From edce6a41cfc3235354fea639baaef8198aed0ffc Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Tue, 31 Mar 2015 17:05:43 -0400 Subject: [PATCH 1/6] Add OpenStack Router module Also deprecate old quantum_router module --- .../{quantum_router.py => _quantum_router.py} | 1 + cloud/openstack/os_router.py | 129 ++++++++++++++++++ 2 files changed, 130 insertions(+) rename cloud/openstack/{quantum_router.py => _quantum_router.py} (99%) create mode 100644 cloud/openstack/os_router.py diff --git a/cloud/openstack/quantum_router.py b/cloud/openstack/_quantum_router.py similarity index 99% rename from cloud/openstack/quantum_router.py rename to cloud/openstack/_quantum_router.py index ba94773bbe4..252e1618d90 100644 --- a/cloud/openstack/quantum_router.py +++ b/cloud/openstack/_quantum_router.py @@ -31,6 +31,7 @@ DOCUMENTATION = ''' module: quantum_router version_added: "1.2" author: "Benno Joy (@bennojoy)" +deprecated: Deprecated in 2.0. Use os_router instead short_description: Create or Remove router from openstack description: - Create or Delete routers from OpenStack diff --git a/cloud/openstack/os_router.py b/cloud/openstack/os_router.py new file mode 100644 index 00000000000..f5964b2246f --- /dev/null +++ b/cloud/openstack/os_router.py @@ -0,0 +1,129 @@ +#!/usr/bin/python + +# Copyright (c) 2014 Hewlett-Packard Development Company, L.P. +# Copyright (c) 2013, Benno Joy +# +# This module is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this software. If not, see . + +try: + import shade + HAS_SHADE = True +except ImportError: + HAS_SHADE = False + + +DOCUMENTATION = ''' +--- +module: os_router +short_description: Create or Delete routers from OpenStack +extends_documentation_fragment: openstack +version_added: "1.10" +description: + - Create or Delete routers from OpenStack +options: + state: + description: + - Indicate desired state of the resource + choices: ['present', 'absent'] + default: present + name: + description: + - Name to be give to the router + required: true + admin_state_up: + description: + - desired admin state of the created router . + required: false + default: true +requirements: ["shade"] +''' + +EXAMPLES = ''' +# Creates a router for tenant admin +- os_router: state=present + username=admin + password=admin + project_name=admin + name=router1" +''' + +def _get_router_id(module, neutron): + kwargs = { + 'name': module.params['name'], + } + try: + routers = neutron.list_routers(**kwargs) + except Exception, e: + module.fail_json(msg = "Error in getting the router list: %s " % e.message) + if not routers['routers']: + return None + return routers['routers'][0]['id'] + +def _create_router(module, neutron): + router = { + 'name': module.params['name'], + 'admin_state_up': module.params['admin_state_up'], + } + try: + new_router = neutron.create_router(dict(router=router)) + except Exception, e: + module.fail_json( msg = "Error in creating router: %s" % e.message) + return new_router['router']['id'] + +def _delete_router(module, neutron, router_id): + try: + neutron.delete_router(router_id) + except: + module.fail_json("Error in deleting the router") + return True + +def main(): + argument_spec = openstack_full_argument_spec( + name = dict(required=True), + state = dict(default='present', choices=['absent', 'present']), + admin_state_up = dict(type='bool', default=True), + ) + module_kwargs = openstack_module_kwargs() + module = AnsibleModule(argument_spec, **module_kwargs) + + if not HAS_SHADE: + module.fail_json(msg='shade is required for this module') + + try: + cloud = shade.openstack_cloud(**module.params) + neutron = cloud.neutron_client + + + if module.params['state'] == 'present': + router_id = _get_router_id(module, neutron) + if not router_id: + router_id = _create_router(module, neutron) + module.exit_json(changed=True, result="Created", id=router_id) + else: + module.exit_json(changed=False, result="success" , id=router_id) + + else: + router_id = _get_router_id(module, neutron) + if not router_id: + module.exit_json(changed=False, result="success") + else: + _delete_router(module, neutron, router_id) + module.exit_json(changed=True, result="deleted") + except shade.OpenStackCloudException as e: + module.fail_json(msg=e.message) + +# this is magic, see lib/ansible/module_common.py +from ansible.module_utils.basic import * +from ansible.module_utils.openstack import * +main() From 653060dc47cf1557c487bc007b76ee133f8bc8ef Mon Sep 17 00:00:00 2001 From: David Shrewsbury Date: Wed, 8 Apr 2015 14:10:34 -0400 Subject: [PATCH 2/6] Update os_router to the latest version This version uses the latest shade for a cleaner