mirror of https://github.com/ansible/ansible.git
merged
commit
7a76fcb159
@ -0,0 +1,4 @@
|
|||||||
|
[report]
|
||||||
|
omit =
|
||||||
|
*/python?.?/*
|
||||||
|
*/site-packages/nose/*
|
@ -0,0 +1 @@
|
|||||||
|
CHANGELOG.md merge=union
|
@ -1,16 +1,12 @@
|
|||||||
[submodule "lib/ansible/modules/core"]
|
[submodule "lib/ansible/modules/core"]
|
||||||
path = lib/ansible/modules/core
|
path = lib/ansible/modules/core
|
||||||
url = https://github.com/ansible/ansible-modules-core.git
|
url = https://github.com/ansible/ansible-modules-core
|
||||||
branch = devel
|
|
||||||
[submodule "lib/ansible/modules/extras"]
|
[submodule "lib/ansible/modules/extras"]
|
||||||
path = lib/ansible/modules/extras
|
path = lib/ansible/modules/extras
|
||||||
url = https://github.com/ansible/ansible-modules-extras.git
|
url = https://github.com/ansible/ansible-modules-extras
|
||||||
branch = devel
|
[submodule "v1/ansible/modules/core"]
|
||||||
[submodule "v2/ansible/modules/core"]
|
path = v1/ansible/modules/core
|
||||||
path = v2/ansible/modules/core
|
url = https://github.com/ansible/ansible-modules-core
|
||||||
url = https://github.com/ansible/ansible-modules-core.git
|
[submodule "v1/ansible/modules/extras"]
|
||||||
branch = devel
|
path = v1/ansible/modules/extras
|
||||||
[submodule "v2/ansible/modules/extras"]
|
url = https://github.com/ansible/ansible-modules-extras
|
||||||
path = v2/ansible/modules/extras
|
|
||||||
url = https://github.com/ansible/ansible-modules-extras.git
|
|
||||||
branch = devel
|
|
||||||
|
@ -0,0 +1,18 @@
|
|||||||
|
sudo: false
|
||||||
|
language: python
|
||||||
|
env:
|
||||||
|
- TOXENV=py26
|
||||||
|
- TOXENV=py27
|
||||||
|
addons:
|
||||||
|
apt:
|
||||||
|
sources:
|
||||||
|
- deadsnakes
|
||||||
|
packages:
|
||||||
|
- python2.4
|
||||||
|
install:
|
||||||
|
- pip install tox PyYAML Jinja2 sphinx
|
||||||
|
script:
|
||||||
|
- tox
|
||||||
|
#- make -C docsite all
|
||||||
|
after_success:
|
||||||
|
- coveralls
|
@ -1,295 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
# (c) 2012, Jan-Piet Mens <jpmens () gmail.com>
|
|
||||||
#
|
|
||||||
# This file is part of Ansible
|
|
||||||
#
|
|
||||||
# Ansible is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Ansible is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
#
|
|
||||||
|
|
||||||
import os
|
|
||||||
import sys
|
|
||||||
import textwrap
|
|
||||||
import re
|
|
||||||
import optparse
|
|
||||||
import datetime
|
|
||||||
import subprocess
|
|
||||||
from ansible import utils
|
|
||||||
from ansible.utils import module_docs
|
|
||||||
import ansible.constants as C
|
|
||||||
from ansible.utils import version
|
|
||||||
import traceback
|
|
||||||
|
|
||||||
MODULEDIR = C.DEFAULT_MODULE_PATH
|
|
||||||
|
|
||||||
BLACKLIST_EXTS = ('.pyc', '.swp', '.bak', '~', '.rpm')
|
|
||||||
|
|
||||||
_ITALIC = re.compile(r"I\(([^)]+)\)")
|
|
||||||
_BOLD = re.compile(r"B\(([^)]+)\)")
|
|
||||||
_MODULE = re.compile(r"M\(([^)]+)\)")
|
|
||||||
_URL = re.compile(r"U\(([^)]+)\)")
|
|
||||||
_CONST = re.compile(r"C\(([^)]+)\)")
|
|
||||||
PAGER = 'less'
|
|
||||||
LESS_OPTS = 'FRSX' # -F (quit-if-one-screen) -R (allow raw ansi control chars)
|
|
||||||
# -S (chop long lines) -X (disable termcap init and de-init)
|
|
||||||
|
|
||||||
def pager_print(text):
|
|
||||||
''' just print text '''
|
|
||||||
print text
|
|
||||||
|
|
||||||
def pager_pipe(text, cmd):
|
|
||||||
''' pipe text through a pager '''
|
|
||||||
if 'LESS' not in os.environ:
|
|
||||||
os.environ['LESS'] = LESS_OPTS
|
|
||||||
try:
|
|
||||||
cmd = subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE, stdout=sys.stdout)
|
|
||||||
cmd.communicate(input=text)
|
|
||||||
except IOError:
|
|
||||||
pass
|
|
||||||
except KeyboardInterrupt:
|
|
||||||
pass
|
|
||||||
|
|
||||||
def pager(text):
|
|
||||||
''' find reasonable way to display text '''
|
|
||||||
# this is a much simpler form of what is in pydoc.py
|
|
||||||
if not sys.stdout.isatty():
|
|
||||||
pager_print(text)
|
|
||||||
elif 'PAGER' in os.environ:
|
|
||||||
if sys.platform == 'win32':
|
|
||||||
pager_print(text)
|
|
||||||
else:
|
|
||||||
pager_pipe(text, os.environ['PAGER'])
|
|
||||||
elif hasattr(os, 'system') and os.system('(less) 2> /dev/null') == 0:
|
|
||||||
pager_pipe(text, 'less')
|
|
||||||
else:
|
|
||||||
pager_print(text)
|
|
||||||
|
|
||||||
def tty_ify(text):
|
|
||||||
|
|
||||||
t = _ITALIC.sub("`" + r"\1" + "'", text) # I(word) => `word'
|
|
||||||
t = _BOLD.sub("*" + r"\1" + "*", t) # B(word) => *word*
|
|
||||||
t = _MODULE.sub("[" + r"\1" + "]", t) # M(word) => [word]
|
|
||||||
t = _URL.sub(r"\1", t) # U(word) => word
|
|
||||||
t = _CONST.sub("`" + r"\1" + "'", t) # C(word) => `word'
|
|
||||||
|
|
||||||
return t
|
|
||||||
|
|
||||||
def get_man_text(doc):
|
|
||||||
|
|
||||||
opt_indent=" "
|
|
||||||
text = []
|
|
||||||
text.append("> %s\n" % doc['module'].upper())
|
|
||||||
|
|
||||||
desc = " ".join(doc['description'])
|
|
||||||
|
|
||||||
text.append("%s\n" % textwrap.fill(tty_ify(desc), initial_indent=" ", subsequent_indent=" "))
|
|
||||||
|
|
||||||
if 'option_keys' in doc and len(doc['option_keys']) > 0:
|
|
||||||
text.append("Options (= is mandatory):\n")
|
|
||||||
|
|
||||||
for o in sorted(doc['option_keys']):
|
|
||||||
opt = doc['options'][o]
|
|
||||||
|
|
||||||
if opt.get('required', False):
|
|
||||||
opt_leadin = "="
|
|
||||||
else:
|
|
||||||
opt_leadin = "-"
|
|
||||||
|
|
||||||
text.append("%s %s" % (opt_leadin, o))
|
|
||||||
|
|
||||||
desc = " ".join(opt['description'])
|
|
||||||
|
|
||||||
if 'choices' in opt:
|
|
||||||
choices = ", ".join(str(i) for i in opt['choices'])
|
|
||||||
desc = desc + " (Choices: " + choices + ")"
|
|
||||||
if 'default' in opt:
|
|
||||||
default = str(opt['default'])
|
|
||||||
desc = desc + " [Default: " + default + "]"
|
|
||||||
text.append("%s\n" % textwrap.fill(tty_ify(desc), initial_indent=opt_indent,
|
|
||||||
subsequent_indent=opt_indent))
|
|
||||||
|
|
||||||
if 'notes' in doc and len(doc['notes']) > 0:
|
|
||||||
notes = " ".join(doc['notes'])
|
|
||||||
text.append("Notes:%s\n" % textwrap.fill(tty_ify(notes), initial_indent=" ",
|
|
||||||
subsequent_indent=opt_indent))
|
|
||||||
|
|
||||||
|
|
||||||
if 'requirements' in doc and doc['requirements'] is not None and len(doc['requirements']) > 0:
|
|
||||||
req = ", ".join(doc['requirements'])
|
|
||||||
text.append("Requirements:%s\n" % textwrap.fill(tty_ify(req), initial_indent=" ",
|
|
||||||
subsequent_indent=opt_indent))
|
|
||||||
|
|
||||||
if 'examples' in doc and len(doc['examples']) > 0:
|
|
||||||
text.append("Example%s:\n" % ('' if len(doc['examples']) < 2 else 's'))
|
|
||||||
for ex in doc['examples']:
|
|
||||||
text.append("%s\n" % (ex['code']))
|
|
||||||
|
|
||||||
if 'plainexamples' in doc and doc['plainexamples'] is not None:
|
|
||||||
text.append(doc['plainexamples'])
|
|
||||||
text.append('')
|
|
||||||
|
|
||||||
return "\n".join(text)
|
|
||||||
|
|
||||||
|
|
||||||
def get_snippet_text(doc):
|
|
||||||
|
|
||||||
text = []
|
|
||||||
desc = tty_ify(" ".join(doc['short_description']))
|
|
||||||
text.append("- name: %s" % (desc))
|
|
||||||
text.append(" action: %s" % (doc['module']))
|
|
||||||
|
|
||||||
for o in sorted(doc['options'].keys()):
|
|
||||||
opt = doc['options'][o]
|
|
||||||
desc = tty_ify(" ".join(opt['description']))
|
|
||||||
|
|
||||||
if opt.get('required', False):
|
|
||||||
s = o + "="
|
|
||||||
else:
|
|
||||||
s = o
|
|
||||||
|
|
||||||
text.append(" %-20s # %s" % (s, desc))
|
|
||||||
text.append('')
|
|
||||||
|
|
||||||
return "\n".join(text)
|
|
||||||
|
|
||||||
def get_module_list_text(module_list):
|
|
||||||
text = []
|
|
||||||
for module in sorted(set(module_list)):
|
|
||||||
|
|
||||||
if module in module_docs.BLACKLIST_MODULES:
|
|
||||||
continue
|
|
||||||
|
|
||||||
filename = utils.plugins.module_finder.find_plugin(module)
|
|
||||||
|
|
||||||
if filename is None:
|
|
||||||
continue
|
|
||||||
if filename.endswith(".ps1"):
|
|
||||||
continue
|
|
||||||
if os.path.isdir(filename):
|
|
||||||
continue
|
|
||||||
|
|
||||||
try:
|
|
||||||
doc, plainexamples = module_docs.get_docstring(filename)
|
|
||||||
desc = tty_ify(doc.get('short_description', '?'))
|
|
||||||
if len(desc) > 55:
|
|
||||||
desc = desc + '...'
|
|
||||||
text.append("%-20s %-60.60s" % (module, desc))
|
|
||||||
except:
|
|
||||||
traceback.print_exc()
|
|
||||||
sys.stderr.write("ERROR: module %s has a documentation error formatting or is missing documentation\n" % module)
|
|
||||||
return "\n".join(text)
|
|
||||||
|
|
||||||
def main():
|
|
||||||
|
|
||||||
p = optparse.OptionParser(
|
|
||||||
version=version("%prog"),
|
|
||||||
usage='usage: %prog [options] [module...]',
|
|
||||||
description='Show Ansible module documentation',
|
|
||||||
)
|
|
||||||
|
|
||||||
p.add_option("-M", "--module-path",
|
|
||||||
action="store",
|
|
||||||
dest="module_path",
|
|
||||||
default=MODULEDIR,
|
|
||||||
help="Ansible modules/ directory")
|
|
||||||
p.add_option("-l", "--list",
|
|
||||||
action="store_true",
|
|
||||||
default=False,
|
|
||||||
dest='list_dir',
|
|
||||||
help='List available modules')
|
|
||||||
p.add_option("-s", "--snippet",
|
|
||||||
action="store_true",
|
|
||||||
default=False,
|
|
||||||
dest='show_snippet',
|
|
||||||
help='Show playbook snippet for specified module(s)')
|
|
||||||
p.add_option('-v', action='version', help='Show version number and exit')
|
|
||||||
|
|
||||||
(options, args) = p.parse_args()
|
|
||||||
|
|
||||||
if options.module_path is not None:
|
|
||||||
for i in options.module_path.split(os.pathsep):
|
|
||||||
utils.plugins.module_finder.add_directory(i)
|
|
||||||
|
|
||||||
if options.list_dir:
|
|
||||||
# list all modules
|
|
||||||
paths = utils.plugins.module_finder._get_paths()
|
|
||||||
module_list = []
|
|
||||||
for path in paths:
|
|
||||||
# os.system("ls -C %s" % (path))
|
|
||||||
if os.path.isdir(path):
|
|
||||||
for module in os.listdir(path):
|
|
||||||
if any(module.endswith(x) for x in BLACKLIST_EXTS):
|
|
||||||
continue
|
|
||||||
module_list.append(module)
|
|
||||||
|
|
||||||
pager(get_module_list_text(module_list))
|
|
||||||
sys.exit()
|
|
||||||
|
|
||||||
if len(args) == 0:
|
|
||||||
p.print_help()
|
|
||||||
|
|
||||||
def print_paths(finder):
|
|
||||||
''' Returns a string suitable for printing of the search path '''
|
|
||||||
|
|
||||||
# Uses a list to get the order right
|
|
||||||
ret = []
|
|
||||||
for i in finder._get_paths():
|
|
||||||
if i not in ret:
|
|
||||||
ret.append(i)
|
|
||||||
return os.pathsep.join(ret)
|
|
||||||
|
|
||||||
text = ''
|
|
||||||
for module in args:
|
|
||||||
|
|
||||||
filename = utils.plugins.module_finder.find_plugin(module)
|
|
||||||
if filename is None:
|
|
||||||
sys.stderr.write("module %s not found in %s\n" % (module,
|
|
||||||
print_paths(utils.plugins.module_finder)))
|
|
||||||
continue
|
|
||||||
|
|
||||||
if any(filename.endswith(x) for x in BLACKLIST_EXTS):
|
|
||||||
continue
|
|
||||||
|
|
||||||
try:
|
|
||||||
doc, plainexamples = module_docs.get_docstring(filename)
|
|
||||||
except:
|
|
||||||
traceback.print_exc()
|
|
||||||
sys.stderr.write("ERROR: module %s has a documentation error formatting or is missing documentation\n" % module)
|
|
||||||
continue
|
|
||||||
|
|
||||||
if doc is not None:
|
|
||||||
|
|
||||||
all_keys = []
|
|
||||||
for (k,v) in doc['options'].iteritems():
|
|
||||||
all_keys.append(k)
|
|
||||||
all_keys = sorted(all_keys)
|
|
||||||
doc['option_keys'] = all_keys
|
|
||||||
|
|
||||||
doc['filename'] = filename
|
|
||||||
doc['docuri'] = doc['module'].replace('_', '-')
|
|
||||||
doc['now_date'] = datetime.date.today().strftime('%Y-%m-%d')
|
|
||||||
doc['plainexamples'] = plainexamples
|
|
||||||
|
|
||||||
if options.show_snippet:
|
|
||||||
text += get_snippet_text(doc)
|
|
||||||
else:
|
|
||||||
text += get_man_text(doc)
|
|
||||||
else:
|
|
||||||
# this typically means we couldn't even parse the docstring, not just that the YAML is busted,
|
|
||||||
# probably a quoting issue.
|
|
||||||
sys.stderr.write("ERROR: module %s missing documentation (or could not parse documentation)\n" % module)
|
|
||||||
pager(text)
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
main()
|
|
@ -0,0 +1 @@
|
|||||||
|
ansible
|
@ -1,901 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
########################################################################
|
|
||||||
#
|
|
||||||
# (C) 2013, James Cammarata <jcammarata@ansible.com>
|
|
||||||
#
|
|
||||||
# This file is part of Ansible
|
|
||||||
#
|
|
||||||
# Ansible is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Ansible is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
#
|
|
||||||
########################################################################
|
|
||||||
|
|
||||||
import datetime
|
|
||||||
import json
|
|
||||||
import os
|
|
||||||
import os.path
|
|
||||||
import shutil
|
|
||||||
import subprocess
|
|
||||||
import sys
|
|
||||||
import tarfile
|
|
||||||
import tempfile
|
|
||||||
import urllib
|
|
||||||
import urllib2
|
|
||||||
import yaml
|
|
||||||
|
|
||||||
from collections import defaultdict
|
|
||||||
from distutils.version import LooseVersion
|
|
||||||
from jinja2 import Environment
|
|
||||||
from optparse import OptionParser
|
|
||||||
|
|
||||||
import ansible.constants as C
|
|
||||||
import ansible.utils
|
|
||||||
from ansible.errors import AnsibleError
|
|
||||||
|
|
||||||
default_meta_template = """---
|
|
||||||
galaxy_info:
|
|
||||||
author: {{ author }}
|
|
||||||
description: {{description}}
|
|
||||||
company: {{ company }}
|
|
||||||
# Some suggested licenses:
|
|
||||||
# - BSD (default)
|
|
||||||
# - MIT
|
|
||||||
# - GPLv2
|
|
||||||
# - GPLv3
|
|
||||||
# - Apache
|
|
||||||
# - CC-BY
|
|
||||||
license: {{ license }}
|
|
||||||
min_ansible_version: {{ min_ansible_version }}
|
|
||||||
#
|
|
||||||
# Below are all platforms currently available. Just uncomment
|
|
||||||
# the ones that apply to your role. If you don't see your
|
|
||||||
# platform on this list, let us know and we'll get it added!
|
|
||||||
#
|
|
||||||
#platforms:
|
|
||||||
{%- for platform,versions in platforms.iteritems() %}
|
|
||||||
#- name: {{ platform }}
|
|
||||||
# versions:
|
|
||||||
# - all
|
|
||||||
{%- for version in versions %}
|
|
||||||
# - {{ version }}
|
|
||||||
{%- endfor %}
|
|
||||||
{%- endfor %}
|
|
||||||
#
|
|
||||||
# Below are all categories currently available. Just as with
|
|
||||||
# the platforms above, uncomment those that apply to your role.
|
|
||||||
#
|
|
||||||
#categories:
|
|
||||||
{%- for category in categories %}
|
|
||||||
#- {{ category.name }}
|
|
||||||
{%- endfor %}
|
|
||||||
dependencies: []
|
|
||||||
# List your role dependencies here, one per line. Only
|
|
||||||
# dependencies available via galaxy should be listed here.
|
|
||||||
# Be sure to remove the '[]' above if you add dependencies
|
|
||||||
# to this list.
|
|
||||||
{% for dependency in dependencies %}
|
|
||||||
#- {{ dependency }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
"""
|
|
||||||
|
|
||||||
default_readme_template = """Role Name
|
|
||||||
=========
|
|
||||||
|
|
||||||
A brief description of the role goes here.
|
|
||||||
|
|
||||||
Requirements
|
|
||||||
------------
|
|
||||||
|
|
||||||
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
|
|
||||||
|
|
||||||
Role Variables
|
|
||||||
--------------
|
|
||||||
|
|
||||||
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
|
|
||||||
|
|
||||||
Dependencies
|
|
||||||
------------
|
|
||||||
|
|
||||||
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
|
|
||||||
|
|
||||||
Example Playbook
|
|
||||||
----------------
|
|
||||||
|
|
||||||
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
|
||||||
|
|
||||||
- hosts: servers
|
|
||||||
roles:
|
|
||||||
- { role: username.rolename, x: 42 }
|
|
||||||
|
|
||||||
License
|
|
||||||
-------
|
|
||||||
|
|
||||||
BSD
|
|
||||||
|
|
||||||
Author Information
|
|
||||||
------------------
|
|
||||||
|
|
||||||
An optional section for the role authors to include contact information, or a website (HTML is not allowed).
|
|
||||||
"""
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Utility functions for parsing actions/options
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
VALID_ACTIONS = ("init", "info", "install", "list", "remove")
|
|
||||||
|
|
||||||
def get_action(args):
|
|
||||||
"""
|
|
||||||
Get the action the user wants to execute from the
|
|
||||||
sys argv list.
|
|
||||||
"""
|
|
||||||
for i in range(0,len(args)):
|
|
||||||
arg = args[i]
|
|
||||||
if arg in VALID_ACTIONS:
|
|
||||||
del args[i]
|
|
||||||
return arg
|
|
||||||
return None
|
|
||||||
|
|
||||||
def build_option_parser(action):
|
|
||||||
"""
|
|
||||||
Builds an option parser object based on the action
|
|
||||||
the user wants to execute.
|
|
||||||
"""
|
|
||||||
|
|
||||||
usage = "usage: %%prog [%s] [--help] [options] ..." % "|".join(VALID_ACTIONS)
|
|
||||||
epilog = "\nSee '%s <command> --help' for more information on a specific command.\n\n" % os.path.basename(sys.argv[0])
|
|
||||||
OptionParser.format_epilog = lambda self, formatter: self.epilog
|
|
||||||
parser = OptionParser(usage=usage, epilog=epilog)
|
|
||||||
|
|
||||||
if not action:
|
|
||||||
parser.print_help()
|
|
||||||
sys.exit()
|
|
||||||
|
|
||||||
# options for all actions
|
|
||||||
# - none yet
|
|
||||||
|
|
||||||
# options specific to actions
|
|
||||||
if action == "info":
|
|
||||||
parser.set_usage("usage: %prog info [options] role_name[,version]")
|
|
||||||
elif action == "init":
|
|
||||||
parser.set_usage("usage: %prog init [options] role_name")
|
|
||||||
parser.add_option(
|
|
||||||
'-p', '--init-path', dest='init_path', default="./",
|
|
||||||
help='The path in which the skeleton role will be created. '
|
|
||||||
'The default is the current working directory.')
|
|
||||||
parser.add_option(
|
|
||||||
'--offline', dest='offline', default=False, action='store_true',
|
|
||||||
help="Don't query the galaxy API when creating roles")
|
|
||||||
elif action == "install":
|
|
||||||
parser.set_usage("usage: %prog install [options] [-r FILE | role_name(s)[,version] | scm+role_repo_url[,version] | tar_file(s)]")
|
|
||||||
parser.add_option(
|
|
||||||
'-i', '--ignore-errors', dest='ignore_errors', action='store_true', default=False,
|
|
||||||
help='Ignore errors and continue with the next specified role.')
|
|
||||||
parser.add_option(
|
|
||||||
'-n', '--no-deps', dest='no_deps', action='store_true', default=False,
|
|
||||||
help='Don\'t download roles listed as dependencies')
|
|
||||||
parser.add_option(
|
|
||||||
'-r', '--role-file', dest='role_file',
|
|
||||||
help='A file containing a list of roles to be imported')
|
|
||||||
elif action == "remove":
|
|
||||||
parser.set_usage("usage: %prog remove role1 role2 ...")
|
|
||||||
elif action == "list":
|
|
||||||
parser.set_usage("usage: %prog list [role_name]")
|
|
||||||
|
|
||||||
# options that apply to more than one action
|
|
||||||
if action != "init":
|
|
||||||
parser.add_option(
|
|
||||||
'-p', '--roles-path', dest='roles_path', default=C.DEFAULT_ROLES_PATH,
|
|
||||||
help='The path to the directory containing your roles. '
|
|
||||||
'The default is the roles_path configured in your '
|
|
||||||
'ansible.cfg file (/etc/ansible/roles if not configured)')
|
|
||||||
|
|
||||||
if action in ("info","init","install"):
|
|
||||||
parser.add_option(
|
|
||||||
'-s', '--server', dest='api_server', default="galaxy.ansible.com",
|
|
||||||
help='The API server destination')
|
|
||||||
|
|
||||||
if action in ("init","install"):
|
|
||||||
parser.add_option(
|
|
||||||
'-f', '--force', dest='force', action='store_true', default=False,
|
|
||||||
help='Force overwriting an existing role')
|
|
||||||
# done, return the parser
|
|
||||||
return parser
|
|
||||||
|
|
||||||
def get_opt(options, k, defval=""):
|
|
||||||
"""
|
|
||||||
Returns an option from an Optparse values instance.
|
|
||||||
"""
|
|
||||||
try:
|
|
||||||
data = getattr(options, k)
|
|
||||||
except:
|
|
||||||
return defval
|
|
||||||
if k == "roles_path":
|
|
||||||
if os.pathsep in data:
|
|
||||||
data = data.split(os.pathsep)[0]
|
|
||||||
return data
|
|
||||||
|
|
||||||
def exit_without_ignore(options, rc=1):
|
|
||||||
"""
|
|
||||||
Exits with the specified return code unless the
|
|
||||||
option --ignore-errors was specified
|
|
||||||
"""
|
|
||||||
|
|
||||||
if not get_opt(options, "ignore_errors", False):
|
|
||||||
print '- you can use --ignore-errors to skip failed roles.'
|
|
||||||
sys.exit(rc)
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Galaxy API functions
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def api_get_config(api_server):
|
|
||||||
"""
|
|
||||||
Fetches the Galaxy API current version to ensure
|
|
||||||
the API server is up and reachable.
|
|
||||||
"""
|
|
||||||
|
|
||||||
try:
|
|
||||||
url = 'https://%s/api/' % api_server
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
if not data.get("current_version",None):
|
|
||||||
return None
|
|
||||||
else:
|
|
||||||
return data
|
|
||||||
except:
|
|
||||||
return None
|
|
||||||
|
|
||||||
def api_lookup_role_by_name(api_server, role_name):
|
|
||||||
"""
|
|
||||||
Uses the Galaxy API to do a lookup on the role owner/name.
|
|
||||||
"""
|
|
||||||
|
|
||||||
role_name = urllib.quote(role_name)
|
|
||||||
|
|
||||||
try:
|
|
||||||
parts = role_name.split(".")
|
|
||||||
user_name = ".".join(parts[0:-1])
|
|
||||||
role_name = parts[-1]
|
|
||||||
print "- downloading role '%s', owned by %s" % (role_name, user_name)
|
|
||||||
except:
|
|
||||||
parser.print_help()
|
|
||||||
print "- invalid role name (%s). Specify role as format: username.rolename" % role_name
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
url = 'https://%s/api/v1/roles/?owner__username=%s&name=%s' % (api_server,user_name,role_name)
|
|
||||||
try:
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
if len(data["results"]) == 0:
|
|
||||||
return None
|
|
||||||
else:
|
|
||||||
return data["results"][0]
|
|
||||||
except:
|
|
||||||
return None
|
|
||||||
|
|
||||||
def api_fetch_role_related(api_server, related, role_id):
|
|
||||||
"""
|
|
||||||
Uses the Galaxy API to fetch the list of related items for
|
|
||||||
the given role. The url comes from the 'related' field of
|
|
||||||
the role.
|
|
||||||
"""
|
|
||||||
|
|
||||||
try:
|
|
||||||
url = 'https://%s/api/v1/roles/%d/%s/?page_size=50' % (api_server, int(role_id), related)
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
results = data['results']
|
|
||||||
done = (data.get('next', None) == None)
|
|
||||||
while not done:
|
|
||||||
url = 'https://%s%s' % (api_server, data['next'])
|
|
||||||
print url
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
results += data['results']
|
|
||||||
done = (data.get('next', None) == None)
|
|
||||||
return results
|
|
||||||
except:
|
|
||||||
return None
|
|
||||||
|
|
||||||
def api_get_list(api_server, what):
|
|
||||||
"""
|
|
||||||
Uses the Galaxy API to fetch the list of items specified.
