changed'] = False
self.result['msg'] = ("Invalid target state '{}' requested for ViNS ID {} in the "
"current status '{}'").format(self.vins_id,
self.amodule.params['state'],
self.vins_facts['status'])
else:
self.result['failed'] = True
self.result['changed'] = False
self.result['msg'] = ("Invalid target state '{}' requested for non-existent "
"ViNS name '{}'").format(self.amodule.params['state'],
self.amodule.params['vins_name'])
return
def package_facts(self, arg_check_mode=False):
"""Package a dictionary of ViNS facts according to the decort_vins module specification.
This dictionary will be returned to the upstream Ansible engine at the completion of
the module run.
@param arg_check_mode: boolean that tells if this Ansible module is run in check mode
"""
ret_dict = dict(id=0,
name="none",
state="CHECK_MODE",
)
if arg_check_mode:
# in check mode return immediately with the default values
return ret_dict
if self.vins_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
ret_dict['id'] = self.vins_facts['id']
ret_dict['name'] = self.vins_facts['name']
ret_dict['state'] = self.vins_facts['status']
ret_dict['account_id'] = self.vins_facts['accountId']
ret_dict['rg_id'] = self.vins_facts['rgId']
ret_dict['int_net_addr'] = self.vins_facts['network']
ret_dict['gid'] = self.vins_facts['gid']
custom_interfaces = list(filter(lambda i: i['type']=="CUSTOM",self.vins_facts['VNFDev']['interfaces']))
if custom_interfaces:
ret_dict['custom_net_addr'] = []
for runner in custom_interfaces:
ret_dict['custom_net_addr'].append(runner['ipAddress'])
mgmt_interfaces = list(filter(lambda i: i['listenSsh'] and i['name']!="ens9",self.vins_facts['VNFDev']['interfaces']))
if mgmt_interfaces:
ret_dict['ssh_ipaddr'] = []
for runner in mgmt_interfaces:
ret_dict['ssh_ipaddr'].append(runner['ipAddress'])
ret_dict['ssh_password'] = self.vins_facts['VNFDev']['config']['mgmt']['password']
ret_dict['ssh_port'] = 9022
if self.vins_facts['vnfs'].get('GW'):
gw_config = self.vins_facts['vnfs']['GW']['config']
ret_dict['ext_ip_addr'] = gw_config['ext_net_ip']
ret_dict['ext_net_id'] = gw_config['ext_net_id']
else:
ret_dict['ext_ip_addr'] = ""
ret_dict['ext_net_id'] = -1
# arg_vins_facts['vnfs']['GW']['config']
# ext_ip_addr -> ext_net_ip
# ??? -> ext_net_id
# tech_status -> techStatus
if arg_check_mode:
# in check mode return immediately with the default values
return ret_dict
if arg_vins_facts is None:
# if void facts provided - change state value to ABSENT and return
ret_dict['state'] = "ABSENT"
return ret_dict
@staticmethod
def build_parameters():
"""Build and return a dictionary of parameters expected by decort_vins module in a form accepted
by AnsibleModule utility class."""
ret_dict['id'] = arg_vins_facts['id']
ret_dict['name'] = arg_vins_facts['name']
ret_dict['state'] = arg_vins_facts['status']
ret_dict['account_id'] = arg_vins_facts['accountId']
ret_dict['rg_id'] = arg_vins_facts['rgId']
ret_dict['int_net_addr'] = arg_vins_facts['network']
ret_dict['gid'] = arg_vins_facts['gid']
if arg_vins_facts['vnfs'].get('GW'):
gw_config = arg_vins_facts['vnfs']['GW']['config']
ret_dict['ext_ip_addr'] = gw_config['ext_net_ip']
ret_dict['ext_net_id'] = gw_config['ext_net_id']
else:
ret_dict['ext_ip_addr'] = ""
ret_dict['ext_net_id'] = -1
# arg_vins_facts['vnfs']['GW']['config']
# ext_ip_addr -> ext_net_ip
# ??? -> ext_net_id
# tech_status -> techStatus
return ret_dict
def decort_vins_parameters():
"""Build and return a dictionary of parameters expected by decort_vins module in a form accepted
by AnsibleModule utility class."""