interface, support for check mode, and updating an existing router. --- cloud/openstack/os_router.py | 109 +++++++++++++++++++---------------- 1 file changed, 59 insertions(+), 50 deletions(-) diff --git a/cloud/openstack/os_router.py b/cloud/openstack/os_router.py index f5964b2246f..767d1da183f 100644 --- a/cloud/openstack/os_router.py +++ b/cloud/openstack/os_router.py @@ -30,7 +30,9 @@ short_description: Create or Delete routers from OpenStack extends_documentation_fragment: openstack version_added: "1.10" description: - - Create or Delete routers from OpenStack + - Create or Delete routers from OpenStack. Although Neutron allows + routers to share the same name, this module enforces name uniqueness + to be more user friendly. options: state: description: @@ -43,7 +45,7 @@ options: required: true admin_state_up: description: - - desired admin state of the created router . + - Desired admin state of the created router. required: false default: true requirements: ["shade"] @@ -51,75 +53,82 @@ requirements: ["shade"] EXAMPLES = ''' # Creates a router for tenant admin -- os_router: state=present - username=admin - password=admin - project_name=admin - name=router1" +- os_router: + state=present + name=router1 + admin_state_up=True ''' -def _get_router_id(module, neutron): - kwargs = { - 'name': module.params['name'], - } - try: - routers = neutron.list_routers(**kwargs) - except Exception, e: - module.fail_json(msg = "Error in getting the router list: %s " % e.message) - if not routers['routers']: - return None - return routers['routers'][0]['id'] - -def _create_router(module, neutron): - router = { - 'name': module.params['name'], - 'admin_state_up': module.params['admin_state_up'], - } - try: - new_router = neutron.create_router(dict(router=router)) - except Exception, e: - module.fail_json( msg = "Error in creating router: %s" % e.message) - return new_router['router']['id'] -def _delete_router(module, neutron, router_id): - try: - neutron.delete_router(router_id) - except: - module.fail_json("Error in deleting the router") - return True +def _needs_update(router, admin_state_up): + """Decide if the given router needs an update. + + The only attribute of the router that we allow to change is the value + of admin_state_up. Name changes are not supported here. + """ + if router['admin_state_up'] != admin_state_up: + return True + return False + +def _system_state_change(module, router): + """Check if the system state would be changed.""" + state = module.params['state'] + if state == 'absent' and router: + return True + if state == 'present': + if not router: + return True + return _needs_update(router, module.params['admin_state_up']) + return False def main(): argument_spec = openstack_full_argument_spec( - name = dict(required=True), - state = dict(default='present', choices=['absent', 'present']), - admin_state_up = dict(type='bool', default=True), + name=dict(required=True), + admin_state_up=dict(type='bool', default=True), + state=dict(default='present', choices=['absent', 'present']), ) + module_kwargs = openstack_module_kwargs() - module = AnsibleModule(argument_spec, **module_kwargs) + module = AnsibleModule(argument_spec, + supports_check_mode=True, + **module_kwargs) if not HAS_SHADE: module.fail_json(msg='shade is required for this module') + name = module.params['name'] + admin_state_up = module.params['admin_state_up'] + state = module.params['state'] + try: cloud = shade.openstack_cloud(**module.params) - neutron = cloud.neutron_client + router = cloud.get_router(name) + if module.check_mode: + module.exit_json(changed=_system_state_change(module, router)) - if module.params['state'] == 'present': - router_id = _get_router_id(module, neutron) - if not router_id: - router_id = _create_router(module, neutron) - module.exit_json(changed=True, result="Created", id=router_id) + if state == 'present': + if not router: + router = cloud.create_router(name, admin_state_up) + module.exit_json(changed=True, result="created", + id=router['id']) else: - module.exit_json(changed=False, result="success" , id=router_id) + if _needs_update(router, admin_state_up): + cloud.update_router(router['id'], + admin_state_up=admin_state_up) + module.exit_json(changed=True, result="updated", + id=router['id']) + else: + module.exit_json(changed=False, result="success", + id=router['id']) - else: - router_id = _get_router_id(module, neutron) - if not router_id: + elif state == 'absent': + if not router: module.exit_json(changed=False, result="success") else: - _delete_router(module, neutron, router_id) + cloud.delete_router(name) module.exit_json(changed=True, result="deleted") + except