|
|
||||||
"""
|
|
||||||
|
|
||||||
try:
|
|
||||||
url = 'https://%s/api/v1/%s/?page_size' % (api_server, what)
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
if "results" in data:
|
|
||||||
results = data['results']
|
|
||||||
else:
|
|
||||||
results = data
|
|
||||||
done = True
|
|
||||||
if "next" in data:
|
|
||||||
done = (data.get('next', None) == None)
|
|
||||||
while not done:
|
|
||||||
url = 'https://%s%s' % (api_server, data['next'])
|
|
||||||
print url
|
|
||||||
data = json.load(urllib2.urlopen(url))
|
|
||||||
results += data['results']
|
|
||||||
done = (data.get('next', None) == None)
|
|
||||||
return results
|
|
||||||
except:
|
|
||||||
print "- failed to download the %s list" % what
|
|
||||||
return None
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# scm repo utility functions
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def scm_archive_role(scm, role_url, role_version, role_name):
|
|
||||||
if scm not in ['hg', 'git']:
|
|
||||||
print "- scm %s is not currently supported" % scm
|
|
||||||
return False
|
|
||||||
tempdir = tempfile.mkdtemp()
|
|
||||||
clone_cmd = [scm, 'clone', role_url, role_name]
|
|
||||||
with open('/dev/null', 'w') as devnull:
|
|
||||||
try:
|
|
||||||
print "- executing: %s" % " ".join(clone_cmd)
|
|
||||||
popen = subprocess.Popen(clone_cmd, cwd=tempdir, stdout=devnull, stderr=devnull)
|
|
||||||
except:
|
|
||||||
raise AnsibleError("error executing: %s" % " ".join(clone_cmd))
|
|
||||||
rc = popen.wait()
|
|
||||||
if rc != 0:
|
|
||||||
print "- command %s failed" % ' '.join(clone_cmd)
|
|
||||||
print " in directory %s" % tempdir
|
|
||||||
return False
|
|
||||||
|
|
||||||
temp_file = tempfile.NamedTemporaryFile(delete=False, suffix='.tar')
|
|
||||||
if scm == 'hg':
|
|
||||||
archive_cmd = ['hg', 'archive', '--prefix', "%s/" % role_name]
|
|
||||||
if role_version:
|
|
||||||
archive_cmd.extend(['-r', role_version])
|
|
||||||
archive_cmd.append(temp_file.name)
|
|
||||||
if scm == 'git':
|
|
||||||
archive_cmd = ['git', 'archive', '--prefix=%s/' % role_name, '--output=%s' % temp_file.name]
|
|
||||||
if role_version:
|
|
||||||
archive_cmd.append(role_version)
|
|
||||||
else:
|
|
||||||
archive_cmd.append('HEAD')
|
|
||||||
|
|
||||||
with open('/dev/null', 'w') as devnull:
|
|
||||||
print "- executing: %s" % " ".join(archive_cmd)
|
|
||||||
popen = subprocess.Popen(archive_cmd, cwd=os.path.join(tempdir, role_name),
|
|
||||||
stderr=devnull, stdout=devnull)
|
|
||||||
rc = popen.wait()
|
|
||||||
if rc != 0:
|
|
||||||
print "- command %s failed" % ' '.join(archive_cmd)
|
|
||||||
print " in directory %s" % tempdir
|
|
||||||
return False
|
|
||||||
|
|
||||||
shutil.rmtree(tempdir)
|
|
||||||
|
|
||||||
return temp_file.name
|
|
||||||
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Role utility functions
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def get_role_path(role_name, options):
|
|
||||||
"""
|
|
||||||
Returns the role path based on the roles_path option
|
|
||||||
and the role name.
|
|
||||||
"""
|
|
||||||
roles_path = get_opt(options,'roles_path')
|
|
||||||
roles_path = os.path.join(roles_path, role_name)
|
|
||||||
roles_path = os.path.expanduser(roles_path)
|
|
||||||
return roles_path
|
|
||||||
|
|
||||||
def get_role_metadata(role_name, options):
|
|
||||||
"""
|
|
||||||
Returns the metadata as YAML, if the file 'meta/main.yml'
|
|
||||||
exists in the specified role_path
|
|
||||||
"""
|
|
||||||
role_path = os.path.join(get_role_path(role_name, options), 'meta/main.yml')
|
|
||||||
try:
|
|
||||||
if os.path.isfile(role_path):
|
|
||||||
f = open(role_path, 'r')
|
|
||||||
meta_data = yaml.safe_load(f)
|
|
||||||
f.close()
|
|
||||||
return meta_data
|
|
||||||
else:
|
|
||||||
return None
|
|
||||||
except:
|
|
||||||
return None
|
|
||||||
|
|
||||||
def get_galaxy_install_info(role_name, options):
|
|
||||||
"""
|
|
||||||
Returns the YAML data contained in 'meta/.galaxy_install_info',
|
|
||||||
if it exists.
|
|
||||||
"""
|
|
||||||
|
|
||||||
try:
|
|
||||||
info_path = os.path.join(get_role_path(role_name, options), 'meta/.galaxy_install_info')
|
|
||||||
if os.path.isfile(info_path):
|
|
||||||
f = open(info_path, 'r')
|
|
||||||
info_data = yaml.safe_load(f)
|
|
||||||
f.close()
|
|
||||||
return info_data
|
|
||||||
else:
|
|
||||||
return None
|
|
||||||
except:
|
|
||||||
return None
|
|
||||||
|
|
||||||
def write_galaxy_install_info(role_name, role_version, options):
|
|
||||||
"""
|
|
||||||
Writes a YAML-formatted file to the role's meta/ directory
|
|
||||||
(named .galaxy_install_info) which contains some information
|
|
||||||
we can use later for commands like 'list' and 'info'.
|
|
||||||
"""
|
|
||||||
|
|
||||||
info = dict(
|
|
||||||
version = role_version,
|
|
||||||
install_date = datetime.datetime.utcnow().strftime("%c"),
|
|
||||||
)
|
|
||||||
try:
|
|
||||||
info_path = os.path.join(get_role_path(role_name, options), 'meta/.galaxy_install_info')
|
|
||||||
f = open(info_path, 'w+')
|
|
||||||
info_data = yaml.safe_dump(info, f)
|
|
||||||
f.close()
|
|
||||||
except:
|
|
||||||
return False
|
|
||||||
return True
|
|
||||||
|
|
||||||
|
|
||||||
def remove_role(role_name, options):
|
|
||||||
"""
|
|
||||||
Removes the specified role from the roles path. There is a
|
|
||||||
sanity check to make sure there's a meta/main.yml file at this
|
|
||||||
path so the user doesn't blow away random directories
|
|
||||||
"""
|
|
||||||
if get_role_metadata(role_name, options):
|
|
||||||
role_path = get_role_path(role_name, options)
|
|
||||||
shutil.rmtree(role_path)
|
|
||||||
return True
|
|
||||||
else:
|
|
||||||
return False
|
|
||||||
|
|
||||||
def fetch_role(role_name, target, role_data, options):
|
|
||||||
"""
|
|
||||||
Downloads the archived role from github to a temp location, extracts
|
|
||||||
it, and then copies the extracted role to the role library path.
|
|
||||||
"""
|
|
||||||
|
|
||||||
# first grab the file and save it to a temp location
|
|
||||||
if '://' in role_name:
|
|
||||||
archive_url = role_name
|
|
||||||
else:
|
|
||||||
archive_url = 'https://github.com/%s/%s/archive/%s.tar.gz' % (role_data["github_user"], role_data["github_repo"], target)
|
|
||||||
print "- downloading role from %s" % archive_url
|
|
||||||
|
|
||||||
try:
|
|
||||||
url_file = urllib2.urlopen(archive_url)
|
|
||||||
temp_file = tempfile.NamedTemporaryFile(delete=False)
|
|
||||||
data = url_file.read()
|
|
||||||
while data:
|
|
||||||
temp_file.write(data)
|
|
||||||
data = url_file.read()
|
|
||||||
temp_file.close()
|
|
||||||
return temp_file.name
|
|
||||||
except Exception, e:
|
|
||||||
# TODO: better urllib2 error handling for error
|
|
||||||
# messages that are more exact
|
|
||||||
print "- error: failed to download the file."
|
|
||||||
return False
|
|
||||||
|
|
||||||
def install_role(role_name, role_version, role_filename, options):
|
|
||||||
# the file is a tar, so open it that way and extract it
|
|
||||||
# to the specified (or default) roles directory
|
|
||||||
|
|
||||||
if not tarfile.is_tarfile(role_filename):
|
|
||||||
print "- error: the file downloaded was not a tar.gz"
|
|
||||||
return False
|
|
||||||
else:
|
|
||||||
if role_filename.endswith('.gz'):
|
|
||||||
role_tar_file = tarfile.open(role_filename, "r:gz")
|
|
||||||
else:
|
|
||||||
role_tar_file = tarfile.open(role_filename, "r")
|
|
||||||
# verify the role's meta file
|
|
||||||
meta_file = None
|
|
||||||
members = role_tar_file.getmembers()
|
|
||||||
# next find the metadata file
|
|
||||||
for member in members:
|
|
||||||
if "/meta/main.yml" in member.name:
|
|
||||||
meta_file = member
|
|
||||||
break
|
|
||||||
if not meta_file:
|
|
||||||
print "- error: this role does not appear to have a meta/main.yml file."
|
|
||||||
return False
|
|
||||||
else:
|
|
||||||
try:
|
|
||||||
meta_file_data = yaml.safe_load(role_tar_file.extractfile(meta_file))
|
|
||||||
except:
|
|
||||||
print "- error: this role does not appear to have a valid meta/main.yml file."
|
|
||||||
return False
|
|
||||||
|
|
||||||
# we strip off the top-level directory for all of the files contained within
|
|
||||||
# the tar file here, since the default is 'github_repo-target', and change it
|
|
||||||
# to the specified role's name
|
|
||||||
role_path = os.path.join(get_opt(options, 'roles_path'), role_name)
|
|
||||||
role_path = os.path.expanduser(role_path)
|
|
||||||
print "- extracting %s to %s" % (role_name, role_path)
|
|
||||||
try:
|
|
||||||
if os.path.exists(role_path):
|
|
||||||
if not os.path.isdir(role_path):
|
|
||||||
print "- error: the specified roles path exists and is not a directory."
|
|
||||||
return False
|
|
||||||
elif not get_opt(options, "force", False):
|
|
||||||
print "- error: the specified role %s appears to already exist. Use --force to replace it." % role_name
|
|
||||||
return False
|
|
||||||
else:
|
|
||||||
# using --force, remove the old path
|
|
||||||
if not remove_role(role_name, options):
|
|
||||||
print "- error: %s doesn't appear to contain a role." % role_path
|
|
||||||
print " please remove this directory manually if you really want to put the role here."
|
|
||||||
return False
|
|
||||||
else:
|
|
||||||
os.makedirs(role_path)
|
|
||||||
|
|
||||||
# now we do the actual extraction to the role_path
|
|
||||||
for member in members:
|
|
||||||
# we only extract files, and remove any relative path
|
|
||||||
# bits that might be in the file for security purposes
|
|
||||||
# and drop the leading directory, as mentioned above
|
|
||||||
if member.isreg():
|
|
||||||
parts = member.name.split("/")[1:]
|
|
||||||
final_parts = []
|
|
||||||
for part in parts:
|
|
||||||
if part != '..' and '~' not in part and '$' not in part:
|
|
||||||
final_parts.append(part)
|
|
||||||
member.name = os.path.join(*final_parts)
|
|
||||||
role_tar_file.extract(member, role_path)
|
|
||||||
|
|
||||||
# write out the install info file for later use
|
|
||||||
write_galaxy_install_info(role_name, role_version, options)
|
|
||||||
except OSError, e:
|
|
||||||
print "- error: you do not have permission to modify files in %s" % role_path
|
|
||||||
return False
|
|
||||||
|
|
||||||
# return the parsed yaml metadata
|
|
||||||
print "- %s was installed successfully" % role_name
|
|
||||||
return meta_file_data
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Action functions
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def execute_init(args, options, parser):
|
|
||||||
"""
|
|
||||||
Executes the init action, which creates the skeleton framework
|
|
||||||
of a role that complies with the galaxy metadata format.
|
|
||||||
"""
|
|
||||||
|
|
||||||
init_path = get_opt(options, 'init_path', './')
|
|
||||||
api_server = get_opt(options, "api_server", "galaxy.ansible.com")
|
|
||||||
force = get_opt(options, 'force', False)
|
|
||||||
offline = get_opt(options, 'offline', False)
|
|
||||||
|
|
||||||
if not offline:
|
|
||||||
api_config = api_get_config(api_server)
|
|
||||||
if not api_config:
|
|
||||||
print "- the API server (%s) is not responding, please try again later." % api_server
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
try:
|
|
||||||
role_name = args.pop(0).strip()
|
|
||||||
if role_name == "":
|
|
||||||
raise Exception("")
|
|
||||||
role_path = os.path.join(init_path, role_name)
|
|
||||||
if os.path.exists(role_path):
|
|
||||||
if os.path.isfile(role_path):
|
|
||||||
print "- the path %s already exists, but is a file - aborting" % role_path
|
|
||||||
sys.exit(1)
|
|
||||||
elif not force:
|
|
||||||
print "- the directory %s already exists." % role_path
|
|
||||||
print " you can use --force to re-initialize this directory,\n" + \
|
|
||||||
" however it will reset any main.yml files that may have\n" + \
|
|
||||||
" been modified there already."
|
|
||||||
sys.exit(1)
|
|
||||||
except Exception, e:
|
|
||||||
parser.print_help()
|
|
||||||
print "- no role name specified for init"
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
ROLE_DIRS = ('defaults','files','handlers','meta','tasks','templates','vars')
|
|
||||||
|
|
||||||
# create the default README.md
|
|
||||||
if not os.path.exists(role_path):
|
|
||||||
os.makedirs(role_path)
|
|
||||||
readme_path = os.path.join(role_path, "README.md")
|
|
||||||
f = open(readme_path, "wb")
|
|
||||||
f.write(default_readme_template)
|
|
||||||
f.close
|
|
||||||
|
|
||||||
for dir in ROLE_DIRS:
|
|
||||||
dir_path = os.path.join(init_path, role_name, dir)
|
|
||||||
main_yml_path = os.path.join(dir_path, 'main.yml')
|
|
||||||
# create the directory if it doesn't exist already
|
|
||||||
if not os.path.exists(dir_path):
|
|
||||||
os.makedirs(dir_path)
|
|
||||||
|
|
||||||
# now create the main.yml file for that directory
|
|
||||||
if dir == "meta":
|
|
||||||
# create a skeleton meta/main.yml with a valid galaxy_info
|
|
||||||
# datastructure in place, plus with all of the available
|
|
||||||
# tags/platforms included (but commented out) and the
|
|
||||||
# dependencies section
|
|
||||||
platforms = []
|
|
||||||
if not offline:
|
|
||||||
platforms = api_get_list(api_server, "platforms") or []
|
|
||||||
categories = []
|
|
||||||
if not offline:
|
|
||||||
categories = api_get_list(api_server, "categories") or []
|
|
||||||
|
|
||||||
# group the list of platforms from the api based
|
|
||||||
# on their names, with the release field being
|
|
||||||
# appended to a list of versions
|
|
||||||
platform_groups = defaultdict(list)
|
|
||||||
for platform in platforms:
|
|
||||||
platform_groups[platform['name']].append(platform['release'])
|
|
||||||
platform_groups[platform['name']].sort()
|
|
||||||
|
|
||||||
inject = dict(
|
|
||||||
author = 'your name',
|
|
||||||
company = 'your company (optional)',
|
|
||||||
license = 'license (GPLv2, CC-BY, etc)',
|
|
||||||
min_ansible_version = '1.2',
|
|
||||||
platforms = platform_groups,
|
|
||||||
categories = categories,
|
|
||||||
)
|
|
||||||
rendered_meta = Environment().from_string(default_meta_template).render(inject)
|
|
||||||
f = open(main_yml_path, 'w')
|
|
||||||
f.write(rendered_meta)
|
|
||||||
f.close()
|
|
||||||
pass
|
|
||||||
elif dir not in ('files','templates'):
|
|
||||||
# just write a (mostly) empty YAML file for main.yml
|
|
||||||
f = open(main_yml_path, 'w')
|
|
||||||
f.write('---\n# %s file for %s\n' % (dir,role_name))
|
|
||||||
f.close()
|
|
||||||
print "- %s was created successfully" % role_name
|
|
||||||
|
|
||||||
def execute_info(args, options, parser):
|
|
||||||
"""
|
|
||||||
Executes the info action. This action prints out detailed
|
|
||||||
information about an installed role as well as info available
|
|
||||||
from the galaxy API.
|
|
||||||
"""
|
|
||||||
|
|
||||||
pass
|
|
||||||
|
|
||||||
def execute_install(args, options, parser):
|
|
||||||
"""
|
|
||||||
Executes the installation action. The args list contains the
|
|
||||||
roles to be installed, unless -f was specified. The list of roles
|
|
||||||
can be a name (which will be downloaded via the galaxy API and github),
|
|
||||||
or it can be a local .tar.gz file.
|
|
||||||
"""
|
|
||||||
|
|
||||||
role_file = get_opt(options, "role_file", None)
|
|
||||||
api_server = get_opt(options, "api_server", "galaxy.ansible.com")
|
|
||||||
no_deps = get_opt(options, "no_deps", False)
|
|
||||||
roles_path = get_opt(options, "roles_path")
|
|
||||||
|
|
||||||
if len(args) == 0 and not role_file:
|
|
||||||
# the user needs to specify one of either --role-file
|
|
||||||
# or specify a single user/role name
|
|
||||||
parser.print_help()
|
|
||||||
print "- you must specify a user/role name or a roles file"
|
|
||||||
sys.exit()
|
|
||||||
elif len(args) == 1 and role_file:
|
|
||||||
# using a role file is mutually exclusive of specifying
|
|
||||||
# the role name on the command line
|
|
||||||
parser.print_help()
|
|
||||||
print "- please specify a user/role name, or a roles file, but not both"
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
roles_done = []
|
|
||||||
if role_file:
|
|
||||||
f = open(role_file, 'r')
|
|
||||||
if role_file.endswith('.yaml') or role_file.endswith('.yml'):
|
|
||||||
roles_left = map(ansible.utils.role_yaml_parse, yaml.safe_load(f))
|
|
||||||
else:
|
|
||||||
# roles listed in a file, one per line
|
|
||||||
roles_left = map(ansible.utils.role_spec_parse, f.readlines())
|
|
||||||
f.close()
|
|
||||||
else:
|
|
||||||
# roles were specified directly, so we'll just go out grab them
|
|
||||||
# (and their dependencies, unless the user doesn't want us to).
|
|
||||||
roles_left = map(ansible.utils.role_spec_parse, args)
|
|
||||||
|
|
||||||
while len(roles_left) > 0:
|
|
||||||
# query the galaxy API for the role data
|
|
||||||
role_data = None
|
|
||||||
role = roles_left.pop(0)
|
|
||||||
role_src = role.get("src")
|
|
||||||
role_scm = role.get("scm")
|
|
||||||
role_path = role.get("path")
|
|
||||||
|
|
||||||
if role_path:
|
|
||||||
options.roles_path = role_path
|
|
||||||
else:
|
|
||||||
options.roles_path = roles_path
|
|
||||||
|
|
||||||
if os.path.isfile(role_src):
|
|
||||||
# installing a local tar.gz
|
|
||||||
tmp_file = role_src
|
|
||||||
else:
|
|
||||||
if role_scm:
|
|
||||||
# create tar file from scm url
|
|
||||||
tmp_file = scm_archive_role(role_scm, role_src, role.get("version"), role.get("name"))
|
|
||||||
elif '://' in role_src:
|
|
||||||
# just download a URL - version will probably be in the URL
|
|
||||||
tmp_file = fetch_role(role_src, None, None, options)
|
|
||||||
else:
|
|
||||||
# installing from galaxy
|
|
||||||
api_config = api_get_config(api_server)
|
|
||||||
if not api_config:
|
|
||||||
print "- the API server (%s) is not responding, please try again later." % api_server
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
role_data = api_lookup_role_by_name(api_server, role_src)
|
|
||||||
if not role_data:
|
|
||||||
print "- sorry, %s was not found on %s." % (role_src, api_server)
|
|
||||||
exit_without_ignore(options)
|
|
||||||
continue
|
|
||||||
|
|
||||||
role_versions = api_fetch_role_related(api_server, 'versions', role_data['id'])
|
|
||||||
if "version" not in role or role['version'] == '':
|
|
||||||
# convert the version names to LooseVersion objects
|
|
||||||
# and sort them to get the latest version. If there
|
|
||||||
# are no versions in the list, we'll grab the head
|
|
||||||
# of the master branch
|
|
||||||
if len(role_versions) > 0:
|
|
||||||
loose_versions = [LooseVersion(a.get('name',None)) for a in role_versions]
|
|
||||||
loose_versions.sort()
|
|
||||||
role["version"] = str(loose_versions[-1])
|
|
||||||
else:
|
|
||||||
role["version"] = 'master'
|
|
||||||
elif role['version'] != 'master':
|
|
||||||
if role_versions and role["version"] not in [a.get('name', None) for a in role_versions]:
|
|
||||||
print 'role is %s' % role
|
|
||||||
print "- the specified version (%s) was not found in the list of available versions (%s)." % (role['version'], role_versions)
|
|
||||||
exit_without_ignore(options)
|
|
||||||
continue
|
|
||||||
|
|
||||||
# download the role. if --no-deps was specified, we stop here,
|
|
||||||
# otherwise we recursively grab roles and all of their deps.
|
|
||||||
tmp_file = fetch_role(role_src, role["version"], role_data, options)
|
|
||||||
installed = False
|
|
||||||
if tmp_file:
|
|
||||||
installed = install_role(role.get("name"), role.get("version"), tmp_file, options)
|
|
||||||
# we're done with the temp file, clean it up
|
|
||||||
if tmp_file != role_src:
|
|
||||||
os.unlink(tmp_file)
|
|
||||||
# install dependencies, if we want them
|
|
||||||
if not no_deps and installed:
|
|
||||||
if not role_data:
|
|
||||||
role_data = get_role_metadata(role.get("name"), options)
|
|
||||||
role_dependencies = role_data['dependencies']
|
|
||||||
else:
|
|
||||||
role_dependencies = role_data['summary_fields']['dependencies'] # api_fetch_role_related(api_server, 'dependencies', role_data['id'])
|
|
||||||
for dep in role_dependencies:
|
|
||||||
if isinstance(dep, basestring):
|
|
||||||
dep = ansible.utils.role_spec_parse(dep)
|
|
||||||
else:
|
|
||||||
dep = ansible.utils.role_yaml_parse(dep)
|
|
||||||
if not get_role_metadata(dep["name"], options):
|
|
||||||
if dep not in roles_left:
|
|
||||||
print '- adding dependency: %s' % dep["name"]
|
|
||||||
roles_left.append(dep)
|
|
||||||
else:
|
|
||||||
print '- dependency %s already pending installation.' % dep["name"]
|
|
||||||
else:
|
|
||||||
print '- dependency %s is already installed, skipping.' % dep["name"]
|
|
||||||
if not tmp_file or not installed:
|
|
||||||
print "- %s was NOT installed successfully." % role.get("name")
|
|
||||||
exit_without_ignore(options)
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
def execute_remove(args, options, parser):
|
|
||||||
"""
|
|
||||||
Executes the remove action. The args list contains the list
|
|
||||||
of roles to be removed. This list can contain more than one role.
|
|
||||||
"""
|
|
||||||
|
|
||||||
if len(args) == 0:
|
|
||||||
parser.print_help()
|
|
||||||
print '- you must specify at least one role to remove.'
|
|
||||||
sys.exit()
|
|
||||||
|
|
||||||
for role in args:
|
|
||||||
if get_role_metadata(role, options):
|
|
||||||
if remove_role(role, options):
|
|
||||||
print '- successfully removed %s' % role
|
|
||||||
else:
|
|
||||||
print "- failed to remove role: %s" % role
|
|
||||||
else:
|
|
||||||
print '- %s is not installed, skipping.' % role
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
def execute_list(args, options, parser):
|
|
||||||
"""
|
|
||||||
Executes the list action. The args list can contain zero
|
|
||||||
or one role. If one is specified, only that role will be
|
|
||||||
shown, otherwise all roles in the specified directory will
|
|
||||||
be shown.