return dict(
account_id=dict(type='int', required=False),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default=''),
app_id=dict(type='str',
return dict(
account_id=dict(type='int', required=False),
account_name=dict(type='str', required=False, default=''),
annotation=dict(type='str', required=False, default=''),
app_id=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
# datacenter=dict(type='str', required=False, default=''),
ext_net_id=dict(type='int', required=False, default=-1),
ext_ip_addr=dict(type='str', required=False, default=''),
ipcidr=dict(type='str', required=False, default=''),
mgmtaddr=dict(type='list',required=False, default=[]),
custom_config=dict(type='bool',required=False, default=False),
config_save=dict(type='bool',required=False, default=False),
connect_to=dict(type='list', default=[], required=False),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_ID'])),
app_secret=dict(type='str',
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_APP_SECRET']),
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
authenticator=dict(type='str',
required=True,
choices=['legacy', 'oauth2', 'jwt']),
controller_url=dict(type='str', required=True),
# datacenter=dict(type='str', required=False, default=''),
ext_net_id=dict(type='int', required=False, default=-1),
ext_ip_addr=dict(type='str', required=False, default=''),
ipcidr=dict(type='str', required=False, default=''),
mgmtaddr=dict(type='str',required=False, default=''),
custom_config=dict(type='bool',required=False, default=False),
config_save=dict(type='bool',required=False, default=False),
connect_to=dict(type='list', default=[], required=False),
jwt=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_JWT']),
no_log=True),
oauth2_url=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_OAUTH2_URL'])),
password=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_PASSWORD']),
no_log=True),
state=dict(type='str',
default='present',
choices=['absent', 'disabled', 'enabled', 'present']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_USER'])),
rg_id=dict(type='int', required=False, default=0),
rg_name=dict(type='str', required=False, default=''),
verify_ssl=dict(type='bool', required=False, default=True),
vins_id=dict(type='int', required=False, default=0),
vins_name=dict(type='str', required=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
state=dict(type='str',
default='present',
choices=['absent', 'disabled', 'enabled', 'present']),
user=dict(type='str',
required=False,
fallback=(env_fallback, ['DECORT_USER'])),
rg_id=dict(type='int', required=False, default=0),
rg_name=dict(type='str', required=False, default=''),
verify_ssl=dict(type='bool', required=False, default=True),
vins_id=dict(type='int', required=False, default=0),
vins_name=dict(type='str', required=True),
workflow_callback=dict(type='str', required=False),
workflow_context=dict(type='str', required=False),
)
# Workflow digest:
@@ -356,7 +535,7 @@ def decort_vins_parameters():
# 5) report result to Ansible
def main():
module_parameters = decort_vins_parameters()
module_parameters = decort_vins.build_parameters()
amodule = AnsibleModule(argument_spec=module_parameters,
supports_check_mode=True,
@@ -371,84 +550,7 @@ def main():
],
)
decon = DecortController(amodule)
vins_id = 0
vins_level = "" # "ID" if specified by ID, "RG" - at resource group, "ACC" - at account level
vins_facts = None # will hold ViNS facts
validated_rg_id = 0
rg_facts = None # will hold RG facts
validated_acc_id = 0
acc_facts = None # will hold Account facts
if amodule.params['vins_id']:
# expect existing ViNS with the specified ID
# This call to vins_find will abort the module if no ViNS with such ID is present
vins_id, vins_facts = decon.vins_find(amodule.params['vins_id'])
if not vins_id:
decon.result['failed'] = True
decon.result['msg'] = "Specified ViNS ID {} not found.".format(amodule.params['vins_id'])
decon.fail_json(**decon.result)
vins_level = "ID"
validated_acc_id = vins_facts['accountId']
validated_rg_id = vins_facts['rgId']
elif amodule.params['rg_id']:
# expect ViNS @ RG level in the RG with specified ID
vins_level = "RG"
# This call to rg_find will abort the module if no RG with such ID is present
validated_rg_id, rg_facts = decon.rg_find(0, # account ID set to 0 as we search for RG by RG ID
amodule.params['rg_id'], arg_rg_name="")
# This call to vins_find may return vins_id=0 if no ViNS found
vins_id, vins_facts = decon.vins_find(vins_id=0, vins_name=amodule.params['vins_name'],
account_id=0,
rg_id=amodule.params['rg_id'],
check_state=False)
# TODO: add checks and setup ViNS presence flags accordingly
pass
elif amodule.params['account_id'] or amodule.params['account_name'] != "":
# Specified account must be present and accessible by the user, otherwise abort the module
validated_acc_id, acc_facts = decon.account_find(amodule.params['account_name'], amodule.params['account_id'])
if not validated_acc_id:
decon.result['failed'] = True
decon.result['msg'] = ("Current user does not have access to the requested account "
"or non-existent account specified.")