shade.OpenStackCloudException as e: module.fail_json(msg=e.message) From ef93fb1c149336032d34c645ae00a99386178516 Mon Sep 17 00:00:00 2001 From: David Shrewsbury Date: Mon, 14 Sep 2015 16:20:18 -0400 Subject: [PATCH 3/6] More os_router module cleanup and fixes. Added a RETURN section, corrected version_added value, removed use of 'result' in exit_json() calls. --- cloud/openstack/os_router.py | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/cloud/openstack/os_router.py b/cloud/openstack/os_router.py index 767d1da183f..24cbefd0c36 100644 --- a/cloud/openstack/os_router.py +++ b/cloud/openstack/os_router.py @@ -28,7 +28,7 @@ DOCUMENTATION = ''' module: os_router short_description: Create or Delete routers from OpenStack extends_documentation_fragment: openstack -version_added: "1.10" +version_added: "2.0" description: - Create or Delete routers from OpenStack. Although Neutron allows routers to share the same name, this module enforces name uniqueness @@ -45,7 +45,7 @@ options: required: true admin_state_up: description: - - Desired admin state of the created router. + - Desired admin state of the created or existing router. required: false default: true requirements: ["shade"] @@ -59,6 +59,13 @@ EXAMPLES = ''' admin_state_up=True ''' +RETURN = ''' +id: + description: Router ID + returned: On success when I(state) is 'present'. + type: string +''' + def _needs_update(router, admin_state_up): """Decide if the given router needs an update. @@ -110,29 +117,28 @@ def main(): if state == 'present': if not router: router = cloud.create_router(name, admin_state_up) - module.exit_json(changed=True, result="created", - id=router['id']) + module.exit_json(changed=True, id=router['id']) else: if _needs_update(router, admin_state_up): cloud.update_router(router['id'], admin_state_up=admin_state_up) - module.exit_json(changed=True, result="updated", - id=router['id']) + module.exit_json(changed=True, id=router['id']) else: - module.exit_json(changed=False, result="success", - id=router['id']) + module.exit_json(changed=False, id=router['id']) elif state == 'absent': if not router: - module.exit_json(changed=False, result="success") + module.exit_json(changed=False) else: cloud.delete_router(name) - module.exit_json(changed=True, result="deleted") + module.exit_json(changed=True) except shade.OpenStackCloudException as e: module.fail_json(msg=e.message) + # this is magic, see lib/ansible/module_common.py from ansible.module_utils.basic import * from ansible.module_utils.openstack import * -main() +if __name__ == '__main__': + main() From d52bb6797896056861f255a9b463436c324d381c Mon Sep 17 00:00:00 2001 From: David Shrewsbury Date: Fri, 25 Sep 2015 13:09:02 -0400 Subject: [PATCH 4/6] Allow complete router configuration This change allows one to completely configure a router, including gateway and interfaces, using the latest shade (>0.13.0). --- cloud/openstack/os_router.py | 215 ++++++++++++++++++++++++++++++----- 1 file changed, 184 insertions(+), 31 deletions(-) diff --git a/cloud/openstack/os_router.py b/cloud/openstack/os_router.py index 24cbefd0c36..9be45d94ef7 100644 --- a/cloud/openstack/os_router.py +++ b/cloud/openstack/os_router.py @@ -1,7 +1,4 @@ #!/usr/bin/python - -# Copyright (c) 2014 Hewlett-Packard Development Company, L.P. -# Copyright (c) 2013, Benno Joy # # This module is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,7 +23,7 @@ except ImportError: DOCUMENTATION = ''' --- module: os_router -short_description: Create or Delete routers from OpenStack +short_description: Create or delete routers from OpenStack extends_documentation_fragment: openstack version_added: "2.0" description: @@ -48,36 +45,147 @@ options: - Desired admin state of the created or existing router. required: false default: true + enable_snat: + description: + - Enable Source NAT (SNAT) attribute. + required: false + default: true + network: + description: + - Unique name or ID of the external gateway network. + type: string + required: true when I(interfaces) or I(enable_snat) are provided, + false otherwise. + default: None + interfaces: + description: + - List of subnets to attach to the router. Each is a dictionary with + the subnet name or ID (subnet) and the IP address to assign on that + subnet (ip). If no IP is specified, one is automatically assigned from + that subnet. + required: false + default: None requirements: ["shade"] ''' EXAMPLES = ''' -# Creates a router for tenant admin +# Create a simple router, not attached to a gateway or subnets. +- os_router: + cloud: mycloud + state: present + name: simple_router + +# Creates