|
|
||||||
"""
|
|
||||||
|
|
||||||
if len(args) > 1:
|
|
||||||
print "- please specify only one role to list, or specify no roles to see a full list"
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
if len(args) == 1:
|
|
||||||
# show only the request role, if it exists
|
|
||||||
role_name = args[0]
|
|
||||||
metadata = get_role_metadata(role_name, options)
|
|
||||||
if metadata:
|
|
||||||
install_info = get_galaxy_install_info(role_name, options)
|
|
||||||
version = None
|
|
||||||
if install_info:
|
|
||||||
version = install_info.get("version", None)
|
|
||||||
if not version:
|
|
||||||
version = "(unknown version)"
|
|
||||||
# show some more info about single roles here
|
|
||||||
print "- %s, %s" % (role_name, version)
|
|
||||||
else:
|
|
||||||
print "- the role %s was not found" % role_name
|
|
||||||
else:
|
|
||||||
# show all valid roles in the roles_path directory
|
|
||||||
roles_path = get_opt(options, 'roles_path')
|
|
||||||
roles_path = os.path.expanduser(roles_path)
|
|
||||||
if not os.path.exists(roles_path):
|
|
||||||
parser.print_help()
|
|
||||||
print "- the path %s does not exist. Please specify a valid path with --roles-path" % roles_path
|
|
||||||
sys.exit(1)
|
|
||||||
elif not os.path.isdir(roles_path):
|
|
||||||
print "- %s exists, but it is not a directory. Please specify a valid path with --roles-path" % roles_path
|
|
||||||
parser.print_help()
|
|
||||||
sys.exit(1)
|
|
||||||
path_files = os.listdir(roles_path)
|
|
||||||
for path_file in path_files:
|
|
||||||
if get_role_metadata(path_file, options):
|
|
||||||
install_info = get_galaxy_install_info(path_file, options)
|
|
||||||
version = None
|
|
||||||
if install_info:
|
|
||||||
version = install_info.get("version", None)
|
|
||||||
if not version:
|
|
||||||
version = "(unknown version)"
|
|
||||||
print "- %s, %s" % (path_file, version)
|
|
||||||
sys.exit(0)
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# The main entry point
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def main():
|
|
||||||
# parse the CLI options
|
|
||||||
action = get_action(sys.argv)
|
|
||||||
parser = build_option_parser(action)
|
|
||||||
(options, args) = parser.parse_args()
|
|
||||||
|
|
||||||
# execute the desired action
|
|
||||||
if 1: #try:
|
|
||||||
fn = globals()["execute_%s" % action]
|
|
||||||
fn(args, options, parser)
|
|
||||||
#except KeyError, e:
|
|
||||||
# print "- error: %s is not a valid action. Valid actions are: %s" % (action, ", ".join(VALID_ACTIONS))
|
|
||||||
# sys.exit(1)
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
main()
|
|
@ -0,0 +1 @@
|
|||||||
|
ansible
|
@ -1,330 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
# (C) 2012, Michael DeHaan, <michael.dehaan@gmail.com>
|
|
||||||
|
|
||||||
# This file is part of Ansible
|
|
||||||
#
|
|
||||||
# Ansible is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Ansible is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
|
|
||||||
#######################################################
|
|
||||||
|
|
||||||
#__requires__ = ['ansible']
|
|
||||||
#import pkg_resources
|
|
||||||
|
|
||||||
import sys
|
|
||||||
import os
|
|
||||||
import stat
|
|
||||||
|
|
||||||
# Augment PYTHONPATH to find Python modules relative to this file path
|
|
||||||
# This is so that we can find the modules when running from a local checkout
|
|
||||||
# installed as editable with `pip install -e ...` or `python setup.py develop`
|
|
||||||
local_module_path = os.path.abspath(
|
|
||||||
os.path.join(os.path.dirname(__file__), '..', 'lib')
|
|
||||||
)
|
|
||||||
sys.path.append(local_module_path)
|
|
||||||
|
|
||||||
import ansible.playbook
|
|
||||||
import ansible.constants as C
|
|
||||||
import ansible.utils.template
|
|
||||||
from ansible import errors
|
|
||||||
from ansible import callbacks
|
|
||||||
from ansible import utils
|
|
||||||
from ansible.color import ANSIBLE_COLOR, stringc
|
|
||||||
from ansible.callbacks import display
|
|
||||||
|
|
||||||
def colorize(lead, num, color):
|
|
||||||
""" Print 'lead' = 'num' in 'color' """
|
|
||||||
if num != 0 and ANSIBLE_COLOR and color is not None:
|
|
||||||
return "%s%s%-15s" % (stringc(lead, color), stringc("=", color), stringc(str(num), color))
|
|
||||||
else:
|
|
||||||
return "%s=%-4s" % (lead, str(num))
|
|
||||||
|
|
||||||
def hostcolor(host, stats, color=True):
|
|
||||||
if ANSIBLE_COLOR and color:
|
|
||||||
if stats['failures'] != 0 or stats['unreachable'] != 0:
|
|
||||||
return "%-37s" % stringc(host, 'red')
|
|
||||||
elif stats['changed'] != 0:
|
|
||||||
return "%-37s" % stringc(host, 'yellow')
|
|
||||||
else:
|
|
||||||
return "%-37s" % stringc(host, 'green')
|
|
||||||
return "%-26s" % host
|
|
||||||
|
|
||||||
|
|
||||||
def main(args):
|
|
||||||
''' run ansible-playbook operations '''
|
|
||||||
|
|
||||||
# create parser for CLI options
|
|
||||||
parser = utils.base_parser(
|
|
||||||
constants=C,
|
|
||||||
usage = "%prog playbook.yml",
|
|
||||||
connect_opts=True,
|
|
||||||
runas_opts=True,
|
|
||||||
subset_opts=True,
|
|
||||||
check_opts=True,
|
|
||||||
diff_opts=True
|
|
||||||
)
|
|
||||||
#parser.add_option('--vault-password', dest="vault_password",
|
|
||||||
# help="password for vault encrypted files")
|
|
||||||
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
|
|
||||||
help="set additional variables as key=value or YAML/JSON", default=[])
|
|
||||||
parser.add_option('-t', '--tags', dest='tags', default='all',
|
|
||||||
help="only run plays and tasks tagged with these values")
|
|
||||||
parser.add_option('--skip-tags', dest='skip_tags',
|
|
||||||
help="only run plays and tasks whose tags do not match these values")
|
|
||||||
parser.add_option('--syntax-check', dest='syntax', action='store_true',
|
|
||||||
help="perform a syntax check on the playbook, but do not execute it")
|
|
||||||
parser.add_option('--list-tasks', dest='listtasks', action='store_true',
|
|
||||||
help="list all tasks that would be executed")
|
|
||||||
parser.add_option('--step', dest='step', action='store_true',
|
|
||||||
help="one-step-at-a-time: confirm each task before running")
|
|
||||||
parser.add_option('--start-at-task', dest='start_at',
|
|
||||||
help="start the playbook at the task matching this name")
|
|
||||||
parser.add_option('--force-handlers', dest='force_handlers', action='store_true',
|
|
||||||
help="run handlers even if a task fails")
|
|
||||||
parser.add_option('--flush-cache', dest='flush_cache', action='store_true',
|
|
||||||
help="clear the fact cache")
|
|
||||||
|
|
||||||
options, args = parser.parse_args(args)
|
|
||||||
|
|
||||||
if len(args) == 0:
|
|
||||||
parser.print_help(file=sys.stderr)
|
|
||||||
return 1
|
|
||||||
|
|
||||||
# su and sudo command line arguments need to be mutually exclusive
|
|
||||||
if (options.su or options.su_user or options.ask_su_pass) and \
|
|
||||||
(options.sudo or options.sudo_user or options.ask_sudo_pass):
|
|
||||||
parser.error("Sudo arguments ('--sudo', '--sudo-user', and '--ask-sudo-pass') "
|
|
||||||
"and su arguments ('-su', '--su-user', and '--ask-su-pass') are "
|
|
||||||
"mutually exclusive")
|
|
||||||
|
|
||||||
if (options.ask_vault_pass and options.vault_password_file):
|
|
||||||
parser.error("--ask-vault-pass and --vault-password-file are mutually exclusive")
|
|
||||||
|
|
||||||
sshpass = None
|
|
||||||
sudopass = None
|
|
||||||
su_pass = None
|
|
||||||
vault_pass = None
|
|
||||||
|
|
||||||
options.ask_vault_pass = options.ask_vault_pass or C.DEFAULT_ASK_VAULT_PASS
|
|
||||||
|
|
||||||
if options.listhosts or options.syntax or options.listtasks:
|
|
||||||
(_, _, _, vault_pass) = utils.ask_passwords(ask_vault_pass=options.ask_vault_pass)
|
|
||||||
else:
|
|
||||||
options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS
|
|
||||||
# Never ask for an SSH password when we run with local connection
|
|
||||||
if options.connection == "local":
|
|
||||||
options.ask_pass = False
|
|
||||||
options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS
|
|
||||||
options.ask_su_pass = options.ask_su_pass or C.DEFAULT_ASK_SU_PASS
|
|
||||||
(sshpass, sudopass, su_pass, vault_pass) = utils.ask_passwords(ask_pass=options.ask_pass, ask_sudo_pass=options.ask_sudo_pass, ask_su_pass=options.ask_su_pass, ask_vault_pass=options.ask_vault_pass)
|
|
||||||
options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER
|
|
||||||
options.su_user = options.su_user or C.DEFAULT_SU_USER
|
|
||||||
|
|
||||||
# read vault_pass from a file
|
|
||||||
if not options.ask_vault_pass and options.vault_password_file:
|
|
||||||
vault_pass = utils.read_vault_file(options.vault_password_file)
|
|
||||||
|
|
||||||
extra_vars = {}
|
|
||||||
for extra_vars_opt in options.extra_vars:
|
|
||||||
if extra_vars_opt.startswith("@"):
|
|
||||||
# Argument is a YAML file (JSON is a subset of YAML)
|
|
||||||
extra_vars = utils.combine_vars(extra_vars, utils.parse_yaml_from_file(extra_vars_opt[1:], vault_password=vault_pass))
|
|
||||||
elif extra_vars_opt and extra_vars_opt[0] in '[{':
|
|
||||||
# Arguments as YAML
|
|
||||||
extra_vars = utils.combine_vars(extra_vars, utils.parse_yaml(extra_vars_opt))
|
|
||||||
else:
|
|
||||||
# Arguments as Key-value
|
|
||||||
extra_vars = utils.combine_vars(extra_vars, utils.parse_kv(extra_vars_opt))
|
|
||||||
|
|
||||||
only_tags = options.tags.split(",")
|
|
||||||
skip_tags = options.skip_tags
|
|
||||||
if options.skip_tags is not None:
|
|
||||||
skip_tags = options.skip_tags.split(",")
|
|
||||||
|
|
||||||
for playbook in args:
|
|
||||||
if not os.path.exists(playbook):
|
|
||||||
raise errors.AnsibleError("the playbook: %s could not be found" % playbook)
|
|
||||||
if not (os.path.isfile(playbook) or stat.S_ISFIFO(os.stat(playbook).st_mode)):
|
|
||||||
raise errors.AnsibleError("the playbook: %s does not appear to be a file" % playbook)
|
|
||||||
|
|
||||||
inventory = ansible.inventory.Inventory(options.inventory, vault_password=vault_pass)
|
|
||||||
inventory.subset(options.subset)
|
|
||||||
if len(inventory.list_hosts()) == 0:
|
|
||||||
raise errors.AnsibleError("provided hosts list is empty")
|
|
||||||
|
|
||||||
# run all playbooks specified on the command line
|
|
||||||
for playbook in args:
|
|
||||||
|
|
||||||
stats = callbacks.AggregateStats()
|
|
||||||
playbook_cb = callbacks.PlaybookCallbacks(verbose=utils.VERBOSITY)
|
|
||||||
if options.step:
|
|
||||||
playbook_cb.step = options.step
|
|
||||||
if options.start_at:
|
|
||||||
playbook_cb.start_at = options.start_at
|
|
||||||
runner_cb = callbacks.PlaybookRunnerCallbacks(stats, verbose=utils.VERBOSITY)
|
|
||||||
|
|
||||||
pb = ansible.playbook.PlayBook(
|
|
||||||
playbook=playbook,
|
|
||||||
module_path=options.module_path,
|
|
||||||
inventory=inventory,
|
|
||||||
forks=options.forks,
|
|
||||||
remote_user=options.remote_user,
|
|
||||||
remote_pass=sshpass,
|
|
||||||
callbacks=playbook_cb,
|
|
||||||
runner_callbacks=runner_cb,
|
|
||||||
stats=stats,
|
|
||||||
timeout=options.timeout,
|
|
||||||
transport=options.connection,
|
|
||||||
sudo=options.sudo,
|
|
||||||
sudo_user=options.sudo_user,
|
|
||||||
sudo_pass=sudopass,
|
|
||||||
extra_vars=extra_vars,
|
|
||||||
private_key_file=options.private_key_file,
|
|
||||||
only_tags=only_tags,
|
|
||||||
skip_tags=skip_tags,
|
|
||||||
check=options.check,
|
|
||||||
diff=options.diff,
|
|
||||||
su=options.su,
|
|
||||||
su_pass=su_pass,
|
|
||||||
su_user=options.su_user,
|
|
||||||
vault_password=vault_pass,
|
|
||||||
force_handlers=options.force_handlers
|
|
||||||
)
|
|
||||||
|
|
||||||
if options.flush_cache:
|
|
||||||
display(callbacks.banner("FLUSHING FACT CACHE"))
|
|
||||||
pb.SETUP_CACHE.flush()
|
|
||||||
|
|
||||||
if options.listhosts or options.listtasks or options.syntax:
|
|
||||||
print ''
|
|
||||||
print 'playbook: %s' % playbook
|
|
||||||
print ''
|
|
||||||
playnum = 0
|
|
||||||
for (play_ds, play_basedir) in zip(pb.playbook, pb.play_basedirs):
|
|
||||||
playnum += 1
|
|
||||||
play = ansible.playbook.Play(pb, play_ds, play_basedir,
|
|
||||||
vault_password=pb.vault_password)
|
|
||||||
label = play.name
|
|
||||||
hosts = pb.inventory.list_hosts(play.hosts)
|
|
||||||
|
|
||||||
# Filter all tasks by given tags
|
|
||||||
if pb.only_tags != 'all':
|
|
||||||
if options.subset and not hosts:
|
|
||||||
continue
|
|
||||||
matched_tags, unmatched_tags = play.compare_tags(pb.only_tags)
|
|
||||||
|
|
||||||
# Remove skipped tasks
|
|
||||||
matched_tags = matched_tags - set(pb.skip_tags)
|
|
||||||
|
|
||||||
unmatched_tags.discard('all')
|
|
||||||
unknown_tags = ((set(pb.only_tags) | set(pb.skip_tags)) -
|
|
||||||
(matched_tags | unmatched_tags))
|
|
||||||
|
|
||||||
if unknown_tags:
|
|
||||||
continue
|
|
||||||
|
|
||||||
if options.listhosts:
|
|
||||||
print ' play #%d (%s): host count=%d' % (playnum, label, len(hosts))
|
|
||||||
for host in hosts:
|
|
||||||
print ' %s' % host
|
|
||||||
|
|
||||||
if options.listtasks:
|
|
||||||
print ' play #%d (%s):' % (playnum, label)
|
|
||||||
|
|
||||||
for task in play.tasks():
|
|
||||||
if (set(task.tags).intersection(pb.only_tags) and not
|
|
||||||
set(task.tags).intersection(pb.skip_tags)):
|
|
||||||
if getattr(task, 'name', None) is not None:
|
|
||||||
# meta tasks have no names
|
|
||||||
print ' %s' % task.name
|
|
||||||
if options.listhosts or options.listtasks:
|
|
||||||
print ''
|
|
||||||
continue
|
|
||||||
|
|
||||||
if options.syntax:
|
|
||||||
# if we've not exited by now then we are fine.
|
|
||||||
print 'Playbook Syntax is fine'
|
|
||||||
return 0
|
|
||||||
|
|
||||||
failed_hosts = []
|
|
||||||
unreachable_hosts = []
|
|
||||||
|
|
||||||
try:
|
|
||||||
|
|
||||||
pb.run()
|
|
||||||
|
|
||||||
hosts = sorted(pb.stats.processed.keys())
|
|
||||||
display(callbacks.banner("PLAY RECAP"))
|
|
||||||
playbook_cb.on_stats(pb.stats)
|
|
||||||
|
|
||||||
for h in hosts:
|
|
||||||
t = pb.stats.summarize(h)
|
|
||||||
if t['failures'] > 0:
|
|
||||||
failed_hosts.append(h)
|
|
||||||
if t['unreachable'] > 0:
|
|
||||||
unreachable_hosts.append(h)
|
|
||||||
|
|
||||||
retries = failed_hosts + unreachable_hosts
|
|
||||||
|
|
||||||
if len(retries) > 0:
|
|
||||||
filename = pb.generate_retry_inventory(retries)
|
|
||||||
if filename:
|
|
||||||
display(" to retry, use: --limit @%s\n" % filename)
|
|
||||||
|
|
||||||
for h in hosts:
|
|
||||||
t = pb.stats.summarize(h)
|
|
||||||
|
|
||||||
display("%s : %s %s %s %s" % (
|
|
||||||
hostcolor(h, t),
|
|
||||||
colorize('ok', t['ok'], 'green'),
|
|
||||||
colorize('changed', t['changed'], 'yellow'),
|
|
||||||
colorize('unreachable', t['unreachable'], 'red'),
|
|
||||||
colorize('failed', t['failures'], 'red')),
|
|
||||||
screen_only=True
|
|
||||||
)
|
|
||||||
|
|
||||||
display("%s : %s %s %s %s" % (
|
|
||||||
hostcolor(h, t, False),
|
|
||||||
colorize('ok', t['ok'], None),
|
|
||||||
colorize('changed', t['changed'], None),
|
|
||||||
colorize('unreachable', t['unreachable'], None),
|
|
||||||
colorize('failed', t['failures'], None)),
|
|
||||||
log_only=True
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
print ""
|
|
||||||
if len(failed_hosts) > 0:
|
|
||||||
return 2
|
|
||||||
if len(unreachable_hosts) > 0:
|
|
||||||
return 3
|
|
||||||
|
|
||||||
except errors.AnsibleError, e:
|
|
||||||
display("ERROR: %s" % e, color='red')
|
|
||||||
return 1
|
|
||||||
|
|
||||||
return 0
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
display(" ", log_only=True)
|
|
||||||
display(" ".join(sys.argv), log_only=True)
|
|
||||||
display(" ", log_only=True)
|
|
||||||
try:
|
|
||||||
sys.exit(main(sys.argv[1:]))
|
|
||||||
except errors.AnsibleError, e:
|
|
||||||
display("ERROR: %s" % e, color='red', stderr=True)
|
|
||||||
sys.exit(1)
|
|
||||||
except KeyboardInterrupt, ke:
|
|
||||||
display("ERROR: interrupted", color='red', stderr=True)
|
|
||||||
sys.exit(1)
|
|
@ -0,0 +1 @@
|
|||||||
|
ansible
|
@ -1,236 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
# (c) 2012, Stephen Fromm <sfromm@gmail.com>
|
|
||||||
#
|
|
||||||
# Ansible is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Ansible is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
#
|
|
||||||
# ansible-pull is a script that runs ansible in local mode
|
|
||||||
# after checking out a playbooks directory from source repo. There is an
|
|
||||||
# example playbook to bootstrap this script in the examples/ dir which
|
|
||||||
# installs ansible and sets it up to run on cron.
|
|
||||||
|
|
||||||
# usage:
|
|
||||||
# ansible-pull -d /var/lib/ansible \
|
|
||||||
# -U http://example.net/content.git [-C production] \
|
|
||||||
# [path/playbook.yml]
|
|
||||||
#
|
|
||||||
# the -d and -U arguments are required; the -C argument is optional.
|
|
||||||
#
|
|
||||||
# ansible-pull accepts an optional argument to specify a playbook
|
|
||||||
# location underneath the workdir and then searches the source repo
|
|
||||||
# for playbooks in the following order, stopping at the first match:
|
|
||||||
#
|
|
||||||
# 1. $workdir/path/playbook.yml, if specified
|
|
||||||
# 2. $workdir/$fqdn.yml
|
|
||||||
# 3. $workdir/$hostname.yml
|
|
||||||
# 4. $workdir/local.yml
|
|
||||||
#
|
|
||||||
# the source repo must contain at least one of these playbooks.
|
|
||||||
|
|
||||||
import os
|
|
||||||
import shutil
|
|
||||||
import subprocess
|
|
||||||
import sys
|
|
||||||
import datetime
|
|
||||||
import socket
|
|
||||||
import random
|
|
||||||
import time
|
|
||||||
from ansible import utils
|
|
||||||
from ansible.utils import cmd_functions
|
|
||||||
from ansible import errors
|
|
||||||
from ansible import inventory
|
|
||||||
|
|
||||||
DEFAULT_REPO_TYPE = 'git'
|
|
||||||
DEFAULT_PLAYBOOK = 'local.yml'
|
|
||||||
PLAYBOOK_ERRORS = {1: 'File does not exist',
|
|
||||||
2: 'File is not readable'}
|
|
||||||
|
|
||||||
VERBOSITY=0
|
|
||||||
|
|
||||||
def increment_debug(option, opt, value, parser):
|
|
||||||
global VERBOSITY
|
|
||||||
VERBOSITY += 1
|
|
||||||
|
|
||||||
def try_playbook(path):
|
|
||||||
if not os.path.exists(path):
|
|
||||||
return 1
|
|
||||||
if not os.access(path, os.R_OK):
|
|
||||||
return 2
|
|
||||||
return 0
|
|
||||||
|
|
||||||
|
|
||||||
def select_playbook(path, args):
|
|
||||||
playbook = None
|
|
||||||
if len(args) > 0 and args[0] is not None:
|
|
||||||
playbook = "%s/%s" % (path, args[0])
|
|
||||||
rc = try_playbook(playbook)
|
|
||||||
if rc != 0:
|
|
||||||
print >>sys.stderr, "%s: %s" % (playbook, PLAYBOOK_ERRORS[rc])
|
|
||||||
return None
|
|
||||||
return playbook
|
|
||||||
else:
|
|
||||||
fqdn = socket.getfqdn()
|
|
||||||
hostpb = "%s/%s.yml" % (path, fqdn)
|
|
||||||
shorthostpb = "%s/%s.yml" % (path, fqdn.split('.')[0])
|
|
||||||
localpb = "%s/%s" % (path, DEFAULT_PLAYBOOK)
|
|
||||||
errors = []
|
|
||||||
for pb in [hostpb, shorthostpb, localpb]:
|
|
||||||
rc = try_playbook(pb)
|
|
||||||
if rc == 0:
|
|
||||||
playbook = pb
|
|
||||||
break
|
|
||||||
else:
|
|
||||||
errors.append("%s: %s" % (pb, PLAYBOOK_ERRORS[rc]))
|
|
||||||
if playbook is None:
|
|
||||||
print >>sys.stderr, "\n".join(errors)
|
|
||||||
return playbook
|
|
||||||
|
|
||||||
|
|
||||||
def main(args):
|
|
||||||
""" Set up and run a local playbook """
|
|
||||||
usage = "%prog [options] [playbook.yml]"
|
|
||||||
parser = utils.SortedOptParser(usage=usage)
|
|
||||||
parser.add_option('--purge', default=False, action='store_true',
|
|
||||||
help='purge checkout after playbook run')
|
|
||||||
parser.add_option('-o', '--only-if-changed', dest='ifchanged', default=False, action='store_true',
|
|
||||||
help='only run the playbook if the repository has been updated')
|
|
||||||
parser.add_option('-s', '--sleep', dest='sleep', default=None,
|
|
||||||
help='sleep for random interval (between 0 and n number of seconds) before starting. this is a useful way to disperse git requests')
|
|
||||||
parser.add_option('-f', '--force', dest='force', default=False,
|
|
||||||
action='store_true',
|
|
||||||
help='run the playbook even if the repository could '
|
|
||||||
'not be updated')
|
|
||||||
parser.add_option('-d', '--directory', dest='dest', default=None,
|
|
||||||
help='directory to checkout repository to')
|
|
||||||
#parser.add_option('-l', '--live', default=True, action='store_live',
|
|
||||||
# help='Print the ansible-playbook output while running')
|
|
||||||
parser.add_option('-U', '--url', dest='url', default=None,
|
|
||||||
help='URL of the playbook repository')
|
|
||||||
parser.add_option('-C', '--checkout', dest='checkout',
|
|
||||||
help='branch/tag/commit to checkout. '
|
|
||||||
'Defaults to behavior of repository module.')
|
|
||||||
parser.add_option('-i', '--inventory-file', dest='inventory',
|
|
||||||
help="location of the inventory host file")
|
|
||||||
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
|
|
||||||
help="set additional variables as key=value or YAML/JSON", default=[])
|
|
||||||
parser.add_option('-v', '--verbose', default=False, action="callback",
|
|
||||||
callback=increment_debug,
|
|
||||||
help='Pass -vvvv to ansible-playbook')
|
|
||||||
parser.add_option('-m', '--module-name', dest='module_name',
|
|
||||||
default=DEFAULT_REPO_TYPE,
|
|
||||||
help='Module name used to check out repository. '
|
|
||||||
'Default is %s.' % DEFAULT_REPO_TYPE)
|
|
||||||
parser.add_option('--vault-password-file', dest='vault_password_file',
|
|
||||||
help="vault password file")
|
|
||||||
parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true',
|
|
||||||
help='ask for sudo password')
|
|
||||||
options, args = parser.parse_args(args)
|
|
||||||
|
|
||||||
hostname = socket.getfqdn()
|
|
||||||
if not options.dest:
|
|
||||||
# use a hostname dependent directory, in case of $HOME on nfs
|
|
||||||
options.dest = utils.prepare_writeable_dir('~/.ansible/pull/%s' % hostname)
|
|
||||||
|
|
||||||
options.dest = os.path.abspath(options.dest)
|
|
||||||
|
|
||||||
if not options.url:
|
|
||||||
parser.error("URL for repository not specified, use -h for help")
|
|
||||||
return 1
|
|
||||||
|
|
||||||
now = datetime.datetime.now()
|
|
||||||
print >>sys.stderr, now.strftime("Starting ansible-pull at %F %T")
|
|
||||||
|
|
||||||
# Attempt to use the inventory passed in as an argument
|
|
||||||
# It might not yet have been downloaded so use localhost if note
|
|
||||||
if not options.inventory or not os.path.exists(options.inventory):
|
|
||||||
inv_opts = 'localhost,'
|
|
||||||
else:
|
|
||||||
inv_opts = options.inventory
|
|
||||||
limit_opts = 'localhost:%s:127.0.0.1' % hostname
|
|
||||||
repo_opts = "name=%s dest=%s" % (options.url, options.dest)
|
|
||||||
|
|
||||||
if VERBOSITY == 0:
|
|
||||||
base_opts = '-c local --limit "%s"' % limit_opts
|
|
||||||
elif VERBOSITY > 0:
|
|
||||||
debug_level = ''.join([ "v" for x in range(0, VERBOSITY) ])
|
|
||||||
base_opts = '-%s -c local --limit "%s"' % (debug_level, limit_opts)
|
|
||||||
|
|
||||||
if options.checkout:
|
|
||||||
repo_opts += ' version=%s' % options.checkout
|
|
||||||
path = utils.plugins.module_finder.find_plugin(options.module_name)
|
|
||||||
if path is None:
|
|
||||||
sys.stderr.write("module '%s' not found.\n" % options.module_name)
|
|
||||||
return 1
|
|
||||||
cmd = 'ansible localhost -i "%s" %s -m %s -a "%s"' % (
|
|
||||||
inv_opts, base_opts, options.module_name, repo_opts
|
|
||||||
)
|
|
||||||
|
|
||||||
if options.sleep:
|
|
||||||
try:
|
|
||||||
secs = random.randint(0,int(options.sleep));
|
|
||||||
except ValueError:
|
|
||||||
parser.error("%s is not a number." % options.sleep)
|
|
||||||
return 1
|
|
||||||
|
|
||||||
print >>sys.stderr, "Sleeping for %d seconds..." % secs
|
|
||||||
time.sleep(secs);
|
|
||||||
|
|
||||||
|
|
||||||
# RUN THe CHECKOUT COMMAND
|
|
||||||
rc, out, err = cmd_functions.run_cmd(cmd, live=True)
|
|
||||||
|
|
||||||
if rc != 0:
|
|
||||||
if options.force:
|
|
||||||
print "Unable to update repository. Continuing with (forced) run of playbook."
|
|
||||||
else:
|
|
||||||
return rc
|
|
||||||
elif options.ifchanged and '"changed": true' not in out:
|
|
||||||
print "Repository has not changed, quitting."
|
|
||||||
return 0
|
|
||||||
|
|
||||||
playbook = select_playbook(options.dest, args)
|
|
||||||
|
|
||||||
if playbook is None:
|
|
||||||
print >>sys.stderr, "Could not find a playbook to run."
|
|
||||||
return 1
|
|
||||||
|
|
||||||
cmd = 'ansible-playbook %s %s' % (base_opts, playbook)
|
|
||||||
if options.vault_password_file:
|
|
||||||
cmd += " --vault-password-file=%s" % options.vault_password_file
|
|
||||||
if options.inventory:
|
|
||||||
cmd += ' -i "%s"' % options.inventory
|
|
||||||
for ev in options.extra_vars:
|
|
||||||
cmd += ' -e "%s"' % ev
|
|
||||||
if options.ask_sudo_pass:
|
|
||||||
cmd += ' -K'
|
|
||||||
os.chdir(options.dest)
|
|
||||||
|
|
||||||
# RUN THE PLAYBOOK COMMAND
|
|
||||||
rc, out, err = cmd_functions.run_cmd(cmd, live=True)
|
|
||||||
|
|
||||||
if options.purge:
|
|
||||||
os.chdir('/')
|
|
||||||
try:
|
|
||||||
shutil.rmtree(options.dest)
|
|
||||||
except Exception, e:
|
|
||||||
print >>sys.stderr, "Failed to remove %s: %s" % (options.dest, str(e))
|
|
||||||
|
|
||||||
return rc
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
try:
|
|
||||||
sys.exit(main(sys.argv[1:]))
|
|
||||||
except KeyboardInterrupt, e:
|
|
||||||
print >>sys.stderr, "Exit on user request.\n"
|
|
||||||
sys.exit(1)
|
|
@ -0,0 +1 @@
|
|||||||
|
ansible
|
@ -1,233 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
# (c) 2014, James Tanner <tanner.jc@gmail.com>
|
|
||||||
#
|
|
||||||
# Ansible is free software: you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
# the Free Software Foundation, either version 3 of the License, or
|
|
||||||
# (at your option) any later version.
|
|
||||||
#
|
|
||||||
# Ansible is distributed in the hope that it will be useful,
|
|
||||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
# GNU General Public License for more details.
|
|
||||||
#
|
|
||||||
# You should have received a copy of the GNU General Public License
|
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
#
|
|
||||||
# ansible-vault is a script that encrypts/decrypts YAML files. See
|
|
||||||
# http://docs.ansible.com/playbooks_vault.html for more details.
|
|
||||||
|
|
||||||
#__requires__ = ['ansible']
|
|
||||||
#import pkg_resources
|
|
||||||
|
|
||||||
import os
|
|
||||||
import sys
|
|
||||||
import traceback
|
|
||||||
|
|
||||||
import ansible.constants as C
|
|
||||||
|
|
||||||
from ansible import utils
|
|
||||||
from ansible import errors
|
|
||||||
from ansible.utils.vault import VaultEditor
|
|
||||||
|
|
||||||
from optparse import OptionParser
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Utility functions for parsing actions/options
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
VALID_ACTIONS = ("create", "decrypt", "edit", "encrypt", "rekey", "view")
|
|
||||||
|
|
||||||
def build_option_parser(action):
|
|
||||||
"""
|
|
||||||
Builds an option parser object based on the action
|
|
||||||
the user wants to execute.