decon.fail_json(**decon.result)
if amodule.params['rg_name'] != "": # at this point we know that rg_id=0
# expect ViNS @ RG level in the RG with specified name under specified account
# RG with the specified name must be present under the account, otherwise abort the module
validated_rg_id, rg_facts = decon.rg_find(validated_acc_id, 0, amodule.params['rg_name'])
if (not validated_rg_id or
rg_facts['status'] in ["DESTROYING", "DESTROYED", "DELETING", "DELETED", "DISABLING", "ENABLING"]):
decon.result['failed'] = True
decon.result['msg'] = "RG name '{}' not found or has invalid state.".format(amodule.params['rg_name'])
decon.fail_json(**decon.result)
# This call to vins_find may return vins_id=0 if no ViNS with this name found under specified RG
vins_id, vins_facts = decon.vins_find(vins_id=0, vins_name=amodule.params['vins_name'],
account_id=0, # set to 0, as we are looking for ViNS under RG
rg_id=validated_rg_id,
check_state=False)
vins_level = "RG"
# TODO: add checks and setup ViNS presence flags accordingly
else: # At this point we know for sure that rg_name="" and rg_id=0
# So we expect ViNS @ account level
# This call to vins_find may return vins_id=0 if no ViNS found
vins_id, vins_facts = decon.vins_find(vins_id=0, vins_name=amodule.params['vins_name'],
account_id=validated_acc_id,
rg_id=0,
check_state=False)
vins_level = "ACC"
# TODO: add checks and setup ViNS presence flags accordingly
else:
# this is "invalid arguments combination" sink
# if we end up here, it means that module was invoked with vins_id=0 and rg_id=0
decon.result['failed'] = True
if amodule.params['account_id'] == 0 and amodule.params['account_name'] == "":
decon.result['msg'] = "Cannot find ViNS by name when account name is empty and account ID is 0."
if amodule.params['rg_name'] == "":
# rg_name without account specified
decon.result['msg'] = "Cannot find ViNS by name when RG name is empty and RG ID is 0."
decon.fail_json(**decon.result)
decon = decort_vins(amodule)
#
# Initial validation of module arguments is complete
#
@@ -465,127 +567,70 @@ def main():
# if cconfig_save is true, only config save without other updates
vins_should_exist = False
if vins_id:
if decon.vins_id:
vins_should_exist = True
if vins_facts['status'] in ["MODELED", "DISABLING", "ENABLING", "DELETING", "DESTROYING"]:
if decon.vins_facts['status'] in ["MODELED", "DISABLING", "ENABLING", "DELETING", "DESTROYING"]:
# error: nothing can be done to existing ViNS in the listed statii regardless of
# the requested state
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("No change can be done for existing ViNS ID {} because of its current "
"status '{}'").format(vins_id, vins_facts['status'])
elif vins_facts['status'] == "DISABLED":
"status '{}'").format(decon.vins_id, decon.vins_facts['status'])
elif decon.vins_facts['status'] == "DISABLED":
if amodule.params['state'] == 'absent':
decon.vins_delete(vins_id, permanently=True)
vins_facts['status'] = 'DESTROYED'
decon.delete()
vins_should_exist = False
elif amodule.params['state'] in ('present', 'disabled'):
# update ViNS, leave in disabled state
decon.vins_update(vins_facts,
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'])
decon.action()
elif amodule.params['state'] == 'enabled':
# update ViNS and enable
decon.vins_update(vins_facts,
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'])
decon.vins_state(vins_facts, 'enabled')
elif vins_facts['status'] in ["CREATED", "ENABLED"]:
decon.action('enabled')
elif decon.vins_facts['status'] in ["CREATED", "ENABLED"]:
if amodule.params['state'] == 'absent':
decon.vins_delete(vins_id, permanently=True)
vins_facts['status'] = 'DESTROYED'
decon.delete()
vins_should_exist = False
elif amodule.params['state'] in ('present', 'enabled'):
# update ViNS
decon.vins_update(vins_facts,
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'],
)
decon.vins_update_mgmt(
vins_facts,
amodule.params['mgmtaddr'],
)
decon.vins_update_ifaces(
vins_facts,
amodule.params['connect_to'],
)
decon.action()
elif amodule.params['state'] == 'disabled':
# disable and update ViNS
decon.vins_state(vins_facts, 'disabled')
decon.vins_update(vins_facts,
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'])
elif vins_facts['status'] == "DELETED":
decon.action('disabled')
elif decon.vins_facts['status'] == "DELETED":
if amodule.params['state'] in ['present', 'enabled']:
# restore and enable
decon.vins_restore(arg_vins_id=vins_id)
decon.vins_state(vins_facts, 'enabled')
decon.action(restore=True)
vins_should_exist = True
elif amodule.params['state'] == 'absent':
# destroy permanently
decon.vins_delete(vins_id, permanently=True)
vins_facts['status'] = 'DESTROYED'
decon.delete()
vins_should_exist = False
elif amodule.params['state'] == 'disabled':
# error
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for ViNS ID {} in the "
"current status '{}'").format(vins_id,
amodule.params['state'],
vins_facts['status'])
decon.error()
vins_should_exist = False
elif vins_facts['status'] == "DESTROYED":
elif decon.vins_facts['status'] == "DESTROYED":
if amodule.params['state'] in ('present', 'enabled'):