a router attached to ext_network1 and one subnet interface. +# An IP address from subnet1's IP range will automatically be assigned +# to that interface. - os_router: - state=present - name=router1 - admin_state_up=True + cloud: mycloud + state: present + name: router1 + network: ext_network1 + interfaces: + - subnet: subnet1 + +# Update existing router1 to include subnet2 (10.5.5.0/24), specifying +# the IP address within subnet2's IP range we'd like for that interface. +- os_router: + cloud: mycloud + state: present + name: router1 + network: ext_network1 + interfaces: + - subnet: subnet1 + - subnet: subnet2 + ip: 10.5.5.1 + +# Delete router1 +- os_router: + cloud: mycloud + state: absent + name: router1 ''' RETURN = ''' -id: - description: Router ID - returned: On success when I(state) is 'present'. - type: string +router: + description: Dictionary describing the router. + returned: On success when I(state) is 'present' + type dictionary + contains: + id: + description: Router ID. + type: string + sample: "474acfe5-be34-494c-b339-50f06aa143e4" + name: + description: Router name. + type: string + sample: "router1" + admin_state_up: + description: Administrative state of the router. + type: boolean + sample: true + status: + description: The router status. + type: string + sample: "ACTIVE" + tenant_id: + description: The tenant ID. + type: string + sample: "861174b82b43463c9edc5202aadc60ef" + external_gateway_info: + description: The external gateway parameters. + type: dictionary + sample: { + "enable_snat": true, + "external_fixed_ips": [ + { + "ip_address": "10.6.6.99", + "subnet_id": "4272cb52-a456-4c20-8f3c-c26024ecfa81" + } + } + routes: + description: The extra routes configuration for L3 router. + type: list ''' -def _needs_update(router, admin_state_up): +def _needs_update(cloud, module, router, network): """Decide if the given router needs an update. - - The only attribute of the router that we allow to change is the value - of admin_state_up. Name changes are not supported here. """ - if router['admin_state_up'] != admin_state_up: + if router['admin_state_up'] != module.params['admin_state_up']: return True + if router['external_gateway_info']['enable_snat'] != module.params['enable_snat']: + return True + if network: + if router['external_gateway_info']['network_id'] != network['id']: + return True + + # check subnet interfaces + for new_iface in module.params['interfaces']: + subnet = cloud.get_subnet(new_iface['subnet']) + if not subnet: + module.fail_json(msg='subnet %s not found' % new_iface['subnet']) + exists = False + + # compare the requested interface with existing, looking for an existing match + for existing_iface in router['external_gateway_info']['external_fixed_ips']: + if existing_iface['subnet_id'] == subnet['id']: + if 'ip' in new_iface: + if existing_iface['ip_address'] == new_iface['ip']: + # both subnet id and ip address match + exists = True + break + else: + # only the subnet was given, so ip doesn't matter + exists = True + break + + # this interface isn't present on the existing router + if not exists: + return True + return False -def _system_state_change(module, router): +def _system_state_change(cloud, module, router, network): """Check if the system state would be changed.""" state = module.params['state'] if state == 'absent' and router: @@ -85,14 +193,45 @@ def _system_state_change(module, router): if state == 'present': if not router: return True - return _needs_update(router, module.params['admin_state_up']) + return _needs_update(cloud, module, router, network) return False +def _build_kwargs(cloud, module, router, network): + kwargs = { + 'admin_state_up': module.params['admin_state_up'], + } + + if router: + kwargs['name_or_id'] = router['id'] + else: + kwargs['name'] = module.params['name'] + + if network: + kwargs['ext_gateway_net_id'] = network['id'] + # can't send enable_snat unless we have a network + kwargs['enable_snat'] = module.params['enable_snat'] + + if module.params['interfaces']: + kwargs['ext_fixed_ips'] = [] + for iface in module.params['interfaces']: + subnet = cloud.get_subnet(iface['subnet']) + if not subnet: + module.fail_json(msg='subnet %s not found' % iface['subnet']) + d = {'subnet_id': subnet['id']} + if 'ip' in iface: + d['ip_address'] = iface['ip'] + kwargs['ext_fixed_ips'].append(d) + + return kwargs + def main(): argument_spec = openstack_full_argument_spec( + state=dict(default='present', choices=['absent', 'present']), name=dict(required=True), admin_state_up=dict(type='bool', default=True), - state=dict(default='present', choices=['absent', 