|
|
||||||
"""
|
|
||||||
|
|
||||||
usage = "usage: %%prog [%s] [--help] [options] file_name" % "|".join(VALID_ACTIONS)
|
|
||||||
epilog = "\nSee '%s <command> --help' for more information on a specific command.\n\n" % os.path.basename(sys.argv[0])
|
|
||||||
OptionParser.format_epilog = lambda self, formatter: self.epilog
|
|
||||||
parser = OptionParser(usage=usage, epilog=epilog)
|
|
||||||
|
|
||||||
if not action:
|
|
||||||
parser.print_help()
|
|
||||||
sys.exit()
|
|
||||||
|
|
||||||
# options for all actions
|
|
||||||
#parser.add_option('-c', '--cipher', dest='cipher', default="AES256", help="cipher to use")
|
|
||||||
parser.add_option('--debug', dest='debug', action="store_true", help="debug")
|
|
||||||
parser.add_option('--vault-password-file', dest='password_file',
|
|
||||||
help="vault password file", default=C.DEFAULT_VAULT_PASSWORD_FILE)
|
|
||||||
|
|
||||||
# options specific to actions
|
|
||||||
if action == "create":
|
|
||||||
parser.set_usage("usage: %prog create [options] file_name")
|
|
||||||
elif action == "decrypt":
|
|
||||||
parser.set_usage("usage: %prog decrypt [options] file_name")
|
|
||||||
elif action == "edit":
|
|
||||||
parser.set_usage("usage: %prog edit [options] file_name")
|
|
||||||
elif action == "view":
|
|
||||||
parser.set_usage("usage: %prog view [options] file_name")
|
|
||||||
elif action == "encrypt":
|
|
||||||
parser.set_usage("usage: %prog encrypt [options] file_name")
|
|
||||||
elif action == "rekey":
|
|
||||||
parser.set_usage("usage: %prog rekey [options] file_name")
|
|
||||||
|
|
||||||
# done, return the parser
|
|
||||||
return parser
|
|
||||||
|
|
||||||
def get_action(args):
|
|
||||||
"""
|
|
||||||
Get the action the user wants to execute from the
|
|
||||||
sys argv list.
|
|
||||||
"""
|
|
||||||
for i in range(0,len(args)):
|
|
||||||
arg = args[i]
|
|
||||||
if arg in VALID_ACTIONS:
|
|
||||||
del args[i]
|
|
||||||
return arg
|
|
||||||
return None
|
|
||||||
|
|
||||||
def get_opt(options, k, defval=""):
|
|
||||||
"""
|
|
||||||
Returns an option from an Optparse values instance.
|
|
||||||
"""
|
|
||||||
try:
|
|
||||||
data = getattr(options, k)
|
|
||||||
except:
|
|
||||||
return defval
|
|
||||||
if k == "roles_path":
|
|
||||||
if os.pathsep in data:
|
|
||||||
data = data.split(os.pathsep)[0]
|
|
||||||
return data
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# Command functions
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def execute_create(args, options, parser):
|
|
||||||
if len(args) > 1:
|
|
||||||
raise errors.AnsibleError("'create' does not accept more than one filename")
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True, confirm_vault=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
cipher = 'AES256'
|
|
||||||
if hasattr(options, 'cipher'):
|
|
||||||
cipher = options.cipher
|
|
||||||
|
|
||||||
this_editor = VaultEditor(cipher, password, args[0])
|
|
||||||
this_editor.create_file()
|
|
||||||
|
|
||||||
def execute_decrypt(args, options, parser):
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
cipher = 'AES256'
|
|
||||||
if hasattr(options, 'cipher'):
|
|
||||||
cipher = options.cipher
|
|
||||||
|
|
||||||
for f in args:
|
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
|
||||||
this_editor.decrypt_file()
|
|
||||||
|
|
||||||
print "Decryption successful"
|
|
||||||
|
|
||||||
def execute_edit(args, options, parser):
|
|
||||||
|
|
||||||
if len(args) > 1:
|
|
||||||
raise errors.AnsibleError("edit does not accept more than one filename")
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
cipher = None
|
|
||||||
|
|
||||||
for f in args:
|
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
|
||||||
this_editor.edit_file()
|
|
||||||
|
|
||||||
def execute_view(args, options, parser):
|
|
||||||
|
|
||||||
if len(args) > 1:
|
|
||||||
raise errors.AnsibleError("view does not accept more than one filename")
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
cipher = None
|
|
||||||
|
|
||||||
for f in args:
|
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
|
||||||
this_editor.view_file()
|
|
||||||
|
|
||||||
def execute_encrypt(args, options, parser):
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, new_password = utils.ask_vault_passwords(ask_vault_pass=True, confirm_vault=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
cipher = 'AES256'
|
|
||||||
if hasattr(options, 'cipher'):
|
|
||||||
cipher = options.cipher
|
|
||||||
|
|
||||||
for f in args:
|
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
|
||||||
this_editor.encrypt_file()
|
|
||||||
|
|
||||||
print "Encryption successful"
|
|
||||||
|
|
||||||
def execute_rekey(args, options, parser):
|
|
||||||
|
|
||||||
if not options.password_file:
|
|
||||||
password, __ = utils.ask_vault_passwords(ask_vault_pass=True)
|
|
||||||
else:
|
|
||||||
password = utils.read_vault_file(options.password_file)
|
|
||||||
|
|
||||||
__, new_password = utils.ask_vault_passwords(ask_vault_pass=False, ask_new_vault_pass=True, confirm_new=True)
|
|
||||||
|
|
||||||
cipher = None
|
|
||||||
for f in args:
|
|
||||||
this_editor = VaultEditor(cipher, password, f)
|
|
||||||
this_editor.rekey_file(new_password)
|
|
||||||
|
|
||||||
print "Rekey successful"
|
|
||||||
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
# MAIN
|
|
||||||
#-------------------------------------------------------------------------------------
|
|
||||||
|
|
||||||
def main():
|
|
||||||
|
|
||||||
action = get_action(sys.argv)
|
|
||||||
parser = build_option_parser(action)
|
|
||||||
(options, args) = parser.parse_args()
|
|
||||||
|
|
||||||
if not len(args):
|
|
||||||
raise errors.AnsibleError(
|
|
||||||
"The '%s' command requires a filename as the first argument" % action
|
|
||||||
)
|
|
||||||
|
|
||||||
# execute the desired action
|
|
||||||
try:
|
|
||||||
fn = globals()["execute_%s" % action]
|
|
||||||
fn(args, options, parser)
|
|
||||||
except Exception, err:
|
|
||||||
if options.debug:
|
|
||||||
print traceback.format_exc()
|
|
||||||
print "ERROR:",err
|
|
||||||
sys.exit(1)
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
|
||||||
main()
|
|
@ -0,0 +1 @@
|
|||||||
|
ansible
|
@ -0,0 +1,17 @@
|
|||||||
|
inventory
|
||||||
|
=========
|
||||||
|
|
||||||
|
Inventory scripts allow you to store your hosts, groups, and variables in any way
|
||||||
|
you like. Examples include discovering inventory from EC2 or pulling it from
|
||||||
|
Cobbler. These could also be used to interface with LDAP or database.
|
||||||
|
|
||||||
|
chmod +x an inventory plugin and either name it /etc/ansible/hosts or use ansible
|
||||||
|
with -i to designate the path to the script. You might also need to copy a configuration
|
||||||
|
file with the same name and/or set environment variables, the scripts or configuration
|
||||||
|
files have more details.
|
||||||
|
|
||||||
|
contributions welcome
|
||||||
|
=====================
|
||||||
|
|
||||||
|
Send in pull requests to add plugins of your own. The sky is the limit!
|
||||||
|
|
@ -0,0 +1,5 @@
|
|||||||
|
[cloudstack]
|
||||||
|
#endpoint = https://api.exoscale.ch/compute
|
||||||
|
endpoint = https://cloud.example.com/client/api
|
||||||
|
key = cloudstack api key
|
||||||
|
secret = cloudstack api secret
|
@ -0,0 +1,232 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
#
|
||||||
|
# (c) 2015, René Moser <mail@renemoser.net>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible,
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
"""
|
||||||
|
Ansible CloudStack external inventory script.
|
||||||
|
=============================================
|
||||||
|
|
||||||
|
Generates Ansible inventory from CloudStack. Configuration is read from
|
||||||
|
'cloudstack.ini'. If you need to pass the project, write a simple wrapper
|
||||||
|
script, e.g. project_cloudstack.sh:
|
||||||
|
|
||||||
|
#!/bin/bash
|
||||||
|
cloudstack.py --project <your_project> $@
|
||||||
|
|
||||||
|
|
||||||
|
When run against a specific host, this script returns the following attributes
|
||||||
|
based on the data obtained from CloudStack API:
|
||||||
|
|
||||||
|
"web01": {
|
||||||
|
"cpu_number": 2,
|
||||||
|
"nic": [
|
||||||
|
{
|
||||||
|
"ip": "10.102.76.98",
|
||||||
|
"mac": "02:00:50:99:00:01",
|
||||||
|
"type": "Isolated",
|
||||||
|
"netmask": "255.255.255.0",
|
||||||
|
"gateway": "10.102.76.1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ip": "10.102.138.63",
|
||||||
|
"mac": "06:b7:5a:00:14:84",
|
||||||
|
"type": "Shared",
|
||||||
|
"netmask": "255.255.255.0",
|
||||||
|
"gateway": "10.102.138.1"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"default_ip": "10.102.76.98",
|
||||||
|
"zone": "ZUERICH",
|
||||||
|
"created": "2014-07-02T07:53:50+0200",
|
||||||
|
"hypervisor": "VMware",
|
||||||
|
"memory": 2048,
|
||||||
|
"state": "Running",
|
||||||
|
"tags": [],
|
||||||
|
"cpu_speed": 1800,
|
||||||
|
"affinity_group": [],
|
||||||
|
"service_offering": "Small",
|
||||||
|
"cpu_used": "62%"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
usage: cloudstack.py [--list] [--host HOST] [--project PROJECT]
|
||||||
|
"""
|
||||||
|
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import argparse
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
|
||||||
|
try:
|
||||||
|
from cs import CloudStack, CloudStackException, read_config
|
||||||
|
except ImportError:
|
||||||
|
print >> sys.stderr, "Error: CloudStack library must be installed: pip install cs."
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
class CloudStackInventory(object):
|
||||||
|
def __init__(self):
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser()
|
||||||
|
parser.add_argument('--host')
|
||||||
|
parser.add_argument('--list', action='store_true')
|
||||||
|
parser.add_argument('--project')
|
||||||
|
|
||||||
|
options = parser.parse_args()
|
||||||
|
try:
|
||||||
|
self.cs = CloudStack(**read_config())
|
||||||
|
except CloudStackException, e:
|
||||||
|
print >> sys.stderr, "Error: Could not connect to CloudStack API"
|
||||||
|
|
||||||
|
project_id = ''
|
||||||
|
if options.project:
|
||||||
|
project_id = self.get_project_id(options.project)
|
||||||
|
|
||||||
|
if options.host:
|
||||||
|
data = self.get_host(options.host)
|
||||||
|
print json.dumps(data, indent=2)
|
||||||
|
|
||||||
|
elif options.list:
|
||||||
|
data = self.get_list()
|
||||||
|
print json.dumps(data, indent=2)
|
||||||
|
else:
|
||||||
|
print >> sys.stderr, "usage: --list | --host <hostname> [--project <project>]"
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
def get_project_id(self, project):
|
||||||
|
projects = self.cs.listProjects()
|
||||||
|
if projects:
|
||||||
|
for p in projects['project']:
|
||||||
|
if p['name'] == project or p['id'] == project:
|
||||||
|
return p['id']
|
||||||
|
print >> sys.stderr, "Error: Project %s not found." % project
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
def get_host(self, name, project_id=''):
|
||||||
|
hosts = self.cs.listVirtualMachines(projectid=project_id)
|
||||||
|
data = {}
|
||||||
|
if not hosts:
|
||||||
|
return data
|
||||||
|
for host in hosts['virtualmachine']:
|
||||||
|
host_name = host['displayname']
|
||||||
|
if name == host_name:
|
||||||
|
data['zone'] = host['zonename']
|
||||||
|
if 'group' in host:
|
||||||
|
data['group'] = host['group']
|
||||||
|
data['state'] = host['state']
|
||||||
|
data['service_offering'] = host['serviceofferingname']
|
||||||
|
data['affinity_group'] = host['affinitygroup']
|
||||||
|
data['security_group'] = host['securitygroup']
|
||||||
|
data['cpu_number'] = host['cpunumber']
|
||||||
|
data['cpu_speed'] = host['cpuspeed']
|
||||||
|
if 'cpuused' in host:
|
||||||
|
data['cpu_used'] = host['cpuused']
|
||||||
|
data['memory'] = host['memory']
|
||||||
|
data['tags'] = host['tags']
|
||||||
|
data['hypervisor'] = host['hypervisor']
|
||||||
|
data['created'] = host['created']
|
||||||
|
data['nic'] = []
|
||||||
|
for nic in host['nic']:
|
||||||
|
data['nic'].append({
|
||||||
|
'ip': nic['ipaddress'],
|
||||||
|
'mac': nic['macaddress'],
|
||||||
|
'netmask': nic['netmask'],
|
||||||
|
'gateway': nic['gateway'],
|
||||||
|
'type': nic['type'],
|
||||||
|
})
|
||||||
|
if nic['isdefault']:
|
||||||
|
data['default_ip'] = nic['ipaddress']
|
||||||
|
break;
|
||||||
|
return data
|
||||||
|
|
||||||
|
|
||||||
|
def get_list(self, project_id=''):
|
||||||
|
data = {
|
||||||
|
'all': {
|
||||||
|
'hosts': [],
|
||||||
|
},
|
||||||
|
'_meta': {
|
||||||
|
'hostvars': {},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
groups = self.cs.listInstanceGroups(projectid=project_id)
|
||||||
|
if groups:
|
||||||
|
for group in groups['instancegroup']:
|
||||||
|
group_name = group['name']
|
||||||
|
if group_name and not group_name in data:
|
||||||
|
data[group_name] = {
|
||||||
|
'hosts': []
|
||||||
|
}
|
||||||
|
|
||||||
|
hosts = self.cs.listVirtualMachines(projectid=project_id)
|
||||||
|
if not hosts:
|
||||||
|
return data
|
||||||
|
for host in hosts['virtualmachine']:
|
||||||
|
host_name = host['displayname']
|
||||||
|
data['all']['hosts'].append(host_name)
|
||||||
|
data['_meta']['hostvars'][host_name] = {}
|
||||||
|
data['_meta']['hostvars'][host_name]['zone'] = host['zonename']
|
||||||
|
if 'group' in host:
|
||||||
|
data['_meta']['hostvars'][host_name]['group'] = host['group']
|
||||||
|
data['_meta']['hostvars'][host_name]['state'] = host['state']
|
||||||
|
data['_meta']['hostvars'][host_name]['service_offering'] = host['serviceofferingname']
|
||||||
|
data['_meta']['hostvars'][host_name]['affinity_group'] = host['affinitygroup']
|
||||||
|
data['_meta']['hostvars'][host_name]['security_group'] = host['securitygroup']
|
||||||
|
data['_meta']['hostvars'][host_name]['cpu_number'] = host['cpunumber']
|
||||||
|
data['_meta']['hostvars'][host_name]['cpu_speed'] = host['cpuspeed']
|
||||||
|
if 'cpuused' in host:
|
||||||
|
data['_meta']['hostvars'][host_name]['cpu_used'] = host['cpuused']
|
||||||
|
data['_meta']['hostvars'][host_name]['created'] = host['created']
|
||||||
|
data['_meta']['hostvars'][host_name]['memory'] = host['memory']
|
||||||
|
data['_meta']['hostvars'][host_name]['tags'] = host['tags']
|
||||||
|
data['_meta']['hostvars'][host_name]['hypervisor'] = host['hypervisor']
|
||||||
|
data['_meta']['hostvars'][host_name]['created'] = host['created']
|
||||||
|
data['_meta']['hostvars'][host_name]['nic'] = []
|
||||||
|
for nic in host['nic']:
|
||||||
|
data['_meta']['hostvars'][host_name]['nic'].append({
|
||||||
|
'ip': nic['ipaddress'],
|
||||||
|
'mac': nic['macaddress'],
|
||||||
|
'netmask': nic['netmask'],
|
||||||
|
'gateway': nic['gateway'],
|
||||||
|
'type': nic['type'],
|
||||||
|
})
|
||||||
|
if nic['isdefault']:
|
||||||
|
data['_meta']['hostvars'][host_name]['default_ip'] = nic['ipaddress']
|
||||||
|
|
||||||
|
group_name = ''
|
||||||
|
if 'group' in host:
|
||||||
|
group_name = host['group']
|
||||||
|
|
||||||
|
if group_name and group_name in data:
|
||||||
|
data[group_name]['hosts'].append(host_name)
|
||||||
|
return data
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
CloudStackInventory()
|
@ -1,4 +1,4 @@
|
|||||||
#!/usr/bin/python
|
#!/usr/bin/env python
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Cobbler external inventory script
|
Cobbler external inventory script
|
@ -0,0 +1,37 @@
|
|||||||
|
# Ansible Consul external inventory script settings.
|
||||||
|
|
||||||
|
[consul]
|
||||||
|
|
||||||
|
# restrict included nodes to those from this datacenter
|
||||||
|
#datacenter = nyc1
|
||||||
|
|
||||||
|
# url of the the consul cluster to query
|
||||||
|
#url = http://demo.consul.io
|
||||||
|
url = http://localhost:8500
|
||||||
|
|
||||||
|
# suffix added to each service to create a group name e.g Service of 'redis' and
|
||||||
|
# a suffix of '_servers' will add each address to the group name 'redis_servers'
|
||||||
|
servers_suffix = _servers
|
||||||
|
|
||||||
|
# if specified then the inventory will generate domain names that will resolve
|
||||||
|
# via Consul's inbuilt DNS.
|
||||||
|
#domain=consul
|
||||||
|
|
||||||
|
# make groups from service tags. the name of the group is derived from the
|
||||||
|
# service name and the tag name e.g. a service named nginx with tags ['master', 'v1']
|
||||||
|
# will create groups nginx_master and nginx_v1
|
||||||
|
tags = true
|
||||||
|
|
||||||
|
# looks up the node name at the given path for a list of groups to which the
|
||||||
|
# node should be added.
|
||||||
|
kv_groups=ansible/groups
|
||||||
|
|
||||||
|
# looks up the node name at the given path for a json dictionary of metadata that
|
||||||
|
# should be attached as metadata for the node
|
||||||
|
kv_metadata=ansible/metadata
|
||||||
|
|
||||||
|
# looks up the health of each service and adds the node to 'up' and 'down' groups
|
||||||
|
# based on the service availibility
|
||||||
|
availability = true
|
||||||
|
available_suffix = _up
|
||||||
|
unavailable_suffix = _down
|
@ -0,0 +1,428 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
#
|
||||||
|
# (c) 2015, Steve Gargan <steve.gargan@gmail.com>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible,
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
|
||||||
|
'''
|
||||||
|
Consul.io inventory script (http://consul.io)
|
||||||
|
======================================
|
||||||
|
|
||||||
|
Generates Ansible inventory from nodes in a Consul cluster. This script will
|
||||||
|
group nodes by:
|
||||||
|
- datacenter,
|
||||||
|
- registered service
|
||||||
|
- service tags
|
||||||
|
- service status
|
||||||
|
- values from the k/v store
|
||||||
|
|
||||||
|
This script can be run with the switches
|
||||||
|
--list as expected groups all the nodes in all datacenters
|
||||||
|
--datacenter, to restrict the nodes to a single datacenter
|
||||||
|
--host to restrict the inventory to a single named node. (requires datacenter config)
|
||||||
|
|
||||||
|
The configuration for this plugin is read from a consul.ini file located in the
|
||||||
|
same directory as this inventory script. All config options in the config file
|
||||||
|
are optional except the host and port, which must point to a valid agent or
|
||||||
|
server running the http api. For more information on enabling the endpoint see.
|
||||||
|
|
||||||
|
http://www.consul.io/docs/agent/options.html
|
||||||
|
|
||||||
|
Other options include:
|
||||||
|
|
||||||
|
'datacenter':
|
||||||
|
|
||||||
|
which restricts the included nodes to those from the given datacenter
|
||||||
|
|
||||||
|
'domain':
|
||||||
|
|
||||||
|
if specified then the inventory will generate domain names that will resolve
|
||||||
|
via Consul's inbuilt DNS. The name is derived from the node name, datacenter
|
||||||
|
and domain <node_name>.node.<datacenter>.<domain>. Note that you will need to
|
||||||
|
have consul hooked into your DNS server for these to resolve. See the consul
|
||||||
|
DNS docs for more info.
|
||||||
|
|
||||||
|
which restricts the included nodes to those from the given datacenter
|
||||||
|
|
||||||
|
'servers_suffix':
|
||||||
|
|
||||||
|
defining the a suffix to add to the service name when creating the service
|
||||||
|
group. e.g Service name of 'redis' and a suffix of '_servers' will add
|
||||||
|
each nodes address to the group name 'redis_servers'. No suffix is added
|
||||||
|
if this is not set
|
||||||
|
|
||||||
|
'tags':
|
||||||
|
|
||||||
|
boolean flag defining if service tags should be used to create Inventory
|
||||||
|
groups e.g. an nginx service with the tags ['master', 'v1'] will create
|
||||||
|
groups nginx_master and nginx_v1 to which the node running the service
|
||||||
|
will be added. No tag groups are created if this is missing.
|
||||||
|
|
||||||
|
'token':
|
||||||
|
|
||||||
|
ACL token to use to authorize access to the key value store. May be required
|
||||||
|
to retrieve the kv_groups and kv_metadata based on your consul configuration.
|
||||||
|
|
||||||
|
'kv_groups':
|
||||||
|
|
||||||
|
This is used to lookup groups for a node in the key value store. It specifies a
|
||||||
|
path to which each discovered node's name will be added to create a key to query
|
||||||
|
the key/value store. There it expects to find a comma separated list of group
|
||||||
|
names to which the node should be added e.g. if the inventory contains
|
||||||
|
'nyc-web-1' and kv_groups = 'ansible/groups' then the key
|
||||||
|
'v1/kv/ansible/groups/nyc-web-1' will be queried for a group list. If this query
|
||||||
|
returned 'test,honeypot' then the node address to both groups.
|
||||||
|
|
||||||
|
'kv_metadata':
|
||||||
|
|
||||||
|
kv_metadata is used to lookup metadata for each discovered node. Like kv_groups
|
||||||
|
above it is used to build a path to lookup in the kv store where it expects to
|
||||||
|
find a json dictionary of metadata entries. If found, each key/value pair in the
|
||||||
|
dictionary is added to the metadata for the node.
|
||||||
|
|
||||||
|
'availability':
|
||||||
|
|
||||||
|
if true then availability groups will be created for each service. The node will
|
||||||
|
be added to one of the groups based on the health status of the service. The
|
||||||
|
group name is derived from the service name and the configurable availability
|
||||||
|
suffixes
|
||||||
|
|
||||||
|
'available_suffix':
|
||||||
|
|
||||||
|
suffix that should be appended to the service availability groups for available
|
||||||
|
services e.g. if the suffix is '_up' and the service is nginx, then nodes with
|
||||||
|
healthy nginx services will be added to the nginix_up group. Defaults to
|
||||||
|
'_available'
|
||||||
|
|
||||||
|
'unavailable_suffix':
|
||||||
|
|
||||||
|
as above but for unhealthy services, defaults to '_unavailable'
|
||||||
|
|
||||||
|
Note that if the inventory discovers an 'ssh' service running on a node it will
|
||||||
|
register the port as ansible_ssh_port in the node's metadata and this port will
|
||||||
|
be used to access the machine.