# need to re-provision ViNS; some attributes may be changed, some stay the same.
# account and RG - stays the same
# vins_name - stays the same
# IPcidr - take from module arguments
# ext IP address - take from module arguments
# annotation - take from module arguments
vins_id = decon.vins_provision(vins_facts['name'],
validated_acc_id, validated_rg_id,
amodule.params['ipcidr'],
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'],
amodule.params['annotation'])
# need to re-provision ViNS;
decon.create()
vins_should_exist = True
elif amodule.params['state'] == 'absent':
# nop
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("No state change required for ViNS ID {} because of its "
"current status '{}'").format(vins_id,
vins_facts['status'])
decon.nop()
vins_should_exist = False
elif amodule.params['state'] == 'disabled':
# error
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for ViNS ID {} in the "
"current status '{}'").format(vins_id,
amodule.params['state'],
vins_facts['status'])
decon.error()
else:
# Preexisting ViNS was not found.
vins_should_exist = False # we will change it back to True if ViNS is created or restored
# If requested state is 'absent' - nothing to do
if amodule.params['state'] == 'absent':
decon.result['failed'] = False
decon.result['changed'] = False
decon.result['msg'] = ("Nothing to do as target state 'absent' was requested for "
"non-existent ViNS name '{}'").format(amodule.params['vins_name'])
decon.nop()
elif amodule.params['state'] in ('present', 'enabled'):
decon.check_amodule_argument('vins_name')
# as we already have account ID and RG ID we can create ViNS and get vins_id on success
vins_id = decon.vins_provision(amodule.params['vins_name'],
validated_acc_id, validated_rg_id,
amodule.params['ipcidr'],
amodule.params['ext_net_id'], amodule.params['ext_ip_addr'],
amodule.params['annotation'])
decon.create()
vins_should_exist = True
elif amodule.params['state'] == 'disabled':
decon.result['failed'] = True
decon.result['changed'] = False
decon.result['msg'] = ("Invalid target state '{}' requested for non-existent "
"ViNS name '{}'").format(amodule.params['state'],
amodule.params['vins_name'])
decon.error()
#
# conditional switch end - complete module run
#
@@ -593,18 +638,9 @@ def main():
amodule.fail_json(**decon.result)
else:
# prepare ViNS facts to be returned as part of decon.result and then call exit_json(...)
if vins_should_exist:
if decon.result['changed']:
# If we arrive here, there is a good chance that the ViNS is present - get fresh ViNS
# facts from # the cloud by ViNS ID.
# Otherwise, ViNS facts from previous call (when the ViNS was still in existence) will
# be returned.
_, vins_facts = decon.vins_find(vins_id)
decon.result['facts'] = decort_vins_package_facts(vins_facts, amodule.check_mode)
# add password to facts if mgmtaddr is present
# need reworking
if amodule.params['mgmtaddr'] != "":
decon.result['facts'].update({'password': vins_facts['VNFDev']['config']['mgmt']['password']})
if decon.result['changed']:
_, decon.vins_facts = decon.vins_find(decon.vins_id)
decon.result['facts'] = decon.package_facts(amodule.check_mode)
amodule.exit_json(**decon.result)

1173
module_utils/decort_utils.py
View File

File diff suppressed because it is too large Load Diff