'present']), + enable_snat=dict(type='bool', default=True), + network=dict(default=None), + interfaces=dict(type='list', default=None) ) module_kwargs = openstack_module_kwargs() @@ -103,28 +242,42 @@ def main(): if not HAS_SHADE: module.fail_json(msg='shade is required for this module') - name = module.params['name'] - admin_state_up = module.params['admin_state_up'] state = module.params['state'] + name = module.params['name'] + network = module.params['network'] + + if module.params['interfaces'] and not network: + module.fail_json(msg='network is required when supplying interfaces') try: cloud = shade.openstack_cloud(**module.params) router = cloud.get_router(name) + net = None + if network: + net = cloud.get_network(network) + if not net: + module.fail_json(msg='network %s not found' % network) + if module.check_mode: - module.exit_json(changed=_system_state_change(module, router)) + module.exit_json( + changed=_system_state_change(cloud, module, router, net) + ) if state == 'present': + changed = False + if not router: - router = cloud.create_router(name, admin_state_up) - module.exit_json(changed=True, id=router['id']) + kwargs = _build_kwargs(cloud, module, router, net) + router = cloud.create_router(**kwargs) + changed = True else: - if _needs_update(router, admin_state_up): - cloud.update_router(router['id'], - admin_state_up=admin_state_up) - module.exit_json(changed=True, id=router['id']) - else: - module.exit_json(changed=False, id=router['id']) + if _needs_update(cloud, module, router, net): + kwargs = _build_kwargs(cloud, module, router, net) + router = cloud.update_router(**kwargs) + changed = True + + module.exit_json(changed=changed, router=router) elif state == 'absent': if not router: From 08e91ef68f1d83e9c0d5d6aae1b56b78e5504fc4 Mon Sep 17 00:00:00 2001 From: David Shrewsbury Date: Fri, 2 Oct 2015 09:19:55 -0400 Subject: [PATCH 5/6] Deprecate older router modules. The quantum_router_gateway.py and quantum_router_interface.py modules are deprecated with this change. --- .../{quantum_router_gateway.py => _quantum_router_gateway.py} | 1 + ...{quantum_router_interface.py => _quantum_router_interface.py} | 1 + 2 files changed, 2 insertions(+) rename cloud/openstack/{quantum_router_gateway.py => _quantum_router_gateway.py} (99%) rename cloud/openstack/{quantum_router_interface.py => _quantum_router_interface.py} (99%) diff --git a/cloud/openstack/quantum_router_gateway.py b/cloud/openstack/_quantum_router_gateway.py similarity index 99% rename from cloud/openstack/quantum_router_gateway.py rename to cloud/openstack/_quantum_router_gateway.py index 48248662ed7..891cee55a09 100644 --- a/cloud/openstack/quantum_router_gateway.py +++ b/cloud/openstack/_quantum_router_gateway.py @@ -31,6 +31,7 @@ DOCUMENTATION = ''' module: quantum_router_gateway version_added: "1.2" author: "Benno Joy (@bennojoy)" +deprecated: Deprecated in 2.0. Use os_router instead short_description: set/unset a gateway interface for the router with the specified external network description: - Creates/Removes a gateway interface from the router, used to associate a external network with a router to route external traffic. diff --git a/cloud/openstack/quantum_router_interface.py b/cloud/openstack/_quantum_router_interface.py similarity index 99% rename from cloud/openstack/quantum_router_interface.py rename to cloud/openstack/_quantum_router_interface.py index 7374b542390..4073c7d3b10 100644 --- a/cloud/openstack/quantum_router_interface.py +++ b/cloud/openstack/_quantum_router_interface.py @@ -31,6 +31,7 @@ DOCUMENTATION = ''' module: quantum_router_interface version_added: "1.2" author: "Benno Joy (@bennojoy)" +deprecated: Deprecated in 2.0. Use os_router instead short_description: Attach/Dettach a subnet's interface to a router description: - Attach/Dettach a subnet interface to a router, to provide a gateway for the subnet. From aa1e8b8b055a2e8d804a8895cdf370f550be94db Mon Sep 17 00:00:00 2001 From: David Shrewsbury Date: Fri, 2 Oct 2015 09:41:18 -0400 Subject: [PATCH 6/6] Add author to os_router --- cloud/openstack/os_router.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cloud/openstack/os_router.py b/cloud/openstack/os_router.py index 9be45d94ef7..007201be193 100644 --- a/cloud/openstack/os_router.py +++ b/cloud/openstack/os_router.py @@ -26,6 +26,7 @@ module: os_router short_description: Create or delete routers from OpenStack extends_documentation_fragment: openstack version_added: "2.0" +author: "David Shrewsbury (@Shrews)" description: - Create or Delete routers from OpenStack. Although Neutron allows routers to share the same name, this module enforces name uniqueness