|
||||||
|
```
|
||||||
|
|
||||||
|
'''
|
||||||
|
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
import argparse
|
||||||
|
from time import time
|
||||||
|
import sys
|
||||||
|
import ConfigParser
|
||||||
|
import urllib, urllib2, base64
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
try:
|
||||||
|
import consul
|
||||||
|
except ImportError, e:
|
||||||
|
print """failed=True msg='python-consul required for this module. see
|
||||||
|
http://python-consul.readthedocs.org/en/latest/#installation'"""
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
class ConsulInventory(object):
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
''' Create an inventory based on the catalog of nodes and services
|
||||||
|
registered in a consul cluster'''
|
||||||
|
self.node_metadata = {}
|
||||||
|
self.nodes = {}
|
||||||
|
self.nodes_by_service = {}
|
||||||
|
self.nodes_by_tag = {}
|
||||||
|
self.nodes_by_datacenter = {}
|
||||||
|
self.nodes_by_kv = {}
|
||||||
|
self.nodes_by_availability = {}
|
||||||
|
self.current_dc = None
|
||||||
|
|
||||||
|
config = ConsulConfig()
|
||||||
|
self.config = config
|
||||||
|
|
||||||
|
self.consul_api = config.get_consul_api()
|
||||||
|
|
||||||
|
if config.has_config('datacenter'):
|
||||||
|
if config.has_config('host'):
|
||||||
|
self.load_data_for_node(config.host, config.datacenter)
|
||||||
|
else:
|
||||||
|
self.load_data_for_datacenter(config.datacenter)
|
||||||
|
else:
|
||||||
|
self.load_all_data_consul()
|
||||||
|
|
||||||
|
self.combine_all_results()
|
||||||
|
print json.dumps(self.inventory, sort_keys=True, indent=2)
|
||||||
|
|
||||||
|
def load_all_data_consul(self):
|
||||||
|
''' cycle through each of the datacenters in the consul catalog and process
|
||||||
|
the nodes in each '''
|
||||||
|
self.datacenters = self.consul_api.catalog.datacenters()
|
||||||
|
for datacenter in self.datacenters:
|
||||||
|
self.current_dc = datacenter
|
||||||
|
self.load_data_for_datacenter(datacenter)
|
||||||
|
|
||||||
|
|
||||||
|
def load_availability_groups(self, node, datacenter):
|
||||||
|
'''check the health of each service on a node and add add the node to either
|
||||||
|
an 'available' or 'unavailable' grouping. The suffix for each group can be
|
||||||
|
controlled from the config'''
|
||||||
|
if self.config.has_config('availability'):
|
||||||
|
for service_name, service in node['Services'].iteritems():
|
||||||
|
for node in self.consul_api.health.service(service_name)[1]:
|
||||||
|
for check in node['Checks']:
|
||||||
|
if check['ServiceName'] == service_name:
|
||||||
|
ok = 'passing' == check['Status']
|
||||||
|
if ok:
|
||||||
|
suffix = self.config.get_availability_suffix(
|
||||||
|
'available_suffix', '_available')
|
||||||
|
else:
|
||||||
|
suffix = self.config.get_availability_suffix(
|
||||||
|
'unavailable_suffix', '_unavailable')
|
||||||
|
self.add_node_to_map(self.nodes_by_availability,
|
||||||
|
service_name + suffix, node['Node'])
|
||||||
|
|
||||||
|
|
||||||
|
def load_data_for_datacenter(self, datacenter):
|
||||||
|
'''processes all the nodes in a particular datacenter'''
|
||||||
|
index, nodes = self.consul_api.catalog.nodes(dc=datacenter)
|
||||||
|
for node in nodes:
|
||||||
|
self.add_node_to_map(self.nodes_by_datacenter, datacenter, node)
|
||||||
|
self.load_data_for_node(node['Node'], datacenter)
|
||||||
|
|
||||||
|
def load_data_for_node(self, node, datacenter):
|
||||||
|
'''loads the data for a sinle node adding it to various groups based on
|
||||||
|
metadata retrieved from the kv store and service availability'''
|
||||||
|
|
||||||
|
index, node_data = self.consul_api.catalog.node(node, dc=datacenter)
|
||||||
|
node = node_data['Node']
|
||||||
|
self.add_node_to_map(self.nodes, 'all', node)
|
||||||
|
self.add_metadata(node_data, "consul_datacenter", datacenter)
|
||||||
|
self.add_metadata(node_data, "consul_nodename", node['Node'])
|
||||||
|
|
||||||
|
self.load_groups_from_kv(node_data)
|
||||||
|
self.load_node_metadata_from_kv(node_data)
|
||||||
|
self.load_availability_groups(node_data, datacenter)
|
||||||
|
|
||||||
|
for name, service in node_data['Services'].items():
|
||||||
|
self.load_data_from_service(name, service, node_data)
|
||||||
|
|
||||||
|
def load_node_metadata_from_kv(self, node_data):
|
||||||
|
''' load the json dict at the metadata path defined by the kv_metadata value
|
||||||
|
and the node name add each entry in the dictionary to the the node's
|
||||||
|
metadata '''
|
||||||
|
node = node_data['Node']
|
||||||
|
if self.config.has_config('kv_metadata'):
|
||||||
|
key = "%s/%s/%s" % (self.config.kv_metadata, self.current_dc, node['Node'])
|
||||||
|
index, metadata = self.consul_api.kv.get(key)
|
||||||
|
if metadata and metadata['Value']:
|
||||||
|
try:
|
||||||
|
metadata = json.loads(metadata['Value'])
|
||||||
|
for k,v in metadata.items():
|
||||||
|
self.add_metadata(node_data, k, v)
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def load_groups_from_kv(self, node_data):
|
||||||
|
''' load the comma separated list of groups at the path defined by the
|
||||||
|
kv_groups config value and the node name add the node address to each
|
||||||
|
group found '''
|
||||||
|
node = node_data['Node']
|
||||||
|
if self.config.has_config('kv_groups'):
|
||||||
|
key = "%s/%s/%s" % (self.config.kv_groups, self.current_dc, node['Node'])
|
||||||
|
index, groups = self.consul_api.kv.get(key)
|
||||||
|
if groups and groups['Value']:
|
||||||
|
for group in groups['Value'].split(','):
|
||||||
|
self.add_node_to_map(self.nodes_by_kv, group.strip(), node)
|
||||||
|
|
||||||
|
def load_data_from_service(self, service_name, service, node_data):
|
||||||
|
'''process a service registered on a node, adding the node to a group with
|
||||||
|
the service name. Each service tag is extracted and the node is added to a
|
||||||
|
tag grouping also'''
|
||||||
|
self.add_metadata(node_data, "consul_services", service_name, True)
|
||||||
|
|
||||||
|
if self.is_service("ssh", service_name):
|
||||||
|
self.add_metadata(node_data, "ansible_ssh_port", service['Port'])
|
||||||
|
|
||||||
|
if self.config.has_config('servers_suffix'):
|
||||||
|
service_name = service_name + self.config.servers_suffix
|
||||||
|
|
||||||
|
self.add_node_to_map(self.nodes_by_service, service_name, node_data['Node'])
|
||||||
|
self.extract_groups_from_tags(service_name, service, node_data)
|
||||||
|
|
||||||
|
def is_service(self, target, name):
|
||||||
|
return name and (name.lower() == target.lower())
|
||||||
|
|
||||||
|
def extract_groups_from_tags(self, service_name, service, node_data):
|
||||||
|
'''iterates each service tag and adds the node to groups derived from the
|
||||||
|
service and tag names e.g. nginx_master'''
|
||||||
|
if self.config.has_config('tags') and service['Tags']:
|
||||||
|
tags = service['Tags']
|
||||||
|
self.add_metadata(node_data, "consul_%s_tags" % service_name, tags)
|
||||||
|
for tag in service['Tags']:
|
||||||
|
tagname = service_name +'_'+tag
|
||||||
|
self.add_node_to_map(self.nodes_by_tag, tagname, node_data['Node'])
|
||||||
|
|
||||||
|
def combine_all_results(self):
|
||||||
|
'''prunes and sorts all groupings for combination into the final map'''
|
||||||
|
self.inventory = {"_meta": { "hostvars" : self.node_metadata}}
|
||||||
|
groupings = [self.nodes, self.nodes_by_datacenter, self.nodes_by_service,
|
||||||
|
self.nodes_by_tag, self.nodes_by_kv, self.nodes_by_availability]
|
||||||
|
for grouping in groupings:
|
||||||
|
for name, addresses in grouping.items():
|
||||||
|
self.inventory[name] = sorted(list(set(addresses)))
|
||||||
|
|
||||||
|
def add_metadata(self, node_data, key, value, is_list = False):
|
||||||
|
''' Pushed an element onto a metadata dict for the node, creating
|
||||||
|
the dict if it doesn't exist '''
|
||||||
|
key = self.to_safe(key)
|
||||||
|
node = self.get_inventory_name(node_data['Node'])
|
||||||
|
|
||||||
|
if node in self.node_metadata:
|
||||||
|
metadata = self.node_metadata[node]
|
||||||
|
else:
|
||||||
|
metadata = {}
|
||||||
|
self.node_metadata[node] = metadata
|
||||||
|
if is_list:
|
||||||
|
self.push(metadata, key, value)
|
||||||
|
else:
|
||||||
|
metadata[key] = value
|
||||||
|
|
||||||
|
def get_inventory_name(self, node_data):
|
||||||
|
'''return the ip or a node name that can be looked up in consul's dns'''
|
||||||
|
domain = self.config.domain
|
||||||
|
if domain:
|
||||||
|
node_name = node_data['Node']
|
||||||
|
if self.current_dc:
|
||||||
|
return '%s.node.%s.%s' % ( node_name, self.current_dc, domain)
|
||||||
|
else:
|
||||||
|
return '%s.node.%s' % ( node_name, domain)
|
||||||
|
else:
|
||||||
|
return node_data['Address']
|
||||||
|
|
||||||
|
def add_node_to_map(self, map, name, node):
|
||||||
|
self.push(map, name, self.get_inventory_name(node))
|
||||||
|
|
||||||
|
|
||||||
|
def push(self, my_dict, key, element):
|
||||||
|
''' Pushed an element onto an array that may not have been defined in the
|
||||||
|
dict '''
|
||||||
|
key = self.to_safe(key)
|
||||||
|
if key in my_dict:
|
||||||
|
my_dict[key].append(element)
|
||||||
|
else:
|
||||||
|
my_dict[key] = [element]
|
||||||
|
|
||||||
|
def to_safe(self, word):
|
||||||
|
''' Converts 'bad' characters in a string to underscores so they can be used
|
||||||
|
as Ansible groups '''
|
||||||
|
return re.sub('[^A-Za-z0-9\-\.]', '_', word)
|
||||||
|
|
||||||
|
def sanitize_dict(self, d):
|
||||||
|
|
||||||
|
new_dict = {}
|
||||||
|
for k, v in d.items():
|
||||||
|
if v != None:
|
||||||
|
new_dict[self.to_safe(str(k))] = self.to_safe(str(v))
|
||||||
|
return new_dict
|
||||||
|
|
||||||
|
def sanitize_list(self, seq):
|
||||||
|
new_seq = []
|
||||||
|
for d in seq:
|
||||||
|
new_seq.append(self.sanitize_dict(d))
|
||||||
|
return new_seq
|
||||||
|
|
||||||
|
|
||||||
|
class ConsulConfig(dict):
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self.read_settings()
|
||||||
|
self.read_cli_args()
|
||||||
|
|
||||||
|
def has_config(self, name):
|
||||||
|
if hasattr(self, name):
|
||||||
|
return getattr(self, name)
|
||||||
|
else:
|
||||||
|
return False
|
||||||
|
|
||||||
|
def read_settings(self):
|
||||||
|
''' Reads the settings from the consul.ini file '''
|
||||||
|
config = ConfigParser.SafeConfigParser()
|
||||||
|
config.read(os.path.dirname(os.path.realpath(__file__)) + '/consul.ini')
|
||||||
|
|
||||||
|
config_options = ['host', 'token', 'datacenter', 'servers_suffix',
|
||||||
|
'tags', 'kv_metadata', 'kv_groups', 'availability',
|
||||||
|
'unavailable_suffix', 'available_suffix', 'url',
|
||||||
|
'domain']
|
||||||
|
for option in config_options:
|
||||||
|
value = None
|
||||||
|
if config.has_option('consul', option):
|
||||||
|
value = config.get('consul', option)
|
||||||
|
setattr(self, option, value)
|
||||||
|
|
||||||
|
def read_cli_args(self):
|
||||||
|
''' Command line argument processing '''
|
||||||
|
parser = argparse.ArgumentParser(description=
|
||||||
|
'Produce an Ansible Inventory file based nodes in a Consul cluster')
|
||||||
|
|
||||||
|
parser.add_argument('--list', action='store_true',
|
||||||
|
help='Get all inventory variables from all nodes in the consul cluster')
|
||||||
|
parser.add_argument('--host', action='store',
|
||||||
|
help='Get all inventory variables about a specific consul node, \
|
||||||
|
requires datacenter set in consul.ini.')
|
||||||
|
parser.add_argument('--datacenter', action='store',
|
||||||
|
help='Get all inventory about a specific consul datacenter')
|
||||||
|
|
||||||
|
args = parser.parse_args()
|
||||||
|
arg_names = ['host', 'datacenter']
|
||||||
|
|
||||||
|
for arg in arg_names:
|
||||||
|
if getattr(args, arg):
|
||||||
|
setattr(self, arg, getattr(args, arg))
|
||||||
|
|
||||||
|
def get_availability_suffix(self, suffix, default):
|
||||||
|
if self.has_config(suffix):
|
||||||
|
return self.has_config(suffix)
|
||||||
|
return default
|
||||||
|
|
||||||
|
|
||||||
|
def get_consul_api(self):
|
||||||
|
'''get an instance of the api based on the supplied configuration'''
|
||||||
|
host = 'localhost'
|
||||||
|
port = 8500
|
||||||
|
token = None
|
||||||
|
|
||||||
|
if hasattr(self, 'url'):
|
||||||
|
from urlparse import urlparse
|
||||||
|
o = urlparse(self.url)
|
||||||
|
if o.hostname:
|
||||||
|
host = o.hostname
|
||||||
|
if o.port:
|
||||||
|
port = o.port
|
||||||
|
|
||||||
|
if hasattr(self, 'token'):
|
||||||
|
token = self.token
|
||||||
|
if not token:
|
||||||
|
token = 'anonymous'
|
||||||
|
return consul.Consul(host=host, port=port, token=token)
|
||||||
|
|
||||||
|
ConsulInventory()
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,107 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
"""
|
||||||
|
fleetctl base external inventory script. Automatically finds the IPs of the booted coreos instances and
|
||||||
|
returns it under the host group 'coreos'
|
||||||
|
"""
|
||||||
|
|
||||||
|
# Copyright (C) 2014 Andrew Rothstein <andrew.rothstein at gmail.com>
|
||||||
|
#
|
||||||
|
# This program is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
#
|
||||||
|
# Thanks to the vagrant.py inventory script for giving me the basic structure
|
||||||
|
# of this.
|
||||||
|
#
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import subprocess
|
||||||
|
import re
|
||||||
|
import string
|
||||||
|
from optparse import OptionParser
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
# Options
|
||||||
|
#------------------------------
|
||||||
|
|
||||||
|
parser = OptionParser(usage="%prog [options] --list | --host <machine>")
|
||||||
|
parser.add_option('--list', default=False, dest="list", action="store_true",
|
||||||
|
help="Produce a JSON consumable grouping of servers in your fleet")
|
||||||
|
parser.add_option('--host', default=None, dest="host",
|
||||||
|
help="Generate additional host specific details for given host for Ansible")
|
||||||
|
(options, args) = parser.parse_args()
|
||||||
|
|
||||||
|
#
|
||||||
|
# helper functions
|
||||||
|
#
|
||||||
|
|
||||||
|
def get_ssh_config():
|
||||||
|
configs = []
|
||||||
|
for box in list_running_boxes():
|
||||||
|
config = get_a_ssh_config(box)
|
||||||
|
configs.append(config)
|
||||||
|
return configs
|
||||||
|
|
||||||
|
#list all the running instances in the fleet
|
||||||
|
def list_running_boxes():
|
||||||
|
boxes = []
|
||||||
|
for line in subprocess.check_output(["fleetctl", "list-machines"]).split('\n'):
|
||||||
|
matcher = re.search("[^\s]+[\s]+([^\s]+).+", line)
|
||||||
|
if matcher and matcher.group(1) != "IP":
|
||||||
|
boxes.append(matcher.group(1))
|
||||||
|
|
||||||
|
return boxes
|
||||||
|
|
||||||
|
def get_a_ssh_config(box_name):
|
||||||
|
config = {}
|
||||||
|
config['Host'] = box_name
|
||||||
|
config['ansible_ssh_user'] = 'core'
|
||||||
|
config['ansible_python_interpreter'] = '/opt/bin/python'
|
||||||
|
return config
|
||||||
|
|
||||||
|
# List out servers that vagrant has running
|
||||||
|
#------------------------------
|
||||||
|
if options.list:
|
||||||
|
ssh_config = get_ssh_config()
|
||||||
|
hosts = { 'coreos': []}
|
||||||
|
|
||||||
|
for data in ssh_config:
|
||||||
|
hosts['coreos'].append(data['Host'])
|
||||||
|
|
||||||
|
print json.dumps(hosts)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
# Get out the host details
|
||||||
|
#------------------------------
|
||||||
|
elif options.host:
|
||||||
|
result = {}
|
||||||
|
ssh_config = get_ssh_config()
|
||||||
|
|
||||||
|
details = filter(lambda x: (x['Host'] == options.host), ssh_config)
|
||||||
|
if len(details) > 0:
|
||||||
|
#pass through the port, in case it's non standard.
|
||||||
|
result = details[0]
|
||||||
|
result
|
||||||
|
|
||||||
|
print json.dumps(result)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
# Print out help
|
||||||
|
#------------------------------
|
||||||
|
else:
|
||||||
|
parser.print_help()
|
||||||
|
sys.exit(1)
|
@ -0,0 +1,83 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
from ipalib import api
|
||||||
|
import json
|
||||||
|
|
||||||
|
def initialize():
|
||||||
|
'''
|
||||||
|
This function initializes the FreeIPA/IPA API. This function requires
|
||||||
|
no arguments. A kerberos key must be present in the users keyring in
|
||||||
|
order for this to work.
|
||||||
|
'''
|
||||||
|
|
||||||
|
api.bootstrap(context='cli')
|
||||||
|
api.finalize()
|
||||||
|
try:
|
||||||
|
api.Backend.rpcclient.connect()
|
||||||
|
except AttributeError:
|
||||||
|
#FreeIPA < 4.0 compatibility
|
||||||
|
api.Backend.xmlclient.connect()
|
||||||
|
|
||||||
|
return api
|
||||||
|
|
||||||
|
def list_groups(api):
|
||||||
|
'''
|
||||||
|
This function returns a list of all host groups. This function requires
|
||||||
|
one argument, the FreeIPA/IPA API object.
|
||||||
|
'''
|
||||||
|
|
||||||
|
inventory = {}
|
||||||
|
hostvars={}
|
||||||
|
meta={}
|
||||||
|
|
||||||
|
result = api.Command.hostgroup_find()['result']
|
||||||
|
|
||||||
|
for hostgroup in result:
|
||||||
|
inventory[hostgroup['cn'][0]] = { 'hosts': [host for host in hostgroup['member_host']]}
|
||||||
|
|
||||||
|
for host in hostgroup['member_host']:
|
||||||
|
hostvars[host] = {}
|
||||||
|
|
||||||
|
inventory['_meta'] = {'hostvars': hostvars}
|
||||||
|
inv_string = json.dumps(inventory, indent=1, sort_keys=True)
|
||||||
|
print inv_string
|
||||||
|
|
||||||
|
return None
|
||||||
|
|
||||||
|
def parse_args():
|
||||||
|
'''
|
||||||
|
This function parses the arguments that were passed in via the command line.
|
||||||
|
This function expects no arguments.
|
||||||
|
'''
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Ansible FreeIPA/IPA '
|
||||||
|
'inventory module')
|
||||||
|
group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
group.add_argument('--list', action='store_true',
|
||||||
|
help='List active servers')
|
||||||
|
group.add_argument('--host', help='List details about the specified host')
|
||||||
|
|
||||||
|
return parser.parse_args()
|
||||||
|
|
||||||
|
def print_host(host):
|
||||||
|
'''
|
||||||
|
This function is really a stub, it could return variables to be used in
|
||||||
|
a playbook. However, at this point there are no variables stored in
|
||||||
|
FreeIPA/IPA.
|
||||||
|
|
||||||
|
This function expects one string, this hostname to lookup variables for.
|
||||||
|
'''
|
||||||
|
|
||||||
|
print json.dumps({})
|
||||||
|
|
||||||
|
return None
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
args = parse_args()
|
||||||
|
|
||||||
|
if args.host:
|
||||||
|
print_host(args.host)
|
||||||
|
elif args.list:
|
||||||
|
api = initialize()
|
||||||
|
list_groups(api)
|
@ -0,0 +1,128 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# (c) 2015, Marc Abramowitz <marca@surveymonkey.com>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible.
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
# Dynamic inventory script which lets you use nodes discovered by Canonical's
|
||||||
|
# Landscape (http://www.ubuntu.com/management/landscape-features).
|
||||||
|
#
|
||||||
|
# Requires the `landscape_api` Python module
|
||||||
|
# See:
|
||||||
|
# - https://landscape.canonical.com/static/doc/api/api-client-package.html
|
||||||
|
# - https://landscape.canonical.com/static/doc/api/python-api.html
|
||||||
|
#
|
||||||
|
# Environment variables
|
||||||
|
# ---------------------
|
||||||
|
# - `LANDSCAPE_API_URI`
|
||||||
|
# - `LANDSCAPE_API_KEY`
|
||||||
|
# - `LANDSCAPE_API_SECRET`
|
||||||
|
# - `LANDSCAPE_API_SSL_CA_FILE` (optional)
|
||||||
|
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import collections
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
from landscape_api.base import API, HTTPError
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
_key = 'landscape'
|
||||||
|
|
||||||
|
|
||||||
|
class EnvironmentConfig(object):
|
||||||
|
uri = os.getenv('LANDSCAPE_API_URI')
|
||||||
|
access_key = os.getenv('LANDSCAPE_API_KEY')
|
||||||
|
secret_key = os.getenv('LANDSCAPE_API_SECRET')
|
||||||
|
ssl_ca_file = os.getenv('LANDSCAPE_API_SSL_CA_FILE')
|
||||||
|
|
||||||
|
|
||||||
|
def _landscape_client():
|
||||||
|
env = EnvironmentConfig()
|
||||||
|
return API(
|
||||||
|
uri=env.uri,
|
||||||
|
access_key=env.access_key,
|
||||||
|
secret_key=env.secret_key,
|
||||||
|
ssl_ca_file=env.ssl_ca_file)
|
||||||
|
|
||||||
|
|
||||||
|
def get_landscape_members_data():
|
||||||
|
return _landscape_client().get_computers()
|
||||||
|
|
||||||
|
|
||||||
|
def get_nodes(data):
|
||||||
|
return [node['hostname'] for node in data]
|
||||||
|
|
||||||
|
|
||||||
|
def get_groups(data):
|
||||||
|
groups = collections.defaultdict(list)
|
||||||
|
|
||||||
|
for node in data:
|
||||||
|
for value in node['tags']:
|
||||||
|
groups[value].append(node['hostname'])
|
||||||
|
|
||||||
|
return groups
|
||||||
|
|
||||||
|
|
||||||
|
def get_meta(data):
|
||||||
|
meta = {'hostvars': {}}
|
||||||
|
for node in data:
|
||||||
|
meta['hostvars'][node['hostname']] = {'tags': node['tags']}
|
||||||
|
return meta
|
||||||
|
|
||||||
|
|
||||||
|
def print_list():
|
||||||
|
data = get_landscape_members_data()
|
||||||
|
nodes = get_nodes(data)
|
||||||
|
groups = get_groups(data)
|
||||||
|
meta = get_meta(data)
|
||||||
|
inventory_data = {_key: nodes, '_meta': meta}
|
||||||
|
inventory_data.update(groups)
|
||||||
|
print(json.dumps(inventory_data))
|
||||||
|
|
||||||
|
|
||||||
|
def print_host(host):
|
||||||
|
data = get_landscape_members_data()
|
||||||
|
meta = get_meta(data)
|
||||||
|
print(json.dumps(meta['hostvars'][host]))
|
||||||
|
|
||||||
|
|
||||||
|
def get_args(args_list):
|
||||||
|
parser = argparse.ArgumentParser(
|
||||||
|
description='ansible inventory script reading from landscape cluster')
|
||||||
|
mutex_group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
help_list = 'list all hosts from landscape cluster'
|
||||||
|
mutex_group.add_argument('--list', action='store_true', help=help_list)
|
||||||
|
help_host = 'display variables for a host'
|
||||||
|
mutex_group.add_argument('--host', help=help_host)
|
||||||
|
return parser.parse_args(args_list)
|
||||||
|
|
||||||
|
|
||||||
|
def main(args_list):
|
||||||
|
args = get_args(args_list)
|
||||||
|
if args.list:
|
||||||
|
print_list()
|
||||||
|
if args.host:
|
||||||
|
print_host(args.host)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main(sys.argv[1:])
|
@ -0,0 +1,48 @@
|
|||||||
|
# Ansible OpenStack external inventory script
|
||||||
|
# DEPRECATED: please use openstack.py inventory which is configured for
|
||||||
|
# auth using the os-client-config library and either clouds.yaml or standard
|
||||||
|
# openstack environment variables
|
||||||
|
|
||||||
|
[openstack]
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------
|
||||||
|
# Required settings
|
||||||
|
#-------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# API version
|
||||||
|
version = 2
|
||||||
|
|
||||||
|
# OpenStack nova username
|
||||||
|
username =
|
||||||
|
|
||||||
|
# OpenStack nova api_key or password
|
||||||
|
api_key =
|
||||||
|
|
||||||
|
# OpenStack nova auth_url
|
||||||
|
auth_url =
|
||||||
|
|
||||||
|
# OpenStack nova project_id or tenant name
|
||||||
|
project_id =
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------------
|
||||||
|
# Optional settings
|
||||||
|
#-------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# Authentication system
|
||||||
|
# auth_system = keystone
|
||||||
|
|
||||||
|
# Serverarm region name to use
|
||||||
|
# region_name =
|
||||||
|
|
||||||
|
# Specify a preference for public or private IPs (public is default)
|
||||||
|
# prefer_private = False
|
||||||
|
|
||||||
|
# What service type (required for newer nova client)
|
||||||
|
# service_type = compute
|
||||||
|
|
||||||
|
|
||||||
|
# TODO: Some other options
|
||||||
|
# insecure =
|
||||||
|
# endpoint_type =
|
||||||
|
# extensions =
|
||||||
|
# service_name =
|
@ -0,0 +1,229 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# (c) 2012, Marco Vito Moscaritolo <marco@agavee.com>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible,
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
# WARNING: This file is deprecated. New work should focus on the openstack.py
|
||||||
|
# inventory module, which properly handles multiple clouds as well as keystone
|
||||||
|
# v3 and keystone auth plugins
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import re
|
||||||
|
import os
|
||||||
|
import ConfigParser
|
||||||
|
from novaclient import client as nova_client
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
|
||||||
|
sys.stderr.write("WARNING: this inventory module is deprecated. please migrate usage to openstack.py\n")
|
||||||
|
|
||||||
|
###################################################
|
||||||
|
# executed with no parameters, return the list of
|
||||||
|
# all groups and hosts
|
||||||
|
|
||||||
|
NOVA_CONFIG_FILES = [os.getcwd() + "/nova.ini",
|
||||||
|
os.path.expanduser(os.environ.get('ANSIBLE_CONFIG', "~/nova.ini")),
|
||||||
|
"/etc/ansible/nova.ini"]
|
||||||
|
|
||||||
|
NOVA_DEFAULTS = {
|
||||||
|
'auth_system': None,
|
||||||
|
'region_name': None,
|
||||||
|
'service_type': 'compute',
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def nova_load_config_file():
|
||||||
|
p = ConfigParser.SafeConfigParser(NOVA_DEFAULTS)
|
||||||
|
|
||||||
|
for path in NOVA_CONFIG_FILES:
|
||||||
|
if os.path.exists(path):
|
||||||
|
p.read(path)
|
||||||
|
return p
|
||||||
|
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def get_fallback(config, value, section="openstack"):
|
||||||
|
"""
|
||||||
|
Get value from config object and return the value
|
||||||
|
or false
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
return config.get(section, value)
|
||||||
|
except ConfigParser.NoOptionError:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def push(data, key, element):
|
||||||
|
"""
|
||||||
|
Assist in items to a dictionary of lists
|
||||||
|
"""
|
||||||
|
if (not element) or (not key):
|
||||||
|
return
|
||||||
|
|
||||||
|
if key in data:
|
||||||
|
data[key].append(element)
|
||||||
|
else:
|
||||||
|
data[key] = [element]
|
||||||
|
|
||||||
|
|
||||||
|
def to_safe(word):
|
||||||
|
'''
|
||||||
|
Converts 'bad' characters in a string to underscores so they can
|
||||||
|
be used as Ansible groups
|
||||||
|
'''
|
||||||
|
return re.sub(r"[^A-Za-z0-9\-]", "_", word)
|
||||||
|
|
||||||
|
|
||||||
|
def get_ips(server, access_ip=True):
|
||||||
|
"""
|
||||||
|
Returns a list of the server's IPs, or the preferred
|
||||||
|
access IP
|
||||||
|
"""
|
||||||
|
private = []
|
||||||
|
public = []
|
||||||
|
address_list = []
|
||||||
|
# Iterate through each servers network(s), get addresses and get type
|
||||||
|
addresses = getattr(server, 'addresses', {})
|
||||||
|
if len(addresses) > 0:
|
||||||
|
for network in addresses.itervalues():
|
||||||
|
for address in network:
|
||||||
|
if address.get('OS-EXT-IPS:type', False) == 'fixed':
|
||||||
|
private.append(address['addr'])
|
||||||
|
elif address.get('OS-EXT-IPS:type', False) == 'floating':
|
||||||
|
public.append(address['addr'])
|
||||||
|
|
||||||
|
if not access_ip:
|
||||||
|
address_list.append(server.accessIPv4)
|
||||||
|
address_list.extend(private)
|
||||||
|
address_list.extend(public)
|
||||||
|
return address_list
|
||||||
|
|
||||||
|
access_ip = None
|
||||||
|
# Append group to list
|
||||||
|
if server.accessIPv4:
|
||||||
|
access_ip = server.accessIPv4
|
||||||
|
if (not access_ip) and public and not (private and prefer_private):
|
||||||
|
access_ip = public[0]
|
||||||
|
if private and not access_ip:
|
||||||
|
access_ip = private[0]
|
||||||
|
|
||||||
|
return access_ip
|
||||||
|
|
||||||
|
|
||||||
|
def get_metadata(server):
|
||||||
|
"""Returns dictionary of all host metadata"""
|
||||||
|
get_ips(server, False)
|
||||||
|
results = {}
|
||||||
|
for key in vars(server):
|
||||||
|
# Extract value
|
||||||
|
value = getattr(server, key)
|
||||||
|
|
||||||
|
# Generate sanitized key
|
||||||
|
key = 'os_' + re.sub(r"[^A-Za-z0-9\-]", "_", key).lower()
|
||||||
|
|
||||||
|
# Att value to instance result (exclude manager class)
|
||||||
|
#TODO: maybe use value.__class__ or similar inside of key_name
|
||||||
|
if key != 'os_manager':
|
||||||
|
results[key] = value
|
||||||
|
return results
|
||||||
|
|
||||||
|
config = nova_load_config_file()
|
||||||
|
if not config:
|
||||||
|
sys.exit('Unable to find configfile in %s' % ', '.join(NOVA_CONFIG_FILES))
|
||||||
|
|
||||||
|
# Load up connections info based on config and then environment
|
||||||
|
# variables
|
||||||
|
username = (get_fallback(config, 'username') or
|
||||||
|
os.environ.get('OS_USERNAME', None))
|
||||||
|
api_key = (get_fallback(config, 'api_key') or
|
||||||
|
os.environ.get('OS_PASSWORD', None))
|
||||||
|
auth_url = (get_fallback(config, 'auth_url') or
|
||||||
|
os.environ.get('OS_AUTH_URL', None))
|
||||||
|
project_id = (get_fallback(config, 'project_id') or
|
||||||
|
os.environ.get('OS_TENANT_NAME', None))
|
||||||
|
region_name = (get_fallback(config, 'region_name') or
|
||||||
|
os.environ.get('OS_REGION_NAME', None))
|
||||||
|
auth_system = (get_fallback(config, 'auth_system') or
|
||||||
|
os.environ.get('OS_AUTH_SYSTEM', None))
|
||||||
|
|
||||||
|
# Determine what type of IP is preferred to return
|
||||||
|
prefer_private = False
|
||||||
|
try:
|
||||||
|
prefer_private = config.getboolean('openstack', 'prefer_private')
|
||||||
|
except ConfigParser.NoOptionError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
client = nova_client.Client(
|
||||||
|
version=config.get('openstack', 'version'),
|
||||||
|
username=username,
|
||||||
|
api_key=api_key,
|
||||||
|
auth_url=auth_url,
|
||||||
|
region_name=region_name,
|
||||||
|
project_id=project_id,
|
||||||
|
auth_system=auth_system,
|
||||||
|
service_type=config.get('openstack', 'service_type'),
|
||||||
|
)
|
||||||
|
|
||||||
|
# Default or added list option
|
||||||
|
if (len(sys.argv) == 2 and sys.argv[1] == '--list') or len(sys.argv) == 1:
|
||||||
|
groups = {'_meta': {'hostvars': {}}}
|
||||||
|
# Cycle on servers
|
||||||
|
for server in client.servers.list():
|
||||||
|
access_ip = get_ips(server)
|
||||||
|
|
||||||
|
# Push to name group of 1
|
||||||
|
push(groups, server.name, access_ip)
|
||||||
|
|
||||||
|
# Run through each metadata item and add instance to it
|
||||||
|
for key, value in server.metadata.iteritems():
|
||||||
|
composed_key = to_safe('tag_{0}_{1}'.format(key, value))
|
||||||
|
push(groups, composed_key, access_ip)
|
||||||
|
|
||||||
|
# Do special handling of group for backwards compat
|
||||||
|
# inventory groups
|
||||||
|
group = server.metadata['group'] if 'group' in server.metadata else 'undefined'
|
||||||
|
push(groups, group, access_ip)
|
||||||
|
|
||||||
|
# Add vars to _meta key for performance optimization in
|
||||||
|
# Ansible 1.3+
|
||||||
|
groups['_meta']['hostvars'][access_ip] = get_metadata(server)
|
||||||
|
|
||||||
|
# Return server list
|
||||||
|
print(json.dumps(groups, sort_keys=True, indent=2))
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
#####################################################
|
||||||
|
# executed with a hostname as a parameter, return the
|
||||||
|
# variables for that host
|
||||||
|
|
||||||
|
elif len(sys.argv) == 3 and (sys.argv[1] == '--host'):
|
||||||
|
results = {}
|
||||||
|
ips = []
|
||||||
|
for server in client.servers.list():
|
||||||
|
if sys.argv[2] in (get_ips(server) or []):
|
||||||
|
results = get_metadata(server)
|
||||||
|
print(json.dumps(results, sort_keys=True, indent=2))
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
else:
|
||||||
|
print "usage: --list ..OR.. --host <hostname>"
|
||||||
|
sys.exit(1)
|
@ -0,0 +1,161 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# Copyright (c) 2012, Marco Vito Moscaritolo <marco@agavee.com>
|
||||||
|
# Copyright (c) 2013, Jesse Keating <jesse.keating@rackspace.com>
|
||||||
|
# Copyright (c) 2014, Hewlett-Packard Development Company, L.P.
|
||||||
|
#
|
||||||
|
# This module is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# This software is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this software. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
# The OpenStack Inventory module uses os-client-config for configuration.
|
||||||
|
# https://github.com/stackforge/os-client-config
|
||||||
|
# This means it will either:
|
||||||
|
# - Respect normal OS_* environment variables like other OpenStack tools
|
||||||
|
# - Read values from a clouds.yaml file.
|
||||||
|
# If you want to configure via clouds.yaml, you can put the file in:
|
||||||
|
# - Current directory
|
||||||
|
# - ~/.config/openstack/clouds.yaml
|
||||||
|
# - /etc/openstack/clouds.yaml
|
||||||
|
# - /etc/ansible/openstack.yml
|
||||||
|
# The clouds.yaml file can contain entries for multiple clouds and multiple
|
||||||
|
# regions of those clouds. If it does, this inventory module will connect to
|
||||||
|
# all of them and present them as one contiguous inventory.
|
||||||
|
#
|
||||||
|
# See the adjacent openstack.yml file for an example config file
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import collections
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
import os_client_config
|
||||||
|
import shade
|
||||||
|
|
||||||
|
|
||||||
|
class OpenStackInventory(object):
|
||||||
|
|
||||||
|
def __init__(self, private=False, refresh=False):
|
||||||
|
self.openstack_config = os_client_config.config.OpenStackConfig(
|
||||||
|
os_client_config.config.CONFIG_FILES.append(
|
||||||
|
'/etc/ansible/openstack.yml'),
|
||||||
|
private)
|
||||||
|
self.clouds = shade.openstack_clouds(self.openstack_config)
|
||||||
|
self.refresh = refresh
|
||||||
|
|
||||||
|
self.cache_max_age = self.openstack_config.get_cache_max_age()
|
||||||
|
cache_path = self.openstack_config.get_cache_path()
|
||||||
|
|
||||||
|
# Cache related
|
||||||
|
if not os.path.exists(cache_path):
|
||||||
|
os.makedirs(cache_path)
|
||||||
|
self.cache_file = os.path.join(cache_path, "ansible-inventory.cache")
|
||||||
|
|
||||||
|
def is_cache_stale(self):
|
||||||
|
''' Determines if cache file has expired, or if it is still valid '''
|
||||||
|
if os.path.isfile(self.cache_file):
|
||||||
|
mod_time = os.path.getmtime(self.cache_file)
|
||||||
|
current_time = time.time()
|
||||||
|
if (mod_time + self.cache_max_age) > current_time:
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
def get_host_groups(self):
|
||||||
|
if self.refresh or self.is_cache_stale():
|
||||||
|
groups = self.get_host_groups_from_cloud()
|
||||||
|
self.write_cache(groups)
|
||||||
|
else:
|
||||||
|
return json.load(open(self.cache_file, 'r'))
|
||||||
|
return groups
|
||||||
|
|
||||||
|
def write_cache(self, groups):
|
||||||
|
with open(self.cache_file, 'w') as cache_file:
|
||||||
|
cache_file.write(self.json_format_dict(groups))
|
||||||
|
|
||||||
|
def get_host_groups_from_cloud(self):
|
||||||
|
groups = collections.defaultdict(list)
|
||||||
|
hostvars = collections.defaultdict(dict)
|
||||||
|
|
||||||
|
for cloud in self.clouds:
|
||||||
|
|
||||||
|
# Cycle on servers
|
||||||
|
for server in cloud.list_servers():
|
||||||
|
|
||||||
|
meta = cloud.get_server_meta(server)
|
||||||
|
|
||||||
|
if 'interface_ip' not in meta['server_vars']:
|
||||||
|
# skip this host if it doesn't have a network address
|
||||||
|
continue
|
||||||
|
|
||||||
|
server_vars = meta['server_vars']
|
||||||
|
hostvars[server.name][
|
||||||
|
'ansible_ssh_host'] = server_vars['interface_ip']
|
||||||
|
hostvars[server.name]['openstack'] = server_vars
|
||||||
|
|
||||||
|
for group in meta['groups']:
|
||||||
|
groups[group].append(server.name)
|
||||||
|
|
||||||
|
if hostvars:
|
||||||
|
groups['_meta'] = {'hostvars': hostvars}
|
||||||
|
return groups
|
||||||
|
|
||||||
|
def json_format_dict(self, data):
|
||||||
|
return json.dumps(data, sort_keys=True, indent=2)
|
||||||
|
|
||||||
|
def list_instances(self):
|
||||||
|
groups = self.get_host_groups()
|
||||||
|
# Return server list
|
||||||
|
print(self.json_format_dict(groups))
|
||||||
|
|
||||||
|
def get_host(self, hostname):
|
||||||
|
groups = self.get_host_groups()
|
||||||
|
hostvars = groups['_meta']['hostvars']
|
||||||
|
if hostname in hostvars:
|
||||||
|
print(self.json_format_dict(hostvars[hostname]))
|
||||||
|
|
||||||
|
|
||||||
|
def parse_args():
|
||||||
|
parser = argparse.ArgumentParser(description='OpenStack Inventory Module')
|
||||||
|
parser.add_argument('--private',
|
||||||
|
action='store_true',
|
||||||
|
help='Use private address for ansible host')
|
||||||
|
parser.add_argument('--refresh', action='store_true',
|
||||||
|
help='Refresh cached information')
|
||||||
|
group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
group.add_argument('--list', action='store_true',
|
||||||
|
help='List active servers')
|
||||||
|
group.add_argument('--host', help='List details about the specific host')
|
||||||
|
return parser.parse_args()
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
args = parse_args()
|
||||||
|
try:
|
||||||
|
inventory = OpenStackInventory(args.private, args.refresh)
|
||||||
|
if args.list:
|
||||||
|
inventory.list_instances()
|
||||||
|
elif args.host:
|
||||||
|
inventory.get_host(args.host)
|
||||||
|
except shade.OpenStackCloudException as e:
|
||||||
|
print(e.message)
|
||||||
|
sys.exit(1)
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
@ -0,0 +1,28 @@
|
|||||||
|
clouds:
|
||||||
|
mordred:
|
||||||
|
cloud: hp
|
||||||
|
auth:
|
||||||
|
username: mordred@example.com
|
||||||
|
password: my-wonderful-password
|
||||||
|
project_name: mordred-tenant
|
||||||
|
region_name: region-b.geo-1
|
||||||
|
monty:
|
||||||
|
cloud: hp
|
||||||
|
auth:
|
||||||
|
username: monty.taylor@example.com
|
||||||
|
password: another-wonderful-password
|
||||||
|
project_name: monty.taylor@example.com-default-tenant
|
||||||
|
region_name: region-b.geo-1
|
||||||
|
rax:
|
||||||
|
cloud: rackspace
|
||||||
|
auth:
|
||||||
|
username: example
|
||||||
|
password: spectacular-password
|
||||||
|
project_id: 2352426
|
||||||
|
region_name: DFW,ORD,IAD
|
||||||
|
devstack:
|
||||||
|
auth:
|
||||||
|
auth_url: http://127.0.0.1:35357/v2.0/
|
||||||
|
username: stack
|
||||||
|
password: stack
|
||||||
|
project_name: stack
|
@ -0,0 +1,33 @@
|
|||||||
|
# Copyright 2013 Google Inc.
|
||||||
|
#
|
||||||
|
# This file is part of Ansible
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
|
||||||
|
# Author: Josha Inglis <jinglis@iix.net> based on the gce.ini by Eric Johnson <erjohnso@google.com>
|
||||||
|
|
||||||
|
[ovirt]
|
||||||
|
# ovirt Service Account configuration information can be stored in the
|
||||||
|
# libcloud 'secrets.py' file. Ideally, the 'secrets.py' file will already
|
||||||
|
# exist in your PYTHONPATH and be picked up automatically with an import
|
||||||
|
# statement in the inventory script. However, you can specify an absolute
|
||||||
|
# path to the secrets.py file with 'libcloud_secrets' parameter.
|
||||||
|
ovirt_api_secrets =
|
||||||
|
|
||||||
|
# If you are not going to use a 'secrets.py' file, you can set the necessary
|
||||||
|
# authorization parameters here.
|
||||||
|
ovirt_url =
|
||||||
|
ovirt_username =
|
||||||
|
ovirt_password =
|
@ -0,0 +1,287 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
# Copyright 2015 IIX Inc.
|
||||||
|
#
|
||||||
|
# This file is part of Ansible
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
"""
|
||||||
|
ovirt external inventory script
|
||||||
|
=================================
|
||||||
|
|
||||||
|
Generates inventory that Ansible can understand by making API requests to
|
||||||
|
oVirt via the ovirt-engine-sdk-python library.
|
||||||
|
|
||||||
|
When run against a specific host, this script returns the following variables
|
||||||
|
based on the data obtained from the ovirt_sdk Node object:
|
||||||
|
- ovirt_uuid
|
||||||
|
- ovirt_id
|
||||||
|
- ovirt_image
|
||||||
|
- ovirt_machine_type
|
||||||
|
- ovirt_ips
|
||||||
|
- ovirt_name
|
||||||
|
- ovirt_description
|
||||||
|
- ovirt_status
|
||||||
|
- ovirt_zone
|
||||||
|
- ovirt_tags
|
||||||
|
- ovirt_stats
|
||||||
|
|
||||||
|
When run in --list mode, instances are grouped by the following categories:
|
||||||
|
|
||||||
|
- zone:
|
||||||
|
zone group name.
|
||||||
|
- instance tags:
|
||||||
|
An entry is created for each tag. For example, if you have two instances
|
||||||
|
with a common tag called 'foo', they will both be grouped together under
|
||||||
|
the 'tag_foo' name.
|
||||||
|
- network name:
|
||||||
|
the name of the network is appended to 'network_' (e.g. the 'default'
|
||||||
|
network will result in a group named 'network_default')
|
||||||
|
- running status:
|
||||||
|
group name prefixed with 'status_' (e.g. status_up, status_down,..)
|
||||||
|
|
||||||
|
Examples:
|
||||||
|
Execute uname on all instances in the us-central1-a zone
|
||||||
|
$ ansible -i ovirt.py us-central1-a -m shell -a "/bin/uname -a"
|
||||||
|
|
||||||
|
Use the ovirt inventory script to print out instance specific information
|
||||||
|
$ contrib/inventory/ovirt.py --host my_instance
|
||||||
|
|
||||||
|
Author: Josha Inglis <jinglis@iix.net> based on the gce.py by Eric Johnson <erjohnso@google.com>
|
||||||
|
Version: 0.0.1
|
||||||
|
"""
|
||||||
|
|
||||||
|
USER_AGENT_PRODUCT = "Ansible-ovirt_inventory_plugin"
|
||||||
|
USER_AGENT_VERSION = "v1"
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import os
|
||||||
|
import argparse
|
||||||
|
import ConfigParser
|
||||||
|
from collections import defaultdict
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
# noinspection PyUnresolvedReferences,PyPackageRequirements
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
try:
|
||||||
|
# noinspection PyUnresolvedReferences
|
||||||
|
from ovirtsdk.api import API
|
||||||
|
# noinspection PyUnresolvedReferences
|
||||||
|
from ovirtsdk.xml import params
|
||||||
|
except ImportError:
|
||||||
|
print("ovirt inventory script requires ovirt-engine-sdk-python")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
|
class OVirtInventory(object):
|
||||||
|
def __init__(self):
|
||||||
|
# Read settings and parse CLI arguments
|
||||||
|
self.args = self.parse_cli_args()
|
||||||
|
self.driver = self.get_ovirt_driver()
|
||||||
|
|
||||||
|
# Just display data for specific host
|
||||||
|
if self.args.host:
|
||||||
|
print self.json_format_dict(
|
||||||
|
self.node_to_dict(self.get_instance(self.args.host)),
|
||||||
|
pretty=self.args.pretty
|
||||||
|
)
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
# Otherwise, assume user wants all instances grouped
|
||||||
|
print(
|
||||||
|
self.json_format_dict(
|
||||||
|
data=self.group_instances(),
|
||||||
|
pretty=self.args.pretty
|
||||||
|
)
|
||||||
|
)
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_ovirt_driver():
|
||||||
|
"""
|
||||||
|
Determine the ovirt authorization settings and return a ovirt_sdk driver.
|
||||||
|
|
||||||
|
:rtype : ovirtsdk.api.API
|
||||||
|
"""
|
||||||
|
kwargs = {}
|
||||||
|
|
||||||
|
ovirt_ini_default_path = os.path.join(
|
||||||
|
os.path.dirname(os.path.realpath(__file__)), "ovirt.ini")
|
||||||
|
ovirt_ini_path = os.environ.get('OVIRT_INI_PATH', ovirt_ini_default_path)
|
||||||
|
|
||||||
|
# Create a ConfigParser.
|
||||||
|
# This provides empty defaults to each key, so that environment
|
||||||
|
# variable configuration (as opposed to INI configuration) is able
|
||||||
|
# to work.
|
||||||
|
config = ConfigParser.SafeConfigParser(defaults={
|
||||||
|
'ovirt_url': '',
|
||||||
|
'ovirt_username': '',
|
||||||
|
'ovirt_password': '',
|
||||||
|
'ovirt_api_secrets': '',
|
||||||
|
})
|
||||||
|
if 'ovirt' not in config.sections():
|
||||||
|
config.add_section('ovirt')
|
||||||
|
config.read(ovirt_ini_path)
|
||||||
|
|
||||||
|
# Attempt to get ovirt params from a configuration file, if one
|
||||||
|
# exists.
|
||||||
|
secrets_path = config.get('ovirt', 'ovirt_api_secrets')
|
||||||
|
secrets_found = False
|
||||||
|
try:
|
||||||
|
# noinspection PyUnresolvedReferences,PyPackageRequirements
|
||||||
|
import secrets
|
||||||
|
|
||||||
|
kwargs = getattr(secrets, 'OVIRT_KEYWORD_PARAMS', {})
|
||||||
|
secrets_found = True
|
||||||
|
except ImportError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
if not secrets_found and secrets_path:
|
||||||
|
if not secrets_path.endswith('secrets.py'):
|
||||||
|
err = "Must specify ovirt_sdk secrets file as /absolute/path/to/secrets.py"
|
||||||
|
print(err)
|
||||||
|
sys.exit(1)
|
||||||
|
sys.path.append(os.path.dirname(secrets_path))
|
||||||
|
try:
|
||||||
|
# noinspection PyUnresolvedReferences,PyPackageRequirements
|
||||||
|
import secrets
|
||||||
|
|
||||||
|
kwargs = getattr(secrets, 'OVIRT_KEYWORD_PARAMS', {})
|
||||||
|
except ImportError:
|
||||||
|
pass
|
||||||
|
if not secrets_found:
|
||||||
|
kwargs = {
|
||||||
|
'url': config.get('ovirt', 'ovirt_url'),
|
||||||
|
'username': config.get('ovirt', 'ovirt_username'),
|
||||||
|
'password': config.get('ovirt', 'ovirt_password'),
|
||||||
|
}
|
||||||
|
|
||||||
|
# If the appropriate environment variables are set, they override
|
||||||
|
# other configuration; process those into our args and kwargs.
|
||||||
|
kwargs['url'] = os.environ.get('OVIRT_URL')
|
||||||
|
kwargs['username'] = os.environ.get('OVIRT_EMAIL')
|
||||||
|
kwargs['password'] = os.environ.get('OVIRT_PASS')
|
||||||
|
|
||||||
|
# Retrieve and return the ovirt driver.
|
||||||
|
return API(insecure=True, **kwargs)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def parse_cli_args():
|
||||||
|
"""
|
||||||
|
Command line argument processing
|
||||||
|
|
||||||
|
:rtype : argparse.Namespace
|
||||||
|
"""
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Produce an Ansible Inventory file based on ovirt')
|
||||||
|
parser.add_argument('--list', action='store_true', default=True, help='List instances (default: True)')
|
||||||
|
parser.add_argument('--host', action='store', help='Get all information about an instance')
|
||||||
|
parser.add_argument('--pretty', action='store_true', default=False, help='Pretty format (default: False)')
|
||||||
|
return parser.parse_args()
|
||||||
|
|
||||||
|
def node_to_dict(self, inst):
|
||||||
|
"""
|
||||||
|
:type inst: params.VM
|
||||||
|
"""
|
||||||
|
if inst is None:
|
||||||
|
return {}
|
||||||
|
|
||||||
|
inst.get_custom_properties()
|
||||||
|
ips = [ip.get_address() for ip in inst.get_guest_info().get_ips().get_ip()] \
|
||||||
|
if inst.get_guest_info() is not None else []
|
||||||
|
stats = {}
|
||||||
|
for stat in inst.get_statistics().list():
|
||||||
|
stats[stat.get_name()] = stat.get_values().get_value()[0].get_datum()
|
||||||
|
|
||||||
|
return {
|
||||||
|
'ovirt_uuid': inst.get_id(),
|
||||||
|
'ovirt_id': inst.get_id(),
|
||||||
|
'ovirt_image': inst.get_os().get_type(),
|
||||||
|
'ovirt_machine_type': inst.get_instance_type(),
|
||||||
|
'ovirt_ips': ips,
|
||||||
|
'ovirt_name': inst.get_name(),
|
||||||
|
'ovirt_description': inst.get_description(),
|
||||||
|
'ovirt_status': inst.get_status().get_state(),
|
||||||
|
'ovirt_zone': inst.get_cluster().get_id(),
|
||||||
|
'ovirt_tags': self.get_tags(inst),
|
||||||
|
'ovirt_stats': stats,
|
||||||
|
# Hosts don't have a public name, so we add an IP
|
||||||
|
'ansible_ssh_host': ips[0] if len(ips) > 0 else None
|
||||||
|
}
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_tags(inst):
|
||||||
|
"""
|
||||||
|
:type inst: params.VM
|
||||||
|
"""
|
||||||
|
return [x.get_name() for x in inst.get_tags().list()]
|
||||||
|
|
||||||
|
# noinspection PyBroadException,PyUnusedLocal
|
||||||
|
def get_instance(self, instance_name):
|
||||||
|
"""Gets details about a specific instance """
|
||||||
|
try:
|
||||||
|
return self.driver.vms.get(name=instance_name)
|
||||||
|
except Exception as e:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def group_instances(self):
|
||||||
|
"""Group all instances"""
|
||||||
|
groups = defaultdict(list)
|
||||||
|
meta = {"hostvars": {}}
|
||||||
|
|
||||||
|
for node in self.driver.vms.list():
|
||||||
|
assert isinstance(node, params.VM)
|
||||||
|
name = node.get_name()
|
||||||
|
|
||||||
|
meta["hostvars"][name] = self.node_to_dict(node)
|
||||||
|
|
||||||
|
zone = node.get_cluster().get_name()
|
||||||
|
groups[zone].append(name)
|
||||||
|
|
||||||
|
tags = self.get_tags(node)
|
||||||
|
for t in tags:
|
||||||
|
tag = 'tag_%s' % t
|
||||||
|
groups[tag].append(name)
|
||||||
|
|
||||||
|
nets = [x.get_name() for x in node.get_nics().list()]
|
||||||
|
for net in nets:
|
||||||
|
net = 'network_%s' % net
|
||||||
|
groups[net].append(name)
|
||||||
|
|
||||||
|
status = node.get_status().get_state()
|
||||||
|
stat = 'status_%s' % status.lower()
|
||||||
|
if stat in groups:
|
||||||
|
groups[stat].append(name)
|
||||||
|
else:
|
||||||
|
groups[stat] = [name]
|
||||||
|
|
||||||
|
groups["_meta"] = meta
|
||||||
|
|
||||||
|
return groups
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def json_format_dict(data, pretty=False):
|
||||||
|
""" Converts a dict to a JSON object and dumps it as a formatted
|
||||||
|
string """
|
||||||
|
|
||||||
|
if pretty:
|
||||||
|
return json.dumps(data, sort_keys=True, indent=2)
|
||||||
|
else:
|
||||||
|
return json.dumps(data)
|
||||||
|
|
||||||
|
# Run the script
|
||||||
|
OVirtInventory()
|
@ -0,0 +1,57 @@
|
|||||||
|
# Ansible Rackspace external inventory script settings
|
||||||
|
#
|
||||||
|
|
||||||
|
[rax]
|
||||||
|
|
||||||
|
# Environment Variable: RAX_CREDS_FILE
|
||||||
|
#
|
||||||
|
# An optional configuration that points to a pyrax-compatible credentials
|
||||||
|
# file.
|
||||||
|
#
|
||||||
|
# If not supplied, rax.py will look for a credentials file
|
||||||
|
# at ~/.rackspace_cloud_credentials. It uses the Rackspace Python SDK,
|
||||||
|
# and therefore requires a file formatted per the SDK's specifications.
|
||||||
|
#
|
||||||
|
# https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md
|
||||||
|
# creds_file = ~/.rackspace_cloud_credentials
|
||||||
|
|
||||||
|
# Environment Variable: RAX_REGION
|
||||||
|
#
|
||||||
|
# An optional environment variable to narrow inventory search
|
||||||
|
# scope. If used, needs a value like ORD, DFW, SYD (a Rackspace
|
||||||
|
# datacenter) and optionally accepts a comma-separated list.
|
||||||
|
# regions = IAD,ORD,DFW
|
||||||
|
|
||||||
|
# Environment Variable: RAX_ENV
|
||||||
|
#
|
||||||
|
# A configuration that will use an environment as configured in
|
||||||
|
# ~/.pyrax.cfg, see
|
||||||
|
# https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md
|
||||||
|
# env = prod
|
||||||
|
|
||||||
|
# Environment Variable: RAX_META_PREFIX
|
||||||
|
# Default: meta
|
||||||
|
#
|
||||||
|
# A configuration that changes the prefix used for meta key/value groups.
|
||||||
|
# For compatibility with ec2.py set to "tag"
|
||||||
|
# meta_prefix = meta
|
||||||
|
|
||||||
|
# Environment Variable: RAX_ACCESS_NETWORK
|
||||||
|
# Default: public
|
||||||
|
#
|
||||||
|
# A configuration that will tell the inventory script to use a specific
|
||||||
|
# server network to determine the ansible_ssh_host value. If no address
|
||||||
|
# is found, ansible_ssh_host will not be set. Accepts a comma-separated
|
||||||
|
# list of network names, the first found wins.
|
||||||
|
# access_network = public
|
||||||
|
|
||||||
|
# Environment Variable: RAX_ACCESS_IP_VERSION
|
||||||
|
# Default: 4
|
||||||
|
#
|
||||||
|
# A configuration related to "access_network" that will attempt to
|
||||||
|
# determine the ansible_ssh_host value for either IPv4 or IPv6. If no
|
||||||
|
# address is found, ansible_ssh_host will not be set.
|
||||||
|
# Acceptable values are: 4 or 6. Values other than 4 or 6
|
||||||
|
# will be ignored, and 4 will be used. Accepts a comma separated list,
|
||||||
|
# the first found wins.
|
||||||
|
# access_ip_version = 4
|
@ -0,0 +1,420 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# (c) 2013, Jesse Keating <jesse.keating@rackspace.com,
|
||||||
|
# Paul Durivage <paul.durivage@rackspace.com>,
|
||||||
|
# Matt Martz <matt@sivel.net>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible.
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
"""
|
||||||
|
Rackspace Cloud Inventory
|
||||||
|
|
||||||
|
Authors:
|
||||||
|
Jesse Keating <jesse.keating@rackspace.com,
|
||||||
|
Paul Durivage <paul.durivage@rackspace.com>,
|
||||||
|
Matt Martz <matt@sivel.net>
|
||||||
|
|
||||||
|
|
||||||
|
Description:
|
||||||
|
Generates inventory that Ansible can understand by making API request to
|
||||||
|
Rackspace Public Cloud API
|
||||||
|
|
||||||
|
When run against a specific host, this script returns variables similar to:
|
||||||
|
rax_os-ext-sts_task_state
|
||||||
|
rax_addresses
|
||||||
|
rax_links
|
||||||
|
rax_image
|
||||||
|
rax_os-ext-sts_vm_state
|
||||||
|
rax_flavor
|
||||||
|
rax_id
|
||||||
|
rax_rax-bandwidth_bandwidth
|
||||||
|
rax_user_id
|
||||||
|
rax_os-dcf_diskconfig
|
||||||
|
rax_accessipv4
|
||||||
|
rax_accessipv6
|
||||||
|
rax_progress
|
||||||
|
rax_os-ext-sts_power_state
|
||||||
|
rax_metadata
|
||||||
|
rax_status
|
||||||
|
rax_updated
|
||||||
|
rax_hostid
|
||||||
|
rax_name
|
||||||
|
rax_created
|
||||||
|
rax_tenant_id
|
||||||
|
rax_loaded
|
||||||
|
|
||||||
|
Configuration:
|
||||||
|
rax.py can be configured using a rax.ini file or via environment
|
||||||
|
variables. The rax.ini file should live in the same directory along side
|
||||||
|
this script.
|
||||||
|
|
||||||
|
The section header for configuration values related to this
|
||||||
|
inventory plugin is [rax]
|
||||||
|
|
||||||
|
[rax]
|
||||||
|
creds_file = ~/.rackspace_cloud_credentials
|
||||||
|
regions = IAD,ORD,DFW
|
||||||
|
env = prod
|
||||||
|
meta_prefix = meta
|
||||||
|
access_network = public
|
||||||
|
access_ip_version = 4
|
||||||
|
|
||||||
|
Each of these configurations also has a corresponding environment variable.
|
||||||
|
An environment variable will override a configuration file value.
|
||||||
|
|
||||||
|
creds_file:
|
||||||
|
Environment Variable: RAX_CREDS_FILE
|
||||||
|
|
||||||
|
An optional configuration that points to a pyrax-compatible credentials
|
||||||
|
file.
|
||||||
|
|
||||||
|
If not supplied, rax.py will look for a credentials file
|
||||||
|
at ~/.rackspace_cloud_credentials. It uses the Rackspace Python SDK,
|
||||||
|
and therefore requires a file formatted per the SDK's specifications.
|
||||||
|
|
||||||
|
https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md
|
||||||
|
|
||||||
|
regions:
|
||||||
|
Environment Variable: RAX_REGION
|
||||||
|
|
||||||
|
An optional environment variable to narrow inventory search
|
||||||
|
scope. If used, needs a value like ORD, DFW, SYD (a Rackspace
|
||||||
|
datacenter) and optionally accepts a comma-separated list.
|
||||||
|
|
||||||
|
environment:
|
||||||
|
Environment Variable: RAX_ENV
|
||||||
|
|
||||||
|
A configuration that will use an environment as configured in
|
||||||
|
~/.pyrax.cfg, see
|
||||||
|
https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md
|
||||||
|
|
||||||
|
meta_prefix:
|
||||||
|
Environment Variable: RAX_META_PREFIX
|
||||||
|
Default: meta
|
||||||
|
|
||||||
|
A configuration that changes the prefix used for meta key/value groups.
|
||||||
|
For compatibility with ec2.py set to "tag"
|
||||||
|
|
||||||
|
access_network:
|
||||||
|
Environment Variable: RAX_ACCESS_NETWORK
|
||||||
|
Default: public
|
||||||
|
|
||||||
|
A configuration that will tell the inventory script to use a specific
|
||||||
|
server network to determine the ansible_ssh_host value. If no address
|
||||||
|
is found, ansible_ssh_host will not be set. Accepts a comma-separated
|
||||||
|
list of network names, the first found wins.
|
||||||
|
|
||||||
|
access_ip_version:
|
||||||
|
Environment Variable: RAX_ACCESS_IP_VERSION
|
||||||
|
Default: 4
|
||||||
|
|
||||||
|
A configuration related to "access_network" that will attempt to
|
||||||
|
determine the ansible_ssh_host value for either IPv4 or IPv6. If no
|
||||||
|
address is found, ansible_ssh_host will not be set.
|
||||||
|
Acceptable values are: 4 or 6. Values other than 4 or 6
|
||||||
|
will be ignored, and 4 will be used. Accepts a comma-separated list,
|
||||||
|
the first found wins.
|
||||||
|
|
||||||
|
Examples:
|
||||||
|
List server instances
|
||||||
|
$ RAX_CREDS_FILE=~/.raxpub rax.py --list
|
||||||
|
|
||||||
|
List servers in ORD datacenter only
|
||||||
|
$ RAX_CREDS_FILE=~/.raxpub RAX_REGION=ORD rax.py --list
|
||||||
|
|
||||||
|
List servers in ORD and DFW datacenters
|
||||||
|
$ RAX_CREDS_FILE=~/.raxpub RAX_REGION=ORD,DFW rax.py --list
|
||||||
|
|
||||||
|
Get server details for server named "server.example.com"
|
||||||
|
$ RAX_CREDS_FILE=~/.raxpub rax.py --host server.example.com
|
||||||
|
|
||||||
|
Use the instance private IP to connect (instead of public IP)
|
||||||
|
$ RAX_CREDS_FILE=~/.raxpub RAX_ACCESS_NETWORK=private rax.py --list
|
||||||
|
"""
|
||||||
|
|
||||||
|
import os
|
||||||
|
import re
|
||||||
|
import sys
|
||||||
|
import argparse
|
||||||
|
import warnings
|
||||||
|
import collections
|
||||||
|
import ConfigParser
|
||||||
|
|
||||||
|
from ansible.constants import get_config, mk_boolean
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
try:
|
||||||
|
import pyrax
|
||||||
|
from pyrax.utils import slugify
|
||||||
|
except ImportError:
|
||||||
|
print('pyrax is required for this module')
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
NON_CALLABLES = (basestring, bool, dict, int, list, type(None))
|
||||||
|
|
||||||
|
|
||||||
|
def load_config_file():
|
||||||
|
p = ConfigParser.ConfigParser()
|
||||||
|
config_file = os.path.join(os.path.dirname(os.path.realpath(__file__)),
|
||||||
|
'rax.ini')
|
||||||
|
try:
|
||||||
|
p.read(config_file)
|
||||||
|
except ConfigParser.Error:
|
||||||
|
return None
|
||||||
|
else:
|
||||||
|
return p
|
||||||
|
p = load_config_file()
|
||||||
|
|
||||||
|
|
||||||
|
def rax_slugify(value):
|
||||||
|
return 'rax_%s' % (re.sub('[^\w-]', '_', value).lower().lstrip('_'))
|
||||||
|
|
||||||
|
|
||||||
|
def to_dict(obj):
|
||||||
|
instance = {}
|
||||||
|
for key in dir(obj):
|
||||||
|
value = getattr(obj, key)
|
||||||
|
if isinstance(value, NON_CALLABLES) and not key.startswith('_'):
|
||||||
|
key = rax_slugify(key)
|
||||||
|
instance[key] = value
|
||||||
|
|
||||||
|
return instance
|
||||||
|
|
||||||
|
|
||||||
|
def host(regions, hostname):
|
||||||
|
hostvars = {}
|
||||||
|
|
||||||
|
for region in regions:
|
||||||
|
# Connect to the region
|
||||||
|
cs = pyrax.connect_to_cloudservers(region=region)
|
||||||
|
for server in cs.servers.list():
|
||||||
|
if server.name == hostname:
|
||||||
|
for key, value in to_dict(server).items():
|
||||||
|
hostvars[key] = value
|
||||||
|
|
||||||
|
# And finally, add an IP address
|
||||||
|
hostvars['ansible_ssh_host'] = server.accessIPv4
|
||||||
|
print(json.dumps(hostvars, sort_keys=True, indent=4))
|
||||||
|
|
||||||
|
|
||||||
|
def _list(regions):
|
||||||
|
groups = collections.defaultdict(list)
|
||||||
|
hostvars = collections.defaultdict(dict)
|
||||||
|
images = {}
|
||||||
|
cbs_attachments = collections.defaultdict(dict)
|
||||||
|
|
||||||
|
prefix = get_config(p, 'rax', 'meta_prefix', 'RAX_META_PREFIX', 'meta')
|
||||||
|
|
||||||
|
networks = get_config(p, 'rax', 'access_network', 'RAX_ACCESS_NETWORK',
|
||||||
|
'public', islist=True)
|
||||||
|
try:
|
||||||
|
ip_versions = map(int, get_config(p, 'rax', 'access_ip_version',
|
||||||
|
'RAX_ACCESS_IP_VERSION', 4,
|
||||||
|
islist=True))
|
||||||
|
except:
|
||||||
|
ip_versions = [4]
|
||||||
|
else:
|
||||||
|
ip_versions = [v for v in ip_versions if v in [4, 6]]
|
||||||
|
if not ip_versions:
|
||||||
|
ip_versions = [4]
|
||||||
|
|
||||||
|
# Go through all the regions looking for servers
|
||||||
|
for region in regions:
|
||||||
|
# Connect to the region
|
||||||
|
cs = pyrax.connect_to_cloudservers(region=region)
|
||||||
|
if cs is None:
|
||||||
|
warnings.warn(
|
||||||
|
'Connecting to Rackspace region "%s" has caused Pyrax to '
|
||||||
|
'return a NoneType. Is this a valid region?' % region,
|
||||||
|
RuntimeWarning)
|
||||||
|
continue
|
||||||
|
for server in cs.servers.list():
|
||||||
|
# Create a group on region
|
||||||
|
groups[region].append(server.name)
|
||||||
|
|
||||||
|
# Check if group metadata key in servers' metadata
|
||||||
|
group = server.metadata.get('group')
|
||||||
|
if group:
|
||||||
|
groups[group].append(server.name)
|
||||||
|
|
||||||
|
for extra_group in server.metadata.get('groups', '').split(','):
|
||||||
|
if extra_group:
|
||||||
|
groups[extra_group].append(server.name)
|
||||||
|
|
||||||
|
# Add host metadata
|
||||||
|
for key, value in to_dict(server).items():
|
||||||
|
hostvars[server.name][key] = value
|
||||||
|
|
||||||
|
hostvars[server.name]['rax_region'] = region
|
||||||
|
|
||||||
|
for key, value in server.metadata.iteritems():
|
||||||
|
groups['%s_%s_%s' % (prefix, key, value)].append(server.name)
|
||||||
|
|
||||||
|
groups['instance-%s' % server.id].append(server.name)
|
||||||
|
groups['flavor-%s' % server.flavor['id']].append(server.name)
|
||||||
|
|
||||||
|
# Handle boot from volume
|
||||||
|
if not server.image:
|
||||||
|
if not cbs_attachments[region]:
|
||||||
|
cbs = pyrax.connect_to_cloud_blockstorage(region)
|
||||||
|
for vol in cbs.list():
|
||||||
|
if mk_boolean(vol.bootable):
|
||||||
|
for attachment in vol.attachments:
|
||||||
|
metadata = vol.volume_image_metadata
|
||||||
|
server_id = attachment['server_id']
|
||||||
|
cbs_attachments[region][server_id] = {
|
||||||
|
'id': metadata['image_id'],
|
||||||
|
'name': slugify(metadata['image_name'])
|
||||||
|
}
|
||||||
|
image = cbs_attachments[region].get(server.id)
|
||||||
|
if image:
|
||||||
|
server.image = {'id': image['id']}
|
||||||
|
hostvars[server.name]['rax_image'] = server.image
|
||||||
|
hostvars[server.name]['rax_boot_source'] = 'volume'
|
||||||
|
images[image['id']] = image['name']
|
||||||
|
else:
|
||||||
|
hostvars[server.name]['rax_boot_source'] = 'local'
|
||||||
|
|
||||||
|
try:
|
||||||
|
imagegroup = 'image-%s' % images[server.image['id']]
|
||||||
|
groups[imagegroup].append(server.name)
|
||||||
|
groups['image-%s' % server.image['id']].append(server.name)
|
||||||
|
except KeyError:
|
||||||
|
try:
|
||||||
|
image = cs.images.get(server.image['id'])
|
||||||
|
except cs.exceptions.NotFound:
|
||||||
|
groups['image-%s' % server.image['id']].append(server.name)
|
||||||
|
else:
|
||||||
|
images[image.id] = image.human_id
|
||||||
|
groups['image-%s' % image.human_id].append(server.name)
|
||||||
|
groups['image-%s' % server.image['id']].append(server.name)
|
||||||
|
|
||||||
|
# And finally, add an IP address
|
||||||
|
ansible_ssh_host = None
|
||||||
|
# use accessIPv[46] instead of looping address for 'public'
|
||||||
|
for network_name in networks:
|
||||||
|
if ansible_ssh_host:
|
||||||
|
break
|
||||||
|
if network_name == 'public':
|
||||||
|
for version_name in ip_versions:
|
||||||
|
if ansible_ssh_host:
|
||||||
|
break
|
||||||
|
if version_name == 6 and server.accessIPv6:
|
||||||
|
ansible_ssh_host = server.accessIPv6
|
||||||
|
elif server.accessIPv4:
|
||||||
|
ansible_ssh_host = server.accessIPv4
|
||||||
|
if not ansible_ssh_host:
|
||||||
|
addresses = server.addresses.get(network_name, [])
|
||||||
|
for address in addresses:
|
||||||
|
for version_name in ip_versions:
|
||||||
|
if ansible_ssh_host:
|
||||||
|
break
|
||||||
|
if address.get('version') == version_name:
|
||||||
|
ansible_ssh_host = address.get('addr')
|
||||||
|
break
|
||||||
|
if ansible_ssh_host:
|
||||||
|
hostvars[server.name]['ansible_ssh_host'] = ansible_ssh_host
|
||||||
|
|
||||||
|
if hostvars:
|
||||||
|
groups['_meta'] = {'hostvars': hostvars}
|
||||||
|
print(json.dumps(groups, sort_keys=True, indent=4))
|
||||||
|
|
||||||
|
|
||||||
|
def parse_args():
|
||||||
|
parser = argparse.ArgumentParser(description='Ansible Rackspace Cloud '
|
||||||
|
'inventory module')
|
||||||
|
group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
group.add_argument('--list', action='store_true',
|
||||||
|
help='List active servers')
|
||||||
|
group.add_argument('--host', help='List details about the specific host')
|
||||||
|
return parser.parse_args()
|
||||||
|
|
||||||
|
|
||||||
|
def setup():
|
||||||
|
default_creds_file = os.path.expanduser('~/.rackspace_cloud_credentials')
|
||||||
|
|
||||||
|
env = get_config(p, 'rax', 'environment', 'RAX_ENV', None)
|
||||||
|
if env:
|
||||||
|
pyrax.set_environment(env)
|
||||||
|
|
||||||
|
keyring_username = pyrax.get_setting('keyring_username')
|
||||||
|
|
||||||
|
# Attempt to grab credentials from environment first
|
||||||
|
creds_file = get_config(p, 'rax', 'creds_file',
|
||||||
|
'RAX_CREDS_FILE', None)
|
||||||
|
if creds_file is not None:
|
||||||
|
creds_file = os.path.expanduser(creds_file)
|
||||||
|
else:
|
||||||
|
# But if that fails, use the default location of
|
||||||
|
# ~/.rackspace_cloud_credentials
|
||||||
|
if os.path.isfile(default_creds_file):
|
||||||
|
creds_file = default_creds_file
|
||||||
|
elif not keyring_username:
|
||||||
|
sys.stderr.write('No value in environment variable %s and/or no '
|
||||||
|
'credentials file at %s\n'
|
||||||
|
% ('RAX_CREDS_FILE', default_creds_file))
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
identity_type = pyrax.get_setting('identity_type')
|
||||||
|
pyrax.set_setting('identity_type', identity_type or 'rackspace')
|
||||||
|
|
||||||
|
region = pyrax.get_setting('region')
|
||||||
|
|
||||||
|
try:
|
||||||
|
if keyring_username:
|
||||||
|
pyrax.keyring_auth(keyring_username, region=region)
|
||||||
|
else:
|
||||||
|
pyrax.set_credential_file(creds_file, region=region)
|
||||||
|
except Exception, e:
|
||||||
|
sys.stderr.write("%s: %s\n" % (e, e.message))
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
regions = []
|
||||||
|
if region:
|
||||||
|
regions.append(region)
|
||||||
|
else:
|
||||||
|
region_list = get_config(p, 'rax', 'regions', 'RAX_REGION', 'all',
|
||||||
|
islist=True)
|
||||||
|
for region in region_list:
|
||||||
|
region = region.strip().upper()
|
||||||
|
if region == 'ALL':
|
||||||
|
regions = pyrax.regions
|
||||||
|
break
|
||||||
|
elif region not in pyrax.regions:
|
||||||
|
sys.stderr.write('Unsupported region %s' % region)
|
||||||
|
sys.exit(1)
|
||||||
|
elif region not in regions:
|
||||||
|
regions.append(region)
|
||||||
|
|
||||||
|
return regions
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
args = parse_args()
|
||||||
|
regions = setup()
|
||||||
|
if args.list:
|
||||||
|
_list(regions)
|
||||||
|
elif args.host:
|
||||||
|
host(regions, args.host)
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
@ -0,0 +1,115 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# (c) 2015, Marc Abramowitz <marca@surveymonkey.com>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible.
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
# Dynamic inventory script which lets you use nodes discovered by Serf
|
||||||
|
# (https://serfdom.io/).
|
||||||
|
#
|
||||||
|
# Requires the `serfclient` Python module from
|
||||||
|
# https://pypi.python.org/pypi/serfclient
|
||||||
|
#
|
||||||
|
# Environment variables
|
||||||
|
# ---------------------
|
||||||
|
# - `SERF_RPC_ADDR`
|
||||||
|
# - `SERF_RPC_AUTH`
|
||||||
|
#
|
||||||
|
# These variables are described at https://www.serfdom.io/docs/commands/members.html#_rpc_addr
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import collections
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
# https://pypi.python.org/pypi/serfclient
|
||||||
|
from serfclient import SerfClient, EnvironmentConfig
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
_key = 'serf'
|
||||||
|
|
||||||
|
|
||||||
|
def _serf_client():
|
||||||
|
env = EnvironmentConfig()
|
||||||
|
return SerfClient(host=env.host, port=env.port, rpc_auth=env.auth_key)
|
||||||
|
|
||||||
|
|
||||||
|
def get_serf_members_data():
|
||||||
|
return _serf_client().members().body['Members']
|
||||||
|
|
||||||
|
|
||||||
|
def get_nodes(data):
|
||||||
|
return [node['Name'] for node in data]
|
||||||
|
|
||||||
|
|
||||||
|
def get_groups(data):
|
||||||
|
groups = collections.defaultdict(list)
|
||||||
|
|
||||||
|
for node in data:
|
||||||
|
for key, value in node['Tags'].items():
|
||||||
|
groups[value].append(node['Name'])
|
||||||
|
|
||||||
|
return groups
|
||||||
|
|
||||||
|
|
||||||
|
def get_meta(data):
|
||||||
|
meta = {'hostvars': {}}
|
||||||
|
for node in data:
|
||||||
|
meta['hostvars'][node['Name']] = node['Tags']
|
||||||
|
return meta
|
||||||
|
|
||||||
|
|
||||||
|
def print_list():
|
||||||
|
data = get_serf_members_data()
|
||||||
|
nodes = get_nodes(data)
|
||||||
|
groups = get_groups(data)
|
||||||
|
meta = get_meta(data)
|
||||||
|
inventory_data = {_key: nodes, '_meta': meta}
|
||||||
|
inventory_data.update(groups)
|
||||||
|
print(json.dumps(inventory_data))
|
||||||
|
|
||||||
|
|
||||||
|
def print_host(host):
|
||||||
|
data = get_serf_members_data()
|
||||||
|
meta = get_meta(data)
|
||||||
|
print(json.dumps(meta['hostvars'][host]))
|
||||||
|
|
||||||
|
|
||||||
|
def get_args(args_list):
|
||||||
|
parser = argparse.ArgumentParser(
|
||||||
|
description='ansible inventory script reading from serf cluster')
|
||||||
|
mutex_group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
help_list = 'list all hosts from serf cluster'
|
||||||
|
mutex_group.add_argument('--list', action='store_true', help=help_list)
|
||||||
|
help_host = 'display variables for a host'
|
||||||
|
mutex_group.add_argument('--host', help=help_host)
|
||||||
|
return parser.parse_args(args_list)
|
||||||
|
|
||||||
|
|
||||||
|
def main(args_list):
|
||||||
|
args = get_args(args_list)
|
||||||
|
if args.list:
|
||||||
|
print_list()
|
||||||
|
if args.host:
|
||||||
|
print_host(args.host)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main(sys.argv[1:])
|
@ -0,0 +1,114 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# This file is part of Ansible,
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from subprocess import Popen,PIPE
|
||||||
|
|
||||||
|
try:
|
||||||
|
import json
|
||||||
|
except ImportError:
|
||||||
|
import simplejson as json
|
||||||
|
|
||||||
|
|
||||||
|
VBOX="VBoxManage"
|
||||||
|
|
||||||
|
|
||||||
|
def get_hosts(host=None):
|
||||||
|
|
||||||
|
returned = {}
|
||||||
|
try:
|
||||||
|
if host:
|
||||||
|
p = Popen([VBOX, 'showvminfo', host], stdout=PIPE)
|
||||||
|
else:
|
||||||
|
returned = { 'all': set(), '_metadata': {} }
|
||||||
|
p = Popen([VBOX, 'list', '-l', 'vms'], stdout=PIPE)
|
||||||
|
except:
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
hostvars = {}
|
||||||
|
prevkey = pref_k = ''
|
||||||
|
|
||||||
|
for line in p.stdout.readlines():
|
||||||
|
|
||||||
|
try:
|
||||||
|
k,v = line.split(':',1)
|
||||||
|
except:
|
||||||
|
continue
|
||||||
|
|
||||||
|
if k == '':
|
||||||
|
continue
|
||||||
|
|
||||||
|
v = v.strip()
|
||||||
|
if k.startswith('Name'):
|
||||||
|
if v not in hostvars:
|
||||||
|
curname = v
|
||||||
|
hostvars[curname] = {}
|
||||||
|
try: # try to get network info
|
||||||
|
x = Popen([VBOX, 'guestproperty', 'get', curname,"/VirtualBox/GuestInfo/Net/0/V4/IP"],stdout=PIPE)
|
||||||
|
ipinfo = x.stdout.read()
|
||||||
|
if 'Value' in ipinfo:
|
||||||
|
a,ip = ipinfo.split(':',1)
|
||||||
|
hostvars[curname]['ansible_ssh_host'] = ip.strip()
|
||||||
|
except:
|
||||||
|
pass
|
||||||
|
|
||||||
|
continue
|
||||||
|
|
||||||
|
if not host:
|
||||||
|
if k == 'Groups':
|
||||||
|
for group in v.split('/'):
|
||||||
|
if group:
|
||||||
|
if group not in returned:
|
||||||
|
returned[group] = set()
|
||||||
|
returned[group].add(curname)
|
||||||
|
returned['all'].add(curname)
|
||||||
|
continue
|
||||||
|
|
||||||
|
pref_k = 'vbox_' + k.strip().replace(' ','_')
|
||||||
|
if k.startswith(' '):
|
||||||
|
if prevkey not in hostvars[curname]:
|
||||||
|
hostvars[curname][prevkey] = {}
|
||||||
|
hostvars[curname][prevkey][pref_k]= v
|
||||||
|
else:
|
||||||
|
if v != '':
|
||||||
|
hostvars[curname][pref_k] = v
|
||||||
|
|
||||||
|
prevkey = pref_k
|
||||||
|
|
||||||
|
if not host:
|
||||||
|
returned['_metadata']['hostvars'] = hostvars
|
||||||
|
else:
|
||||||
|
returned = hostvars[host]
|
||||||
|
return returned
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
|
||||||
|
inventory = {}
|
||||||
|
hostname = None
|
||||||
|
|
||||||
|
if len(sys.argv) > 1:
|
||||||
|
if sys.argv[1] == "--host":
|
||||||
|
hostname = sys.argv[2]
|
||||||
|
|
||||||
|
if hostname:
|
||||||
|
inventory = get_hosts(hostname)
|
||||||
|
else:
|
||||||
|
inventory = get_hosts()
|
||||||
|
|
||||||
|
import pprint
|
||||||
|
print pprint.pprint(inventory)
|
@ -0,0 +1,43 @@
|
|||||||
|
# Ansible VMware external inventory script settings
|
||||||
|
|
||||||
|
[defaults]
|
||||||
|
|
||||||
|
# If true (the default), return only guest VMs. If false, also return host
|
||||||
|
# systems in the results.
|
||||||
|
guests_only = True
|
||||||
|
|
||||||
|
# Specify an alternate group name for guest VMs. If not defined, defaults to
|
||||||
|
# the basename of the inventory script + "_vm", e.g. "vmware_vm".
|
||||||
|
#vm_group = vm_group_name
|
||||||
|
|
||||||
|
# Specify an alternate group name for host systems when guests_only=false.
|
||||||
|
# If not defined, defaults to the basename of the inventory script + "_hw",
|
||||||
|
# e.g. "vmware_hw".
|
||||||
|
#hw_group = hw_group_name
|
||||||
|
|
||||||
|
# Specify the number of seconds to use the inventory cache before it is
|
||||||
|
# considered stale. If not defined, defaults to 0 seconds.
|
||||||
|
#cache_max_age = 3600
|
||||||
|
|
||||||
|
# Specify the directory used for storing the inventory cache. If not defined,
|
||||||
|
# caching will be disabled.
|
||||||
|
#cache_dir = ~/.cache/ansible
|
||||||
|
|
||||||
|
# Specify a prefix filter. Any VMs with names beginning with this string will
|
||||||
|
# not be returned.
|
||||||
|
# prefix_filter = test_
|
||||||
|
|
||||||
|
[auth]
|
||||||
|
|
||||||
|
# Specify hostname or IP address of vCenter/ESXi server. A port may be
|
||||||
|
# included with the hostname, e.g.: vcenter.example.com:8443. This setting
|
||||||
|
# may also be defined via the VMWARE_HOST environment variable.
|
||||||
|
host = vcenter.example.com
|
||||||
|
|
||||||
|
# Specify a username to access the vCenter host. This setting may also be
|
||||||
|
# defined with the VMWARE_USER environment variable.
|
||||||
|
user = ihasaccess
|
||||||
|
|
||||||
|
# Specify a password to access the vCenter host. This setting may also be
|
||||||
|
# defined with the VMWARE_PASSWORD environment variable.
|
||||||
|
password = ssshverysecret
|
@ -0,0 +1,432 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
'''
|
||||||
|
VMware Inventory Script
|
||||||
|
=======================
|
||||||
|
|
||||||
|
Retrieve information about virtual machines from a vCenter server or
|
||||||
|
standalone ESX host. When `group_by=false` (in the INI file), host systems
|
||||||
|
are also returned in addition to VMs.
|
||||||
|
|
||||||
|
This script will attempt to read configuration from an INI file with the same
|
||||||
|
base filename if present, or `vmware.ini` if not. It is possible to create
|
||||||
|
symlinks to the inventory script to support multiple configurations, e.g.:
|
||||||
|
|
||||||
|
* `vmware.py` (this script)
|
||||||
|
* `vmware.ini` (default configuration, will be read by `vmware.py`)
|
||||||
|
* `vmware_test.py` (symlink to `vmware.py`)
|
||||||
|
* `vmware_test.ini` (test configuration, will be read by `vmware_test.py`)
|
||||||
|
* `vmware_other.py` (symlink to `vmware.py`, will read `vmware.ini` since no
|
||||||
|
`vmware_other.ini` exists)
|
||||||
|
|
||||||
|
The path to an INI file may also be specified via the `VMWARE_INI` environment
|
||||||
|
variable, in which case the filename matching rules above will not apply.
|
||||||
|
|
||||||
|
Host and authentication parameters may be specified via the `VMWARE_HOST`,
|
||||||
|
`VMWARE_USER` and `VMWARE_PASSWORD` environment variables; these options will
|
||||||
|
take precedence over options present in the INI file. An INI file is not
|
||||||
|
required if these options are specified using environment variables.
|
||||||
|
'''
|
||||||
|
|
||||||
|
import collections
|
||||||
|
import json
|
||||||
|
import logging
|
||||||
|
import optparse
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
import ConfigParser
|
||||||
|
|
||||||
|
# Disable logging message trigged by pSphere/suds.
|
||||||
|
try:
|
||||||
|
from logging import NullHandler
|
||||||
|
except ImportError:
|
||||||
|
from logging import Handler
|
||||||
|
class NullHandler(Handler):
|
||||||
|
def emit(self, record):
|
||||||
|
pass
|
||||||
|
logging.getLogger('psphere').addHandler(NullHandler())
|
||||||
|
logging.getLogger('suds').addHandler(NullHandler())
|
||||||
|
|
||||||
|
from psphere.client import Client
|
||||||
|
from psphere.errors import ObjectNotFoundError
|
||||||
|
from psphere.managedobjects import HostSystem, VirtualMachine, ManagedObject, Network
|
||||||
|
from suds.sudsobject import Object as SudsObject
|
||||||
|
|
||||||
|
|
||||||
|
class VMwareInventory(object):
|
||||||
|
|
||||||
|
def __init__(self, guests_only=None):
|
||||||
|
self.config = ConfigParser.SafeConfigParser()
|
||||||
|
if os.environ.get('VMWARE_INI', ''):
|
||||||
|
config_files = [os.environ['VMWARE_INI']]
|
||||||
|
else:
|
||||||
|
config_files = [os.path.abspath(sys.argv[0]).rstrip('.py') + '.ini', 'vmware.ini']
|
||||||
|
for config_file in config_files:
|
||||||
|
if os.path.exists(config_file):
|
||||||
|
self.config.read(config_file)
|
||||||
|
break
|
||||||
|
|
||||||
|
# Retrieve only guest VMs, or include host systems?
|
||||||
|
if guests_only is not None:
|
||||||
|
self.guests_only = guests_only
|
||||||
|
elif self.config.has_option('defaults', 'guests_only'):
|
||||||
|
self.guests_only = self.config.getboolean('defaults', 'guests_only')
|
||||||
|
else:
|
||||||
|
self.guests_only = True
|
||||||
|
|
||||||
|
# Read authentication information from VMware environment variables
|
||||||
|
# (if set), otherwise from INI file.
|
||||||
|
auth_host = os.environ.get('VMWARE_HOST')
|
||||||
|
if not auth_host and self.config.has_option('auth', 'host'):
|
||||||
|
auth_host = self.config.get('auth', 'host')
|
||||||
|
auth_user = os.environ.get('VMWARE_USER')
|
||||||
|
if not auth_user and self.config.has_option('auth', 'user'):
|
||||||
|
auth_user = self.config.get('auth', 'user')
|
||||||
|
auth_password = os.environ.get('VMWARE_PASSWORD')
|
||||||
|
if not auth_password and self.config.has_option('auth', 'password'):
|
||||||
|
auth_password = self.config.get('auth', 'password')
|
||||||
|
|
||||||
|
# Create the VMware client connection.
|
||||||
|
self.client = Client(auth_host, auth_user, auth_password)
|
||||||
|
|
||||||
|
def _put_cache(self, name, value):
|
||||||
|
'''
|
||||||
|
Saves the value to cache with the name given.
|
||||||
|
'''
|
||||||
|
if self.config.has_option('defaults', 'cache_dir'):
|
||||||
|
cache_dir = os.path.expanduser(self.config.get('defaults', 'cache_dir'))
|
||||||
|
if not os.path.exists(cache_dir):
|
||||||
|
os.makedirs(cache_dir)
|
||||||
|
cache_file = os.path.join(cache_dir, name)
|
||||||
|
with open(cache_file, 'w') as cache:
|
||||||
|
json.dump(value, cache)
|
||||||
|
|
||||||
|
def _get_cache(self, name, default=None):
|
||||||
|
'''
|
||||||
|
Retrieves the value from cache for the given name.
|
||||||
|
'''
|
||||||
|
if self.config.has_option('defaults', 'cache_dir'):
|
||||||
|
cache_dir = self.config.get('defaults', 'cache_dir')
|
||||||
|
cache_file = os.path.join(cache_dir, name)
|
||||||
|
if os.path.exists(cache_file):
|
||||||
|
if self.config.has_option('defaults', 'cache_max_age'):
|
||||||
|
cache_max_age = self.config.getint('defaults', 'cache_max_age')
|
||||||
|
else:
|
||||||
|
cache_max_age = 0
|
||||||
|
cache_stat = os.stat(cache_file)
|
||||||
|
if (cache_stat.st_mtime + cache_max_age) >= time.time():
|
||||||
|
with open(cache_file) as cache:
|
||||||
|
return json.load(cache)
|
||||||
|
return default
|
||||||
|
|
||||||
|
def _flatten_dict(self, d, parent_key='', sep='_'):
|
||||||
|
'''
|
||||||
|
Flatten nested dicts by combining keys with a separator. Lists with
|
||||||
|
only string items are included as is; any other lists are discarded.
|
||||||
|
'''
|
||||||
|
items = []
|
||||||
|
for k, v in d.items():
|
||||||
|
if k.startswith('_'):
|
||||||
|
continue
|
||||||
|
new_key = parent_key + sep + k if parent_key else k
|
||||||
|
if isinstance(v, collections.MutableMapping):
|
||||||
|
items.extend(self._flatten_dict(v, new_key, sep).items())
|
||||||
|
elif isinstance(v, (list, tuple)):
|
||||||
|
if all([isinstance(x, basestring) for x in v]):
|
||||||
|
items.append((new_key, v))
|
||||||
|
else:
|
||||||
|
items.append((new_key, v))
|
||||||
|
return dict(items)
|
||||||
|
|
||||||
|
def _get_obj_info(self, obj, depth=99, seen=None):
|
||||||
|
'''
|
||||||
|
Recursively build a data structure for the given pSphere object (depth
|
||||||
|
only applies to ManagedObject instances).
|
||||||
|
'''
|
||||||
|
seen = seen or set()
|
||||||
|
if isinstance(obj, ManagedObject):
|
||||||
|
try:
|
||||||
|
obj_unicode = unicode(getattr(obj, 'name'))
|
||||||
|
except AttributeError:
|
||||||
|
obj_unicode = ()
|
||||||
|
if obj in seen:
|
||||||
|
return obj_unicode
|
||||||
|
seen.add(obj)
|
||||||
|
if depth <= 0:
|
||||||
|
return obj_unicode
|
||||||
|
d = {}
|
||||||
|
for attr in dir(obj):
|
||||||
|
if attr.startswith('_'):
|
||||||
|
continue
|
||||||
|
try:
|
||||||
|
val = getattr(obj, attr)
|
||||||
|
obj_info = self._get_obj_info(val, depth - 1, seen)
|
||||||
|
if obj_info != ():
|
||||||
|
d[attr] = obj_info
|
||||||
|
except Exception, e:
|
||||||
|
pass
|
||||||
|
return d
|
||||||
|
elif isinstance(obj, SudsObject):
|
||||||
|
d = {}
|
||||||
|
for key, val in iter(obj):
|
||||||
|
obj_info = self._get_obj_info(val, depth, seen)
|
||||||
|
if obj_info != ():
|
||||||
|
d[key] = obj_info
|
||||||
|
return d
|
||||||
|
elif isinstance(obj, (list, tuple)):
|
||||||
|
l = []
|
||||||
|
for val in iter(obj):
|
||||||
|
obj_info = self._get_obj_info(val, depth, seen)
|
||||||
|
if obj_info != ():
|
||||||
|
l.append(obj_info)
|
||||||
|
return l
|
||||||
|
elif isinstance(obj, (type(None), bool, int, long, float, basestring)):
|
||||||
|
return obj
|
||||||
|
else:
|
||||||
|
return ()
|
||||||
|
|
||||||
|
def _get_host_info(self, host, prefix='vmware'):
|
||||||
|
'''
|
||||||
|
Return a flattened dict with info about the given host system.
|
||||||
|
'''
|
||||||
|
host_info = {
|
||||||
|
'name': host.name,
|
||||||
|
}
|
||||||
|
for attr in ('datastore', 'network', 'vm'):
|
||||||
|
try:
|
||||||
|
value = getattr(host, attr)
|
||||||
|
host_info['%ss' % attr] = self._get_obj_info(value, depth=0)
|
||||||
|
except AttributeError:
|
||||||
|
host_info['%ss' % attr] = []
|
||||||
|
for k, v in self._get_obj_info(host.summary, depth=0).items():
|
||||||
|
if isinstance(v, collections.MutableMapping):
|
||||||
|
for k2, v2 in v.items():
|
||||||
|
host_info[k2] = v2
|
||||||
|
elif k != 'host':
|
||||||
|
host_info[k] = v
|
||||||
|
try:
|
||||||
|
host_info['ipAddress'] = host.config.network.vnic[0].spec.ip.ipAddress
|
||||||
|
except Exception, e:
|
||||||
|
print >> sys.stderr, e
|
||||||
|
host_info = self._flatten_dict(host_info, prefix)
|
||||||
|
if ('%s_ipAddress' % prefix) in host_info:
|
||||||
|
host_info['ansible_ssh_host'] = host_info['%s_ipAddress' % prefix]
|
||||||
|
return host_info
|
||||||
|
|
||||||
|
def _get_vm_info(self, vm, prefix='vmware'):
|
||||||
|
'''
|
||||||
|
Return a flattened dict with info about the given virtual machine.
|
||||||
|
'''
|
||||||
|
vm_info = {
|
||||||
|
'name': vm.name,
|
||||||
|
}
|
||||||
|
for attr in ('datastore', 'network'):
|
||||||
|
try:
|
||||||
|
value = getattr(vm, attr)
|
||||||
|
vm_info['%ss' % attr] = self._get_obj_info(value, depth=0)
|
||||||
|
except AttributeError:
|
||||||
|
vm_info['%ss' % attr] = []
|
||||||
|
try:
|
||||||
|
vm_info['resourcePool'] = self._get_obj_info(vm.resourcePool, depth=0)
|
||||||
|
except AttributeError:
|
||||||
|
vm_info['resourcePool'] = ''
|
||||||
|
try:
|
||||||
|
vm_info['guestState'] = vm.guest.guestState
|
||||||
|
except AttributeError:
|
||||||
|
vm_info['guestState'] = ''
|
||||||
|
for k, v in self._get_obj_info(vm.summary, depth=0).items():
|
||||||
|
if isinstance(v, collections.MutableMapping):
|
||||||
|
for k2, v2 in v.items():
|
||||||
|
if k2 == 'host':
|
||||||
|
k2 = 'hostSystem'
|
||||||
|
vm_info[k2] = v2
|
||||||
|
elif k != 'vm':
|
||||||
|
vm_info[k] = v
|
||||||
|
vm_info = self._flatten_dict(vm_info, prefix)
|
||||||
|
if ('%s_ipAddress' % prefix) in vm_info:
|
||||||
|
vm_info['ansible_ssh_host'] = vm_info['%s_ipAddress' % prefix]
|
||||||
|
return vm_info
|
||||||
|
|
||||||
|
def _add_host(self, inv, parent_group, host_name):
|
||||||
|
'''
|
||||||
|
Add the host to the parent group in the given inventory.
|
||||||
|
'''
|
||||||
|
p_group = inv.setdefault(parent_group, [])
|
||||||
|
if isinstance(p_group, dict):
|
||||||
|
group_hosts = p_group.setdefault('hosts', [])
|
||||||
|
else:
|
||||||
|
group_hosts = p_group
|
||||||
|
if host_name not in group_hosts:
|
||||||
|
group_hosts.append(host_name)
|
||||||
|
|
||||||
|
def _add_child(self, inv, parent_group, child_group):
|
||||||
|
'''
|
||||||
|
Add a child group to a parent group in the given inventory.
|
||||||
|
'''
|
||||||
|
if parent_group != 'all':
|
||||||
|
p_group = inv.setdefault(parent_group, {})
|
||||||
|
if not isinstance(p_group, dict):
|
||||||
|
inv[parent_group] = {'hosts': p_group}
|
||||||
|
p_group = inv[parent_group]
|
||||||
|
group_children = p_group.setdefault('children', [])
|
||||||
|
if child_group not in group_children:
|
||||||
|
group_children.append(child_group)
|
||||||
|
inv.setdefault(child_group, [])
|
||||||
|
|
||||||
|
def get_inventory(self, meta_hostvars=True):
|
||||||
|
'''
|
||||||
|
Reads the inventory from cache or VMware API via pSphere.
|
||||||
|
'''
|
||||||
|
# Use different cache names for guests only vs. all hosts.
|
||||||
|
if self.guests_only:
|
||||||
|
cache_name = '__inventory_guests__'
|
||||||
|
else:
|
||||||
|
cache_name = '__inventory_all__'
|
||||||
|
|
||||||
|
inv = self._get_cache(cache_name, None)
|
||||||
|
if inv is not None:
|
||||||
|
return inv
|
||||||
|
|
||||||
|
inv = {'all': {'hosts': []}}
|
||||||
|
if meta_hostvars:
|
||||||
|
inv['_meta'] = {'hostvars': {}}
|
||||||
|
|
||||||
|
default_group = os.path.basename(sys.argv[0]).rstrip('.py')
|
||||||
|
|
||||||
|
if not self.guests_only:
|
||||||
|
if self.config.has_option('defaults', 'hw_group'):
|
||||||
|
hw_group = self.config.get('defaults', 'hw_group')
|
||||||
|
else:
|
||||||
|
hw_group = default_group + '_hw'
|
||||||
|
|
||||||
|
if self.config.has_option('defaults', 'vm_group'):
|
||||||
|
vm_group = self.config.get('defaults', 'vm_group')
|
||||||
|
else:
|
||||||
|
vm_group = default_group + '_vm'
|
||||||
|
|
||||||
|
if self.config.has_option('defaults', 'prefix_filter'):
|
||||||
|
prefix_filter = self.config.get('defaults', 'prefix_filter')
|
||||||
|
else:
|
||||||
|
prefix_filter = None
|
||||||
|
|
||||||
|
# Loop through physical hosts:
|
||||||
|
for host in HostSystem.all(self.client):
|
||||||
|
|
||||||
|
if not self.guests_only:
|
||||||
|
self._add_host(inv, 'all', host.name)
|
||||||
|
self._add_host(inv, hw_group, host.name)
|
||||||
|
host_info = self._get_host_info(host)
|
||||||
|
if meta_hostvars:
|
||||||
|
inv['_meta']['hostvars'][host.name] = host_info
|
||||||
|
self._put_cache(host.name, host_info)
|
||||||
|
|
||||||
|
# Loop through all VMs on physical host.
|
||||||
|
for vm in host.vm:
|
||||||
|
if prefix_filter:
|
||||||
|
if vm.name.startswith( prefix_filter ):
|
||||||
|
continue
|
||||||
|
self._add_host(inv, 'all', vm.name)
|
||||||
|
self._add_host(inv, vm_group, vm.name)
|
||||||
|
vm_info = self._get_vm_info(vm)
|
||||||
|
if meta_hostvars:
|
||||||
|
inv['_meta']['hostvars'][vm.name] = vm_info
|
||||||
|
self._put_cache(vm.name, vm_info)
|
||||||
|
|
||||||
|
# Group by resource pool.
|
||||||
|
vm_resourcePool = vm_info.get('vmware_resourcePool', None)
|
||||||
|
if vm_resourcePool:
|
||||||
|
self._add_child(inv, vm_group, 'resource_pools')
|
||||||
|
self._add_child(inv, 'resource_pools', vm_resourcePool)
|
||||||
|
self._add_host(inv, vm_resourcePool, vm.name)
|
||||||
|
|
||||||
|
# Group by datastore.
|
||||||
|
for vm_datastore in vm_info.get('vmware_datastores', []):
|
||||||
|
self._add_child(inv, vm_group, 'datastores')
|
||||||
|
self._add_child(inv, 'datastores', vm_datastore)
|
||||||
|
self._add_host(inv, vm_datastore, vm.name)
|
||||||
|
|
||||||
|
# Group by network.
|
||||||
|
for vm_network in vm_info.get('vmware_networks', []):
|
||||||
|
self._add_child(inv, vm_group, 'networks')
|
||||||
|
self._add_child(inv, 'networks', vm_network)
|
||||||
|
self._add_host(inv, vm_network, vm.name)
|
||||||
|
|
||||||
|
# Group by guest OS.
|
||||||
|
vm_guestId = vm_info.get('vmware_guestId', None)
|
||||||
|
if vm_guestId:
|
||||||
|
self._add_child(inv, vm_group, 'guests')
|
||||||
|
self._add_child(inv, 'guests', vm_guestId)
|
||||||
|
self._add_host(inv, vm_guestId, vm.name)
|
||||||
|
|
||||||
|
# Group all VM templates.
|
||||||
|
vm_template = vm_info.get('vmware_template', False)
|
||||||
|
if vm_template:
|
||||||
|
self._add_child(inv, vm_group, 'templates')
|
||||||
|
self._add_host(inv, 'templates', vm.name)
|
||||||
|
|
||||||
|
self._put_cache(cache_name, inv)
|
||||||
|
return inv
|
||||||
|
|
||||||
|
def get_host(self, hostname):
|
||||||
|
'''
|
||||||
|
Read info about a specific host or VM from cache or VMware API.
|
||||||
|
'''
|
||||||
|
inv = self._get_cache(hostname, None)
|
||||||
|
if inv is not None:
|
||||||
|
return inv
|
||||||
|
|
||||||
|
if not self.guests_only:
|
||||||
|
try:
|
||||||
|
host = HostSystem.get(self.client, name=hostname)
|
||||||
|
inv = self._get_host_info(host)
|
||||||
|
except ObjectNotFoundError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
if inv is None:
|
||||||
|
try:
|
||||||
|
vm = VirtualMachine.get(self.client, name=hostname)
|
||||||
|
inv = self._get_vm_info(vm)
|
||||||
|
except ObjectNotFoundError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
if inv is not None:
|
||||||
|
self._put_cache(hostname, inv)
|
||||||
|
return inv or {}
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
parser = optparse.OptionParser()
|
||||||
|
parser.add_option('--list', action='store_true', dest='list',
|
||||||
|
default=False, help='Output inventory groups and hosts')
|
||||||
|
parser.add_option('--host', dest='host', default=None, metavar='HOST',
|
||||||
|
help='Output variables only for the given hostname')
|
||||||
|
# Additional options for use when running the script standalone, but never
|
||||||
|
# used by Ansible.
|
||||||
|
parser.add_option('--pretty', action='store_true', dest='pretty',
|
||||||
|
default=False, help='Output nicely-formatted JSON')
|
||||||
|
parser.add_option('--include-host-systems', action='store_true',
|
||||||
|
dest='include_host_systems', default=False,
|
||||||
|
help='Include host systems in addition to VMs')
|
||||||
|
parser.add_option('--no-meta-hostvars', action='store_false',
|
||||||
|
dest='meta_hostvars', default=True,
|
||||||
|
help='Exclude [\'_meta\'][\'hostvars\'] with --list')
|
||||||
|
options, args = parser.parse_args()
|
||||||
|
|
||||||
|
if options.include_host_systems:
|
||||||
|
vmware_inventory = VMwareInventory(guests_only=False)
|
||||||
|
else:
|
||||||
|
vmware_inventory = VMwareInventory()
|
||||||
|
if options.host is not None:
|
||||||
|
inventory = vmware_inventory.get_host(options.host)
|
||||||
|
else:
|
||||||
|
inventory = vmware_inventory.get_inventory(options.meta_hostvars)
|
||||||
|
|
||||||
|
json_kwargs = {}
|
||||||
|
if options.pretty:
|
||||||
|
json_kwargs.update({'indent': 4, 'sort_keys': True})
|
||||||
|
json.dump(inventory, sys.stdout, **json_kwargs)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
@ -0,0 +1,43 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
# (c) 2015, Dagobert Michelsen <dam@baltic-online.de>
|
||||||
|
#
|
||||||
|
# This file is part of Ansible,
|
||||||
|
#
|
||||||
|
# Ansible is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# Ansible is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
from subprocess import Popen,PIPE
|
||||||
|
import sys
|
||||||
|
import json
|
||||||
|
|
||||||
|
result = {}
|
||||||
|
result['all'] = {}
|
||||||
|
|
||||||
|
pipe = Popen(['zoneadm', 'list', '-ip'], stdout=PIPE, universal_newlines=True)
|
||||||
|
result['all']['hosts'] = []
|
||||||
|
for l in pipe.stdout.readlines():
|
||||||
|
# 1:work:running:/zones/work:3126dc59-9a07-4829-cde9-a816e4c5040e:native:shared
|
||||||
|
s = l.split(':')
|
||||||
|
if s[1] != 'global':
|
||||||
|
result['all']['hosts'].append(s[1])
|
||||||
|
|
||||||
|
result['all']['vars'] = {}
|
||||||
|
result['all']['vars']['ansible_connection'] = 'zone'
|
||||||
|
|
||||||
|
if len(sys.argv) == 2 and sys.argv[1] == '--list':
|
||||||
|
print json.dumps(result)
|
||||||
|
elif len(sys.argv) == 3 and sys.argv[1] == '--host':
|
||||||
|
print json.dumps({'ansible_connection': 'zone'})
|
||||||
|
else:
|
||||||
|
print "Need an argument, either --list or --host <host>"
|
Binary file not shown.
After Width: | Height: | Size: 8.1 KiB |
@ -0,0 +1,87 @@
|
|||||||
|
Ansible Privilege Escalation
|
||||||
|
++++++++++++++++++++++++++++
|
||||||
|
|
||||||
|
Ansible can use existing privilege escalation systems to allow a user to execute tasks as another.
|
||||||
|
|
||||||
|
.. contents:: Topics
|
||||||
|
|
||||||
|
Become
|
||||||
|
``````
|
||||||
|
Before 1.9 Ansible mostly allowed the use of sudo and a limited use of su to allow a login/remote user to become a different user
|
||||||
|
and execute tasks, create resources with the 2nd user's permissions. As of 1.9 'become' supersedes the old sudo/su, while still
|
||||||
|
being backwards compatible. This new system also makes it easier to add other privilege escalation tools like pbrun (Powerbroker),
|
||||||
|
pfexec and others.
|
||||||
|
|
||||||
|
|
||||||
|
New directives
|
||||||
|
--------------
|
||||||
|
|
||||||
|
become
|
||||||
|
equivalent to adding 'sudo:' or 'su:' to a play or task, set to 'true'/'yes' to activate privilege escalation
|
||||||
|
|
||||||
|
become_user
|
||||||
|
equivalent to adding 'sudo_user:' or 'su_user:' to a play or task, set to user with desired privileges
|
||||||
|
|
||||||
|
become_method
|
||||||
|
at play or task level overrides the default method set in ansible.cfg, set to 'sudo'/'su'/'pbrun'/'pfexec'
|
||||||
|
|
||||||
|
|
||||||
|
New ansible\_ variables
|
||||||
|
-----------------------
|
||||||
|
Each allows you to set an option per group and/or host
|
||||||
|
|
||||||
|
ansible_become
|
||||||
|
equivalent to ansible_sudo or ansible_su, allows to force privilege escalation
|
||||||
|
|
||||||
|
ansible_become_method
|
||||||
|
allows to set privilege escalation method
|
||||||
|
|
||||||
|
ansible_become_user
|
||||||
|
equivalent to ansible_sudo_user or ansible_su_user, allows to set the user you become through privilege escalation
|
||||||
|
|
||||||
|
ansible_become_pass
|
||||||
|
equivalent to ansible_sudo_pass or ansible_su_pass, allows you to set the privilege escalation password
|
||||||
|
|
||||||
|
|
||||||
|
New command line options
|
||||||
|
------------------------
|
||||||
|
|
||||||
|
--ask-become-pass
|
||||||
|
ask for privilege escalation password
|
||||||
|
|
||||||
|
--become,-b
|
||||||
|
run operations with become (no password implied)
|
||||||
|
|
||||||
|
--become-method=BECOME_METHOD
|
||||||
|
privilege escalation method to use (default=sudo),
|
||||||
|
valid choices: [ sudo | su | pbrun | pfexec ]
|
||||||
|
|
||||||
|
--become-user=BECOME_USER
|
||||||
|
run operations as this user (default=root)
|
||||||
|
|
||||||
|
|
||||||
|
sudo and su still work!
|
||||||
|
-----------------------
|
||||||
|
|
||||||
|
Old playbooks will not need to be changed, even though they are deprecated, sudo and su directives will continue to work though it
|
||||||
|
is recommended to move to become as they may be retired at one point. You cannot mix directives on the same object though, Ansible
|
||||||
|
will complain if you try to.
|
||||||
|
|
||||||
|
Become will default to using the old sudo/su configs and variables if they exist, but will override them if you specify any of the
|
||||||
|
new ones.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
.. note:: Privilege escalation methods must also be supported by the connection plugin used, most will warn if they do not, some will just ignore it as they always run as root (jail, chroot, etc).
|
||||||
|
|
||||||
|
.. note:: Methods cannot be chained, you cannot use 'sudo /bin/su -' to become a user, you need to have privileges to run the command as that user in sudo or be able to su directly to it (the same for pbrun, pfexec or other supported methods).
|
||||||
|
|
||||||
|
.. note:: Privilege escalation permissions have to be general, Ansible does not always use a specific command to do something but runs modules (code) from a temporary file name which changes every time. So if you have '/sbin/sevice' or '/bin/chmod' as the allowed commands this will fail with ansible.
|
||||||
|
|
||||||
|
.. seealso::
|
||||||
|
|
||||||
|
`Mailing List <http://groups.google.com/group/ansible-project>`_
|
||||||
|
Questions? Help? Ideas? Stop by the list on Google Groups
|
||||||
|
`irc.freenode.net <http://irc.freenode.net>`_
|
||||||
|
#ansible IRC chat channel
|
||||||
|
|
@ -0,0 +1,50 @@
|
|||||||
|
Common Return Values
|
||||||
|
====================
|
||||||
|
|
||||||
|
.. contents:: Topics
|
||||||
|
|
||||||
|
Ansible modules normally return a data structure that can be registered into a variable, or seen directly when using
|
||||||
|
the `ansible` program as output. Here we document the values common to all modules, each module can optionally document
|
||||||
|
its own unique returns. If these docs exist they will be visible through ansible-doc and https://docs.ansible.com.
|
||||||
|
|
||||||
|
.. _facts:
|
||||||
|
|
||||||
|
Facts
|
||||||
|
`````
|
||||||
|
|
||||||
|
Some modules return 'facts' to ansible (i.e setup), this is done through a 'ansible_facts' key and anything inside
|
||||||
|
will automatically be available for the current host directly as a variable and there is no need to
|
||||||
|
register this data.
|
||||||
|
|
||||||
|
|
||||||
|
.. _status:
|
||||||
|
|
||||||
|
Status
|
||||||
|
``````
|
||||||
|
|
||||||
|
Every module must return a status, saying if the module was successful, if anything changed or not. Ansible itself
|
||||||
|
will return a status if it skips the module due to a user condition (when: ) or running in check mode when the module
|
||||||
|
does not support it.
|
||||||
|
|
||||||
|
|
||||||
|
.. _other:
|
||||||
|
|
||||||
|
Other common returns
|
||||||
|
````````````````````
|
||||||
|
|
||||||
|
It is common on failure or success to return a 'msg' that either explains the failure or makes a note about the execution.
|
||||||
|
Some modules, specifically those that execute shell or commands directly, will return stdout and stderr, if ansible sees
|
||||||
|
a stdout in the results it will append a stdout_lines which is just a list or the lines in stdout.
|
||||||
|
|
||||||
|
.. seealso::
|
||||||
|
|
||||||
|
:doc:`modules`
|
||||||
|
Learn about available modules
|
||||||
|
`GitHub Core modules directory <https://github.com/ansible/ansible-modules-core/tree/devel>`_
|
||||||
|
Browse source of core modules
|
||||||
|
`Github Extras modules directory <https://github.com/ansible/ansible-modules-extras/tree/devel>`_
|
||||||
|
Browse source of extras modules.
|
||||||
|
`Mailing List <http://groups.google.com/group/ansible-devel>`_
|
||||||
|
Development mailing list
|
||||||
|
`irc.freenode.net <http://irc.freenode.net>`_
|
||||||
|
#ansible IRC chat channel
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue