diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-14 20:03:01 +0000 |
| commit | a453ac31f3428614cceb99027f8efbdb9258a40b (patch) | |
| tree | f61f87408f32a8511cbd91799f9cececb53e0374 /collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins | |
| parent | Initial commit. (diff) | |
| download | ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.tar.xz ansible-a453ac31f3428614cceb99027f8efbdb9258a40b.zip | |
Adding upstream version 2.10.7+merged+base+2.10.8+dfsg.upstream/2.10.7+merged+base+2.10.8+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins')
58 files changed, 19881 insertions, 0 deletions
diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/__init__.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/__init__.py diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/cloudstack.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/cloudstack.py new file mode 100644 index 00000000..af13a3af --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/doc_fragments/cloudstack.py @@ -0,0 +1,78 @@ +# -*- coding: utf-8 -*- + +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +class ModuleDocFragment(object): + + # Standard cloudstack documentation fragment + DOCUMENTATION = r''' +options: + api_key: + description: + - API key of the CloudStack API. + - If not given, the C(CLOUDSTACK_KEY) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + type: str + api_secret: + description: + - Secret key of the CloudStack API. + - If not set, the C(CLOUDSTACK_SECRET) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + type: str + api_url: + description: + - URL of the CloudStack API e.g. https://cloud.example.com/client/api. + - If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + type: str + api_http_method: + description: + - HTTP method used to query the API endpoint. + - If not given, the C(CLOUDSTACK_METHOD) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + - Fallback value is C(get) if not specified. + type: str + choices: [ get, post ] + api_timeout: + description: + - HTTP timeout in seconds. + - If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + - Fallback value is 10 seconds if not specified. + type: int + api_region: + description: + - Name of the ini section in the C(cloustack.ini) file. + - If not given, the C(CLOUDSTACK_REGION) env variable is considered. + type: str + default: cloudstack + api_verify_ssl_cert: + description: + - CA authority cert file. + - If not given, the C(CLOUDSTACK_VERIFY) env variable is considered. + - As the last option, the value is taken from the ini config file, also see the notes. + - Fallback value is C(null) if not specified. + type: str +requirements: + - python >= 2.6 + - cs >= 0.9.0 +notes: + - Ansible uses the C(cs) library's configuration method if credentials are not + provided by the arguments C(api_url), C(api_key), C(api_secret). + Configuration is read from several locations, in the following order. + The C(CLOUDSTACK_ENDPOINT), C(CLOUDSTACK_KEY), C(CLOUDSTACK_SECRET) and + C(CLOUDSTACK_METHOD). C(CLOUDSTACK_TIMEOUT) environment variables. + A C(CLOUDSTACK_CONFIG) environment variable pointing to an C(.ini) file. + A C(cloudstack.ini) file in the current working directory. + A C(.cloudstack.ini) file in the users home directory. + Optionally multiple credentials and endpoints can be specified using ini sections in C(cloudstack.ini). + Use the argument C(api_region) to select the section name, default section is C(cloudstack). + See https://github.com/exoscale/cs for more information. + - A detailed guide about cloudstack modules can be found in the L(CloudStack Cloud Guide,../scenario_guides/guide_cloudstack.html). + - This module supports check mode. +''' diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/inventory/__init__.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/inventory/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/inventory/__init__.py diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/module_utils/cloudstack.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/module_utils/cloudstack.py new file mode 100644 index 00000000..ac310ecb --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/module_utils/cloudstack.py @@ -0,0 +1,685 @@ +# -*- coding: utf-8 -*- +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# Simplified BSD License (see licenses/simplified_bsd.txt or https://opensource.org/licenses/BSD-2-Clause) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +import os +import sys +import time +import traceback + +from ansible.module_utils._text import to_text, to_native +from ansible.module_utils.basic import missing_required_lib + +CS_IMP_ERR = None +try: + from cs import CloudStack, CloudStackException, read_config + HAS_LIB_CS = True +except ImportError: + CS_IMP_ERR = traceback.format_exc() + HAS_LIB_CS = False + + +if sys.version_info > (3,): + long = int + + +def cs_argument_spec(): + return dict( + api_key=dict(default=os.environ.get('CLOUDSTACK_KEY')), + api_secret=dict(default=os.environ.get('CLOUDSTACK_SECRET'), no_log=True), + api_url=dict(default=os.environ.get('CLOUDSTACK_ENDPOINT')), + api_http_method=dict(choices=['get', 'post'], default=os.environ.get('CLOUDSTACK_METHOD')), + api_timeout=dict(type='int', default=os.environ.get('CLOUDSTACK_TIMEOUT')), + api_region=dict(default=os.environ.get('CLOUDSTACK_REGION') or 'cloudstack'), + api_verify_ssl_cert=dict(default=os.environ.get('CLOUDSTACK_VERIFY')), + ) + + +def cs_required_together(): + return [['api_key', 'api_secret']] + + +class AnsibleCloudStack: + + def __init__(self, module): + if not HAS_LIB_CS: + module.fail_json(msg=missing_required_lib('cs'), exception=CS_IMP_ERR) + + self.result = { + 'changed': False, + 'diff': { + 'before': dict(), + 'after': dict() + } + } + + # Common returns, will be merged with self.returns + # search_for_key: replace_with_key + self.common_returns = { + 'id': 'id', + 'name': 'name', + 'created': 'created', + 'zonename': 'zone', + 'state': 'state', + 'project': 'project', + 'account': 'account', + 'domain': 'domain', + 'displaytext': 'display_text', + 'displayname': 'display_name', + 'description': 'description', + } + + # Init returns dict for use in subclasses + self.returns = {} + # these values will be casted to int + self.returns_to_int = {} + # these keys will be compared case sensitive in self.has_changed() + self.case_sensitive_keys = [ + 'id', + 'displaytext', + 'displayname', + 'description', + ] + + self.module = module + self._cs = None + + # Helper for VPCs + self._vpc_networks_ids = None + + self.domain = None + self.account = None + self.project = None + self.ip_address = None + self.network = None + self.physical_network = None + self.vpc = None + self.zone = None + self.vm = None + self.vm_default_nic = None + self.os_type = None + self.hypervisor = None + self.capabilities = None + self.network_acl = None + + @property + def cs(self): + if self._cs is None: + api_config = self.get_api_config() + self._cs = CloudStack(**api_config) + return self._cs + + def get_api_config(self): + api_region = self.module.params.get('api_region') or os.environ.get('CLOUDSTACK_REGION') + try: + config = read_config(api_region) + except KeyError: + config = {} + + api_config = { + 'endpoint': self.module.params.get('api_url') or config.get('endpoint'), + 'key': self.module.params.get('api_key') or config.get('key'), + 'secret': self.module.params.get('api_secret') or config.get('secret'), + 'timeout': self.module.params.get('api_timeout') or config.get('timeout') or 10, + 'method': self.module.params.get('api_http_method') or config.get('method') or 'get', + 'verify': self.module.params.get('api_verify_ssl_cert') or config.get('verify'), + } + self.result.update({ + 'api_region': api_region, + 'api_url': api_config['endpoint'], + 'api_key': api_config['key'], + 'api_timeout': int(api_config['timeout']), + 'api_http_method': api_config['method'], + 'api_verify_ssl_cert': api_config['verify'], + }) + if not all([api_config['endpoint'], api_config['key'], api_config['secret']]): + self.fail_json(msg="Missing api credentials: can not authenticate") + return api_config + + def fail_json(self, **kwargs): + self.result.update(kwargs) + self.module.fail_json(**self.result) + + def get_or_fallback(self, key=None, fallback_key=None): + value = self.module.params.get(key) + if not value: + value = self.module.params.get(fallback_key) + return value + + def has_changed(self, want_dict, current_dict, only_keys=None, skip_diff_for_keys=None): + result = False + for key, value in want_dict.items(): + + # Optionally limit by a list of keys + if only_keys and key not in only_keys: + continue + + # Skip None values + if value is None: + continue + + if key in current_dict: + if isinstance(value, (int, float, long, complex)): + + # ensure we compare the same type + if isinstance(value, int): + current_dict[key] = int(current_dict[key]) + elif isinstance(value, float): + current_dict[key] = float(current_dict[key]) + elif isinstance(value, long): + current_dict[key] = long(current_dict[key]) + elif isinstance(value, complex): + current_dict[key] = complex(current_dict[key]) + + if value != current_dict[key]: + if skip_diff_for_keys and key not in skip_diff_for_keys: + self.result['diff']['before'][key] = current_dict[key] + self.result['diff']['after'][key] = value + result = True + else: + before_value = to_text(current_dict[key]) + after_value = to_text(value) + + if self.case_sensitive_keys and key in self.case_sensitive_keys: + if before_value != after_value: + if skip_diff_for_keys and key not in skip_diff_for_keys: + self.result['diff']['before'][key] = before_value + self.result['diff']['after'][key] = after_value + result = True + + # Test for diff in case insensitive way + elif before_value.lower() != after_value.lower(): + if skip_diff_for_keys and key not in skip_diff_for_keys: + self.result['diff']['before'][key] = before_value + self.result['diff']['after'][key] = after_value + result = True + else: + if skip_diff_for_keys and key not in skip_diff_for_keys: + self.result['diff']['before'][key] = None + self.result['diff']['after'][key] = to_text(value) + result = True + return result + + def _get_by_key(self, key=None, my_dict=None): + if my_dict is None: + my_dict = {} + if key: + if key in my_dict: + return my_dict[key] + self.fail_json(msg="Something went wrong: %s not found" % key) + return my_dict + + def query_api(self, command, **args): + try: + res = getattr(self.cs, command)(**args) + + if 'errortext' in res: + self.fail_json(msg="Failed: '%s'" % res['errortext']) + + except CloudStackException as e: + self.fail_json(msg='CloudStackException: %s' % to_native(e)) + + except Exception as e: + self.fail_json(msg=to_native(e)) + + return res + + def get_network_acl(self, key=None): + if self.network_acl is None: + args = { + 'name': self.module.params.get('network_acl'), + 'vpcid': self.get_vpc(key='id'), + } + network_acls = self.query_api('listNetworkACLLists', **args) + if network_acls: + self.network_acl = network_acls['networkacllist'][0] + self.result['network_acl'] = self.network_acl['name'] + if self.network_acl: + return self._get_by_key(key, self.network_acl) + else: + self.fail_json(msg="Network ACL %s not found" % self.module.params.get('network_acl')) + + def get_vpc(self, key=None): + """Return a VPC dictionary or the value of given key of.""" + if self.vpc: + return self._get_by_key(key, self.vpc) + + vpc = self.module.params.get('vpc') + if not vpc: + vpc = os.environ.get('CLOUDSTACK_VPC') + if not vpc: + return None + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + } + vpcs = self.query_api('listVPCs', **args) + if not vpcs: + self.fail_json(msg="No VPCs available.") + + for v in vpcs['vpc']: + if vpc in [v['name'], v['displaytext'], v['id']]: + # Fail if the identifyer matches more than one VPC + if self.vpc: + self.fail_json(msg="More than one VPC found with the provided identifyer '%s'" % vpc) + else: + self.vpc = v + self.result['vpc'] = v['name'] + if self.vpc: + return self._get_by_key(key, self.vpc) + self.fail_json(msg="VPC '%s' not found" % vpc) + + def is_vpc_network(self, network_id): + """Returns True if network is in VPC.""" + # This is an efficient way to query a lot of networks at a time + if self._vpc_networks_ids is None: + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + } + vpcs = self.query_api('listVPCs', **args) + self._vpc_networks_ids = [] + if vpcs: + for vpc in vpcs['vpc']: + for n in vpc.get('network', []): + self._vpc_networks_ids.append(n['id']) + return network_id in self._vpc_networks_ids + + def get_physical_network(self, key=None): + if self.physical_network: + return self._get_by_key(key, self.physical_network) + physical_network = self.module.params.get('physical_network') + args = { + 'zoneid': self.get_zone(key='id') + } + physical_networks = self.query_api('listPhysicalNetworks', **args) + if not physical_networks: + self.fail_json(msg="No physical networks available.") + + for net in physical_networks['physicalnetwork']: + if physical_network in [net['name'], net['id']]: + self.physical_network = net + self.result['physical_network'] = net['name'] + return self._get_by_key(key, self.physical_network) + self.fail_json(msg="Physical Network '%s' not found" % physical_network) + + def get_network(self, key=None): + """Return a network dictionary or the value of given key of.""" + if self.network: + return self._get_by_key(key, self.network) + + network = self.module.params.get('network') + if not network: + vpc_name = self.get_vpc(key='name') + if vpc_name: + self.fail_json(msg="Could not find network for VPC '%s' due missing argument: network" % vpc_name) + return None + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'vpcid': self.get_vpc(key='id') + } + networks = self.query_api('listNetworks', **args) + if not networks: + self.fail_json(msg="No networks available.") + + for n in networks['network']: + # ignore any VPC network if vpc param is not given + if 'vpcid' in n and not self.get_vpc(key='id'): + continue + if network in [n['displaytext'], n['name'], n['id']]: + self.result['network'] = n['name'] + self.network = n + return self._get_by_key(key, self.network) + self.fail_json(msg="Network '%s' not found" % network) + + def get_project(self, key=None): + if self.project: + return self._get_by_key(key, self.project) + + project = self.module.params.get('project') + if not project: + project = os.environ.get('CLOUDSTACK_PROJECT') + if not project: + return None + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id') + } + projects = self.query_api('listProjects', **args) + if projects: + for p in projects['project']: + if project.lower() in [p['name'].lower(), p['id']]: + self.result['project'] = p['name'] + self.project = p + return self._get_by_key(key, self.project) + self.fail_json(msg="project '%s' not found" % project) + + def get_pod(self, key=None): + pod_name = self.module.params.get('pod') + if not pod_name: + return None + args = { + 'name': pod_name, + 'zoneid': self.get_zone(key='id'), + } + pods = self.query_api('listPods', **args) + if pods: + return self._get_by_key(key, pods['pod'][0]) + self.module.fail_json(msg="Pod %s not found in zone %s" % (self.module.params.get('pod'), self.get_zone(key='name'))) + + def get_ip_address(self, key=None): + if self.ip_address: + return self._get_by_key(key, self.ip_address) + + ip_address = self.module.params.get('ip_address') + if not ip_address: + self.fail_json(msg="IP address param 'ip_address' is required") + + args = { + 'ipaddress': ip_address, + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'vpcid': self.get_vpc(key='id'), + } + + ip_addresses = self.query_api('listPublicIpAddresses', **args) + + if not ip_addresses: + self.fail_json(msg="IP address '%s' not found" % args['ipaddress']) + + self.ip_address = ip_addresses['publicipaddress'][0] + return self._get_by_key(key, self.ip_address) + + def get_vm_guest_ip(self): + vm_guest_ip = self.module.params.get('vm_guest_ip') + default_nic = self.get_vm_default_nic() + + if not vm_guest_ip: + return default_nic['ipaddress'] + + for secondary_ip in default_nic['secondaryip']: + if vm_guest_ip == secondary_ip['ipaddress']: + return vm_guest_ip + self.fail_json(msg="Secondary IP '%s' not assigned to VM" % vm_guest_ip) + + def get_vm_default_nic(self): + if self.vm_default_nic: + return self.vm_default_nic + + nics = self.query_api('listNics', virtualmachineid=self.get_vm(key='id')) + if nics: + for n in nics['nic']: + if n['isdefault']: + self.vm_default_nic = n + return self.vm_default_nic + self.fail_json(msg="No default IP address of VM '%s' found" % self.module.params.get('vm')) + + def get_vm(self, key=None, filter_zone=True): + if self.vm: + return self._get_by_key(key, self.vm) + + vm = self.module.params.get('vm') + if not vm: + self.fail_json(msg="Virtual machine param 'vm' is required") + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id') if filter_zone else None, + 'fetch_list': True, + } + vms = self.query_api('listVirtualMachines', **args) + if vms: + for v in vms: + if vm.lower() in [v['name'].lower(), v['displayname'].lower(), v['id']]: + self.vm = v + return self._get_by_key(key, self.vm) + self.fail_json(msg="Virtual machine '%s' not found" % vm) + + def get_disk_offering(self, key=None): + disk_offering = self.module.params.get('disk_offering') + if not disk_offering: + return None + + # Do not add domain filter for disk offering listing. + disk_offerings = self.query_api('listDiskOfferings') + if disk_offerings: + for d in disk_offerings['diskoffering']: + if disk_offering in [d['displaytext'], d['name'], d['id']]: + return self._get_by_key(key, d) + self.fail_json(msg="Disk offering '%s' not found" % disk_offering) + + def get_zone(self, key=None): + if self.zone: + return self._get_by_key(key, self.zone) + + zone = self.module.params.get('zone') + if not zone: + zone = os.environ.get('CLOUDSTACK_ZONE') + zones = self.query_api('listZones') + + if not zones: + self.fail_json(msg="No zones available. Please create a zone first") + + # use the first zone if no zone param given + if not zone: + self.module.deprecate( + msg="Using first zone as default is deprecated because of unreliable API, zone needs to be defined.", + version="2.0.0", + collection_name="ngine_io.cloudstack" + ) + self.zone = zones['zone'][0] + self.result['zone'] = self.zone['name'] + return self._get_by_key(key, self.zone) + + if zones: + for z in zones['zone']: + if zone.lower() in [z['name'].lower(), z['id']]: + self.result['zone'] = z['name'] + self.zone = z + return self._get_by_key(key, self.zone) + self.fail_json(msg="zone '%s' not found" % zone) + + def get_os_type(self, key=None): + if self.os_type: + return self._get_by_key(key, self.zone) + + os_type = self.module.params.get('os_type') + if not os_type: + return None + + os_types = self.query_api('listOsTypes') + if os_types: + for o in os_types['ostype']: + if os_type in [o['description'], o['id']]: + self.os_type = o + return self._get_by_key(key, self.os_type) + self.fail_json(msg="OS type '%s' not found" % os_type) + + def get_hypervisor(self): + if self.hypervisor: + return self.hypervisor + + hypervisor = self.module.params.get('hypervisor') + hypervisors = self.query_api('listHypervisors') + + # use the first hypervisor if no hypervisor param given + if not hypervisor: + self.hypervisor = hypervisors['hypervisor'][0]['name'] + return self.hypervisor + + for h in hypervisors['hypervisor']: + if hypervisor.lower() == h['name'].lower(): + self.hypervisor = h['name'] + return self.hypervisor + self.fail_json(msg="Hypervisor '%s' not found" % hypervisor) + + def get_account(self, key=None): + if self.account: + return self._get_by_key(key, self.account) + + account = self.module.params.get('account') + if not account: + account = os.environ.get('CLOUDSTACK_ACCOUNT') + if not account: + return None + + domain = self.module.params.get('domain') + if not domain: + self.fail_json(msg="Account must be specified with Domain") + + args = { + 'name': account, + 'domainid': self.get_domain(key='id'), + 'listall': True + } + accounts = self.query_api('listAccounts', **args) + if accounts: + self.account = accounts['account'][0] + self.result['account'] = self.account['name'] + return self._get_by_key(key, self.account) + self.fail_json(msg="Account '%s' not found" % account) + + def get_domain(self, key=None): + if self.domain: + return self._get_by_key(key, self.domain) + + domain = self.module.params.get('domain') + if not domain: + domain = os.environ.get('CLOUDSTACK_DOMAIN') + if not domain: + return None + + args = { + 'listall': True, + } + domains = self.query_api('listDomains', **args) + if domains: + for d in domains['domain']: + if d['path'].lower() in [domain.lower(), "root/" + domain.lower(), "root" + domain.lower()]: + self.domain = d + self.result['domain'] = d['path'] + return self._get_by_key(key, self.domain) + self.fail_json(msg="Domain '%s' not found" % domain) + + def query_tags(self, resource, resource_type): + args = { + 'resourceid': resource['id'], + 'resourcetype': resource_type, + } + tags = self.query_api('listTags', **args) + return self.get_tags(resource=tags, key='tag') + + def get_tags(self, resource=None, key='tags'): + existing_tags = [] + for tag in resource.get(key) or []: + existing_tags.append({'key': tag['key'], 'value': tag['value']}) + return existing_tags + + def _process_tags(self, resource, resource_type, tags, operation="create"): + if tags: + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'resourceids': resource['id'], + 'resourcetype': resource_type, + 'tags': tags, + } + if operation == "create": + response = self.query_api('createTags', **args) + else: + response = self.query_api('deleteTags', **args) + self.poll_job(response) + + def _tags_that_should_exist_or_be_updated(self, resource, tags): + existing_tags = self.get_tags(resource) + return [tag for tag in tags if tag not in existing_tags] + + def _tags_that_should_not_exist(self, resource, tags): + existing_tags = self.get_tags(resource) + return [tag for tag in existing_tags if tag not in tags] + + def ensure_tags(self, resource, resource_type=None): + if not resource_type or not resource: + self.fail_json(msg="Error: Missing resource or resource_type for tags.") + + if 'tags' in resource: + tags = self.module.params.get('tags') + if tags is not None: + self._process_tags(resource, resource_type, self._tags_that_should_not_exist(resource, tags), operation="delete") + self._process_tags(resource, resource_type, self._tags_that_should_exist_or_be_updated(resource, tags)) + resource['tags'] = self.query_tags(resource=resource, resource_type=resource_type) + return resource + + def get_capabilities(self, key=None): + if self.capabilities: + return self._get_by_key(key, self.capabilities) + capabilities = self.query_api('listCapabilities') + self.capabilities = capabilities['capability'] + return self._get_by_key(key, self.capabilities) + + def poll_job(self, job=None, key=None): + if 'jobid' in job: + while True: + res = self.query_api('queryAsyncJobResult', jobid=job['jobid']) + if res['jobstatus'] != 0 and 'jobresult' in res: + + if 'errortext' in res['jobresult']: + self.fail_json(msg="Failed: '%s'" % res['jobresult']['errortext']) + + if key and key in res['jobresult']: + job = res['jobresult'][key] + + break + time.sleep(2) + return job + + def update_result(self, resource, result=None): + if result is None: + result = dict() + if resource: + returns = self.common_returns.copy() + returns.update(self.returns) + for search_key, return_key in returns.items(): + if search_key in resource: + result[return_key] = resource[search_key] + + # Bad bad API does not always return int when it should. + for search_key, return_key in self.returns_to_int.items(): + if search_key in resource: + result[return_key] = int(resource[search_key]) + + if 'tags' in resource: + result['tags'] = resource['tags'] + return result + + def get_result(self, resource): + return self.update_result(resource, self.result) + + def get_result_and_facts(self, facts_name, resource): + result = self.get_result(resource) + + ansible_facts = { + facts_name: result.copy() + } + for k in ['diff', 'changed']: + if k in ansible_facts[facts_name]: + del ansible_facts[facts_name][k] + + result.update(ansible_facts=ansible_facts) + return result diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/__init__.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/__init__.py diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_account.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_account.py new file mode 100644 index 00000000..694f62d7 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_account.py @@ -0,0 +1,450 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_account +short_description: Manages accounts on Apache CloudStack based clouds. +description: + - Create, disable, lock, enable and remove accounts. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of account. + type: str + required: true + username: + description: + - Username of the user to be created if account did not exist. + - Required on I(state=present). + type: str + password: + description: + - Password of the user to be created if account did not exist. + - Required on I(state=present) if I(ldap_domain) is not set. + type: str + first_name: + description: + - First name of the user to be created if account did not exist. + - Required on I(state=present) if I(ldap_domain) is not set. + type: str + last_name: + description: + - Last name of the user to be created if account did not exist. + - Required on I(state=present) if I(ldap_domain) is not set. + type: str + email: + description: + - Email of the user to be created if account did not exist. + - Required on I(state=present) if I(ldap_domain) is not set. + type: str + timezone: + description: + - Timezone of the user to be created if account did not exist. + type: str + network_domain: + description: + - Network domain of the account. + type: str + account_type: + description: + - Type of the account. + type: str + choices: [ user, root_admin, domain_admin ] + default: user + domain: + description: + - Domain the account is related to. + type: str + default: ROOT + role: + description: + - Creates the account under the specified role name or id. + type: str + ldap_domain: + description: + - Name of the LDAP group or OU to bind. + - If set, account will be linked to LDAP. + type: str + ldap_type: + description: + - Type of the ldap name. GROUP or OU, defaults to GROUP. + type: str + choices: [ GROUP, OU ] + default: GROUP + state: + description: + - State of the account. + - C(unlocked) is an alias for C(enabled). + type: str + choices: [ present, absent, enabled, disabled, locked, unlocked ] + default: present + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack + +''' + +EXAMPLES = ''' +- name: create an account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + username: customer_xy + password: S3Cur3 + last_name: Doe + first_name: John + email: john.doe@example.com + domain: CUSTOMERS + role: Domain Admin + +- name: Lock an existing account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + domain: CUSTOMERS + state: locked + +- name: Disable an existing account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + domain: CUSTOMERS + state: disabled + +- name: Enable an existing account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + domain: CUSTOMERS + state: enabled + +- name: Remove an account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + domain: CUSTOMERS + state: absent + +- name: Create a single user LDAP account in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_account: + name: customer_xy + username: customer_xy + domain: CUSTOMERS + ldap_domain: cn=customer_xy,cn=team_xy,ou=People,dc=domain,dc=local + +- name: Create a LDAP account in domain 'CUSTOMERS' and bind it to a LDAP group + ngine_io.cloudstack.cs_account: + name: team_xy + username: customer_xy + domain: CUSTOMERS + ldap_domain: cn=team_xy,ou=People,dc=domain,dc=local +''' + +RETURN = ''' +--- +id: + description: UUID of the account. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +name: + description: Name of the account. + returned: success + type: str + sample: linus@example.com +account_type: + description: Type of the account. + returned: success + type: str + sample: user +state: + description: State of the account. + returned: success + type: str + sample: enabled +network_domain: + description: Network domain of the account. + returned: success + type: str + sample: example.local +domain: + description: Domain the account is related. + returned: success + type: str + sample: ROOT +role: + description: The role name of the account + returned: success + type: str + sample: Domain Admin +''' + +# import cloudstack common +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackAccount(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackAccount, self).__init__(module) + self.returns = { + 'networkdomain': 'network_domain', + 'rolename': 'role', + } + self.account = None + self.account_types = { + 'user': 0, + 'root_admin': 1, + 'domain_admin': 2, + } + + def get_role_id(self): + role_param = self.module.params.get('role') + role_id = None + + if role_param: + role_list = self.query_api('listRoles') + for role in role_list['role']: + if role_param in [role['name'], role['id']]: + role_id = role['id'] + + if not role_id: + self.module.fail_json(msg="Role not found: %s" % role_param) + + return role_id + + def get_account_type(self): + account_type = self.module.params.get('account_type') + return self.account_types[account_type] + + def get_account(self): + if not self.account: + args = { + 'listall': True, + 'domainid': self.get_domain(key='id'), + 'fetch_list': True, + } + accounts = self.query_api('listAccounts', **args) + if accounts: + account_name = self.module.params.get('name') + for a in accounts: + if account_name == a['name']: + self.account = a + break + + return self.account + + def enable_account(self): + account = self.get_account() + if not account: + account = self.present_account() + + if account['state'].lower() != 'enabled': + self.result['changed'] = True + args = { + 'id': account['id'], + 'account': self.module.params.get('name'), + 'domainid': self.get_domain(key='id') + } + if not self.module.check_mode: + res = self.query_api('enableAccount', **args) + account = res['account'] + return account + + def lock_account(self): + return self.lock_or_disable_account(lock=True) + + def disable_account(self): + return self.lock_or_disable_account() + + def lock_or_disable_account(self, lock=False): + account = self.get_account() + if not account: + account = self.present_account() + + # we need to enable the account to lock it. + if lock and account['state'].lower() == 'disabled': + account = self.enable_account() + + if (lock and account['state'].lower() != 'locked' or + not lock and account['state'].lower() != 'disabled'): + self.result['changed'] = True + args = { + 'id': account['id'], + 'account': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + 'lock': lock, + } + if not self.module.check_mode: + account = self.query_api('disableAccount', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + account = self.poll_job(account, 'account') + return account + + def present_account(self): + account = self.get_account() + + if not account: + self.result['changed'] = True + + if self.module.params.get('ldap_domain'): + required_params = [ + 'domain', + 'username', + ] + self.module.fail_on_missing_params(required_params=required_params) + + account = self.create_ldap_account(account) + + else: + required_params = [ + 'email', + 'username', + 'password', + 'first_name', + 'last_name', + ] + self.module.fail_on_missing_params(required_params=required_params) + + account = self.create_account(account) + + return account + + def create_ldap_account(self, account): + args = { + 'account': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + 'accounttype': self.get_account_type(), + 'networkdomain': self.module.params.get('network_domain'), + 'username': self.module.params.get('username'), + 'timezone': self.module.params.get('timezone'), + 'roleid': self.get_role_id() + } + if not self.module.check_mode: + res = self.query_api('ldapCreateAccount', **args) + account = res['account'] + + args = { + 'account': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + 'accounttype': self.get_account_type(), + 'ldapdomain': self.module.params.get('ldap_domain'), + 'type': self.module.params.get('ldap_type') + } + + self.query_api('linkAccountToLdap', **args) + + return account + + def create_account(self, account): + args = { + 'account': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + 'accounttype': self.get_account_type(), + 'networkdomain': self.module.params.get('network_domain'), + 'username': self.module.params.get('username'), + 'password': self.module.params.get('password'), + 'firstname': self.module.params.get('first_name'), + 'lastname': self.module.params.get('last_name'), + 'email': self.module.params.get('email'), + 'timezone': self.module.params.get('timezone'), + 'roleid': self.get_role_id() + } + if not self.module.check_mode: + res = self.query_api('createAccount', **args) + account = res['account'] + + return account + + def absent_account(self): + account = self.get_account() + if account: + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('deleteAccount', id=account['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'account') + return account + + def get_result(self, account): + super(AnsibleCloudStackAccount, self).get_result(account) + if account: + if 'accounttype' in account: + for key, value in self.account_types.items(): + if value == account['accounttype']: + self.result['account_type'] = key + break + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + state=dict(choices=['present', 'absent', 'enabled', 'disabled', 'locked', 'unlocked'], default='present'), + account_type=dict(choices=['user', 'root_admin', 'domain_admin'], default='user'), + network_domain=dict(), + domain=dict(default='ROOT'), + email=dict(), + first_name=dict(), + last_name=dict(), + username=dict(), + password=dict(no_log=True), + timezone=dict(), + role=dict(), + ldap_domain=dict(), + ldap_type=dict(choices=['GROUP', 'OU'], default='GROUP'), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_acc = AnsibleCloudStackAccount(module) + + state = module.params.get('state') + + if state in ['absent']: + account = acs_acc.absent_account() + + elif state in ['enabled', 'unlocked']: + account = acs_acc.enable_account() + + elif state in ['disabled']: + account = acs_acc.disable_account() + + elif state in ['locked']: + account = acs_acc.lock_account() + + else: + account = acs_acc.present_account() + + result = acs_acc.get_result(account) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_affinitygroup.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_affinitygroup.py new file mode 100644 index 00000000..46c1b176 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_affinitygroup.py @@ -0,0 +1,230 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_affinitygroup +short_description: Manages affinity groups on Apache CloudStack based clouds. +description: + - Create and remove affinity groups. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the affinity group. + type: str + required: true + affinity_type: + description: + - Type of the affinity group. If not specified, first found affinity type is used. + type: str + description: + description: + - Description of the affinity group. + type: str + state: + description: + - State of the affinity group. + type: str + choices: [ present, absent ] + default: present + domain: + description: + - Domain the affinity group is related to. + type: str + account: + description: + - Account the affinity group is related to. + type: str + project: + description: + - Name of the project the affinity group is related to. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack + +''' + +EXAMPLES = ''' +- name: Create a affinity group + ngine_io.cloudstack.cs_affinitygroup: + name: haproxy + affinity_type: host anti-affinity + +- name: Remove a affinity group + ngine_io.cloudstack.cs_affinitygroup: + name: haproxy + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the affinity group. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +name: + description: Name of affinity group. + returned: success + type: str + sample: app +description: + description: Description of affinity group. + returned: success + type: str + sample: application affinity group +affinity_type: + description: Type of affinity group. + returned: success + type: str + sample: host anti-affinity +project: + description: Name of project the affinity group is related to. + returned: success + type: str + sample: Production +domain: + description: Domain the affinity group is related to. + returned: success + type: str + sample: example domain +account: + description: Account the affinity group is related to. + returned: success + type: str + sample: example account +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackAffinityGroup(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackAffinityGroup, self).__init__(module) + self.returns = { + 'type': 'affinity_type', + } + self.affinity_group = None + + def get_affinity_group(self): + if not self.affinity_group: + + args = { + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'name': self.module.params.get('name'), + } + affinity_groups = self.query_api('listAffinityGroups', **args) + if affinity_groups: + self.affinity_group = affinity_groups['affinitygroup'][0] + return self.affinity_group + + def get_affinity_type(self): + affinity_type = self.module.params.get('affinity_type') + + affinity_types = self.query_api('listAffinityGroupTypes', ) + if affinity_types: + if not affinity_type: + return affinity_types['affinityGroupType'][0]['type'] + + for a in affinity_types['affinityGroupType']: + if a['type'] == affinity_type: + return a['type'] + self.module.fail_json(msg="affinity group type not found: %s" % affinity_type) + + def create_affinity_group(self): + affinity_group = self.get_affinity_group() + if not affinity_group: + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'type': self.get_affinity_type(), + 'description': self.module.params.get('description'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + } + if not self.module.check_mode: + res = self.query_api('createAffinityGroup', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + affinity_group = self.poll_job(res, 'affinitygroup') + return affinity_group + + def remove_affinity_group(self): + affinity_group = self.get_affinity_group() + if affinity_group: + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + } + if not self.module.check_mode: + res = self.query_api('deleteAffinityGroup', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + self.poll_job(res, 'affinitygroup') + return affinity_group + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + affinity_type=dict(), + description=dict(), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_ag = AnsibleCloudStackAffinityGroup(module) + + state = module.params.get('state') + if state in ['absent']: + affinity_group = acs_ag.remove_affinity_group() + else: + affinity_group = acs_ag.create_affinity_group() + + result = acs_ag.get_result(affinity_group) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_cluster.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_cluster.py new file mode 100644 index 00000000..88ea35f2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_cluster.py @@ -0,0 +1,375 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_cluster +short_description: Manages host clusters on Apache CloudStack based clouds. +description: + - Create, update and remove clusters. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - name of the cluster. + type: str + required: true + zone: + description: + - Name of the zone in which the cluster belongs to. + - If not set, default zone is used. + type: str + pod: + description: + - Name of the pod in which the cluster belongs to. + type: str + cluster_type: + description: + - Type of the cluster. + - Required if I(state=present) + type: str + choices: [ CloudManaged, ExternalManaged ] + hypervisor: + description: + - Name the hypervisor to be used. + - Required if I(state=present). + - Possible values are C(KVM), C(VMware), C(BareMetal), C(XenServer), C(LXC), C(HyperV), C(UCS), C(OVM), C(Simulator). + type: str + url: + description: + - URL for the cluster + type: str + username: + description: + - Username for the cluster. + type: str + password: + description: + - Password for the cluster. + type: str + guest_vswitch_name: + description: + - Name of virtual switch used for guest traffic in the cluster. + - This would override zone wide traffic label setting. + type: str + guest_vswitch_type: + description: + - Type of virtual switch used for guest traffic in the cluster. + - Allowed values are, vmwaresvs (for VMware standard vSwitch) and vmwaredvs (for VMware distributed vSwitch) + type: str + choices: [ vmwaresvs, vmwaredvs ] + public_vswitch_name: + description: + - Name of virtual switch used for public traffic in the cluster. + - This would override zone wide traffic label setting. + type: str + public_vswitch_type: + description: + - Type of virtual switch used for public traffic in the cluster. + - Allowed values are, vmwaresvs (for VMware standard vSwitch) and vmwaredvs (for VMware distributed vSwitch) + type: str + choices: [ vmwaresvs, vmwaredvs ] + vms_ip_address: + description: + - IP address of the VSM associated with this cluster. + type: str + vms_username: + description: + - Username for the VSM associated with this cluster. + type: str + vms_password: + description: + - Password for the VSM associated with this cluster. + type: str + ovm3_cluster: + description: + - Ovm3 native OCFS2 clustering enabled for cluster. + type: str + ovm3_pool: + description: + - Ovm3 native pooling enabled for cluster. + type: str + ovm3_vip: + description: + - Ovm3 vip to use for pool (and cluster). + type: str + state: + description: + - State of the cluster. + type: str + choices: [ present, absent, disabled, enabled ] + default: present +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a cluster is present + ngine_io.cloudstack.cs_cluster: + name: kvm-cluster-01 + zone: ch-zrh-ix-01 + hypervisor: KVM + cluster_type: CloudManaged + +- name: Ensure a cluster is disabled + ngine_io.cloudstack.cs_cluster: + name: kvm-cluster-01 + zone: ch-zrh-ix-01 + state: disabled + +- name: Ensure a cluster is enabled + ngine_io.cloudstack.cs_cluster: + name: kvm-cluster-01 + zone: ch-zrh-ix-01 + state: enabled + +- name: Ensure a cluster is absent + ngine_io.cloudstack.cs_cluster: + name: kvm-cluster-01 + zone: ch-zrh-ix-01 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the cluster. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the cluster. + returned: success + type: str + sample: cluster01 +allocation_state: + description: State of the cluster. + returned: success + type: str + sample: Enabled +cluster_type: + description: Type of the cluster. + returned: success + type: str + sample: ExternalManaged +cpu_overcommit_ratio: + description: The CPU overcommit ratio of the cluster. + returned: success + type: str + sample: 1.0 +memory_overcommit_ratio: + description: The memory overcommit ratio of the cluster. + returned: success + type: str + sample: 1.0 +managed_state: + description: Whether this cluster is managed by CloudStack. + returned: success + type: str + sample: Managed +ovm3_vip: + description: Ovm3 VIP to use for pooling and/or clustering + returned: success + type: str + sample: 10.10.10.101 +hypervisor: + description: Hypervisor of the cluster + returned: success + type: str + sample: VMware +zone: + description: Name of zone the cluster is in. + returned: success + type: str + sample: ch-gva-2 +pod: + description: Name of pod the cluster is in. + returned: success + type: str + sample: pod01 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackCluster(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackCluster, self).__init__(module) + self.returns = { + 'allocationstate': 'allocation_state', + 'hypervisortype': 'hypervisor', + 'clustertype': 'cluster_type', + 'podname': 'pod', + 'managedstate': 'managed_state', + 'memoryovercommitratio': 'memory_overcommit_ratio', + 'cpuovercommitratio': 'cpu_overcommit_ratio', + 'ovm3vip': 'ovm3_vip', + } + self.cluster = None + + def _get_common_cluster_args(self): + args = { + 'clustername': self.module.params.get('name'), + 'hypervisor': self.module.params.get('hypervisor'), + 'clustertype': self.module.params.get('cluster_type'), + } + state = self.module.params.get('state') + if state in ['enabled', 'disabled']: + args['allocationstate'] = state.capitalize() + return args + + def get_cluster(self): + if not self.cluster: + args = {} + + uuid = self.module.params.get('id') + if uuid: + args['id'] = uuid + clusters = self.query_api('listClusters', **args) + if clusters: + self.cluster = clusters['cluster'][0] + return self.cluster + + args['name'] = self.module.params.get('name') + clusters = self.query_api('listClusters', **args) + if clusters: + self.cluster = clusters['cluster'][0] + # fix different return from API then request argument given + self.cluster['hypervisor'] = self.cluster['hypervisortype'] + self.cluster['clustername'] = self.cluster['name'] + return self.cluster + + def present_cluster(self): + cluster = self.get_cluster() + if cluster: + cluster = self._update_cluster() + else: + cluster = self._create_cluster() + return cluster + + def _create_cluster(self): + required_params = [ + 'cluster_type', + 'hypervisor', + ] + self.module.fail_on_missing_params(required_params=required_params) + + args = self._get_common_cluster_args() + args['zoneid'] = self.get_zone(key='id') + args['podid'] = self.get_pod(key='id') + args['url'] = self.module.params.get('url') + args['username'] = self.module.params.get('username') + args['password'] = self.module.params.get('password') + args['guestvswitchname'] = self.module.params.get('guest_vswitch_name') + args['guestvswitchtype'] = self.module.params.get('guest_vswitch_type') + args['publicvswitchtype'] = self.module.params.get('public_vswitch_name') + args['publicvswitchtype'] = self.module.params.get('public_vswitch_type') + args['vsmipaddress'] = self.module.params.get('vms_ip_address') + args['vsmusername'] = self.module.params.get('vms_username') + args['vmspassword'] = self.module.params.get('vms_password') + args['ovm3cluster'] = self.module.params.get('ovm3_cluster') + args['ovm3pool'] = self.module.params.get('ovm3_pool') + args['ovm3vip'] = self.module.params.get('ovm3_vip') + + self.result['changed'] = True + + cluster = None + if not self.module.check_mode: + res = self.query_api('addCluster', **args) + + # API returns a list as result CLOUDSTACK-9205 + if isinstance(res['cluster'], list): + cluster = res['cluster'][0] + else: + cluster = res['cluster'] + return cluster + + def _update_cluster(self): + cluster = self.get_cluster() + + args = self._get_common_cluster_args() + args['id'] = cluster['id'] + + if self.has_changed(args, cluster): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateCluster', **args) + cluster = res['cluster'] + + return cluster + + def absent_cluster(self): + cluster = self.get_cluster() + if cluster: + self.result['changed'] = True + + args = { + 'id': cluster['id'], + } + + if not self.module.check_mode: + self.query_api('deleteCluster', **args) + + return cluster + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + zone=dict(), + pod=dict(), + cluster_type=dict(choices=['CloudManaged', 'ExternalManaged']), + hypervisor=dict(), + state=dict(choices=['present', 'enabled', 'disabled', 'absent'], default='present'), + url=dict(), + username=dict(), + password=dict(no_log=True), + guest_vswitch_name=dict(), + guest_vswitch_type=dict(choices=['vmwaresvs', 'vmwaredvs']), + public_vswitch_name=dict(), + public_vswitch_type=dict(choices=['vmwaresvs', 'vmwaredvs']), + vms_ip_address=dict(), + vms_username=dict(), + vms_password=dict(no_log=True), + ovm3_cluster=dict(), + ovm3_pool=dict(), + ovm3_vip=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_cluster = AnsibleCloudStackCluster(module) + + state = module.params.get('state') + if state in ['absent']: + cluster = acs_cluster.absent_cluster() + else: + cluster = acs_cluster.present_cluster() + + result = acs_cluster.get_result(cluster) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_configuration.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_configuration.py new file mode 100644 index 00000000..dd11d932 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_configuration.py @@ -0,0 +1,270 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_configuration +short_description: Manages configuration on Apache CloudStack based clouds. +description: + - Manages global, zone, account, storage and cluster configurations. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the configuration. + type: str + required: true + value: + description: + - Value of the configuration. + type: str + required: true + account: + description: + - Ensure the value for corresponding account. + type: str + domain: + description: + - Domain the account is related to. + - Only considered if I(account) is used. + type: str + default: ROOT + zone: + description: + - Ensure the value for corresponding zone. + type: str + storage: + description: + - Ensure the value for corresponding storage pool. + type: str + cluster: + description: + - Ensure the value for corresponding cluster. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure global configuration + ngine_io.cloudstack.cs_configuration: + name: router.reboot.when.outofband.migrated + value: false + +- name: Ensure zone configuration + ngine_io.cloudstack.cs_configuration: + name: router.reboot.when.outofband.migrated + zone: ch-gva-01 + value: true + +- name: Ensure storage configuration + ngine_io.cloudstack.cs_configuration: + name: storage.overprovisioning.factor + storage: storage01 + value: 2.0 + +- name: Ensure account configuration + ngine_io.cloudstack.cs_configuration: + name: allow.public.user.templates + value: false + account: acme inc + domain: customers +''' + +RETURN = ''' +--- +category: + description: Category of the configuration. + returned: success + type: str + sample: Advanced +scope: + description: Scope (zone/cluster/storagepool/account) of the parameter that needs to be updated. + returned: success + type: str + sample: storagepool +description: + description: Description of the configuration. + returned: success + type: str + sample: Setup the host to do multipath +name: + description: Name of the configuration. + returned: success + type: str + sample: zone.vlan.capacity.notificationthreshold +value: + description: Value of the configuration. + returned: success + type: str + sample: "0.75" +account: + description: Account of the configuration. + returned: success + type: str + sample: admin +Domain: + description: Domain of account of the configuration. + returned: success + type: str + sample: ROOT +zone: + description: Zone of the configuration. + returned: success + type: str + sample: ch-gva-01 +cluster: + description: Cluster of the configuration. + returned: success + type: str + sample: cluster01 +storage: + description: Storage of the configuration. + returned: success + type: str + sample: storage01 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackConfiguration(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackConfiguration, self).__init__(module) + self.returns = { + 'category': 'category', + 'scope': 'scope', + 'value': 'value', + } + self.storage = None + self.account = None + self.cluster = None + + def _get_common_configuration_args(self): + args = { + 'name': self.module.params.get('name'), + 'accountid': self.get_account(key='id'), + 'storageid': self.get_storage(key='id'), + 'zoneid': self.get_zone(key='id'), + 'clusterid': self.get_cluster(key='id'), + } + return args + + def get_zone(self, key=None): + # make sure we do net use the default zone + zone = self.module.params.get('zone') + if zone: + return super(AnsibleCloudStackConfiguration, self).get_zone(key=key) + + def get_cluster(self, key=None): + if not self.cluster: + cluster_name = self.module.params.get('cluster') + if not cluster_name: + return None + args = { + 'name': cluster_name, + } + clusters = self.query_api('listClusters', **args) + if clusters: + self.cluster = clusters['cluster'][0] + self.result['cluster'] = self.cluster['name'] + else: + self.module.fail_json(msg="Cluster %s not found." % cluster_name) + return self._get_by_key(key=key, my_dict=self.cluster) + + def get_storage(self, key=None): + if not self.storage: + storage_pool_name = self.module.params.get('storage') + if not storage_pool_name: + return None + args = { + 'name': storage_pool_name, + } + storage_pools = self.query_api('listStoragePools', **args) + if storage_pools: + self.storage = storage_pools['storagepool'][0] + self.result['storage'] = self.storage['name'] + else: + self.module.fail_json(msg="Storage pool %s not found." % storage_pool_name) + return self._get_by_key(key=key, my_dict=self.storage) + + def get_configuration(self): + configuration = None + args = self._get_common_configuration_args() + args['fetch_list'] = True + configurations = self.query_api('listConfigurations', **args) + if not configurations: + self.module.fail_json(msg="Configuration %s not found." % args['name']) + for config in configurations: + if args['name'] == config['name']: + configuration = config + return configuration + + def get_value(self): + value = str(self.module.params.get('value')) + if value in ('True', 'False'): + value = value.lower() + return value + + def present_configuration(self): + configuration = self.get_configuration() + args = self._get_common_configuration_args() + args['value'] = self.get_value() + empty_value = args['value'] in [None, ''] and 'value' not in configuration + if self.has_changed(args, configuration, ['value']) and not empty_value: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateConfiguration', **args) + configuration = res['configuration'] + return configuration + + def get_result(self, configuration): + self.result = super(AnsibleCloudStackConfiguration, self).get_result(configuration) + if self.account: + self.result['account'] = self.account['name'] + self.result['domain'] = self.domain['path'] + elif self.zone: + self.result['zone'] = self.zone['name'] + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + value=dict(type='str', required=True), + zone=dict(), + storage=dict(), + cluster=dict(), + account=dict(), + domain=dict(default='ROOT') + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_configuration = AnsibleCloudStackConfiguration(module) + configuration = acs_configuration.present_configuration() + result = acs_configuration.get_result(configuration) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_disk_offering.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_disk_offering.py new file mode 100644 index 00000000..b9bd4570 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_disk_offering.py @@ -0,0 +1,375 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2018, David Passante <@dpassante> +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_disk_offering +description: + - Create and delete disk offerings for guest VMs. + - Update display_text or display_offering of existing disk offering. +short_description: Manages disk offerings on Apache CloudStack based clouds. +author: + - David Passante (@dpassante) + - René Moser (@resmo) +version_added: 0.1.0 +options: + disk_size: + description: + - Size of the disk offering in GB (1GB = 1,073,741,824 bytes). + type: int + bytes_read_rate: + description: + - Bytes read rate of the disk offering. + type: int + bytes_write_rate: + description: + - Bytes write rate of the disk offering. + type: int + display_text: + description: + - Display text of the disk offering. + - If not set, C(name) will be used as C(display_text) while creating. + type: str + domain: + description: + - Domain the disk offering is related to. + - Public for all domains and subdomains if not set. + type: str + hypervisor_snapshot_reserve: + description: + - Hypervisor snapshot reserve space as a percent of a volume. + - Only for managed storage using Xen or VMware. + type: int + customized: + description: + - Whether disk offering iops is custom or not. + type: bool + iops_read_rate: + description: + - IO requests read rate of the disk offering. + type: int + iops_write_rate: + description: + - IO requests write rate of the disk offering. + type: int + iops_max: + description: + - Max. iops of the disk offering. + type: int + iops_min: + description: + - Min. iops of the disk offering. + type: int + name: + description: + - Name of the disk offering. + type: str + required: true + provisioning_type: + description: + - Provisioning type used to create volumes. + type: str + choices: [ thin, sparse, fat ] + state: + description: + - State of the disk offering. + type: str + choices: [ present, absent ] + default: present + storage_type: + description: + - The storage type of the disk offering. + type: str + choices: [ local, shared ] + storage_tags: + description: + - The storage tags for this disk offering. + type: list + elements: str + aliases: [ storage_tag ] + display_offering: + description: + - An optional field, whether to display the offering to the end user or not. + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a disk offering with local storage + ngine_io.cloudstack.cs_disk_offering: + name: small + display_text: Small 10GB + disk_size: 10 + storage_type: local + +- name: Create or update a disk offering with shared storage + ngine_io.cloudstack.cs_disk_offering: + name: small + display_text: Small 10GB + disk_size: 10 + storage_type: shared + storage_tags: SAN01 + +- name: Remove a disk offering + ngine_io.cloudstack.cs_disk_offering: + name: small + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the disk offering + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +disk_size: + description: Size of the disk offering in GB + returned: success + type: int + sample: 10 +iops_max: + description: Max iops of the disk offering + returned: success + type: int + sample: 1000 +iops_min: + description: Min iops of the disk offering + returned: success + type: int + sample: 500 +bytes_read_rate: + description: Bytes read rate of the disk offering + returned: success + type: int + sample: 1000 +bytes_write_rate: + description: Bytes write rate of the disk offering + returned: success + type: int + sample: 1000 +iops_read_rate: + description: IO requests per second read rate of the disk offering + returned: success + type: int + sample: 1000 +iops_write_rate: + description: IO requests per second write rate of the disk offering + returned: success + type: int + sample: 1000 +created: + description: Date the offering was created + returned: success + type: str + sample: 2017-11-19T10:48:59+0000 +display_text: + description: Display text of the offering + returned: success + type: str + sample: Small 10GB +domain: + description: Domain the offering is into + returned: success + type: str + sample: ROOT +storage_tags: + description: List of storage tags + returned: success + type: list + sample: [ 'eco' ] +customized: + description: Whether the offering uses custom IOPS or not + returned: success + type: bool + sample: false +name: + description: Name of the system offering + returned: success + type: str + sample: Micro +provisioning_type: + description: Provisioning type used to create volumes + returned: success + type: str + sample: thin +storage_type: + description: Storage type used to create volumes + returned: success + type: str + sample: shared +display_offering: + description: Whether to display the offering to the end user or not. + returned: success + type: bool + sample: false +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackDiskOffering(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackDiskOffering, self).__init__(module) + self.returns = { + 'disksize': 'disk_size', + 'diskBytesReadRate': 'bytes_read_rate', + 'diskBytesWriteRate': 'bytes_write_rate', + 'diskIopsReadRate': 'iops_read_rate', + 'diskIopsWriteRate': 'iops_write_rate', + 'maxiops': 'iops_max', + 'miniops': 'iops_min', + 'hypervisorsnapshotreserve': 'hypervisor_snapshot_reserve', + 'customized': 'customized', + 'provisioningtype': 'provisioning_type', + 'storagetype': 'storage_type', + 'tags': 'storage_tags', + 'displayoffering': 'display_offering', + } + + self.disk_offering = None + + def get_disk_offering(self): + args = { + 'name': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + } + disk_offerings = self.query_api('listDiskOfferings', **args) + if disk_offerings: + for disk_offer in disk_offerings['diskoffering']: + if args['name'] == disk_offer['name']: + self.disk_offering = disk_offer + + return self.disk_offering + + def present_disk_offering(self): + disk_offering = self.get_disk_offering() + if not disk_offering: + disk_offering = self._create_offering(disk_offering) + else: + disk_offering = self._update_offering(disk_offering) + + return disk_offering + + def absent_disk_offering(self): + disk_offering = self.get_disk_offering() + if disk_offering: + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'id': disk_offering['id'], + } + self.query_api('deleteDiskOffering', **args) + return disk_offering + + def _create_offering(self, disk_offering): + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'disksize': self.module.params.get('disk_size'), + 'bytesreadrate': self.module.params.get('bytes_read_rate'), + 'byteswriterate': self.module.params.get('bytes_write_rate'), + 'customized': self.module.params.get('customized'), + 'domainid': self.get_domain(key='id'), + 'hypervisorsnapshotreserve': self.module.params.get('hypervisor_snapshot_reserve'), + 'iopsreadrate': self.module.params.get('iops_read_rate'), + 'iopswriterate': self.module.params.get('iops_write_rate'), + 'maxiops': self.module.params.get('iops_max'), + 'miniops': self.module.params.get('iops_min'), + 'provisioningtype': self.module.params.get('provisioning_type'), + 'diskofferingdetails': self.module.params.get('disk_offering_details'), + 'storagetype': self.module.params.get('storage_type'), + 'tags': self.module.params.get('storage_tags'), + 'displayoffering': self.module.params.get('display_offering'), + } + if not self.module.check_mode: + res = self.query_api('createDiskOffering', **args) + disk_offering = res['diskoffering'] + return disk_offering + + def _update_offering(self, disk_offering): + args = { + 'id': disk_offering['id'], + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'displayoffering': self.module.params.get('display_offering'), + } + if self.has_changed(args, disk_offering): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateDiskOffering', **args) + disk_offering = res['diskoffering'] + return disk_offering + + def get_result(self, disk_offering): + super(AnsibleCloudStackDiskOffering, self).get_result(disk_offering) + if disk_offering: + # Prevent confusion, the api returns a tags key for storage tags. + if 'tags' in disk_offering: + self.result['storage_tags'] = disk_offering['tags'].split(',') or [disk_offering['tags']] + if 'tags' in self.result: + del self.result['tags'] + + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + domain=dict(), + disk_size=dict(type='int'), + display_offering=dict(type='bool'), + hypervisor_snapshot_reserve=dict(type='int'), + bytes_read_rate=dict(type='int'), + bytes_write_rate=dict(type='int'), + customized=dict(type='bool'), + iops_read_rate=dict(type='int'), + iops_write_rate=dict(type='int'), + iops_max=dict(type='int'), + iops_min=dict(type='int'), + provisioning_type=dict(choices=['thin', 'sparse', 'fat']), + storage_type=dict(choices=['local', 'shared']), + storage_tags=dict(type='list', elements='str', aliases=['storage_tag']), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_do = AnsibleCloudStackDiskOffering(module) + + state = module.params.get('state') + if state == "absent": + disk_offering = acs_do.absent_disk_offering() + else: + disk_offering = acs_do.present_disk_offering() + + result = acs_do.get_result(disk_offering) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_domain.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_domain.py new file mode 100644 index 00000000..68177164 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_domain.py @@ -0,0 +1,244 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_domain +short_description: Manages domains on Apache CloudStack based clouds. +description: + - Create, update and remove domains. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + path: + description: + - Path of the domain. + - Prefix C(ROOT/) or C(/ROOT/) in path is optional. + type: str + required: true + network_domain: + description: + - Network domain for networks in the domain. + type: str + clean_up: + description: + - Clean up all domain resources like child domains and accounts. + - Considered on I(state=absent). + type: bool + default: no + state: + description: + - State of the domain. + type: str + choices: [ present, absent ] + default: present + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a domain + ngine_io.cloudstack.cs_domain: + path: ROOT/customers + network_domain: customers.example.com + +- name: Create another subdomain + ngine_io.cloudstack.cs_domain: + path: ROOT/customers/xy + network_domain: xy.customers.example.com + +- name: Remove a domain + ngine_io.cloudstack.cs_domain: + path: ROOT/customers/xy + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the domain. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +name: + description: Name of the domain. + returned: success + type: str + sample: customers +path: + description: Domain path. + returned: success + type: str + sample: /ROOT/customers +parent_domain: + description: Parent domain of the domain. + returned: success + type: str + sample: ROOT +network_domain: + description: Network domain of the domain. + returned: success + type: str + sample: example.local +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackDomain(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackDomain, self).__init__(module) + self.returns = { + 'path': 'path', + 'networkdomain': 'network_domain', + 'parentdomainname': 'parent_domain', + } + self.domain = None + + def _get_domain_internal(self, path=None): + if not path: + path = self.module.params.get('path') + + if path.endswith('/'): + self.module.fail_json(msg="Path '%s' must not end with /" % path) + + path = path.lower() + + if path.startswith('/') and not path.startswith('/root/'): + path = "root" + path + elif not path.startswith('root/'): + path = "root/" + path + + args = { + 'listall': True, + 'fetch_list': True, + } + + domains = self.query_api('listDomains', **args) + if domains: + for d in domains: + if path == d['path'].lower(): + return d + return None + + def get_name(self): + # last part of the path is the name + name = self.module.params.get('path').split('/')[-1:] + return name + + def get_domain(self, key=None): + if not self.domain: + self.domain = self._get_domain_internal() + return self._get_by_key(key, self.domain) + + def get_parent_domain(self, key=None): + path = self.module.params.get('path') + # cut off last /* + path = '/'.join(path.split('/')[:-1]) + if not path: + return None + parent_domain = self._get_domain_internal(path=path) + if not parent_domain: + self.module.fail_json(msg="Parent domain path %s does not exist" % path) + return self._get_by_key(key, parent_domain) + + def present_domain(self): + domain = self.get_domain() + if not domain: + domain = self.create_domain(domain) + else: + domain = self.update_domain(domain) + return domain + + def create_domain(self, domain): + self.result['changed'] = True + + args = { + 'name': self.get_name(), + 'parentdomainid': self.get_parent_domain(key='id'), + 'networkdomain': self.module.params.get('network_domain') + } + if not self.module.check_mode: + res = self.query_api('createDomain', **args) + domain = res['domain'] + return domain + + def update_domain(self, domain): + args = { + 'id': domain['id'], + 'networkdomain': self.module.params.get('network_domain') + } + if self.has_changed(args, domain): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateDomain', **args) + domain = res['domain'] + return domain + + def absent_domain(self): + domain = self.get_domain() + if domain: + self.result['changed'] = True + + if not self.module.check_mode: + args = { + 'id': domain['id'], + 'cleanup': self.module.params.get('clean_up') + } + res = self.query_api('deleteDomain', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + res = self.poll_job(res, 'domain') + return domain + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + path=dict(required=True), + state=dict(choices=['present', 'absent'], default='present'), + network_domain=dict(), + clean_up=dict(type='bool', default=False), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_dom = AnsibleCloudStackDomain(module) + + state = module.params.get('state') + if state in ['absent']: + domain = acs_dom.absent_domain() + else: + domain = acs_dom.present_domain() + + result = acs_dom.get_result(domain) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_facts.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_facts.py new file mode 100644 index 00000000..e60d5e80 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_facts.py @@ -0,0 +1,231 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_facts +short_description: Gather facts on instances of Apache CloudStack based clouds. +description: + - This module fetches data from the metadata API in CloudStack. The module must be called from within the instance itself. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + filter: + description: + - Filter for a specific fact. + type: str + choices: + - cloudstack_service_offering + - cloudstack_availability_zone + - cloudstack_public_hostname + - cloudstack_public_ipv4 + - cloudstack_local_hostname + - cloudstack_local_ipv4 + - cloudstack_instance_id + - cloudstack_user_data + meta_data_host: + description: + - Host or IP of the meta data API service. + - If not set, determination by parsing the dhcp lease file. + type: str +requirements: [ yaml ] +''' + +EXAMPLES = ''' +# Gather all facts on instances +- name: Gather cloudstack facts + ngine_io.cloudstack.cs_facts: + +# Gather specific fact on instances +- name: Gather cloudstack facts + ngine_io.cloudstack.cs_facts: filter=cloudstack_instance_id + +# Gather specific fact on instances with a given meta_data_host +- name: Gather cloudstack facts + ngine_io.cloudstack.cs_facts: + filter: cloudstack_instance_id + meta_data_host: 169.254.169.254 +''' + +RETURN = ''' +--- +cloudstack_availability_zone: + description: zone the instance is deployed in. + returned: success + type: str + sample: ch-gva-2 +cloudstack_instance_id: + description: UUID of the instance. + returned: success + type: str + sample: ab4e80b0-3e7e-4936-bdc5-e334ba5b0139 +cloudstack_local_hostname: + description: local hostname of the instance. + returned: success + type: str + sample: VM-ab4e80b0-3e7e-4936-bdc5-e334ba5b0139 +cloudstack_local_ipv4: + description: local IPv4 of the instance. + returned: success + type: str + sample: 185.19.28.35 +cloudstack_public_hostname: + description: public IPv4 of the router. Same as I(cloudstack_public_ipv4). + returned: success + type: str + sample: VM-ab4e80b0-3e7e-4936-bdc5-e334ba5b0139 +cloudstack_public_ipv4: + description: public IPv4 of the router. + returned: success + type: str + sample: 185.19.28.35 +cloudstack_service_offering: + description: service offering of the instance. + returned: success + type: str + sample: Micro 512mb 1cpu +cloudstack_user_data: + description: data of the instance provided by users. + returned: success + type: dict + sample: { "bla": "foo" } +''' + +import os +import traceback +from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils.urls import fetch_url +from ansible.module_utils.facts import ansible_collector, default_collectors + +YAML_IMP_ERR = None +try: + import yaml + HAS_LIB_YAML = True +except ImportError: + YAML_IMP_ERR = traceback.format_exc() + HAS_LIB_YAML = False + +CS_METADATA_BASE_URL = "http://%s/latest/meta-data" +CS_USERDATA_BASE_URL = "http://%s/latest/user-data" + + +class CloudStackFacts(object): + + def __init__(self): + collector = ansible_collector.get_ansible_collector(all_collector_classes=default_collectors.collectors, + filter_spec='default_ipv4', + gather_subset=['!all', 'network'], + gather_timeout=10) + self.facts = collector.collect(module) + + self.api_ip = None + self.fact_paths = { + 'cloudstack_service_offering': 'service-offering', + 'cloudstack_availability_zone': 'availability-zone', + 'cloudstack_public_hostname': 'public-hostname', + 'cloudstack_public_ipv4': 'public-ipv4', + 'cloudstack_local_hostname': 'local-hostname', + 'cloudstack_local_ipv4': 'local-ipv4', + 'cloudstack_instance_id': 'instance-id' + } + + def run(self): + result = {} + filter = module.params.get('filter') + if not filter: + for key, path in self.fact_paths.items(): + result[key] = self._fetch(CS_METADATA_BASE_URL + "/" + path) + result['cloudstack_user_data'] = self._get_user_data_json() + else: + if filter == 'cloudstack_user_data': + result['cloudstack_user_data'] = self._get_user_data_json() + elif filter in self.fact_paths: + result[filter] = self._fetch(CS_METADATA_BASE_URL + "/" + self.fact_paths[filter]) + return result + + def _get_user_data_json(self): + try: + # this data come form users, we try what we can to parse it... + return yaml.safe_load(self._fetch(CS_USERDATA_BASE_URL)) + except Exception: + return None + + def _fetch(self, path): + api_ip = self._get_api_ip() + if not api_ip: + return None + api_url = path % api_ip + (response, info) = fetch_url(module, api_url, force=True) + if response: + data = response.read() + else: + data = None + return data + + def _get_dhcp_lease_file(self): + """Return the path of the lease file.""" + default_iface = self.facts['default_ipv4']['interface'] + dhcp_lease_file_locations = [ + '/var/lib/dhcp/dhclient.%s.leases' % default_iface, # debian / ubuntu + '/var/lib/dhclient/dhclient-%s.leases' % default_iface, # centos 6 + '/var/lib/dhclient/dhclient--%s.lease' % default_iface, # centos 7 + '/var/db/dhclient.leases.%s' % default_iface, # openbsd + ] + for file_path in dhcp_lease_file_locations: + if os.path.exists(file_path): + return file_path + module.fail_json(msg="Could not find dhclient leases file.") + + def _get_api_ip(self): + """Return the IP of the DHCP server.""" + if module.params.get('meta_data_host'): + return module.params.get('meta_data_host') + elif not self.api_ip: + dhcp_lease_file = self._get_dhcp_lease_file() + for line in open(dhcp_lease_file): + if 'dhcp-server-identifier' in line: + # get IP of string "option dhcp-server-identifier 185.19.28.176;" + line = line.translate(None, ';') + self.api_ip = line.split()[2] + break + if not self.api_ip: + module.fail_json(msg="No dhcp-server-identifier found in leases file.") + return self.api_ip + + +def main(): + global module + module = AnsibleModule( + argument_spec=dict( + filter=dict(default=None, choices=[ + 'cloudstack_service_offering', + 'cloudstack_availability_zone', + 'cloudstack_public_hostname', + 'cloudstack_public_ipv4', + 'cloudstack_local_hostname', + 'cloudstack_local_ipv4', + 'cloudstack_instance_id', + 'cloudstack_user_data', + ]), + meta_data_host=dict(), + ), + supports_check_mode=True + ) + + if not HAS_LIB_YAML: + module.fail_json(msg=missing_required_lib("PyYAML"), exception=YAML_IMP_ERR) + + cs_facts = CloudStackFacts().run() + cs_facts_result = dict(changed=False, ansible_facts=cs_facts) + module.exit_json(**cs_facts_result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_firewall.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_firewall.py new file mode 100644 index 00000000..f8878877 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_firewall.py @@ -0,0 +1,439 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright: (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_firewall +short_description: Manages firewall rules on Apache CloudStack based clouds. +description: + - Creates and removes firewall rules. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + ip_address: + description: + - Public IP address the ingress rule is assigned to. + - Required if I(type=ingress). + type: str + network: + description: + - Network the egress rule is related to. + - Required if I(type=egress). + type: str + state: + description: + - State of the firewall rule. + type: str + default: present + choices: [ present, absent ] + type: + description: + - Type of the firewall rule. + type: str + default: ingress + choices: [ ingress, egress ] + protocol: + description: + - Protocol of the firewall rule. + - C(all) is only available if I(type=egress). + type: str + default: tcp + choices: [ tcp, udp, icmp, all ] + cidrs: + description: + - List of CIDRs (full notation) to be used for firewall rule. + - Since version 2.5, it is a list of CIDR. + elements: str + type: list + default: 0.0.0.0/0 + aliases: [ cidr ] + start_port: + description: + - Start port for this rule. + - Considered if I(protocol=tcp) or I(protocol=udp). + type: int + aliases: [ port ] + end_port: + description: + - End port for this rule. Considered if I(protocol=tcp) or I(protocol=udp). + - If not specified, equal I(start_port). + type: int + icmp_type: + description: + - Type of the icmp message being sent. + - Considered if I(protocol=icmp). + type: int + icmp_code: + description: + - Error code for this icmp message. + - Considered if I(protocol=icmp). + type: int + domain: + description: + - Domain the firewall rule is related to. + type: str + account: + description: + - Account the firewall rule is related to. + type: str + project: + description: + - Name of the project the firewall rule is related to. + type: str + zone: + description: + - Name of the zone in which the virtual machine is in. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set an empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Allow inbound port 80/tcp from 1.2.3.4 to 4.3.2.1 + ngine_io.cloudstack.cs_firewall: + ip_address: 4.3.2.1 + port: 80 + cidr: 1.2.3.4/32 + +- name: Allow inbound tcp/udp port 53 to 4.3.2.1 + ngine_io.cloudstack.cs_firewall: + ip_address: 4.3.2.1 + port: 53 + protocol: '{{ item }}' + with_items: + - tcp + - udp + +- name: Ensure firewall rule is removed + ngine_io.cloudstack.cs_firewall: + ip_address: 4.3.2.1 + start_port: 8000 + end_port: 8888 + cidr: 17.0.0.0/8 + state: absent + +- name: Allow all outbound traffic + ngine_io.cloudstack.cs_firewall: + network: my_network + type: egress + protocol: all + +- name: Allow only HTTP outbound traffic for an IP + ngine_io.cloudstack.cs_firewall: + network: my_network + type: egress + port: 80 + cidr: 10.101.1.20 +''' + +RETURN = ''' +--- +id: + description: UUID of the rule. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +ip_address: + description: IP address of the rule if C(type=ingress) + returned: success + type: str + sample: 10.100.212.10 +type: + description: Type of the rule. + returned: success + type: str + sample: ingress +cidr: + description: CIDR string of the rule. + returned: success + type: str + sample: 0.0.0.0/0 +cidrs: + description: CIDR list of the rule. + returned: success + type: list + sample: [ '0.0.0.0/0' ] +protocol: + description: Protocol of the rule. + returned: success + type: str + sample: tcp +start_port: + description: Start port of the rule. + returned: success + type: int + sample: 80 +end_port: + description: End port of the rule. + returned: success + type: int + sample: 80 +icmp_code: + description: ICMP code of the rule. + returned: success + type: int + sample: 1 +icmp_type: + description: ICMP type of the rule. + returned: success + type: int + sample: 1 +network: + description: Name of the network if C(type=egress) + returned: success + type: str + sample: my_network +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackFirewall(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackFirewall, self).__init__(module) + self.returns = { + 'cidrlist': 'cidr', + 'startport': 'start_port', + 'endport': 'end_port', + 'protocol': 'protocol', + 'ipaddress': 'ip_address', + 'icmpcode': 'icmp_code', + 'icmptype': 'icmp_type', + } + self.firewall_rule = None + self.network = None + + def get_firewall_rule(self): + if not self.firewall_rule: + cidrs = self.module.params.get('cidrs') + protocol = self.module.params.get('protocol') + start_port = self.module.params.get('start_port') + end_port = self.get_or_fallback('end_port', 'start_port') + icmp_code = self.module.params.get('icmp_code') + icmp_type = self.module.params.get('icmp_type') + fw_type = self.module.params.get('type') + + if protocol in ['tcp', 'udp'] and not (start_port and end_port): + self.module.fail_json(msg="missing required argument for protocol '%s': start_port or end_port" % protocol) + + if protocol == 'icmp' and not icmp_type: + self.module.fail_json(msg="missing required argument for protocol 'icmp': icmp_type") + + if protocol == 'all' and fw_type != 'egress': + self.module.fail_json(msg="protocol 'all' could only be used for type 'egress'") + + args = { + 'account': self.get_account('name'), + 'domainid': self.get_domain('id'), + 'projectid': self.get_project('id'), + 'fetch_list': True, + } + if fw_type == 'egress': + args['networkid'] = self.get_network(key='id') + if not args['networkid']: + self.module.fail_json(msg="missing required argument for type egress: network") + + # CloudStack 4.11 use the network cidr for 0.0.0.0/0 in egress + # That is why we need to replace it. + network_cidr = self.get_network(key='cidr') + egress_cidrs = [network_cidr if cidr == '0.0.0.0/0' else cidr for cidr in cidrs] + + firewall_rules = self.query_api('listEgressFirewallRules', **args) + else: + args['ipaddressid'] = self.get_ip_address('id') + if not args['ipaddressid']: + self.module.fail_json(msg="missing required argument for type ingress: ip_address") + egress_cidrs = None + + firewall_rules = self.query_api('listFirewallRules', **args) + + if firewall_rules: + for rule in firewall_rules: + type_match = self._type_cidrs_match(rule, cidrs, egress_cidrs) + + protocol_match = ( + self._tcp_udp_match(rule, protocol, start_port, end_port) or + self._icmp_match(rule, protocol, icmp_code, icmp_type) or + self._egress_all_match(rule, protocol, fw_type) + ) + + if type_match and protocol_match: + self.firewall_rule = rule + break + return self.firewall_rule + + def _tcp_udp_match(self, rule, protocol, start_port, end_port): + return ( + protocol in ['tcp', 'udp'] and + protocol == rule['protocol'] and + start_port == int(rule['startport']) and + end_port == int(rule['endport']) + ) + + def _egress_all_match(self, rule, protocol, fw_type): + return ( + protocol in ['all'] and + protocol == rule['protocol'] and + fw_type == 'egress' + ) + + def _icmp_match(self, rule, protocol, icmp_code, icmp_type): + return ( + protocol == 'icmp' and + protocol == rule['protocol'] and + icmp_code == rule['icmpcode'] and + icmp_type == rule['icmptype'] + ) + + def _type_cidrs_match(self, rule, cidrs, egress_cidrs): + if egress_cidrs is not None: + return ",".join(egress_cidrs) == rule['cidrlist'] or ",".join(cidrs) == rule['cidrlist'] + else: + return ",".join(cidrs) == rule['cidrlist'] + + def create_firewall_rule(self): + firewall_rule = self.get_firewall_rule() + if not firewall_rule: + self.result['changed'] = True + + args = { + 'cidrlist': self.module.params.get('cidrs'), + 'protocol': self.module.params.get('protocol'), + 'startport': self.module.params.get('start_port'), + 'endport': self.get_or_fallback('end_port', 'start_port'), + 'icmptype': self.module.params.get('icmp_type'), + 'icmpcode': self.module.params.get('icmp_code') + } + + fw_type = self.module.params.get('type') + if not self.module.check_mode: + if fw_type == 'egress': + args['networkid'] = self.get_network(key='id') + res = self.query_api('createEgressFirewallRule', **args) + else: + args['ipaddressid'] = self.get_ip_address('id') + res = self.query_api('createFirewallRule', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + firewall_rule = self.poll_job(res, 'firewallrule') + + if firewall_rule: + firewall_rule = self.ensure_tags(resource=firewall_rule, resource_type='Firewallrule') + self.firewall_rule = firewall_rule + + return firewall_rule + + def remove_firewall_rule(self): + firewall_rule = self.get_firewall_rule() + if firewall_rule: + self.result['changed'] = True + + args = { + 'id': firewall_rule['id'] + } + + fw_type = self.module.params.get('type') + if not self.module.check_mode: + if fw_type == 'egress': + res = self.query_api('deleteEgressFirewallRule', **args) + else: + res = self.query_api('deleteFirewallRule', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'firewallrule') + return firewall_rule + + def get_result(self, firewall_rule): + super(AnsibleCloudStackFirewall, self).get_result(firewall_rule) + if firewall_rule: + self.result['type'] = self.module.params.get('type') + if self.result['type'] == 'egress': + self.result['network'] = self.get_network(key='displaytext') + if 'cidrlist' in firewall_rule: + self.result['cidrs'] = firewall_rule['cidrlist'].split(',') or [firewall_rule['cidrlist']] + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + ip_address=dict(), + network=dict(), + cidrs=dict(type='list', elements='str', default='0.0.0.0/0', aliases=['cidr']), + protocol=dict(choices=['tcp', 'udp', 'icmp', 'all'], default='tcp'), + type=dict(choices=['ingress', 'egress'], default='ingress'), + icmp_type=dict(type='int'), + icmp_code=dict(type='int'), + start_port=dict(type='int', aliases=['port']), + end_port=dict(type='int'), + state=dict(choices=['present', 'absent'], default='present'), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + required_together = cs_required_together() + required_together.extend([ + ['icmp_type', 'icmp_code'], + ]) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=required_together, + required_one_of=( + ['ip_address', 'network'], + ), + mutually_exclusive=( + ['icmp_type', 'start_port'], + ['icmp_type', 'end_port'], + ['ip_address', 'network'], + ), + supports_check_mode=True + ) + + acs_fw = AnsibleCloudStackFirewall(module) + + state = module.params.get('state') + if state in ['absent']: + fw_rule = acs_fw.remove_firewall_rule() + else: + fw_rule = acs_fw.create_firewall_rule() + + result = acs_fw.get_result(fw_rule) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_host.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_host.py new file mode 100644 index 00000000..111b4e0e --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_host.py @@ -0,0 +1,607 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_host +short_description: Manages hosts on Apache CloudStack based clouds. +description: + - Create, update and remove hosts. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the host. + type: str + required: true + aliases: [ ip_address ] + url: + description: + - Url of the host used to create a host. + - If not provided, C(http://) and param I(name) is used as url. + - Only considered if I(state=present) and host does not yet exist. + type: str + username: + description: + - Username for the host. + - Required if I(state=present) and host does not yet exist. + type: str + password: + description: + - Password for the host. + - Required if I(state=present) and host does not yet exist. + type: str + pod: + description: + - Name of the pod. + - Required if I(state=present) and host does not yet exist. + type: str + cluster: + description: + - Name of the cluster. + type: str + hypervisor: + description: + - Name of the cluster. + - Required if I(state=present) and host does not yet exist. + - Possible values are C(KVM), C(VMware), C(BareMetal), C(XenServer), C(LXC), C(HyperV), C(UCS), C(OVM), C(Simulator). + type: str + allocation_state: + description: + - Allocation state of the host. + type: str + choices: [ enabled, disabled, maintenance ] + host_tags: + description: + - Tags of the host. + type: list + elements: str + aliases: [ host_tag ] + state: + description: + - State of the host. + type: str + default: present + choices: [ present, absent ] + zone: + description: + - Name of the zone in which the host should be deployed. + - If not set, default zone is used. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a host is present but disabled + ngine_io.cloudstack.cs_host: + name: pod01.zone01.example.com + cluster: vcenter.example.com/zone01/cluster01 + pod: pod01 + zone: zone01 + hypervisor: VMware + allocation_state: disabled + host_tags: + - perf + - gpu + +- name: Ensure an existing host is disabled + ngine_io.cloudstack.cs_host: + name: pod01.zone01.example.com + zone: zone01 + allocation_state: disabled + +- name: Ensure an existing host is enabled + ngine_io.cloudstack.cs_host: + name: pod01.zone01.example.com + zone: zone01 + allocation_state: enabled + +- name: Ensure a host is absent + ngine_io.cloudstack.cs_host: + name: pod01.zone01.example.com + zone: zone01 + state: absent +''' + +RETURN = ''' +--- +capabilities: + description: Capabilities of the host. + returned: success + type: str + sample: hvm +cluster: + description: Cluster of the host. + returned: success + type: str + sample: vcenter.example.com/zone/cluster01 +cluster_type: + description: Type of the cluster of the host. + returned: success + type: str + sample: ExternalManaged +cpu_allocated: + description: Amount in percent of the host's CPU currently allocated. + returned: success + type: str + sample: 166.25% +cpu_number: + description: Number of CPUs of the host. + returned: success + type: str + sample: 24 +cpu_sockets: + description: Number of CPU sockets of the host. + returned: success + type: int + sample: 2 +cpu_speed: + description: CPU speed in Mhz + returned: success + type: int + sample: 1999 +cpu_used: + description: Amount of the host's CPU currently used. + returned: success + type: str + sample: 33.6% +cpu_with_overprovisioning: + description: Amount of the host's CPU after applying the cpu.overprovisioning.factor. + returned: success + type: str + sample: 959520.0 +created: + description: Date when the host was created. + returned: success + type: str + sample: 2015-05-03T15:05:51+0200 +disconnected: + description: Date when the host was disconnected. + returned: success + type: str + sample: 2015-05-03T15:05:51+0200 +disk_size_allocated: + description: Host's currently allocated disk size. + returned: success + type: int + sample: 2593 +disk_size_total: + description: Total disk size of the host + returned: success + type: int + sample: 259300 +events: + description: Events available for the host + returned: success + type: str + sample: "Ping; HostDown; AgentConnected; AgentDisconnected; PingTimeout; ShutdownRequested; Remove; StartAgentRebalance; ManagementServerDown" +ha_host: + description: Whether the host is a HA host. + returned: success + type: bool + sample: false +has_enough_capacity: + description: Whether the host has enough CPU and RAM capacity to migrate a VM to it. + returned: success + type: bool + sample: true +host_tags: + description: Comma-separated list of tags for the host. + returned: success + type: str + sample: "perf" +hypervisor: + description: Host's hypervisor. + returned: success + type: str + sample: VMware +hypervisor_version: + description: Hypervisor version. + returned: success + type: str + sample: 5.1 +ip_address: + description: IP address of the host + returned: success + type: str + sample: 10.10.10.1 +is_local_storage_active: + description: Whether the local storage is available or not. + returned: success + type: bool + sample: false +last_pinged: + description: Date and time the host was last pinged. + returned: success + type: str + sample: "1970-01-17T17:27:32+0100" +management_server_id: + description: Management server ID of the host. + returned: success + type: int + sample: 345050593418 +memory_allocated: + description: Amount of the host's memory currently allocated. + returned: success + type: int + sample: 69793218560 +memory_total: + description: Total of memory of the host. + returned: success + type: int + sample: 206085263360 +memory_used: + description: Amount of the host's memory currently used. + returned: success + type: int + sample: 65504776192 +name: + description: Name of the host. + returned: success + type: str + sample: esx32.example.com +network_kbs_read: + description: Incoming network traffic on the host. + returned: success + type: int + sample: 0 +network_kbs_write: + description: Outgoing network traffic on the host. + returned: success + type: int + sample: 0 +os_category: + description: OS category name of the host. + returned: success + type: str + sample: ... +out_of_band_management: + description: Host out-of-band management information. + returned: success + type: str + sample: ... +pod: + description: Pod name of the host. + returned: success + type: str + sample: Pod01 +removed: + description: Date and time the host was removed. + returned: success + type: str + sample: "1970-01-17T17:27:32+0100" +resource_state: + description: Resource state of the host. + returned: success + type: str + sample: Enabled +allocation_state:: + description: Allocation state of the host. + returned: success + type: str + sample: enabled +state: + description: State of the host. + returned: success + type: str + sample: Up +suitable_for_migration: + description: Whether this host is suitable (has enough capacity and satisfies all conditions like hosttags, max guests VM limit, etc) to migrate a VM + to it or not. + returned: success + type: str + sample: true +host_type: + description: Type of the host. + returned: success + type: str + sample: Routing +host_version: + description: Version of the host. + returned: success + type: str + sample: 4.5.2 +gpu_group: + description: GPU cards present in the host. + returned: success + type: list + sample: [] +zone: + description: Zone of the host. + returned: success + type: str + sample: zone01 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) +import time + + +class AnsibleCloudStackHost(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackHost, self).__init__(module) + self.returns = { + 'averageload': 'average_load', + 'capabilities': 'capabilities', + 'clustername': 'cluster', + 'clustertype': 'cluster_type', + 'cpuallocated': 'cpu_allocated', + 'cpunumber': 'cpu_number', + 'cpusockets': 'cpu_sockets', + 'cpuspeed': 'cpu_speed', + 'cpuused': 'cpu_used', + 'cpuwithoverprovisioning': 'cpu_with_overprovisioning', + 'disconnected': 'disconnected', + 'details': 'details', + 'disksizeallocated': 'disk_size_allocated', + 'disksizetotal': 'disk_size_total', + 'events': 'events', + 'hahost': 'ha_host', + 'hasenoughcapacity': 'has_enough_capacity', + 'hypervisor': 'hypervisor', + 'hypervisorversion': 'hypervisor_version', + 'ipaddress': 'ip_address', + 'islocalstorageactive': 'is_local_storage_active', + 'lastpinged': 'last_pinged', + 'managementserverid': 'management_server_id', + 'memoryallocated': 'memory_allocated', + 'memorytotal': 'memory_total', + 'memoryused': 'memory_used', + 'networkkbsread': 'network_kbs_read', + 'networkkbswrite': 'network_kbs_write', + 'oscategoryname': 'os_category', + 'outofbandmanagement': 'out_of_band_management', + 'podname': 'pod', + 'removed': 'removed', + 'resourcestate': 'resource_state', + 'suitableformigration': 'suitable_for_migration', + 'type': 'host_type', + 'version': 'host_version', + 'gpugroup': 'gpu_group', + } + # States only usable by the updateHost API + self.allocation_states_for_update = { + 'enabled': 'Enable', + 'disabled': 'Disable', + } + self.host = None + + def get_cluster(self, key=None): + cluster_name = self.module.params.get('cluster') + if not cluster_name: + return None + args = { + 'name': cluster_name, + 'zoneid': self.get_zone(key='id'), + } + clusters = self.query_api('listClusters', **args) + if clusters: + return self._get_by_key(key, clusters['cluster'][0]) + self.module.fail_json(msg="Cluster %s not found" % cluster_name) + + def get_host_tags(self): + host_tags = self.module.params.get('host_tags') + if host_tags is None: + return None + return ','.join(host_tags) + + def get_host(self, refresh=False): + if self.host is not None and not refresh: + return self.host + + name = self.module.params.get('name') + args = { + 'zoneid': self.get_zone(key='id'), + 'fetch_list': True, + } + res = self.query_api('listHosts', **args) + if res: + for h in res: + if name in [h['ipaddress'], h['name']]: + self.host = h + return self.host + + def _handle_allocation_state(self, host): + allocation_state = self.module.params.get('allocation_state') + if not allocation_state: + return host + + host = self._set_host_allocation_state(host) + + # In case host in maintenance and target is maintenance + if host['allocationstate'].lower() == allocation_state and allocation_state == 'maintenance': + return host + + # Cancel maintenance if target state is enabled/disabled + elif allocation_state in list(self.allocation_states_for_update.keys()): + host = self.disable_maintenance(host) + host = self._update_host(host, self.allocation_states_for_update[allocation_state]) + + # Only an enabled host can put in maintenance + elif allocation_state == 'maintenance': + host = self._update_host(host, 'Enable') + host = self.enable_maintenance(host) + + return host + + def _set_host_allocation_state(self, host): + if host is None: + host['allocationstate'] = 'Enable' + + # Set host allocationstate to be disabled/enabled + elif host['resourcestate'].lower() in list(self.allocation_states_for_update.keys()): + host['allocationstate'] = self.allocation_states_for_update[host['resourcestate'].lower()] + + else: + host['allocationstate'] = host['resourcestate'] + + return host + + def present_host(self): + host = self.get_host() + + if not host: + host = self._create_host(host) + else: + host = self._update_host(host) + + if host: + host = self._handle_allocation_state(host) + + return host + + def _get_url(self): + url = self.module.params.get('url') + if url: + return url + else: + return "http://%s" % self.module.params.get('name') + + def _create_host(self, host): + required_params = [ + 'password', + 'username', + 'hypervisor', + 'pod', + ] + self.module.fail_on_missing_params(required_params=required_params) + self.result['changed'] = True + args = { + 'hypervisor': self.module.params.get('hypervisor'), + 'url': self._get_url(), + 'username': self.module.params.get('username'), + 'password': self.module.params.get('password'), + 'podid': self.get_pod(key='id'), + 'zoneid': self.get_zone(key='id'), + 'clusterid': self.get_cluster(key='id'), + 'hosttags': self.get_host_tags(), + } + if not self.module.check_mode: + host = self.query_api('addHost', **args) + host = host['host'][0] + return host + + def _update_host(self, host, allocation_state=None): + args = { + 'id': host['id'], + 'hosttags': self.get_host_tags(), + 'allocationstate': allocation_state, + } + + if allocation_state is not None: + host = self._set_host_allocation_state(host) + + if self.has_changed(args, host): + self.result['changed'] = True + if not self.module.check_mode: + host = self.query_api('updateHost', **args) + host = host['host'] + + return host + + def absent_host(self): + host = self.get_host() + if host: + self.result['changed'] = True + args = { + 'id': host['id'], + } + if not self.module.check_mode: + res = self.enable_maintenance(host) + if res: + res = self.query_api('deleteHost', **args) + return host + + def enable_maintenance(self, host): + if host['resourcestate'] not in ['PrepareForMaintenance', 'Maintenance']: + self.result['changed'] = True + args = { + 'id': host['id'], + } + if not self.module.check_mode: + res = self.query_api('prepareHostForMaintenance', **args) + self.poll_job(res, 'host') + host = self._poll_for_maintenance() + return host + + def disable_maintenance(self, host): + if host['resourcestate'] in ['PrepareForMaintenance', 'Maintenance']: + self.result['changed'] = True + args = { + 'id': host['id'], + } + if not self.module.check_mode: + res = self.query_api('cancelHostMaintenance', **args) + host = self.poll_job(res, 'host') + return host + + def _poll_for_maintenance(self): + for i in range(0, 300): + time.sleep(2) + host = self.get_host(refresh=True) + if not host: + return None + elif host['resourcestate'] != 'PrepareForMaintenance': + return host + self.fail_json(msg="Polling for maintenance timed out") + + def get_result(self, host): + super(AnsibleCloudStackHost, self).get_result(host) + if host: + self.result['allocation_state'] = host['resourcestate'].lower() + self.result['host_tags'] = host['hosttags'].split(',') if host.get('hosttags') else [] + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True, aliases=['ip_address']), + url=dict(), + password=dict(no_log=True), + username=dict(), + hypervisor=dict(), + allocation_state=dict(choices=['enabled', 'disabled', 'maintenance']), + pod=dict(), + cluster=dict(), + host_tags=dict(type='list', elements='str', aliases=['host_tag']), + zone=dict(), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_host = AnsibleCloudStackHost(module) + + state = module.params.get('state') + if state == 'absent': + host = acs_host.absent_host() + else: + host = acs_host.present_host() + + result = acs_host.get_result(host) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_image_store.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_image_store.py new file mode 100644 index 00000000..b97d6e26 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_image_store.py @@ -0,0 +1,246 @@ +#!/usr/bin/python + +# Copyright: (c) 2019, Patryk Cichy @PatTheSilent +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_image_store + +short_description: Manages CloudStack Image Stores. + + +description: + - Deploy, remove, recreate CloudStack Image Stores. + +version_added: 0.1.0 +options: + url: + description: + - The URL for the Image Store. + - Required when I(state=present). + type: str + name: + description: + - The ID of the Image Store. Required when deleting a Image Store. + required: true + type: str + zone: + description: + - The Zone name for the Image Store. + required: true + type: str + state: + description: + - Stage of the Image Store + choices: [present, absent] + default: present + type: str + provider: + description: + - The image store provider name. Required when creating a new Image Store + type: str + force_recreate: + description: + - Set to C(yes) if you're changing an existing Image Store. + - This will force the recreation of the Image Store. + - Recreation might fail if there are snapshots present on the Image Store. Delete them before running the recreation. + type: bool + default: no + +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack + + +author: + - Patryk Cichy (@PatTheSilent) +''' + +EXAMPLES = ''' +- name: Add a Image Store (NFS) + ngine_io.cloudstack.cs_image_store: + zone: zone-01 + name: nfs-01 + provider: NFS + url: nfs://192.168.21.16/exports/secondary + + +# Change the NFS share URL and force a Image Store recreation +- name: Change the NFS url + ngine_io.cloudstack.cs_image_store: + zone: zone-01 + name: nfs-01 + provider: NFS + force_recreate: yes + url: nfs://192.168.21.10/shares/secondary + +- name: delete the image store + ngine_io.cloudstack.cs_image_store: + name: nfs-01 + zone: zone-01 + state: absent + +''' + +RETURN = ''' +id: + description: the ID of the image store + type: str + returned: success + sample: feb11a84-a093-45eb-b84d-7f680313c40b +name: + description: the name of the image store + type: str + returned: success + sample: nfs-01 +protocol: + description: the protocol of the image store + type: str + returned: success + sample: nfs +provider_name: + description: the provider name of the image store + type: str + returned: success + sample: NFS +scope: + description: the scope of the image store + type: str + returned: success + sample: ZONE +url: + description: the url of the image store + type: str + sample: nfs://192.168.21.16/exports/secondary + returned: success +zone: + description: the Zone name of the image store + type: str + returned: success + sample: zone-01 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec, cs_required_together + + +class AnsibleCloudstackImageStore(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudstackImageStore, self).__init__(module) + self.returns = { + 'protocol': 'protocol', + 'providername': 'provider_name', + 'scope': 'scope', + 'url': 'url' + } + self.image_store = None + + def get_storage_providers(self, storage_type="image"): + args = { + 'type': storage_type + } + storage_provides = self.query_api('listStorageProviders', **args) + return [provider.get('name') for provider in storage_provides.get('dataStoreProvider')] + + def get_image_store(self): + if self.image_store: + return self.image_store + image_store = self.module.params.get('name') + args = { + 'name': self.module.params.get('name'), + 'zoneid': self.get_zone(key='id') + } + + image_stores = self.query_api('listImageStores', **args) + if image_stores: + for img_s in image_stores.get('imagestore'): + if image_store.lower() in [img_s['name'].lower(), img_s['id']]: + self.image_store = img_s + break + + return self.image_store + + def present_image_store(self): + provider_list = self.get_storage_providers() + image_store = self.get_image_store() + + if self.module.params.get('provider') not in provider_list: + self.module.fail_json( + msg='Provider %s is not in the provider list (%s). Please specify a correct provider' % ( + self.module.params.get('provider'), provider_list)) + args = { + 'name': self.module.params.get('name'), + 'url': self.module.params.get('url'), + 'zoneid': self.get_zone(key='id'), + 'provider': self.module.params.get('provider') + } + if not image_store: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('addImageStore', **args) + self.image_store = res.get('imagestore') + else: + # Cloudstack API expects 'provider' but returns 'providername' + args['providername'] = args.pop('provider') + if self.has_changed(args, image_store): + if self.module.params.get('force_recreate'): + self.absent_image_store() + self.image_store = None + self.image_store = self.present_image_store() + else: + self.module.warn("Changes to the Image Store won't be applied" + "Use force_recreate=yes to allow the store to be recreated") + + return self.image_store + + def absent_image_store(self): + image_store = self.get_image_store() + if image_store: + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'id': image_store.get('id') + } + self.query_api('deleteImageStore', **args) + return image_store + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + url=dict(), + name=dict(required=True), + zone=dict(required=True), + provider=dict(), + force_recreate=dict(type='bool', default=False), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + required_if=[ + ('state', 'present', ['url', 'provider']), + ], + supports_check_mode=True + ) + + acis_do = AnsibleCloudstackImageStore(module) + + state = module.params.get('state') + if state == "absent": + image_store = acis_do.absent_image_store() + else: + image_store = acis_do.present_image_store() + + result = acis_do.get_result(image_store) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance.py new file mode 100644 index 00000000..97a0ef93 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance.py @@ -0,0 +1,1101 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instance +short_description: Manages instances and virtual machines on Apache CloudStack based clouds. +description: + - Deploy, start, update, scale, restart, restore, stop and destroy instances. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Host name of the instance. C(name) can only contain ASCII letters. + - Name will be generated (UUID) by CloudStack if not specified and can not be changed afterwards. + - Either C(name) or C(display_name) is required. + type: str + display_name: + description: + - Custom display name of the instances. + - Display name will be set to I(name) if not specified. + - Either I(name) or I(display_name) is required. + type: str + group: + description: + - Group in where the new instance should be in. + type: str + state: + description: + - State of the instance. + type: str + default: present + choices: [ deployed, started, stopped, restarted, restored, destroyed, expunged, present, absent ] + service_offering: + description: + - Name or id of the service offering of the new instance. + - If not set, first found service offering is used. + type: str + cpu: + description: + - The number of CPUs to allocate to the instance, used with custom service offerings + type: int + cpu_speed: + description: + - The clock speed/shares allocated to the instance, used with custom service offerings + type: int + memory: + description: + - The memory allocated to the instance, used with custom service offerings + type: int + template: + description: + - Name, display text or id of the template to be used for creating the new instance. + - Required when using I(state=present). + - Mutually exclusive with I(iso) option. + type: str + iso: + description: + - Name or id of the ISO to be used for creating the new instance. + - Required when using I(state=present). + - Mutually exclusive with I(template) option. + type: str + template_filter: + description: + - Name of the filter used to search for the template or iso. + - Used for params I(iso) or I(template) on I(state=present). + - The filter C(all) was added in 2.6. + type: str + default: executable + choices: [ all, featured, self, selfexecutable, sharedexecutable, executable, community ] + aliases: [ iso_filter ] + hypervisor: + description: + - Name the hypervisor to be used for creating the new instance. + - Relevant when using I(state=present), but only considered if not set on ISO/template. + - If not set or found on ISO/template, first found hypervisor will be used. + - Possible values are C(KVM), C(VMware), C(BareMetal), C(XenServer), C(LXC), C(HyperV), C(UCS), C(OVM), C(Simulator). + type: str + keyboard: + description: + - Keyboard device type for the instance. + type: str + choices: [ 'de', 'de-ch', 'es', 'fi', 'fr', 'fr-be', 'fr-ch', 'is', 'it', 'jp', 'nl-be', 'no', 'pt', 'uk', 'us' ] + networks: + description: + - List of networks to use for the new instance. + type: list + elements: str + aliases: [ network ] + ip_address: + description: + - IPv4 address for default instance's network during creation. + type: str + ip6_address: + description: + - IPv6 address for default instance's network. + type: str + ip_to_networks: + description: + - "List of mappings in the form I({'network': NetworkName, 'ip': 1.2.3.4})" + - Mutually exclusive with I(networks) option. + type: list + elements: dict + aliases: [ ip_to_network ] + disk_offering: + description: + - Name of the disk offering to be used. + type: str + disk_size: + description: + - Disk size in GByte required if deploying instance from ISO. + type: int + root_disk_size: + description: + - Root disk size in GByte required if deploying instance with KVM hypervisor and want resize the root disk size at startup + (need CloudStack >= 4.4, cloud-initramfs-growroot installed and enabled in the template) + type: int + security_groups: + description: + - List of security groups the instance to be applied to. + type: list + elements: str + aliases: [ security_group ] + host: + description: + - Host on which an instance should be deployed or started on. + - Only considered when I(state=started) or instance is running. + - Requires root admin privileges. + type: str + domain: + description: + - Domain the instance is related to. + type: str + account: + description: + - Account the instance is related to. + type: str + project: + description: + - Name of the project the instance to be deployed in. + type: str + zone: + description: + - Name of the zone in which the instance should be deployed. + - If not set, default zone is used. + type: str + ssh_key: + description: + - Name of the SSH key to be deployed on the new instance. + type: str + affinity_groups: + description: + - Affinity groups names to be applied to the new instance. + type: list + elements: str + aliases: [ affinity_group ] + user_data: + description: + - Optional data (ASCII) that can be sent to the instance upon a successful deployment. + - The data will be automatically base64 encoded. + - Consider switching to HTTP_POST by using I(CLOUDSTACK_METHOD=post) to increase the HTTP_GET size limit of 2KB to 32 KB. + type: str + force: + description: + - Force stop/start the instance if required to apply changes, otherwise a running instance will not be changed. + type: bool + default: no + allow_root_disk_shrink: + description: + - Enables a volume shrinkage when the new size is smaller than the old one. + type: bool + default: no + tags: + description: + - List of tags. Tags are a list of dictionaries having keys C(key) and C(value). + - "If you want to delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes + details: + description: + - Map to specify custom parameters. + type: dict +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +# NOTE: Names of offerings and ISOs depending on the CloudStack configuration. +- name: create a instance from an ISO + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + iso: Linux Debian 7 64-bit + hypervisor: VMware + project: Integration + zone: ch-zrh-ix-01 + service_offering: 1cpu_1gb + disk_offering: PerfPlus Storage + disk_size: 20 + networks: + - Server Integration + - Sync Integration + - Storage Integration + +- name: for changing a running instance, use the 'force' parameter + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + display_name: web-vm-01.example.com + iso: Linux Debian 7 64-bit + service_offering: 2cpu_2gb + force: yes + +# NOTE: user_data can be used to kickstart the instance using cloud-init yaml config. +- name: create or update a instance on Exoscale's public cloud using display_name. + ngine_io.cloudstack.cs_instance: + display_name: web-vm-1 + template: Linux Debian 7 64-bit + service_offering: Tiny + ssh_key: john@example.com + tags: + - key: admin + value: john + - key: foo + value: bar + user_data: | + #cloud-config + packages: + - nginx + +- name: create an instance with multiple interfaces specifying the IP addresses + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + template: Linux Debian 7 64-bit + service_offering: Tiny + ip_to_networks: + - network: NetworkA + ip: 10.1.1.1 + - network: NetworkB + ip: 192.0.2.1 + +- name: ensure an instance is stopped + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + state: stopped + +- name: ensure an instance is running + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + state: started + +- name: remove an instance + ngine_io.cloudstack.cs_instance: + name: web-vm-1 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the instance. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the instance. + returned: success + type: str + sample: web-01 +display_name: + description: Display name of the instance. + returned: success + type: str + sample: web-01 +group: + description: Group name of the instance is related. + returned: success + type: str + sample: web +created: + description: Date of the instance was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +password_enabled: + description: True if password setting is enabled. + returned: success + type: bool + sample: true +password: + description: The password of the instance if exists. + returned: if available + type: str + sample: Ge2oe7Do +ssh_key: + description: Name of SSH key deployed to instance. + returned: if available + type: str + sample: key@work +domain: + description: Domain the instance is related to. + returned: success + type: str + sample: example domain +account: + description: Account the instance is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the instance is related to. + returned: success + type: str + sample: Production +default_ip: + description: Default IP address of the instance. + returned: success + type: str + sample: 10.23.37.42 +default_ip6: + description: Default IPv6 address of the instance. + returned: if available + type: str + sample: 2a04:c43:c00:a07:4b4:beff:fe00:74 +public_ip: + description: Public IP address with instance via static NAT rule. + returned: if available + type: str + sample: 1.2.3.4 +iso: + description: Name of ISO the instance was deployed with. + returned: if available + type: str + sample: Debian-8-64bit +template: + description: Name of template the instance was deployed with. + returned: success + type: str + sample: Linux Debian 9 64-bit +template_display_text: + description: Display text of template the instance was deployed with. + returned: success + type: str + sample: Linux Debian 9 64-bit 200G Disk (2017-10-08-622866) +service_offering: + description: Name of the service offering the instance has. + returned: success + type: str + sample: 2cpu_2gb +zone: + description: Name of zone the instance is in. + returned: success + type: str + sample: ch-gva-2 +state: + description: State of the instance. + returned: success + type: str + sample: Running +security_groups: + description: Security groups the instance is in. + returned: success + type: list + sample: '[ "default" ]' +affinity_groups: + description: Affinity groups the instance is in. + returned: success + type: list + sample: '[ "webservers" ]' +tags: + description: List of resource tags associated with the instance. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +hypervisor: + description: Hypervisor related to this instance. + returned: success + type: str + sample: KVM +host: + description: Hostname of hypervisor an instance is running on. + returned: success and instance is running + type: str + sample: host-01.example.com +instance_name: + description: Internal name of the instance (ROOT admin only). + returned: success + type: str + sample: i-44-3992-VM +user-data: + description: Optional data sent to the instance. + returned: success + type: str + sample: VXNlciBkYXRhIGV4YW1wbGUK +''' + +import base64 +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils._text import to_bytes, to_text +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackInstance(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackInstance, self).__init__(module) + self.returns = { + 'group': 'group', + 'hypervisor': 'hypervisor', + 'instancename': 'instance_name', + 'publicip': 'public_ip', + 'passwordenabled': 'password_enabled', + 'password': 'password', + 'serviceofferingname': 'service_offering', + 'isoname': 'iso', + 'templatename': 'template', + 'templatedisplaytext': 'template_display_text', + 'keypair': 'ssh_key', + 'hostname': 'host', + } + self.instance = None + self.template = None + self.iso = None + + def get_service_offering_id(self): + service_offering = self.module.params.get('service_offering') + + service_offerings = self.query_api('listServiceOfferings') + if service_offerings: + if not service_offering: + return service_offerings['serviceoffering'][0]['id'] + + for s in service_offerings['serviceoffering']: + if service_offering in [s['name'], s['id']]: + return s['id'] + self.fail_json(msg="Service offering '%s' not found" % service_offering) + + def get_host_id(self): + host_name = self.module.params.get('host') + if not host_name: + return None + + args = { + 'type': 'routing', + 'zoneid': self.get_zone(key='id'), + } + hosts = self.query_api('listHosts', **args) + if hosts: + for h in hosts['host']: + if h['name'] == host_name: + return h['id'] + + self.fail_json(msg="Host '%s' not found" % host_name) + + def get_template_or_iso(self, key=None): + template = self.module.params.get('template') + iso = self.module.params.get('iso') + + if not template and not iso: + return None + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'isrecursive': True, + 'fetch_list': True, + } + + if template: + if self.template: + return self._get_by_key(key, self.template) + + rootdisksize = self.module.params.get('root_disk_size') + args['templatefilter'] = self.module.params.get('template_filter') + args['fetch_list'] = True + templates = self.query_api('listTemplates', **args) + if templates: + for t in templates: + if template in [t.get('displaytext', None), t['name'], t['id']]: + if rootdisksize and t['size'] > rootdisksize * 1024 ** 3: + continue + self.template = t + return self._get_by_key(key, self.template) + + if rootdisksize: + more_info = " (with size <= %s)" % rootdisksize + else: + more_info = "" + + self.module.fail_json(msg="Template '%s' not found%s" % (template, more_info)) + + elif iso: + if self.iso: + return self._get_by_key(key, self.iso) + + args['isofilter'] = self.module.params.get('template_filter') + args['fetch_list'] = True + isos = self.query_api('listIsos', **args) + if isos: + for i in isos: + if iso in [i['displaytext'], i['name'], i['id']]: + self.iso = i + return self._get_by_key(key, self.iso) + + self.module.fail_json(msg="ISO '%s' not found" % iso) + + def get_instance(self): + instance = self.instance + if not instance: + instance_name = self.get_or_fallback('name', 'display_name') + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'fetch_list': True, + } + # Do not pass zoneid, as the instance name must be unique across zones. + instances = self.query_api('listVirtualMachines', **args) + if instances: + for v in instances: + if instance_name.lower() in [v['name'].lower(), v['displayname'].lower(), v['id']]: + self.instance = v + break + return self.instance + + def _get_instance_user_data(self, instance): + # Query the user data if we need to + if 'userdata' in instance: + return instance['userdata'] + + user_data = "" + if self.get_user_data() is not None and instance.get('id'): + res = self.query_api('getVirtualMachineUserData', virtualmachineid=instance['id']) + user_data = res['virtualmachineuserdata'].get('userdata', "") + return user_data + + def get_iptonetwork_mappings(self): + network_mappings = self.module.params.get('ip_to_networks') + if network_mappings is None: + return + + if network_mappings and self.module.params.get('networks'): + self.module.fail_json(msg="networks and ip_to_networks are mutually exclusive.") + + network_names = [n['network'] for n in network_mappings] + ids = self.get_network_ids(network_names) + res = [] + for i, data in enumerate(network_mappings): + res.append({'networkid': ids[i], 'ip': data['ip']}) + return res + + def get_ssh_keypair(self, key=None, name=None, fail_on_missing=True): + ssh_key_name = name or self.module.params.get('ssh_key') + if ssh_key_name is None: + return + + args = { + 'domainid': self.get_domain('id'), + 'account': self.get_account('name'), + 'projectid': self.get_project('id'), + 'name': ssh_key_name, + } + ssh_key_pairs = self.query_api('listSSHKeyPairs', **args) + if 'sshkeypair' in ssh_key_pairs: + return self._get_by_key(key=key, my_dict=ssh_key_pairs['sshkeypair'][0]) + + elif fail_on_missing: + self.module.fail_json(msg="SSH key not found: %s" % ssh_key_name) + + def ssh_key_has_changed(self): + ssh_key_name = self.module.params.get('ssh_key') + if ssh_key_name is None: + return False + + # Fails if keypair for param is inexistent + param_ssh_key_fp = self.get_ssh_keypair(key='fingerprint') + + # CloudStack 4.5 does return keypair on instance for a non existent key. + instance_ssh_key_name = self.instance.get('keypair') + if instance_ssh_key_name is None: + return True + + # Get fingerprint for keypair of instance but do not fail if inexistent. + instance_ssh_key_fp = self.get_ssh_keypair(key='fingerprint', name=instance_ssh_key_name, fail_on_missing=False) + if not instance_ssh_key_fp: + return True + + # Compare fingerprints to ensure the keypair changed + if instance_ssh_key_fp != param_ssh_key_fp: + return True + return False + + def security_groups_has_changed(self): + security_groups = self.module.params.get('security_groups') + if security_groups is None: + return False + + security_groups = [s.lower() for s in security_groups] + instance_security_groups = self.instance.get('securitygroup') or [] + + instance_security_group_names = [] + for instance_security_group in instance_security_groups: + if instance_security_group['name'].lower() not in security_groups: + return True + else: + instance_security_group_names.append(instance_security_group['name'].lower()) + + for security_group in security_groups: + if security_group not in instance_security_group_names: + return True + return False + + def get_network_ids(self, network_names=None): + if network_names is None: + network_names = self.module.params.get('networks') + + if not network_names: + return None + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'fetch_list': True, + } + networks = self.query_api('listNetworks', **args) + if not networks: + self.module.fail_json(msg="No networks available") + + network_ids = [] + network_displaytexts = [] + for network_name in network_names: + for n in networks: + if network_name in [n['displaytext'], n['name'], n['id']]: + network_ids.append(n['id']) + network_displaytexts.append(n['name']) + break + + if len(network_ids) != len(network_names): + self.module.fail_json(msg="Could not find all networks, networks list found: %s" % network_displaytexts) + + return network_ids + + def present_instance(self, start_vm=True): + instance = self.get_instance() + + if not instance: + instance = self.deploy_instance(start_vm=start_vm) + else: + instance = self.recover_instance(instance=instance) + instance = self.update_instance(instance=instance, start_vm=start_vm) + + # In check mode, we do not necessarily have an instance + if instance: + instance = self.ensure_tags(resource=instance, resource_type='UserVm') + # refresh instance data + self.instance = instance + + return instance + + def get_user_data(self): + user_data = self.module.params.get('user_data') + if user_data is not None: + user_data = to_text(base64.b64encode(to_bytes(user_data))) + return user_data + + def get_details(self): + details = self.module.params.get('details') + cpu = self.module.params.get('cpu') + cpu_speed = self.module.params.get('cpu_speed') + memory = self.module.params.get('memory') + if all([cpu, cpu_speed, memory]): + details.extends({ + 'cpuNumber': cpu, + 'cpuSpeed': cpu_speed, + 'memory': memory, + }) + + return details + + def deploy_instance(self, start_vm=True): + self.result['changed'] = True + networkids = self.get_network_ids() + if networkids is not None: + networkids = ','.join(networkids) + + args = {} + args['templateid'] = self.get_template_or_iso(key='id') + if not args['templateid']: + self.module.fail_json(msg="Template or ISO is required.") + + args['zoneid'] = self.get_zone(key='id') + args['serviceofferingid'] = self.get_service_offering_id() + args['account'] = self.get_account(key='name') + args['domainid'] = self.get_domain(key='id') + args['projectid'] = self.get_project(key='id') + args['diskofferingid'] = self.get_disk_offering(key='id') + args['networkids'] = networkids + args['iptonetworklist'] = self.get_iptonetwork_mappings() + args['userdata'] = self.get_user_data() + args['keyboard'] = self.module.params.get('keyboard') + args['ipaddress'] = self.module.params.get('ip_address') + args['ip6address'] = self.module.params.get('ip6_address') + args['name'] = self.module.params.get('name') + args['displayname'] = self.get_or_fallback('display_name', 'name') + args['group'] = self.module.params.get('group') + args['keypair'] = self.get_ssh_keypair(key='name') + args['size'] = self.module.params.get('disk_size') + args['startvm'] = start_vm + args['rootdisksize'] = self.module.params.get('root_disk_size') + args['affinitygroupnames'] = self.module.params.get('affinity_groups') + args['details'] = self.get_details() + args['securitygroupnames'] = self.module.params.get('security_groups') + args['hostid'] = self.get_host_id() + + template_iso = self.get_template_or_iso() + if 'hypervisor' not in template_iso: + args['hypervisor'] = self.get_hypervisor() + + instance = None + if not self.module.check_mode: + instance = self.query_api('deployVirtualMachine', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(instance, 'virtualmachine') + return instance + + def update_instance(self, instance, start_vm=True): + # Service offering data + args_service_offering = { + 'id': instance['id'], + } + if self.module.params.get('service_offering'): + args_service_offering['serviceofferingid'] = self.get_service_offering_id() + service_offering_changed = self.has_changed(args_service_offering, instance) + + # Instance data + args_instance_update = { + 'id': instance['id'], + 'userdata': self.get_user_data(), + } + instance['userdata'] = self._get_instance_user_data(instance) + args_instance_update['ostypeid'] = self.get_os_type(key='id') + if self.module.params.get('group'): + args_instance_update['group'] = self.module.params.get('group') + if self.module.params.get('display_name'): + args_instance_update['displayname'] = self.module.params.get('display_name') + instance_changed = self.has_changed(args_instance_update, instance) + + ssh_key_changed = self.ssh_key_has_changed() + + security_groups_changed = self.security_groups_has_changed() + + # Volume data + args_volume_update = {} + root_disk_size = self.module.params.get('root_disk_size') + root_disk_size_changed = False + + if root_disk_size is not None: + res = self.query_api('listVolumes', type='ROOT', virtualmachineid=instance['id']) + [volume] = res['volume'] + + size = volume['size'] >> 30 + + args_volume_update['id'] = volume['id'] + args_volume_update['size'] = root_disk_size + + shrinkok = self.module.params.get('allow_root_disk_shrink') + if shrinkok: + args_volume_update['shrinkok'] = shrinkok + + root_disk_size_changed = root_disk_size != size + + changed = [ + service_offering_changed, + instance_changed, + security_groups_changed, + ssh_key_changed, + root_disk_size_changed, + ] + + if any(changed): + force = self.module.params.get('force') + instance_state = instance['state'].lower() + if instance_state == 'stopped' or force: + self.result['changed'] = True + if not self.module.check_mode: + + # Ensure VM has stopped + instance = self.stop_instance() + instance = self.poll_job(instance, 'virtualmachine') + self.instance = instance + + # Change service offering + if service_offering_changed: + res = self.query_api('changeServiceForVirtualMachine', **args_service_offering) + instance = res['virtualmachine'] + self.instance = instance + + # Update VM + if instance_changed or security_groups_changed: + if security_groups_changed: + args_instance_update['securitygroupnames'] = ','.join(self.module.params.get('security_groups')) + res = self.query_api('updateVirtualMachine', **args_instance_update) + instance = res['virtualmachine'] + self.instance = instance + + # Reset SSH key + if ssh_key_changed: + # SSH key data + args_ssh_key = {} + args_ssh_key['id'] = instance['id'] + args_ssh_key['projectid'] = self.get_project(key='id') + args_ssh_key['keypair'] = self.module.params.get('ssh_key') + instance = self.query_api('resetSSHKeyForVirtualMachine', **args_ssh_key) + instance = self.poll_job(instance, 'virtualmachine') + self.instance = instance + + # Root disk size + if root_disk_size_changed: + async_result = self.query_api('resizeVolume', **args_volume_update) + self.poll_job(async_result, 'volume') + + # Start VM again if it was running before + if instance_state == 'running' and start_vm: + instance = self.start_instance() + else: + self.module.warn("Changes won't be applied to running instances. " + "Use force=true to allow the instance %s to be stopped/started." % instance['name']) + + # migrate to other host + host_changed = all([ + instance['state'].lower() in ['starting', 'running'], + instance.get('hostname') is not None, + self.module.params.get('host') is not None, + self.module.params.get('host') != instance.get('hostname') + ]) + if host_changed: + self.result['changed'] = True + args_host = { + 'virtualmachineid': instance['id'], + 'hostid': self.get_host_id(), + } + if not self.module.check_mode: + res = self.query_api('migrateVirtualMachine', **args_host) + instance = self.poll_job(res, 'virtualmachine') + + return instance + + def recover_instance(self, instance): + if instance['state'].lower() in ['destroying', 'destroyed']: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('recoverVirtualMachine', id=instance['id']) + instance = res['virtualmachine'] + return instance + + def absent_instance(self): + instance = self.get_instance() + if instance: + if instance['state'].lower() not in ['expunging', 'destroying', 'destroyed']: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('destroyVirtualMachine', id=instance['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(res, 'virtualmachine') + return instance + + def expunge_instance(self): + instance = self.get_instance() + if instance: + res = {} + if instance['state'].lower() in ['destroying', 'destroyed']: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('destroyVirtualMachine', id=instance['id'], expunge=True) + + elif instance['state'].lower() not in ['expunging']: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('destroyVirtualMachine', id=instance['id'], expunge=True) + + poll_async = self.module.params.get('poll_async') + if poll_async: + res = self.poll_job(res, 'virtualmachine') + return instance + + def stop_instance(self): + instance = self.get_instance() + # in check mode instance may not be instantiated + if instance: + if instance['state'].lower() in ['stopping', 'stopped']: + return instance + + if instance['state'].lower() in ['starting', 'running']: + self.result['changed'] = True + if not self.module.check_mode: + instance = self.query_api('stopVirtualMachine', id=instance['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(instance, 'virtualmachine') + return instance + + def start_instance(self): + instance = self.get_instance() + # in check mode instance may not be instantiated + if instance: + if instance['state'].lower() in ['starting', 'running']: + return instance + + if instance['state'].lower() in ['stopped', 'stopping']: + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'id': instance['id'], + 'hostid': self.get_host_id(), + } + instance = self.query_api('startVirtualMachine', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(instance, 'virtualmachine') + return instance + + def restart_instance(self): + instance = self.get_instance() + # in check mode instance may not be instantiated + if instance: + if instance['state'].lower() in ['running', 'starting']: + self.result['changed'] = True + if not self.module.check_mode: + instance = self.query_api('rebootVirtualMachine', id=instance['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(instance, 'virtualmachine') + + elif instance['state'].lower() in ['stopping', 'stopped']: + instance = self.start_instance() + return instance + + def restore_instance(self): + instance = self.get_instance() + self.result['changed'] = True + # in check mode instance may not be instantiated + if instance: + args = {} + args['templateid'] = self.get_template_or_iso(key='id') + args['virtualmachineid'] = instance['id'] + res = self.query_api('restoreVirtualMachine', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + instance = self.poll_job(res, 'virtualmachine') + return instance + + def get_result(self, instance): + super(AnsibleCloudStackInstance, self).get_result(instance) + if instance: + self.result['user_data'] = self._get_instance_user_data(instance) + if 'securitygroup' in instance: + security_groups = [] + for securitygroup in instance['securitygroup']: + security_groups.append(securitygroup['name']) + self.result['security_groups'] = security_groups + if 'affinitygroup' in instance: + affinity_groups = [] + for affinitygroup in instance['affinitygroup']: + affinity_groups.append(affinitygroup['name']) + self.result['affinity_groups'] = affinity_groups + if 'nic' in instance: + for nic in instance['nic']: + if nic['isdefault']: + if 'ipaddress' in nic: + self.result['default_ip'] = nic['ipaddress'] + if 'ip6address' in nic: + self.result['default_ip6'] = nic['ip6address'] + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(), + display_name=dict(), + group=dict(), + state=dict(choices=['present', 'deployed', 'started', 'stopped', 'restarted', 'restored', 'absent', 'destroyed', 'expunged'], default='present'), + service_offering=dict(), + cpu=dict(type='int'), + cpu_speed=dict(type='int'), + memory=dict(type='int'), + template=dict(), + iso=dict(), + template_filter=dict( + default="executable", + aliases=['iso_filter'], + choices=['all', 'featured', 'self', 'selfexecutable', 'sharedexecutable', 'executable', 'community'] + ), + networks=dict(type='list', elements='str', aliases=['network']), + ip_to_networks=dict(type='list', elements='dict', aliases=['ip_to_network']), + ip_address=dict(), + ip6_address=dict(), + disk_offering=dict(), + disk_size=dict(type='int'), + root_disk_size=dict(type='int'), + keyboard=dict(type='str', choices=['de', 'de-ch', 'es', 'fi', 'fr', 'fr-be', 'fr-ch', 'is', 'it', 'jp', 'nl-be', 'no', 'pt', 'uk', 'us']), + hypervisor=dict(), + host=dict(), + security_groups=dict(type='list', elements='str', aliases=['security_group']), + affinity_groups=dict(type='list', elements='str', aliases=['affinity_group']), + domain=dict(), + account=dict(), + project=dict(), + user_data=dict(), + zone=dict(), + ssh_key=dict(), + force=dict(type='bool', default=False), + tags=dict(type='list', elements='dict', aliases=['tag']), + details=dict(type='dict'), + poll_async=dict(type='bool', default=True), + allow_root_disk_shrink=dict(type='bool', default=False), + )) + + required_together = cs_required_together() + required_together.extend([ + ['cpu', 'cpu_speed', 'memory'], + ]) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=required_together, + required_one_of=( + ['display_name', 'name'], + ), + mutually_exclusive=( + ['template', 'iso'], + ), + supports_check_mode=True + ) + + acs_instance = AnsibleCloudStackInstance(module) + + state = module.params.get('state') + + if state in ['absent', 'destroyed']: + instance = acs_instance.absent_instance() + + elif state in ['expunged']: + instance = acs_instance.expunge_instance() + + elif state in ['restored']: + acs_instance.present_instance() + instance = acs_instance.restore_instance() + + elif state in ['present', 'deployed']: + instance = acs_instance.present_instance() + + elif state in ['stopped']: + acs_instance.present_instance(start_vm=False) + instance = acs_instance.stop_instance() + + elif state in ['started']: + acs_instance.present_instance() + instance = acs_instance.start_instance() + + elif state in ['restarted']: + acs_instance.present_instance() + instance = acs_instance.restart_instance() + + if instance and 'state' in instance and instance['state'].lower() == 'error': + module.fail_json(msg="Instance named '%s' in error state." % module.params.get('name')) + + result = acs_instance.get_result(instance) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_info.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_info.py new file mode 100644 index 00000000..5b111bec --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_info.py @@ -0,0 +1,370 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instance_info +short_description: Gathering information from the API of instances from Apache CloudStack based clouds. +description: + - Gathering information from the API of an instance. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name or display name of the instance. + - If not specified, all instances are returned + type: str + required: false + domain: + description: + - Domain the instance is related to. + type: str + account: + description: + - Account the instance is related to. + type: str + project: + description: + - Project the instance is related to. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Gather instance information + ngine_io.cloudstack.cs_instance_info: + name: web-vm-1 + register: vm + +- name: Show the returned results of the registered variable + debug: + msg: "{{ vm }}" + +- name: Gather information from all instances + ngine_io.cloudstack.cs_instance_info: + register: vms + +- name: Show information on all instances + debug: + msg: "{{ vms }}" +''' + +RETURN = ''' +--- +instances: + description: A list of matching instances. + type: list + returned: success + contains: + id: + description: UUID of the instance. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 + name: + description: Name of the instance. + returned: success + type: str + sample: web-01 + display_name: + description: Display name of the instance. + returned: success + type: str + sample: web-01 + group: + description: Group name of the instance is related. + returned: success + type: str + sample: web + created: + description: Date of the instance was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 + password_enabled: + description: True if password setting is enabled. + returned: success + type: bool + sample: true + password: + description: The password of the instance if exists. + returned: success + type: str + sample: Ge2oe7Do + ssh_key: + description: Name of SSH key deployed to instance. + returned: success + type: str + sample: key@work + domain: + description: Domain the instance is related to. + returned: success + type: str + sample: example domain + account: + description: Account the instance is related to. + returned: success + type: str + sample: example account + project: + description: Name of project the instance is related to. + returned: success + type: str + sample: Production + default_ip: + description: Default IP address of the instance. + returned: success + type: str + sample: 10.23.37.42 + public_ip: + description: Public IP address with instance via static NAT rule. + returned: success + type: str + sample: 1.2.3.4 + iso: + description: Name of ISO the instance was deployed with. + returned: success + type: str + sample: Debian-8-64bit + template: + description: Name of template the instance was deployed with. + returned: success + type: str + sample: Debian-8-64bit + service_offering: + description: Name of the service offering the instance has. + returned: success + type: str + sample: 2cpu_2gb + zone: + description: Name of zone the instance is in. + returned: success + type: str + sample: ch-gva-2 + state: + description: State of the instance. + returned: success + type: str + sample: Running + security_groups: + description: Security groups the instance is in. + returned: success + type: list + sample: '[ "default" ]' + affinity_groups: + description: Affinity groups the instance is in. + returned: success + type: list + sample: '[ "webservers" ]' + tags: + description: List of resource tags associated with the instance. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' + hypervisor: + description: Hypervisor related to this instance. + returned: success + type: str + sample: KVM + host: + description: Host the instance is running on. + returned: success and instance is running + type: str + sample: host01.example.com + instance_name: + description: Internal name of the instance (ROOT admin only). + returned: success + type: str + sample: i-44-3992-VM + volumes: + description: List of dictionaries of the volumes attached to the instance. + returned: success + type: list + sample: '[ { name: "ROOT-1369", type: "ROOT", size: 10737418240 }, { name: "data01, type: "DATADISK", size: 10737418240 } ]' + nic: + description: List of dictionaries of the instance nics. + returned: success + type: complex + contains: + broadcasturi: + description: The broadcast uri of the nic. + returned: success + type: str + sample: vlan://2250 + gateway: + description: The gateway of the nic. + returned: success + type: str + sample: 10.1.2.1 + id: + description: The ID of the nic. + returned: success + type: str + sample: 5dc74fa3-2ec3-48a0-9e0d-6f43365336a9 + ipaddress: + description: The ip address of the nic. + returned: success + type: str + sample: 10.1.2.3 + isdefault: + description: True if nic is default, false otherwise. + returned: success + type: bool + sample: true + isolationuri: + description: The isolation uri of the nic. + returned: success + type: str + sample: vlan://2250 + macaddress: + description: The mac address of the nic. + returned: success + type: str + sample: 06:a2:03:00:08:12 + netmask: + description: The netmask of the nic. + returned: success + type: str + sample: 255.255.255.0 + networkid: + description: The ID of the corresponding network. + returned: success + type: str + sample: 432ce27b-c2bb-4e12-a88c-a919cd3a3017 + networkname: + description: The name of the corresponding network. + returned: success + type: str + sample: network1 + traffictype: + description: The traffic type of the nic. + returned: success + type: str + sample: Guest + type: + description: The type of the network. + returned: success + type: str + sample: Shared +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec + + +class AnsibleCloudStackInstanceInfo(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackInstanceInfo, self).__init__(module) + self.returns = { + 'group': 'group', + 'hypervisor': 'hypervisor', + 'instancename': 'instance_name', + 'publicip': 'public_ip', + 'passwordenabled': 'password_enabled', + 'password': 'password', + 'serviceofferingname': 'service_offering', + 'isoname': 'iso', + 'templatename': 'template', + 'keypair': 'ssh_key', + 'hostname': 'host', + } + + def get_instances(self): + instance_name = self.module.params.get('name') + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'fetch_list': True, + } + # Do not pass zoneid, as the instance name must be unique across zones. + instances = self.query_api('listVirtualMachines', **args) + if not instance_name: + return instances or [] + if instances: + for v in instances: + if instance_name.lower() in [v['name'].lower(), v['displayname'].lower(), v['id']]: + return [v] + return [] + + def get_volumes(self, instance): + volume_details = [] + if instance: + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'virtualmachineid': instance['id'], + 'fetch_list': True, + } + + volumes = self.query_api('listVolumes', **args) + if volumes: + for vol in volumes: + volume_details.append({'size': vol['size'], 'type': vol['type'], 'name': vol['name']}) + return volume_details + + def run(self): + instances = self.get_instances() + if self.module.params.get('name') and not instances: + self.module.fail_json(msg="Instance not found: %s" % self.module.params.get('name')) + return { + 'instances': [self.update_result(resource) for resource in instances] + } + + def update_result(self, instance, result=None): + result = super(AnsibleCloudStackInstanceInfo, self).update_result(instance, result) + if instance: + if 'securitygroup' in instance: + security_groups = [] + for securitygroup in instance['securitygroup']: + security_groups.append(securitygroup['name']) + result['security_groups'] = security_groups + if 'affinitygroup' in instance: + affinity_groups = [] + for affinitygroup in instance['affinitygroup']: + affinity_groups.append(affinitygroup['name']) + result['affinity_groups'] = affinity_groups + if 'nic' in instance: + for nic in instance['nic']: + if nic['isdefault'] and 'ipaddress' in nic: + result['default_ip'] = nic['ipaddress'] + result['nic'] = instance['nic'] + volumes = self.get_volumes(instance) + if volumes: + result['volumes'] = volumes + return result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(), + domain=dict(), + account=dict(), + project=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + ) + + acs_instance_info = AnsibleCloudStackInstanceInfo(module=module) + cs_instance_info = acs_instance_info.run() + module.exit_json(**cs_instance_info) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic.py new file mode 100644 index 00000000..11ea45fc --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic.py @@ -0,0 +1,285 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, Marc-Aurèle Brothier @marcaurele +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instance_nic +short_description: Manages NICs of an instance on Apache CloudStack based clouds. +description: + - Add and remove nic to and from network +author: + - Marc-Aurèle Brothier (@marcaurele) + - René Moser (@resmo) +version_added: 0.1.0 +options: + vm: + description: + - Name of instance. + required: true + type: str + aliases: [ name ] + network: + description: + - Name of the network. + type: str + required: true + ip_address: + description: + - IP address to be used for the nic. + type: str + vpc: + description: + - Name of the VPC the I(vm) is related to. + type: str + domain: + description: + - Domain the instance is related to. + type: str + account: + description: + - Account the instance is related to. + type: str + project: + description: + - Name of the project the instance is deployed in. + type: str + zone: + description: + - Name of the zone in which the instance is deployed in. + - If not set, default zone is used. + type: str + state: + description: + - State of the nic. + type: str + default: present + choices: [ present, absent ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Add a nic on another network + ngine_io.cloudstack.cs_instance_nic: + vm: privnet + network: privNetForBasicZone + +- name: Ensure IP address on a nic + ngine_io.cloudstack.cs_instance_nic: + vm: privnet + ip_address: 10.10.11.32 + network: privNetForBasicZone + +- name: Remove a secondary nic + ngine_io.cloudstack.cs_instance_nic: + vm: privnet + state: absent + network: privNetForBasicZone +''' + +RETURN = ''' +--- +id: + description: UUID of the nic. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +vm: + description: Name of the VM. + returned: success + type: str + sample: web-01 +ip_address: + description: Primary IP of the NIC. + returned: success + type: str + sample: 10.10.10.10 +netmask: + description: Netmask of the NIC. + returned: success + type: str + sample: 255.255.255.0 +mac_address: + description: MAC address of the NIC. + returned: success + type: str + sample: 02:00:33:31:00:e4 +network: + description: Name of the network if not default. + returned: success + type: str + sample: sync network +domain: + description: Domain the VM is related to. + returned: success + type: str + sample: example domain +account: + description: Account the VM is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the VM is related to. + returned: success + type: str + sample: Production +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackInstanceNic(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackInstanceNic, self).__init__(module) + self.nic = None + self.returns = { + 'ipaddress': 'ip_address', + 'macaddress': 'mac_address', + 'netmask': 'netmask', + } + + def get_nic(self): + if self.nic: + return self.nic + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'networkid': self.get_network(key='id'), + } + nics = self.query_api('listNics', **args) + if nics: + self.nic = nics['nic'][0] + return self.nic + return None + + def get_nic_from_result(self, result): + for nic in result.get('nic') or []: + if nic['networkid'] == self.get_network(key='id'): + return nic + + def add_nic(self): + self.result['changed'] = True + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'networkid': self.get_network(key='id'), + 'ipaddress': self.module.params.get('ip_address'), + } + if not self.module.check_mode: + res = self.query_api('addNicToVirtualMachine', **args) + + if self.module.params.get('poll_async'): + vm = self.poll_job(res, 'virtualmachine') + self.nic = self.get_nic_from_result(result=vm) + return self.nic + + def update_nic(self, nic): + # Do not try to update if no IP address is given + ip_address = self.module.params.get('ip_address') + if not ip_address: + return nic + + args = { + 'nicid': nic['id'], + 'ipaddress': ip_address, + } + if self.has_changed(args, nic, ['ipaddress']): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateVmNicIp', **args) + + if self.module.params.get('poll_async'): + vm = self.poll_job(res, 'virtualmachine') + self.nic = self.get_nic_from_result(result=vm) + return self.nic + + def remove_nic(self, nic): + self.result['changed'] = True + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'nicid': nic['id'], + } + if not self.module.check_mode: + res = self.query_api('removeNicFromVirtualMachine', **args) + + if self.module.params.get('poll_async'): + self.poll_job(res, 'virtualmachine') + return nic + + def present_nic(self): + nic = self.get_nic() + if not nic: + nic = self.add_nic() + else: + nic = self.update_nic(nic) + return nic + + def absent_nic(self): + nic = self.get_nic() + if nic: + return self.remove_nic(nic) + return nic + + def get_result(self, nic): + super(AnsibleCloudStackInstanceNic, self).get_result(nic) + if nic and not self.module.params.get('network'): + self.module.params['network'] = nic.get('networkid') + self.result['network'] = self.get_network(key='name') + self.result['vm'] = self.get_vm(key='name') + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + vm=dict(required=True, aliases=['name']), + network=dict(required=True), + vpc=dict(), + ip_address=dict(), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True, + ) + + acs_nic = AnsibleCloudStackInstanceNic(module) + + state = module.params.get('state') + if state == 'absent': + nic = acs_nic.absent_nic() + else: + nic = acs_nic.present_nic() + + result = acs_nic.get_result(nic) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic_secondaryip.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic_secondaryip.py new file mode 100644 index 00000000..7dabe7d7 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_nic_secondaryip.py @@ -0,0 +1,267 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instance_nic_secondaryip +short_description: Manages secondary IPs of an instance on Apache CloudStack based clouds. +description: + - Add and remove secondary IPs to and from a NIC of an instance. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + vm: + description: + - Name of instance. + type: str + required: true + aliases: [ name ] + network: + description: + - Name of the network. + - Required to find the NIC if instance has multiple networks assigned. + type: str + vm_guest_ip: + description: + - Secondary IP address to be added to the instance nic. + - If not set, the API always returns a new IP address and idempotency is not given. + type: str + aliases: [ secondary_ip ] + vpc: + description: + - Name of the VPC the I(vm) is related to. + type: str + domain: + description: + - Domain the instance is related to. + type: str + account: + description: + - Account the instance is related to. + type: str + project: + description: + - Name of the project the instance is deployed in. + type: str + zone: + description: + - Name of the zone in which the instance is deployed in. + - If not set, default zone is used. + type: str + state: + description: + - State of the ipaddress. + type: str + default: present + choices: [ present, absent ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack + +''' + +EXAMPLES = ''' +- name: Assign a specific IP to the default NIC of the VM + ngine_io.cloudstack.cs_instance_nic_secondaryip: + vm: customer_xy + vm_guest_ip: 10.10.10.10 + +# Note: If vm_guest_ip is not set, you will get a new IP address on every run. +- name: Assign an IP to the default NIC of the VM + ngine_io.cloudstack.cs_instance_nic_secondaryip: + vm: customer_xy + +- name: Remove a specific IP from the default NIC + ngine_io.cloudstack.cs_instance_nic_secondaryip: + vm: customer_xy + vm_guest_ip: 10.10.10.10 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the NIC. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +vm: + description: Name of the VM. + returned: success + type: str + sample: web-01 +ip_address: + description: Primary IP of the NIC. + returned: success + type: str + sample: 10.10.10.10 +netmask: + description: Netmask of the NIC. + returned: success + type: str + sample: 255.255.255.0 +mac_address: + description: MAC address of the NIC. + returned: success + type: str + sample: 02:00:33:31:00:e4 +vm_guest_ip: + description: Secondary IP of the NIC. + returned: success + type: str + sample: 10.10.10.10 +network: + description: Name of the network if not default. + returned: success + type: str + sample: sync network +domain: + description: Domain the VM is related to. + returned: success + type: str + sample: example domain +account: + description: Account the VM is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the VM is related to. + returned: success + type: str + sample: Production +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackInstanceNicSecondaryIp(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackInstanceNicSecondaryIp, self).__init__(module) + self.vm_guest_ip = self.module.params.get('vm_guest_ip') + self.nic = None + self.returns = { + 'ipaddress': 'ip_address', + 'macaddress': 'mac_address', + 'netmask': 'netmask', + } + + def get_nic(self): + if self.nic: + return self.nic + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'networkid': self.get_network(key='id'), + } + nics = self.query_api('listNics', **args) + if nics: + self.nic = nics['nic'][0] + return self.nic + self.fail_json(msg="NIC for VM %s in network %s not found" % (self.get_vm(key='name'), self.get_network(key='name'))) + + def get_secondary_ip(self): + nic = self.get_nic() + if self.vm_guest_ip: + secondary_ips = nic.get('secondaryip') or [] + for secondary_ip in secondary_ips: + if secondary_ip['ipaddress'] == self.vm_guest_ip: + return secondary_ip + return None + + def present_nic_ip(self): + nic = self.get_nic() + if not self.get_secondary_ip(): + self.result['changed'] = True + args = { + 'nicid': nic['id'], + 'ipaddress': self.vm_guest_ip, + } + + if not self.module.check_mode: + res = self.query_api('addIpToNic', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + nic = self.poll_job(res, 'nicsecondaryip') + # Save result for RETURNS + self.vm_guest_ip = nic['ipaddress'] + return nic + + def absent_nic_ip(self): + nic = self.get_nic() + secondary_ip = self.get_secondary_ip() + if secondary_ip: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('removeIpFromNic', id=secondary_ip['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'nicsecondaryip') + return nic + + def get_result(self, nic): + super(AnsibleCloudStackInstanceNicSecondaryIp, self).get_result(nic) + if nic and not self.module.params.get('network'): + self.module.params['network'] = nic.get('networkid') + self.result['network'] = self.get_network(key='name') + self.result['vm'] = self.get_vm(key='name') + self.result['vm_guest_ip'] = self.vm_guest_ip + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + vm=dict(required=True, aliases=['name']), + vm_guest_ip=dict(aliases=['secondary_ip']), + network=dict(), + vpc=dict(), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True, + required_if=([ + ('state', 'absent', ['vm_guest_ip']) + ]) + ) + + acs_instance_nic_secondaryip = AnsibleCloudStackInstanceNicSecondaryIp(module) + state = module.params.get('state') + + if state == 'absent': + nic = acs_instance_nic_secondaryip.absent_nic_ip() + else: + nic = acs_instance_nic_secondaryip.present_nic_ip() + + result = acs_instance_nic_secondaryip.get_result(nic) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_password_reset.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_password_reset.py new file mode 100644 index 00000000..58b9b741 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instance_password_reset.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2018, Gregor Riepl <onitake@gmail.com> +# based on cs_sshkeypair (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instance_password_reset +short_description: Allows resetting VM the default passwords on Apache CloudStack based clouds. +description: + - Resets the default user account's password on an instance. + - Requires cloud-init to be installed in the virtual machine. + - The passwordenabled flag must be set on the template associated with the VM. +author: Gregor Riepl (@onitake) +version_added: 0.1.0 +options: + vm: + description: + - Name of the virtual machine to reset the password on. + type: str + required: true + domain: + description: + - Name of the domain the virtual machine belongs to. + type: str + account: + description: + - Account the virtual machine belongs to. + type: str + project: + description: + - Name of the project the virtual machine belongs to. + type: str + zone: + description: + - Name of the zone in which the instance is deployed. + - If not set, the default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: stop the virtual machine before resetting the password + ngine_io.cloudstack.cs_instance: + name: myvirtualmachine + state: stopped + +- name: reset and get new default password + ngine_io.cloudstack.cs_instance_password_reset: + vm: myvirtualmachine + register: root + +- debug: + msg: "new default password is {{ root.password }}" + +- name: boot the virtual machine to activate the new password + ngine_io.cloudstack.cs_instance: + name: myvirtualmachine + state: started + when: root is changed +''' + +RETURN = ''' +--- +id: + description: ID of the virtual machine. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +password: + description: The new default password. + returned: success + type: str + sample: ahQu5nuNge3keesh +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_required_together, + cs_argument_spec +) + + +class AnsibleCloudStackPasswordReset(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackPasswordReset, self).__init__(module) + self.returns = { + 'password': 'password', + } + self.password = None + + def reset_password(self): + args = { + 'id': self.get_vm(key='id'), + } + + res = None + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('resetPasswordForVirtualMachine', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + res = self.poll_job(res, 'virtualmachine') + + if res and 'password' in res: + self.password = res['password'] + + return self.password + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + vm=dict(required=True), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_password = AnsibleCloudStackPasswordReset(module) + password = acs_password.reset_password() + result = acs_password.get_result({'password': password}) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instancegroup.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instancegroup.py new file mode 100644 index 00000000..56783b2a --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_instancegroup.py @@ -0,0 +1,181 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_instancegroup +short_description: Manages instance groups on Apache CloudStack based clouds. +description: + - Create and remove instance groups. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the instance group. + type: str + required: true + domain: + description: + - Domain the instance group is related to. + type: str + account: + description: + - Account the instance group is related to. + type: str + project: + description: + - Project the instance group is related to. + type: str + state: + description: + - State of the instance group. + type: str + default: present + choices: [ present, absent ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create an instance group + ngine_io.cloudstack.cs_instancegroup: + name: loadbalancers + +- name: Remove an instance group + ngine_io.cloudstack.cs_instancegroup: + name: loadbalancers + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the instance group. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the instance group. + returned: success + type: str + sample: webservers +created: + description: Date when the instance group was created. + returned: success + type: str + sample: 2015-05-03T15:05:51+0200 +domain: + description: Domain the instance group is related to. + returned: success + type: str + sample: example domain +account: + description: Account the instance group is related to. + returned: success + type: str + sample: example account +project: + description: Project the instance group is related to. + returned: success + type: str + sample: example project +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackInstanceGroup(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackInstanceGroup, self).__init__(module) + self.instance_group = None + + def get_instance_group(self): + if self.instance_group: + return self.instance_group + + name = self.module.params.get('name') + + args = { + 'account': self.get_account('name'), + 'domainid': self.get_domain('id'), + 'projectid': self.get_project('id'), + 'fetch_list': True, + } + instance_groups = self.query_api('listInstanceGroups', **args) + if instance_groups: + for g in instance_groups: + if name in [g['name'], g['id']]: + self.instance_group = g + break + return self.instance_group + + def present_instance_group(self): + instance_group = self.get_instance_group() + if not instance_group: + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'account': self.get_account('name'), + 'domainid': self.get_domain('id'), + 'projectid': self.get_project('id'), + } + if not self.module.check_mode: + res = self.query_api('createInstanceGroup', **args) + instance_group = res['instancegroup'] + return instance_group + + def absent_instance_group(self): + instance_group = self.get_instance_group() + if instance_group: + self.result['changed'] = True + if not self.module.check_mode: + self.query_api('deleteInstanceGroup', id=instance_group['id']) + return instance_group + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + state=dict(default='present', choices=['present', 'absent']), + domain=dict(), + account=dict(), + project=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_ig = AnsibleCloudStackInstanceGroup(module) + + state = module.params.get('state') + if state in ['absent']: + instance_group = acs_ig.absent_instance_group() + else: + instance_group = acs_ig.present_instance_group() + + result = acs_ig.get_result(instance_group) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_ip_address.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_ip_address.py new file mode 100644 index 00000000..04236d3d --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_ip_address.py @@ -0,0 +1,279 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, Darren Worrall <darren@iweb.co.uk> +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_ip_address +short_description: Manages public IP address associations on Apache CloudStack based clouds. +description: + - Acquires and associates a public IP to an account or project. + - Due to API limitations this is not an idempotent call, so be sure to only + conditionally call this when I(state=present). + - Tagging the IP address can also make the call idempotent. +author: + - Darren Worrall (@dazworrall) + - René Moser (@resmo) +version_added: 0.1.0 +options: + ip_address: + description: + - Public IP address. + - Required if I(state=absent) and I(tags) is not set. + type: str + domain: + description: + - Domain the IP address is related to. + type: str + network: + description: + - Network the IP address is related to. + - Mutually exclusive with I(vpc). + type: str + vpc: + description: + - VPC the IP address is related to. + - Mutually exclusive with I(network). + type: str + account: + description: + - Account the IP address is related to. + type: str + project: + description: + - Name of the project the IP address is related to. + type: str + zone: + description: + - Name of the zone in which the IP address is in. + - If not set, default zone is used. + type: str + state: + description: + - State of the IP address. + type: str + default: present + choices: [ present, absent ] + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - Tags can be used as an unique identifier for the IP Addresses. + - In this case, at least one of them must be unique to ensure idempotency. + type: list + elements: dict + aliases: [ tag ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Associate an IP address conditionally + ngine_io.cloudstack.cs_ip_address: + network: My Network + register: ip_address + when: instance.public_ip is undefined + +- name: Disassociate an IP address + ngine_io.cloudstack.cs_ip_address: + ip_address: 1.2.3.4 + state: absent + +- name: Associate an IP address with tags + ngine_io.cloudstack.cs_ip_address: + network: My Network + tags: + - key: myCustomID + value: 5510c31a-416e-11e8-9013-02000a6b00bf + register: ip_address + +- name: Disassociate an IP address with tags + ngine_io.cloudstack.cs_ip_address: + state: absent + tags: + - key: myCustomID + value: 5510c31a-416e-11e8-9013-02000a6b00bf +''' + +RETURN = ''' +--- +id: + description: UUID of the Public IP address. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +ip_address: + description: Public IP address. + returned: success + type: str + sample: 1.2.3.4 +zone: + description: Name of zone the IP address is related to. + returned: success + type: str + sample: ch-gva-2 +project: + description: Name of project the IP address is related to. + returned: success + type: str + sample: Production +account: + description: Account the IP address is related to. + returned: success + type: str + sample: example account +domain: + description: Domain the IP address is related to. + returned: success + type: str + sample: example domain +tags: + description: List of resource tags associated with the IP address. + returned: success + type: dict + sample: '[ { "key": "myCustomID", "value": "5510c31a-416e-11e8-9013-02000a6b00bf" } ]' +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackIPAddress(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackIPAddress, self).__init__(module) + self.returns = { + 'ipaddress': 'ip_address', + } + + def get_ip_address(self, key=None): + if self.ip_address: + return self._get_by_key(key, self.ip_address) + args = { + 'ipaddress': self.module.params.get('ip_address'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'vpcid': self.get_vpc(key='id'), + } + ip_addresses = self.query_api('listPublicIpAddresses', **args) + + if ip_addresses: + tags = self.module.params.get('tags') + for ip_addr in ip_addresses['publicipaddress']: + if ip_addr['ipaddress'] == args['ipaddress'] != '': + self.ip_address = ip_addresses['publicipaddress'][0] + elif tags: + if sorted([tag for tag in tags if tag in ip_addr['tags']]) == sorted(tags): + self.ip_address = ip_addr + return self._get_by_key(key, self.ip_address) + + def present_ip_address(self): + ip_address = self.get_ip_address() + + if not ip_address: + ip_address = self.associate_ip_address(ip_address) + + if ip_address: + ip_address = self.ensure_tags(resource=ip_address, resource_type='publicipaddress') + + return ip_address + + def associate_ip_address(self, ip_address): + self.result['changed'] = True + args = { + # ipaddress only works with CloudStack >=v4.13 + 'ipaddress': self.module.params.get('ip_address'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + # For the VPC case networkid is irrelevant, special case and we have to ignore it here. + 'networkid': self.get_network(key='id') if not self.module.params.get('vpc') else None, + 'zoneid': self.get_zone(key='id'), + 'vpcid': self.get_vpc(key='id'), + } + ip_address = None + if not self.module.check_mode: + res = self.query_api('associateIpAddress', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + ip_address = self.poll_job(res, 'ipaddress') + return ip_address + + def disassociate_ip_address(self): + ip_address = self.get_ip_address() + if not ip_address: + return None + if ip_address['isstaticnat']: + self.module.fail_json(msg="IP address is allocated via static nat") + + self.result['changed'] = True + if not self.module.check_mode: + self.module.params['tags'] = [] + ip_address = self.ensure_tags(resource=ip_address, resource_type='publicipaddress') + + res = self.query_api('disassociateIpAddress', id=ip_address['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'ipaddress') + return ip_address + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + ip_address=dict(required=False), + state=dict(choices=['present', 'absent'], default='present'), + vpc=dict(), + network=dict(), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + tags=dict(type='list', elements='dict', aliases=['tag']), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + required_if=[ + ('state', 'absent', ['ip_address', 'tags'], True), + ], + mutually_exclusive=( + ['vpc', 'network'], + ), + supports_check_mode=True + ) + + acs_ip_address = AnsibleCloudStackIPAddress(module) + + state = module.params.get('state') + if state in ['absent']: + ip_address = acs_ip_address.disassociate_ip_address() + else: + ip_address = acs_ip_address.present_ip_address() + + result = acs_ip_address.get_result(ip_address) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_iso.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_iso.py new file mode 100644 index 00000000..cecca5eb --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_iso.py @@ -0,0 +1,436 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_iso +short_description: Manages ISO images on Apache CloudStack based clouds. +description: + - Register and remove ISO images. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the ISO. + type: str + required: true + display_text: + description: + - Display text of the ISO. + - If not specified, I(name) will be used. + type: str + url: + description: + - URL where the ISO can be downloaded from. Required if I(state) is present. + type: str + os_type: + description: + - Name of the OS that best represents the OS of this ISO. If the iso is bootable this parameter needs to be passed. Required if I(state) is present. + type: str + is_ready: + description: + - This flag is used for searching existing ISOs. If set to C(yes), it will only list ISO ready for deployment e.g. + successfully downloaded and installed. Recommended to set it to C(no). + type: bool + default: no + is_public: + description: + - Register the ISO to be publicly available to all users. Only used if I(state) is present. + type: bool + is_featured: + description: + - Register the ISO to be featured. Only used if I(state) is present. + type: bool + is_dynamically_scalable: + description: + - Register the ISO having XS/VMware tools installed inorder to support dynamic scaling of VM cpu/memory. Only used if I(state) is present. + type: bool + checksum: + description: + - The MD5 checksum value of this ISO. If set, we search by checksum instead of name. + type: str + bootable: + description: + - Register the ISO to be bootable. Only used if I(state) is present. + type: bool + domain: + description: + - Domain the ISO is related to. + type: str + account: + description: + - Account the ISO is related to. + type: str + project: + description: + - Name of the project the ISO to be registered in. + type: str + zone: + description: + - Name of the zone you wish the ISO to be registered or deleted from. + - If not specified, first zone found will be used. + type: str + cross_zones: + description: + - Whether the ISO should be synced or removed across zones. + - Mutually exclusive with I(zone). + type: bool + default: no + iso_filter: + description: + - Name of the filter used to search for the ISO. + type: str + default: self + choices: [ featured, self, selfexecutable,sharedexecutable,executable, community ] + state: + description: + - State of the ISO. + type: str + default: present + choices: [ present, absent ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Register an ISO if ISO name does not already exist + ngine_io.cloudstack.cs_iso: + name: Debian 7 64-bit + url: http://mirror.switch.ch/ftp/mirror/debian-cd/current/amd64/iso-cd/debian-7.7.0-amd64-netinst.iso + os_type: Debian GNU/Linux 7(64-bit) + +- name: Register an ISO with given name if ISO md5 checksum does not already exist + ngine_io.cloudstack.cs_iso: + name: Debian 7 64-bit + url: http://mirror.switch.ch/ftp/mirror/debian-cd/current/amd64/iso-cd/debian-7.7.0-amd64-netinst.iso + os_type: Debian GNU/Linux 7(64-bit) + checksum: 0b31bccccb048d20b551f70830bb7ad0 + +- name: Remove an ISO by name + ngine_io.cloudstack.cs_iso: + name: Debian 7 64-bit + state: absent + +- name: Remove an ISO by checksum + ngine_io.cloudstack.cs_iso: + name: Debian 7 64-bit + checksum: 0b31bccccb048d20b551f70830bb7ad0 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the ISO. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: Name of the ISO. + returned: success + type: str + sample: Debian 7 64-bit +display_text: + description: Text to be displayed of the ISO. + returned: success + type: str + sample: Debian 7.7 64-bit minimal 2015-03-19 +zone: + description: Name of zone the ISO is registered in. + returned: success + type: str + sample: zuerich +status: + description: Status of the ISO. + returned: success + type: str + sample: Successfully Installed +is_ready: + description: True if the ISO is ready to be deployed from. + returned: success + type: bool + sample: true +is_public: + description: True if the ISO is public. + returned: success + type: bool + sample: true +bootable: + description: True if the ISO is bootable. + returned: success + type: bool + sample: true +is_featured: + description: True if the ISO is featured. + returned: success + type: bool + sample: true +format: + description: Format of the ISO. + returned: success + type: str + sample: ISO +os_type: + description: Typo of the OS. + returned: success + type: str + sample: CentOS 6.5 (64-bit) +checksum: + description: MD5 checksum of the ISO. + returned: success + type: str + sample: 0b31bccccb048d20b551f70830bb7ad0 +created: + description: Date of registering. + returned: success + type: str + sample: 2015-03-29T14:57:06+0200 +cross_zones: + description: true if the ISO is managed across all zones, false otherwise. + returned: success + type: bool + sample: false +domain: + description: Domain the ISO is related to. + returned: success + type: str + sample: example domain +account: + description: Account the ISO is related to. + returned: success + type: str + sample: example account +project: + description: Project the ISO is related to. + returned: success + type: str + sample: example project +tags: + description: List of resource tags associated with the ISO. + returned: success + type: dict + sample: '[ { "key": "foo", "value": "bar" } ]' +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackIso(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackIso, self).__init__(module) + self.returns = { + 'checksum': 'checksum', + 'status': 'status', + 'isready': 'is_ready', + 'crossZones': 'cross_zones', + 'format': 'format', + 'ostypename': 'os_type', + 'isfeatured': 'is_featured', + 'bootable': 'bootable', + 'ispublic': 'is_public', + + } + self.iso = None + + def _get_common_args(self): + return { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'isdynamicallyscalable': self.module.params.get('is_dynamically_scalable'), + 'ostypeid': self.get_os_type('id'), + 'bootable': self.module.params.get('bootable'), + } + + def register_iso(self): + args = self._get_common_args() + args.update({ + 'domainid': self.get_domain('id'), + 'account': self.get_account('name'), + 'projectid': self.get_project('id'), + 'checksum': self.module.params.get('checksum'), + 'isfeatured': self.module.params.get('is_featured'), + 'ispublic': self.module.params.get('is_public'), + }) + + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + else: + args['zoneid'] = -1 + + if args['bootable'] and not args['ostypeid']: + self.module.fail_json(msg="OS type 'os_type' is required if 'bootable=true'.") + + args['url'] = self.module.params.get('url') + if not args['url']: + self.module.fail_json(msg="URL is required.") + + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('registerIso', **args) + self.iso = res['iso'][0] + return self.iso + + def present_iso(self): + iso = self.get_iso() + if not iso: + iso = self.register_iso() + else: + iso = self.update_iso(iso) + + if iso: + iso = self.ensure_tags(resource=iso, resource_type='ISO') + self.iso = iso + return iso + + def update_iso(self, iso): + args = self._get_common_args() + args.update({ + 'id': iso['id'], + }) + if self.has_changed(args, iso): + self.result['changed'] = True + + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + else: + # Workaround API does not return cross_zones=true + self.result['cross_zones'] = True + args['zoneid'] = -1 + + if not self.module.check_mode: + res = self.query_api('updateIso', **args) + self.iso = res['iso'] + return self.iso + + def get_iso(self): + if not self.iso: + args = { + 'isready': self.module.params.get('is_ready'), + 'isofilter': self.module.params.get('iso_filter'), + 'domainid': self.get_domain('id'), + 'account': self.get_account('name'), + 'projectid': self.get_project('id'), + } + + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + + # if checksum is set, we only look on that. + checksum = self.module.params.get('checksum') + if not checksum: + args['name'] = self.module.params.get('name') + + isos = self.query_api('listIsos', **args) + if isos: + if not checksum: + self.iso = isos['iso'][0] + else: + for i in isos['iso']: + if i['checksum'] == checksum: + self.iso = i + break + return self.iso + + def absent_iso(self): + iso = self.get_iso() + if iso: + self.result['changed'] = True + + args = { + 'id': iso['id'], + 'projectid': self.get_project('id'), + } + + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + + if not self.module.check_mode: + res = self.query_api('deleteIso', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'iso') + return iso + + def get_result(self, iso): + super(AnsibleCloudStackIso, self).get_result(iso) + # Workaround API does not return cross_zones=true + if self.module.params.get('cross_zones'): + self.result['cross_zones'] = True + if 'zone' in self.result: + del self.result['zone'] + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + url=dict(), + os_type=dict(), + zone=dict(), + cross_zones=dict(type='bool', default=False), + iso_filter=dict(default='self', choices=['featured', 'self', 'selfexecutable', 'sharedexecutable', 'executable', 'community']), + domain=dict(), + account=dict(), + project=dict(), + checksum=dict(), + is_ready=dict(type='bool', default=False), + bootable=dict(type='bool'), + is_featured=dict(type='bool'), + is_public=dict(type='bool'), + is_dynamically_scalable=dict(type='bool'), + state=dict(choices=['present', 'absent'], default='present'), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['zone', 'cross_zones'], + ), + supports_check_mode=True + ) + + acs_iso = AnsibleCloudStackIso(module) + + state = module.params.get('state') + if state in ['absent']: + iso = acs_iso.absent_iso() + else: + iso = acs_iso.present_iso() + + result = acs_iso.get_result(iso) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule.py new file mode 100644 index 00000000..12a7d13a --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule.py @@ -0,0 +1,371 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, Darren Worrall <darren@iweb.co.uk> +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_loadbalancer_rule +short_description: Manages load balancer rules on Apache CloudStack based clouds. +description: + - Add, update and remove load balancer rules. +author: + - Darren Worrall (@dazworrall) + - René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - The name of the load balancer rule. + type: str + required: true + description: + description: + - The description of the load balancer rule. + type: str + algorithm: + description: + - Load balancer algorithm + - Required when using I(state=present). + type: str + choices: [ source, roundrobin, leastconn ] + default: source + private_port: + description: + - The private port of the private ip address/virtual machine where the network traffic will be load balanced to. + - Required when using I(state=present). + - Can not be changed once the rule exists due API limitation. + type: int + public_port: + description: + - The public port from where the network traffic will be load balanced from. + - Required when using I(state=present). + - Can not be changed once the rule exists due API limitation. + type: int + ip_address: + description: + - Public IP address from where the network traffic will be load balanced from. + type: str + required: true + aliases: [ public_ip ] + open_firewall: + description: + - Whether the firewall rule for public port should be created, while creating the new rule. + - Use M(cs_firewall) for managing firewall rules. + type: bool + default: no + cidr: + description: + - CIDR (full notation) to be used for firewall rule if required. + type: str + protocol: + description: + - The protocol to be used on the load balancer + type: str + project: + description: + - Name of the project the load balancer IP address is related to. + type: str + state: + description: + - State of the rule. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the rule is related to. + type: str + account: + description: + - Account the rule is related to. + type: str + zone: + description: + - Name of the zone in which the rule should be created. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + network: + description: + - Name of the network. + type: str + vpc: + description: + - Name of the VPC. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a load balancer rule + ngine_io.cloudstack.cs_loadbalancer_rule: + name: balance_http + public_ip: 1.2.3.4 + algorithm: leastconn + public_port: 80 + private_port: 8080 + +- name: Update algorithm of an existing load balancer rule + ngine_io.cloudstack.cs_loadbalancer_rule: + name: balance_http + public_ip: 1.2.3.4 + algorithm: roundrobin + public_port: 80 + private_port: 8080 + +- name: Delete a load balancer rule + ngine_io.cloudstack.cs_loadbalancer_rule: + name: balance_http + public_ip: 1.2.3.4 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the rule. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +zone: + description: Name of zone the rule is related to. + returned: success + type: str + sample: ch-gva-2 +project: + description: Name of project the rule is related to. + returned: success + type: str + sample: Production +account: + description: Account the rule is related to. + returned: success + type: str + sample: example account +domain: + description: Domain the rule is related to. + returned: success + type: str + sample: example domain +algorithm: + description: Load balancer algorithm used. + returned: success + type: str + sample: source +cidr: + description: CIDR to forward traffic from. + returned: success + type: str + sample: 0.0.0.0/0 +name: + description: Name of the rule. + returned: success + type: str + sample: http-lb +description: + description: Description of the rule. + returned: success + type: str + sample: http load balancer rule +protocol: + description: Protocol of the rule. + returned: success + type: str + sample: tcp +public_port: + description: Public port. + returned: success + type: int + sample: 80 +private_port: + description: Private IP address. + returned: success + type: int + sample: 80 +public_ip: + description: Public IP address. + returned: success + type: str + sample: 1.2.3.4 +tags: + description: List of resource tags associated with the rule. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +state: + description: State of the rule. + returned: success + type: str + sample: Add +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackLBRule(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackLBRule, self).__init__(module) + self.returns = { + 'publicip': 'public_ip', + 'algorithm': 'algorithm', + 'cidrlist': 'cidr', + 'protocol': 'protocol', + } + # these values will be casted to int + self.returns_to_int = { + 'publicport': 'public_port', + 'privateport': 'private_port', + } + + def get_rule(self, **kwargs): + rules = self.query_api('listLoadBalancerRules', **kwargs) + if rules: + return rules['loadbalancerrule'][0] + + def _get_common_args(self): + return { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id') if self.module.params.get('zone') else None, + 'publicipid': self.get_ip_address(key='id'), + 'name': self.module.params.get('name'), + } + + def present_lb_rule(self): + required_params = [ + 'algorithm', + 'private_port', + 'public_port', + ] + self.module.fail_on_missing_params(required_params=required_params) + + args = self._get_common_args() + rule = self.get_rule(**args) + if rule: + rule = self._update_lb_rule(rule) + else: + rule = self._create_lb_rule(rule) + + if rule: + rule = self.ensure_tags(resource=rule, resource_type='LoadBalancer') + return rule + + def _create_lb_rule(self, rule): + self.result['changed'] = True + if not self.module.check_mode: + args = self._get_common_args() + args.update({ + 'algorithm': self.module.params.get('algorithm'), + 'privateport': self.module.params.get('private_port'), + 'publicport': self.module.params.get('public_port'), + 'cidrlist': self.module.params.get('cidr'), + 'description': self.module.params.get('description'), + 'protocol': self.module.params.get('protocol'), + 'networkid': self.get_network(key='id'), + }) + res = self.query_api('createLoadBalancerRule', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + rule = self.poll_job(res, 'loadbalancer') + return rule + + def _update_lb_rule(self, rule): + args = { + 'id': rule['id'], + 'algorithm': self.module.params.get('algorithm'), + 'description': self.module.params.get('description'), + } + if self.has_changed(args, rule): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateLoadBalancerRule', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + rule = self.poll_job(res, 'loadbalancer') + return rule + + def absent_lb_rule(self): + args = self._get_common_args() + rule = self.get_rule(**args) + if rule: + self.result['changed'] = True + if rule and not self.module.check_mode: + res = self.query_api('deleteLoadBalancerRule', id=rule['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'loadbalancer') + return rule + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + description=dict(), + algorithm=dict(choices=['source', 'roundrobin', 'leastconn'], default='source'), + private_port=dict(type='int'), + public_port=dict(type='int'), + protocol=dict(), + state=dict(choices=['present', 'absent'], default='present'), + ip_address=dict(required=True, aliases=['public_ip']), + cidr=dict(), + project=dict(), + open_firewall=dict(type='bool', default=False), + tags=dict(type='list', elements='dict', aliases=['tag']), + zone=dict(), + domain=dict(), + account=dict(), + vpc=dict(), + network=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_lb_rule = AnsibleCloudStackLBRule(module) + + state = module.params.get('state') + if state in ['absent']: + rule = acs_lb_rule.absent_lb_rule() + else: + rule = acs_lb_rule.present_lb_rule() + + result = acs_lb_rule.get_result(rule) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule_member.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule_member.py new file mode 100644 index 00000000..6922bb83 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_loadbalancer_rule_member.py @@ -0,0 +1,345 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, Darren Worrall <darren@iweb.co.uk> +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_loadbalancer_rule_member +short_description: Manages load balancer rule members on Apache CloudStack based clouds. +description: + - Add and remove load balancer rule members. +author: + - Darren Worrall (@dazworrall) + - René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - The name of the load balancer rule. + type: str + required: true + ip_address: + description: + - Public IP address from where the network traffic will be load balanced from. + - Only needed to find the rule if I(name) is not unique. + type: str + aliases: [ public_ip ] + vms: + description: + - List of VMs to assign to or remove from the rule. + type: list + elements: str + required: true + aliases: [ vm ] + state: + description: + - Should the VMs be present or absent from the rule. + type: str + default: present + choices: [ present, absent ] + project: + description: + - Name of the project the firewall rule is related to. + type: str + domain: + description: + - Domain the rule is related to. + type: str + account: + description: + - Account the rule is related to. + type: str + zone: + description: + - Name of the zone in which the rule should be located. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Add VMs to an existing load balancer + ngine_io.cloudstack.cs_loadbalancer_rule_member: + name: balance_http + vms: + - web01 + - web02 + +- name: Remove a VM from an existing load balancer + ngine_io.cloudstack.cs_loadbalancer_rule_member: + name: balance_http + vms: + - web01 + - web02 + state: absent + + +# Rolling upgrade of hosts +- hosts: webservers + serial: 1 + pre_tasks: + - name: Remove from load balancer + ngine_io.cloudstack.cs_loadbalancer_rule_member: + name: balance_http + vm: "{{ ansible_hostname }}" + state: absent + tasks: + # Perform update + post_tasks: + - name: Add to load balancer + ngine_io.cloudstack.cs_loadbalancer_rule_member: + name: balance_http + vm: "{{ ansible_hostname }}" + state: present + +''' + +RETURN = ''' +--- +id: + description: UUID of the rule. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +zone: + description: Name of zone the rule is related to. + returned: success + type: str + sample: ch-gva-2 +project: + description: Name of project the rule is related to. + returned: success + type: str + sample: Production +account: + description: Account the rule is related to. + returned: success + type: str + sample: example account +domain: + description: Domain the rule is related to. + returned: success + type: str + sample: example domain +algorithm: + description: Load balancer algorithm used. + returned: success + type: str + sample: source +cidr: + description: CIDR to forward traffic from. + returned: success + type: str + sample: 0.0.0.0/0 +name: + description: Name of the rule. + returned: success + type: str + sample: http-lb +description: + description: Description of the rule. + returned: success + type: str + sample: http load balancer rule +protocol: + description: Protocol of the rule. + returned: success + type: str + sample: tcp +public_port: + description: Public port. + returned: success + type: int + sample: 80 +private_port: + description: Private IP address. + returned: success + type: int + sample: 80 +public_ip: + description: Public IP address. + returned: success + type: str + sample: 1.2.3.4 +vms: + description: Rule members. + returned: success + type: list + sample: '[ "web01", "web02" ]' +tags: + description: List of resource tags associated with the rule. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +state: + description: State of the rule. + returned: success + type: str + sample: Add +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackLBRuleMember(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackLBRuleMember, self).__init__(module) + self.returns = { + 'publicip': 'public_ip', + 'algorithm': 'algorithm', + 'cidrlist': 'cidr', + 'protocol': 'protocol', + } + # these values will be casted to int + self.returns_to_int = { + 'publicport': 'public_port', + 'privateport': 'private_port', + } + + def get_rule(self): + args = self._get_common_args() + args.update({ + 'name': self.module.params.get('name'), + 'zoneid': self.get_zone(key='id') if self.module.params.get('zone') else None, + }) + if self.module.params.get('ip_address'): + args['publicipid'] = self.get_ip_address(key='id') + + rules = self.query_api('listLoadBalancerRules', **args) + if rules: + if len(rules['loadbalancerrule']) > 1: + self.module.fail_json(msg="More than one rule having name %s. Please pass 'ip_address' as well." % args['name']) + return rules['loadbalancerrule'][0] + return None + + def _get_common_args(self): + return { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + } + + def _get_members_of_rule(self, rule): + res = self.query_api('listLoadBalancerRuleInstances', id=rule['id']) + return res.get('loadbalancerruleinstance', []) + + def _ensure_members(self, operation): + if operation not in ['add', 'remove']: + self.module.fail_json(msg="Bad operation: %s" % operation) + + rule = self.get_rule() + if not rule: + self.module.fail_json(msg="Unknown rule: %s" % self.module.params.get('name')) + + existing = {} + for vm in self._get_members_of_rule(rule=rule): + existing[vm['name']] = vm['id'] + + wanted_names = self.module.params.get('vms') + + if operation == 'add': + cs_func = 'assignToLoadBalancerRule' + to_change = set(wanted_names) - set(existing.keys()) + else: + cs_func = 'removeFromLoadBalancerRule' + to_change = set(wanted_names) & set(existing.keys()) + + if not to_change: + return rule + + args = self._get_common_args() + args['fetch_list'] = True + vms = self.query_api('listVirtualMachines', **args) + to_change_ids = [] + for name in to_change: + for vm in vms: + if vm['name'] == name: + to_change_ids.append(vm['id']) + break + else: + self.module.fail_json(msg="Unknown VM: %s" % name) + + if to_change_ids: + self.result['changed'] = True + + if to_change_ids and not self.module.check_mode: + res = self.query_api( + cs_func, + id=rule['id'], + virtualmachineids=to_change_ids, + ) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res) + rule = self.get_rule() + return rule + + def add_members(self): + return self._ensure_members('add') + + def remove_members(self): + return self._ensure_members('remove') + + def get_result(self, rule): + super(AnsibleCloudStackLBRuleMember, self).get_result(rule) + if rule: + self.result['vms'] = [] + for vm in self._get_members_of_rule(rule=rule): + self.result['vms'].append(vm['name']) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + ip_address=dict(aliases=['public_ip']), + vms=dict(required=True, aliases=['vm'], type='list', elements='str'), + state=dict(choices=['present', 'absent'], default='present'), + zone=dict(), + domain=dict(), + project=dict(), + account=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_lb_rule_member = AnsibleCloudStackLBRuleMember(module) + + state = module.params.get('state') + if state in ['absent']: + rule = acs_lb_rule_member.remove_members() + else: + rule = acs_lb_rule_member.add_members() + + result = acs_lb_rule_member.get_result(rule) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network.py new file mode 100644 index 00000000..3dc37999 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network.py @@ -0,0 +1,633 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_network +short_description: Manages networks on Apache CloudStack based clouds. +description: + - Create, update, restart and delete networks. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name (case sensitive) of the network. + type: str + required: true + display_text: + description: + - Display text of the network. + - If not specified, I(name) will be used as I(display_text). + type: str + network_offering: + description: + - Name of the offering for the network. + - Required if I(state=present). + type: str + start_ip: + description: + - The beginning IPv4 address of the network belongs to. + - Only considered on create. + type: str + end_ip: + description: + - The ending IPv4 address of the network belongs to. + - If not specified, value of I(start_ip) is used. + - Only considered on create. + type: str + gateway: + description: + - The gateway of the network. + - Required for shared networks and isolated networks when it belongs to a VPC. + - Only considered on create. + type: str + netmask: + description: + - The netmask of the network. + - Required for shared networks and isolated networks when it belongs to a VPC. + - Only considered on create. + type: str + start_ipv6: + description: + - The beginning IPv6 address of the network belongs to. + - Only considered on create. + type: str + end_ipv6: + description: + - The ending IPv6 address of the network belongs to. + - If not specified, value of I(start_ipv6) is used. + - Only considered on create. + type: str + cidr_ipv6: + description: + - CIDR of IPv6 network, must be at least /64. + - Only considered on create. + type: str + gateway_ipv6: + description: + - The gateway of the IPv6 network. + - Required for shared networks. + - Only considered on create. + type: str + vlan: + description: + - The ID or VID of the network. + type: str + vpc: + description: + - Name of the VPC of the network. + type: str + isolated_pvlan: + description: + - The isolated private VLAN for this network. + type: str + clean_up: + description: + - Cleanup old network elements. + - Only considered on I(state=restarted). + default: no + type: bool + acl_type: + description: + - Access control type for the network. + - If not specified, Cloudstack will default to C(account) for isolated networks + - and C(domain) for shared networks. + - Only considered on create. + type: str + choices: [ account, domain ] + acl: + description: + - The name of the access control list for the VPC network tier. + type: str + subdomain_access: + description: + - Defines whether to allow subdomains to use networks dedicated to their parent domain(s). + - Should be used with I(acl_type=domain). + - Only considered on create. + type: bool + network_domain: + description: + - The network domain. + type: str + state: + description: + - State of the network. + type: str + default: present + choices: [ present, absent, restarted ] + zone: + description: + - Name of the zone in which the network should be deployed. + - If not set, default zone is used. + type: str + project: + description: + - Name of the project the network to be deployed in. + type: str + domain: + description: + - Domain the network is related to. + type: str + account: + description: + - Account the network is related to. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a network + ngine_io.cloudstack.cs_network: + name: my network + zone: gva-01 + network_offering: DefaultIsolatedNetworkOfferingWithSourceNatService + network_domain: example.com + +- name: Create a network with start and end IP + ngine_io.cloudstack.cs_network: + name: Private Network + network_offering: PrivNet + start_ip: 10.12.9.10 + end_ip: 10.12.9.100 + netmask: 255.255.255.0 + zone: gva-01 + +- name: Create a VPC tier + ngine_io.cloudstack.cs_network: + name: my VPC tier 1 + zone: gva-01 + vpc: my VPC + network_offering: DefaultIsolatedNetworkOfferingForVpcNetworks + gateway: 10.43.0.1 + netmask: 255.255.255.0 + acl: my web acl + +- name: Update a network + ngine_io.cloudstack.cs_network: + name: my network + display_text: network of domain example.local + network_domain: example.local + +- name: Restart a network with clean up + ngine_io.cloudstack.cs_network: + name: my network + clean_up: yes + state: restarted + +- name: Remove a network + ngine_io.cloudstack.cs_network: + name: my network + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the network. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the network. + returned: success + type: str + sample: web project +display_text: + description: Display text of the network. + returned: success + type: str + sample: web project +dns1: + description: IP address of the 1st nameserver. + returned: success + type: str + sample: 1.2.3.4 +dns2: + description: IP address of the 2nd nameserver. + returned: success + type: str + sample: 1.2.3.4 +cidr: + description: IPv4 network CIDR. + returned: success + type: str + sample: 10.101.64.0/24 +gateway: + description: IPv4 gateway. + returned: success + type: str + sample: 10.101.64.1 +netmask: + description: IPv4 netmask. + returned: success + type: str + sample: 255.255.255.0 +cidr_ipv6: + description: IPv6 network CIDR. + returned: if available + type: str + sample: 2001:db8::/64 +gateway_ipv6: + description: IPv6 gateway. + returned: if available + type: str + sample: 2001:db8::1 +zone: + description: Name of zone. + returned: success + type: str + sample: ch-gva-2 +domain: + description: Domain the network is related to. + returned: success + type: str + sample: ROOT +account: + description: Account the network is related to. + returned: success + type: str + sample: example account +project: + description: Name of project. + returned: success + type: str + sample: Production +tags: + description: List of resource tags associated with the network. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +acl_type: + description: Access type of the network (Domain, Account). + returned: success + type: str + sample: Account +acl: + description: Name of the access control list for the VPC network tier. + returned: success + type: str + sample: My ACL +acl_id: + description: ID of the access control list for the VPC network tier. + returned: success + type: str + sample: dfafcd55-0510-4b8c-b6c5-b8cedb4cfd88 +broadcast_domain_type: + description: Broadcast domain type of the network. + returned: success + type: str + sample: Vlan +type: + description: Type of the network. + returned: success + type: str + sample: Isolated +traffic_type: + description: Traffic type of the network. + returned: success + type: str + sample: Guest +state: + description: State of the network (Allocated, Implemented, Setup). + returned: success + type: str + sample: Allocated +is_persistent: + description: Whether the network is persistent or not. + returned: success + type: bool + sample: false +network_domain: + description: The network domain + returned: success + type: str + sample: example.local +network_offering: + description: The network offering name. + returned: success + type: str + sample: DefaultIsolatedNetworkOfferingWithSourceNatService +network_offering_display_text: + description: The network offering display text. + returned: success + type: str + sample: Offering for Isolated Vpc networks with Source Nat service enabled +network_offering_conserve_mode: + description: Whether the network offering has IP conserve mode enabled or not. + returned: success + type: bool + sample: false +network_offering_availability: + description: The availability of the network offering the network is created from + returned: success + type: str + sample: Optional +is_system: + description: Whether the network is system related or not. + returned: success + type: bool + sample: false +vpc: + description: Name of the VPC. + returned: if available + type: str + sample: My VPC +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackNetwork(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackNetwork, self).__init__(module) + self.returns = { + 'networkdomain': 'network_domain', + 'networkofferingname': 'network_offering', + 'networkofferingdisplaytext': 'network_offering_display_text', + 'networkofferingconservemode': 'network_offering_conserve_mode', + 'networkofferingavailability': 'network_offering_availability', + 'aclid': 'acl_id', + 'issystem': 'is_system', + 'ispersistent': 'is_persistent', + 'acltype': 'acl_type', + 'type': 'type', + 'traffictype': 'traffic_type', + 'ip6gateway': 'gateway_ipv6', + 'ip6cidr': 'cidr_ipv6', + 'gateway': 'gateway', + 'cidr': 'cidr', + 'netmask': 'netmask', + 'broadcastdomaintype': 'broadcast_domain_type', + 'dns1': 'dns1', + 'dns2': 'dns2', + } + self.network = None + + def get_network_acl(self, key=None, acl_id=None): + if acl_id is not None: + args = { + 'id': acl_id, + 'vpcid': self.get_vpc(key='id'), + } + else: + acl_name = self.module.params.get('acl') + if not acl_name: + return + + args = { + 'name': acl_name, + 'vpcid': self.get_vpc(key='id'), + } + network_acls = self.query_api('listNetworkACLLists', **args) + if network_acls: + acl = network_acls['networkacllist'][0] + return self._get_by_key(key, acl) + + def get_network_offering(self, key=None): + network_offering = self.module.params.get('network_offering') + if not network_offering: + self.module.fail_json(msg="missing required arguments: network_offering") + + args = { + 'zoneid': self.get_zone(key='id'), + 'fetch_list': True, + } + + network_offerings = self.query_api('listNetworkOfferings', **args) + if network_offerings: + for no in network_offerings: + if network_offering in [no['name'], no['displaytext'], no['id']]: + return self._get_by_key(key, no) + self.module.fail_json(msg="Network offering '%s' not found" % network_offering) + + def _get_args(self): + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'networkdomain': self.module.params.get('network_domain'), + 'networkofferingid': self.get_network_offering(key='id') + } + return args + + def get_network(self, refresh=False): + if not self.network or refresh: + network = self.module.params.get('name') + args = { + 'zoneid': self.get_zone(key='id'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'vpcid': self.get_vpc(key='id'), + 'fetch_list': True, + } + networks = self.query_api('listNetworks', **args) + if networks: + for n in networks: + if network in [n['name'], n['displaytext'], n['id']]: + self.network = n + self.network['acl'] = self.get_network_acl(key='name', acl_id=n.get('aclid')) + break + return self.network + + def present_network(self): + if self.module.params.get('acl') is not None and self.module.params.get('vpc') is None: + self.module.fail_json(msg="Missing required params: vpc") + + network = self.get_network() + if not network: + network = self.create_network(network) + else: + network = self.update_network(network) + + if network: + network = self.ensure_tags(resource=network, resource_type='Network') + + return network + + def update_network(self, network): + args = self._get_args() + args['id'] = network['id'] + + if self.has_changed(args, network): + self.result['changed'] = True + if not self.module.check_mode: + network = self.query_api('updateNetwork', **args) + + poll_async = self.module.params.get('poll_async') + if network and poll_async: + network = self.poll_job(network, 'network') + + # Skip ACL check if the network is not a VPC tier + if network.get('aclid') != self.get_network_acl(key='id'): + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'aclid': self.get_network_acl(key='id'), + 'networkid': network['id'], + } + network = self.query_api('replaceNetworkACLList', **args) + if self.module.params.get('poll_async'): + self.poll_job(network, 'networkacllist') + network = self.get_network(refresh=True) + return network + + def create_network(self, network): + self.result['changed'] = True + + args = self._get_args() + args.update({ + 'acltype': self.module.params.get('acl_type'), + 'aclid': self.get_network_acl(key='id'), + 'zoneid': self.get_zone(key='id'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'startip': self.module.params.get('start_ip'), + 'endip': self.get_or_fallback('end_ip', 'start_ip'), + 'netmask': self.module.params.get('netmask'), + 'gateway': self.module.params.get('gateway'), + 'startipv6': self.module.params.get('start_ipv6'), + 'endipv6': self.get_or_fallback('end_ipv6', 'start_ipv6'), + 'ip6cidr': self.module.params.get('cidr_ipv6'), + 'ip6gateway': self.module.params.get('gateway_ipv6'), + 'vlan': self.module.params.get('vlan'), + 'isolatedpvlan': self.module.params.get('isolated_pvlan'), + 'subdomainaccess': self.module.params.get('subdomain_access'), + 'vpcid': self.get_vpc(key='id') + }) + + if not self.module.check_mode: + res = self.query_api('createNetwork', **args) + + network = res['network'] + return network + + def restart_network(self): + network = self.get_network() + + if not network: + self.module.fail_json(msg="No network named '%s' found." % self.module.params('name')) + + # Restarting only available for these states + if network['state'].lower() in ['implemented', 'setup']: + self.result['changed'] = True + + args = { + 'id': network['id'], + 'cleanup': self.module.params.get('clean_up') + } + + if not self.module.check_mode: + network = self.query_api('restartNetwork', **args) + + poll_async = self.module.params.get('poll_async') + if network and poll_async: + network = self.poll_job(network, 'network') + return network + + def absent_network(self): + network = self.get_network() + if network: + self.result['changed'] = True + + args = { + 'id': network['id'] + } + + if not self.module.check_mode: + res = self.query_api('deleteNetwork', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + self.poll_job(res, 'network') + return network + + def get_result(self, network): + super(AnsibleCloudStackNetwork, self).get_result(network) + if network: + self.result['acl'] = self.get_network_acl(key='name', acl_id=network.get('aclid')) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + network_offering=dict(), + zone=dict(), + start_ip=dict(), + end_ip=dict(), + gateway=dict(), + netmask=dict(), + start_ipv6=dict(), + end_ipv6=dict(), + cidr_ipv6=dict(), + gateway_ipv6=dict(), + vlan=dict(), + vpc=dict(), + isolated_pvlan=dict(), + clean_up=dict(type='bool', default=False), + network_domain=dict(), + subdomain_access=dict(type='bool'), + state=dict(choices=['present', 'absent', 'restarted'], default='present'), + acl=dict(), + acl_type=dict(choices=['account', 'domain']), + project=dict(), + domain=dict(), + account=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_network = AnsibleCloudStackNetwork(module) + + state = module.params.get('state') + if state == 'absent': + network = acs_network.absent_network() + + elif state == 'restarted': + network = acs_network.restart_network() + + else: + network = acs_network.present_network() + + result = acs_network.get_result(network) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl.py new file mode 100644 index 00000000..b6cd0e18 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl.py @@ -0,0 +1,197 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_network_acl +short_description: Manages network access control lists (ACL) on Apache CloudStack based clouds. +description: + - Create and remove network ACLs. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the network ACL. + type: str + required: true + description: + description: + - Description of the network ACL. + - If not set, identical to I(name). + type: str + vpc: + description: + - VPC the network ACL is related to. + type: str + required: true + state: + description: + - State of the network ACL. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the network ACL rule is related to. + type: str + account: + description: + - Account the network ACL rule is related to. + type: str + project: + description: + - Name of the project the network ACL is related to. + type: str + zone: + description: + - Name of the zone the VPC is related to. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a network ACL + ngine_io.cloudstack.cs_network_acl: + name: Webserver ACL + description: a more detailed description of the ACL + vpc: customers + +- name: remove a network ACL + ngine_io.cloudstack.cs_network_acl: + name: Webserver ACL + vpc: customers + state: absent +''' + +RETURN = ''' +--- +name: + description: Name of the network ACL. + returned: success + type: str + sample: customer acl +description: + description: Description of the network ACL. + returned: success + type: str + sample: Example description of a network ACL +vpc: + description: VPC of the network ACL. + returned: success + type: str + sample: customer vpc +zone: + description: Zone the VPC is related to. + returned: success + type: str + sample: ch-gva-2 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackNetworkAcl(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackNetworkAcl, self).__init__(module) + + def get_network_acl(self): + args = { + 'name': self.module.params.get('name'), + 'vpcid': self.get_vpc(key='id'), + } + network_acls = self.query_api('listNetworkACLLists', **args) + if network_acls: + return network_acls['networkacllist'][0] + return None + + def present_network_acl(self): + network_acl = self.get_network_acl() + if not network_acl: + self.result['changed'] = True + args = { + 'name': self.module.params.get('name'), + 'description': self.get_or_fallback('description', 'name'), + 'vpcid': self.get_vpc(key='id') + } + if not self.module.check_mode: + res = self.query_api('createNetworkACLList', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + network_acl = self.poll_job(res, 'networkacllist') + + return network_acl + + def absent_network_acl(self): + network_acl = self.get_network_acl() + if network_acl: + self.result['changed'] = True + args = { + 'id': network_acl['id'], + } + if not self.module.check_mode: + res = self.query_api('deleteNetworkACLList', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'networkacllist') + + return network_acl + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + description=dict(), + vpc=dict(required=True), + state=dict(choices=['present', 'absent'], default='present'), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_network_acl = AnsibleCloudStackNetworkAcl(module) + + state = module.params.get('state') + if state == 'absent': + network_acl = acs_network_acl.absent_network_acl() + else: + network_acl = acs_network_acl.present_network_acl() + + result = acs_network_acl.get_result(network_acl) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl_rule.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl_rule.py new file mode 100644 index 00000000..acce9e2c --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_acl_rule.py @@ -0,0 +1,457 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_network_acl_rule +short_description: Manages network access control list (ACL) rules on Apache CloudStack based clouds. +description: + - Add, update and remove network ACL rules. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + network_acl: + description: + - Name of the network ACL. + type: str + required: true + aliases: [ acl ] + cidrs: + description: + - CIDRs of the rule. + type: list + elements: str + default: [ 0.0.0.0/0 ] + aliases: [ cidr ] + rule_position: + description: + - The position of the network ACL rule. + type: int + required: true + aliases: [ number ] + protocol: + description: + - Protocol of the rule + choices: [ tcp, udp, icmp, all, by_number ] + type: str + default: tcp + protocol_number: + description: + - Protocol number from 1 to 256 required if I(protocol=by_number). + type: int + start_port: + description: + - Start port for this rule. + - Considered if I(protocol=tcp) or I(protocol=udp). + type: int + aliases: [ port ] + end_port: + description: + - End port for this rule. + - Considered if I(protocol=tcp) or I(protocol=udp). + - If not specified, equal I(start_port). + type: int + icmp_type: + description: + - Type of the icmp message being sent. + - Considered if I(protocol=icmp). + type: int + icmp_code: + description: + - Error code for this icmp message. + - Considered if I(protocol=icmp). + type: int + vpc: + description: + - VPC the network ACL is related to. + type: str + required: true + traffic_type: + description: + - Traffic type of the rule. + type: str + choices: [ ingress, egress ] + default: ingress + aliases: [ type ] + action_policy: + description: + - Action policy of the rule. + type: str + choices: [ allow, deny ] + default: allow + aliases: [ action ] + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "If you want to delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + domain: + description: + - Domain the VPC is related to. + type: str + account: + description: + - Account the VPC is related to. + type: str + project: + description: + - Name of the project the VPC is related to. + type: str + zone: + description: + - Name of the zone the VPC related to. + - If not set, default zone is used. + type: str + state: + description: + - State of the network ACL rule. + type: str + default: present + choices: [ present, absent ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a network ACL rule, allow port 80 ingress + ngine_io.cloudstack.cs_network_acl_rule: + network_acl: web + rule_position: 1 + vpc: my vpc + traffic_type: ingress + action_policy: allow + port: 80 + cidr: 0.0.0.0/0 + +- name: create a network ACL rule, deny port range 8000-9000 ingress for 10.20.0.0/16 and 10.22.0.0/16 + ngine_io.cloudstack.cs_network_acl_rule: + network_acl: web + rule_position: 1 + vpc: my vpc + traffic_type: ingress + action_policy: deny + start_port: 8000 + end_port: 9000 + cidrs: + - 10.20.0.0/16 + - 10.22.0.0/16 + +- name: remove a network ACL rule + ngine_io.cloudstack.cs_network_acl_rule: + network_acl: web + rule_position: 1 + vpc: my vpc + state: absent +''' + +RETURN = ''' +--- +network_acl: + description: Name of the network ACL. + returned: success + type: str + sample: customer acl +cidr: + description: CIDR of the network ACL rule. + returned: success + type: str + sample: 0.0.0.0/0 +cidrs: + description: CIDRs of the network ACL rule. + returned: success + type: list + sample: [ 0.0.0.0/0 ] +rule_position: + description: Position of the network ACL rule. + returned: success + type: int + sample: 1 +action_policy: + description: Action policy of the network ACL rule. + returned: success + type: str + sample: deny +traffic_type: + description: Traffic type of the network ACL rule. + returned: success + type: str + sample: ingress +protocol: + description: Protocol of the network ACL rule. + returned: success + type: str + sample: tcp +protocol_number: + description: Protocol number in case protocol is by number. + returned: success + type: int + sample: 8 +start_port: + description: Start port of the network ACL rule. + returned: success + type: int + sample: 80 +end_port: + description: End port of the network ACL rule. + returned: success + type: int + sample: 80 +icmp_code: + description: ICMP code of the network ACL rule. + returned: success + type: int + sample: 8 +icmp_type: + description: ICMP type of the network ACL rule. + returned: success + type: int + sample: 0 +state: + description: State of the network ACL rule. + returned: success + type: str + sample: Active +vpc: + description: VPC of the network ACL. + returned: success + type: str + sample: customer vpc +tags: + description: List of resource tags associated with the network ACL rule. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +domain: + description: Domain the network ACL rule is related to. + returned: success + type: str + sample: example domain +account: + description: Account the network ACL rule is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the network ACL rule is related to. + returned: success + type: str + sample: Production +zone: + description: Zone the VPC is related to. + returned: success + type: str + sample: ch-gva-2 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackNetworkAclRule(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackNetworkAclRule, self).__init__(module) + self.returns = { + 'cidrlist': 'cidr', + 'action': 'action_policy', + 'protocol': 'protocol', + 'icmpcode': 'icmp_code', + 'icmptype': 'icmp_type', + 'number': 'rule_position', + 'traffictype': 'traffic_type', + } + # these values will be casted to int + self.returns_to_int = { + 'startport': 'start_port', + 'endport': 'end_port', + } + + def get_network_acl_rule(self): + args = { + 'aclid': self.get_network_acl(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + } + network_acl_rules = self.query_api('listNetworkACLs', **args) + for acl_rule in network_acl_rules.get('networkacl', []): + if acl_rule['number'] == self.module.params.get('rule_position'): + return acl_rule + return None + + def present_network_acl_rule(self): + network_acl_rule = self.get_network_acl_rule() + + protocol = self.module.params.get('protocol') + start_port = self.module.params.get('start_port') + end_port = self.get_or_fallback('end_port', 'start_port') + icmp_type = self.module.params.get('icmp_type') + icmp_code = self.module.params.get('icmp_code') + + if protocol in ['tcp', 'udp'] and (start_port is None or end_port is None): + self.module.fail_json(msg="protocol is %s but the following are missing: start_port, end_port" % protocol) + + elif protocol == 'icmp' and (icmp_type is None or icmp_code is None): + self.module.fail_json(msg="protocol is icmp but the following are missing: icmp_type, icmp_code") + + elif protocol == 'by_number' and self.module.params.get('protocol_number') is None: + self.module.fail_json(msg="protocol is by_number but the following are missing: protocol_number") + + if not network_acl_rule: + network_acl_rule = self._create_network_acl_rule(network_acl_rule) + else: + network_acl_rule = self._update_network_acl_rule(network_acl_rule) + + if network_acl_rule: + network_acl_rule = self.ensure_tags(resource=network_acl_rule, resource_type='NetworkACL') + return network_acl_rule + + def absent_network_acl_rule(self): + network_acl_rule = self.get_network_acl_rule() + if network_acl_rule: + self.result['changed'] = True + args = { + 'id': network_acl_rule['id'], + } + if not self.module.check_mode: + res = self.query_api('deleteNetworkACL', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'networkacl') + + return network_acl_rule + + def _create_network_acl_rule(self, network_acl_rule): + self.result['changed'] = True + protocol = self.module.params.get('protocol') + args = { + 'aclid': self.get_network_acl(key='id'), + 'action': self.module.params.get('action_policy'), + 'protocol': protocol if protocol != 'by_number' else self.module.params.get('protocol_number'), + 'startport': self.module.params.get('start_port'), + 'endport': self.get_or_fallback('end_port', 'start_port'), + 'number': self.module.params.get('rule_position'), + 'icmpcode': self.module.params.get('icmp_code'), + 'icmptype': self.module.params.get('icmp_type'), + 'traffictype': self.module.params.get('traffic_type'), + 'cidrlist': self.module.params.get('cidrs'), + } + if not self.module.check_mode: + res = self.query_api('createNetworkACL', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + network_acl_rule = self.poll_job(res, 'networkacl') + + return network_acl_rule + + def _update_network_acl_rule(self, network_acl_rule): + protocol = self.module.params.get('protocol') + args = { + 'id': network_acl_rule['id'], + 'action': self.module.params.get('action_policy'), + 'protocol': protocol if protocol != 'by_number' else str(self.module.params.get('protocol_number')), + 'startport': self.module.params.get('start_port'), + 'endport': self.get_or_fallback('end_port', 'start_port'), + 'icmpcode': self.module.params.get('icmp_code'), + 'icmptype': self.module.params.get('icmp_type'), + 'traffictype': self.module.params.get('traffic_type'), + 'cidrlist': ",".join(self.module.params.get('cidrs')), + } + if self.has_changed(args, network_acl_rule): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateNetworkACLItem', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + network_acl_rule = self.poll_job(res, 'networkacl') + + return network_acl_rule + + def get_result(self, network_acl_rule): + super(AnsibleCloudStackNetworkAclRule, self).get_result(network_acl_rule) + if network_acl_rule: + if 'cidrlist' in network_acl_rule: + self.result['cidrs'] = network_acl_rule['cidrlist'].split(',') or [network_acl_rule['cidrlist']] + if network_acl_rule['protocol'] not in ['tcp', 'udp', 'icmp', 'all']: + self.result['protocol_number'] = int(network_acl_rule['protocol']) + self.result['protocol'] = 'by_number' + self.result['action_policy'] = self.result['action_policy'].lower() + self.result['traffic_type'] = self.result['traffic_type'].lower() + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + network_acl=dict(required=True, aliases=['acl']), + rule_position=dict(required=True, type='int', aliases=['number']), + vpc=dict(required=True), + cidrs=dict(type='list', elements='str', default=['0.0.0.0/0'], aliases=['cidr']), + protocol=dict(choices=['tcp', 'udp', 'icmp', 'all', 'by_number'], default='tcp'), + protocol_number=dict(type='int'), + traffic_type=dict(choices=['ingress', 'egress'], aliases=['type'], default='ingress'), + action_policy=dict(choices=['allow', 'deny'], aliases=['action'], default='allow'), + icmp_type=dict(type='int'), + icmp_code=dict(type='int'), + start_port=dict(type='int', aliases=['port']), + end_port=dict(type='int'), + state=dict(choices=['present', 'absent'], default='present'), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + tags=dict(type='list', elements='dict', aliases=['tag']), + poll_async=dict(type='bool', default=True), + )) + + required_together = cs_required_together() + required_together.extend([ + ['icmp_type', 'icmp_code'], + ]) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['icmp_type', 'start_port'], + ['icmp_type', 'end_port'], + ), + supports_check_mode=True + ) + + acs_network_acl_rule = AnsibleCloudStackNetworkAclRule(module) + + state = module.params.get('state') + if state == 'absent': + network_acl_rule = acs_network_acl_rule.absent_network_acl_rule() + else: + network_acl_rule = acs_network_acl_rule.present_network_acl_rule() + + result = acs_network_acl_rule.get_result(network_acl_rule) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_offering.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_offering.py new file mode 100644 index 00000000..a5c5cb93 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_network_offering.py @@ -0,0 +1,422 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, David Passante (@dpassante) +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_network_offering +short_description: Manages network offerings on Apache CloudStack based clouds. +description: + - Create, update, enable, disable and remove network offerings. +author: David Passante (@dpassante) +version_added: 0.1.0 +options: + state: + description: + - State of the network offering. + type: str + choices: [ enabled, present, disabled, absent] + default: present + display_text: + description: + - Display text of the network offerings. + type: str + guest_ip_type: + description: + - Guest type of the network offering. + type: str + choices: [ Shared, Isolated ] + name: + description: + - The name of the network offering. + type: str + required: true + supported_services: + description: + - Services supported by the network offering. + - A list of one or more items from the choice list. + type: list + elements: str + choices: [ Dns, PortForwarding, Dhcp, SourceNat, UserData, Firewall, StaticNat, Vpn, Lb ] + aliases: [ supported_service ] + traffic_type: + description: + - The traffic type for the network offering. + type: str + default: Guest + availability: + description: + - The availability of network offering. Default value is Optional + type: str + conserve_mode: + description: + - Whether the network offering has IP conserve mode enabled. + type: bool + details: + description: + - Network offering details in key/value pairs. + - with service provider as a value + type: list + elements: dict + egress_default_policy: + description: + - Whether the default egress policy is allow or to deny. + type: str + choices: [ allow, deny ] + persistent: + description: + - True if network offering supports persistent networks + - defaulted to false if not specified + type: bool + keepalive_enabled: + description: + - If true keepalive will be turned on in the loadbalancer. + - At the time of writing this has only an effect on haproxy. + - the mode http and httpclose options are unset in the haproxy conf file. + type: bool + max_connections: + description: + - Maximum number of concurrent connections supported by the network offering. + type: int + network_rate: + description: + - Data transfer rate in megabits per second allowed. + type: int + service_capabilities: + description: + - Desired service capabilities as part of network offering. + type: list + elements: str + aliases: [ service_capability ] + service_offering: + description: + - The service offering name or ID used by virtual router provider. + type: str + service_providers: + description: + - Provider to service mapping. + - If not specified, the provider for the service will be mapped to the default provider on the physical network. + type: list + elements: dict + aliases: [ service_provider ] + specify_ip_ranges: + description: + - Whether the network offering supports specifying IP ranges. + - Defaulted to C(no) by the API if not specified. + type: bool + specify_vlan: + description: + - Whether the network offering supports vlans or not. + type: bool + for_vpc: + description: + - Whether the offering is meant to be used for VPC or not. + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a network offering and enable it + ngine_io.cloudstack.cs_network_offering: + name: my_network_offering + display_text: network offering description + state: enabled + guest_ip_type: Isolated + supported_services: [ Dns, PortForwarding, Dhcp, SourceNat, UserData, Firewall, StaticNat, Vpn, Lb ] + service_providers: + - { service: 'dns', provider: 'virtualrouter' } + - { service: 'dhcp', provider: 'virtualrouter' } + +- name: Remove a network offering + ngine_io.cloudstack.cs_network_offering: + name: my_network_offering + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the network offering. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: The name of the network offering. + returned: success + type: str + sample: MyCustomNetworkOffering +display_text: + description: The display text of the network offering. + returned: success + type: str + sample: My network offering +state: + description: The state of the network offering. + returned: success + type: str + sample: Enabled +guest_ip_type: + description: Guest type of the network offering. + returned: success + type: str + sample: Isolated +availability: + description: The availability of network offering. + returned: success + type: str + sample: Optional +service_offering_id: + description: The service offering ID. + returned: success + type: str + sample: c5f7a5fc-43f8-11e5-a151-feff819cdc9f +max_connections: + description: The maximum number of concurrent connections to be handled by LB. + returned: success + type: int + sample: 300 +network_rate: + description: The network traffic transfer ate in Mbit/s. + returned: success + type: int + sample: 200 +traffic_type: + description: The traffic type. + returned: success + type: str + sample: Guest +egress_default_policy: + description: Default egress policy. + returned: success + type: str + sample: allow +is_persistent: + description: Whether persistent networks are supported or not. + returned: success + type: bool + sample: false +is_default: + description: Whether network offering is the default offering or not. + returned: success + type: bool + sample: false +for_vpc: + description: Whether the offering is meant to be used for VPC or not. + returned: success + type: bool + sample: false +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackNetworkOffering(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackNetworkOffering, self).__init__(module) + self.returns = { + 'guestiptype': 'guest_ip_type', + 'availability': 'availability', + 'serviceofferingid': 'service_offering_id', + 'networkrate': 'network_rate', + 'maxconnections': 'max_connections', + 'traffictype': 'traffic_type', + 'isdefault': 'is_default', + 'ispersistent': 'is_persistent', + 'forvpc': 'for_vpc' + } + self.network_offering = None + + def get_service_offering_id(self): + service_offering = self.module.params.get('service_offering') + if not service_offering: + return None + + args = { + 'issystem': True + } + + service_offerings = self.query_api('listServiceOfferings', **args) + if service_offerings: + for s in service_offerings['serviceoffering']: + if service_offering in [s['name'], s['id']]: + return s['id'] + self.fail_json(msg="Service offering '%s' not found" % service_offering) + + def get_network_offering(self): + if self.network_offering: + return self.network_offering + + args = { + 'name': self.module.params.get('name'), + 'guestiptype': self.module.params.get('guest_type'), + } + no = self.query_api('listNetworkOfferings', **args) + if no: + self.network_offering = no['networkoffering'][0] + + return self.network_offering + + def create_or_update(self): + network_offering = self.get_network_offering() + + if not network_offering: + network_offering = self.create_network_offering() + + return self.update_network_offering(network_offering=network_offering) + + def create_network_offering(self): + network_offering = None + self.result['changed'] = True + + args = { + 'state': self.module.params.get('state'), + 'displaytext': self.module.params.get('display_text'), + 'guestiptype': self.module.params.get('guest_ip_type'), + 'name': self.module.params.get('name'), + 'supportedservices': self.module.params.get('supported_services'), + 'traffictype': self.module.params.get('traffic_type'), + 'availability': self.module.params.get('availability'), + 'conservemode': self.module.params.get('conserve_mode'), + 'details': self.module.params.get('details'), + 'egressdefaultpolicy': self.module.params.get('egress_default_policy') == 'allow', + 'ispersistent': self.module.params.get('persistent'), + 'keepaliveenabled': self.module.params.get('keepalive_enabled'), + 'maxconnections': self.module.params.get('max_connections'), + 'networkrate': self.module.params.get('network_rate'), + 'servicecapabilitylist': self.module.params.get('service_capabilities'), + 'serviceofferingid': self.get_service_offering_id(), + 'serviceproviderlist': self.module.params.get('service_providers'), + 'specifyipranges': self.module.params.get('specify_ip_ranges'), + 'specifyvlan': self.module.params.get('specify_vlan'), + 'forvpc': self.module.params.get('for_vpc'), + } + + required_params = [ + 'display_text', + 'guest_ip_type', + 'supported_services', + 'service_providers', + ] + + self.module.fail_on_missing_params(required_params=required_params) + + if not self.module.check_mode: + res = self.query_api('createNetworkOffering', **args) + network_offering = res['networkoffering'] + + return network_offering + + def delete_network_offering(self): + network_offering = self.get_network_offering() + + if network_offering: + self.result['changed'] = True + if not self.module.check_mode: + self.query_api('deleteNetworkOffering', id=network_offering['id']) + + return network_offering + + def update_network_offering(self, network_offering): + if not network_offering: + return network_offering + + args = { + 'id': network_offering['id'], + 'state': self.module.params.get('state'), + 'displaytext': self.module.params.get('display_text'), + 'name': self.module.params.get('name'), + 'availability': self.module.params.get('availability'), + 'maxconnections': self.module.params.get('max_connections'), + } + + if args['state'] in ['enabled', 'disabled']: + args['state'] = args['state'].title() + else: + del args['state'] + + if self.has_changed(args, network_offering): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateNetworkOffering', **args) + network_offering = res['networkoffering'] + + return network_offering + + def get_result(self, network_offering): + super(AnsibleCloudStackNetworkOffering, self).get_result(network_offering) + if network_offering: + self.result['egress_default_policy'] = 'allow' if network_offering.get('egressdefaultpolicy') else 'deny' + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + state=dict(choices=['enabled', 'present', 'disabled', 'absent'], default='present'), + display_text=dict(), + guest_ip_type=dict(choices=['Shared', 'Isolated']), + name=dict(required=True), + supported_services=dict(type='list', elements='str', aliases=['supported_service'], choices=[ + 'Dns', + 'PortForwarding', + 'Dhcp', + 'SourceNat', + 'UserData', + 'Firewall', + 'StaticNat', + 'Vpn', + 'Lb', + ]), + traffic_type=dict(default='Guest'), + availability=dict(), + conserve_mode=dict(type='bool'), + details=dict(type='list', elements='dict'), + egress_default_policy=dict(choices=['allow', 'deny']), + persistent=dict(type='bool'), + keepalive_enabled=dict(type='bool'), + max_connections=dict(type='int'), + network_rate=dict(type='int'), + service_capabilities=dict(type='list', elements='str', aliases=['service_capability']), + service_offering=dict(), + service_providers=dict(type='list', elements='dict', aliases=['service_provider']), + specify_ip_ranges=dict(type='bool'), + specify_vlan=dict(type='bool'), + for_vpc=dict(type='bool'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_network_offering = AnsibleCloudStackNetworkOffering(module) + + state = module.params.get('state') + if state in ['absent']: + network_offering = acs_network_offering.delete_network_offering() + else: + network_offering = acs_network_offering.create_or_update() + + result = acs_network_offering.get_result(network_offering) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_physical_network.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_physical_network.py new file mode 100644 index 00000000..2148afc2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_physical_network.py @@ -0,0 +1,473 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, Netservers Ltd. <support@netservers.co.uk> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_physical_network +short_description: Manages physical networks on Apache CloudStack based clouds. +description: + - Create, update and remove networks. + - Enabled and disabled Network Service Providers + - Enables Internal LoadBalancer and VPC/VirtualRouter elements as required +author: + - Netservers Ltd. (@netservers) + - Patryk Cichy (@PatTheSilent) +version_added: 0.1.0 +options: + name: + description: + - Name of the physical network. + required: true + aliases: + - physical_network + type: str + zone: + description: + - Name of the zone in which the network belongs. + - If not set, default zone is used. + type: str + broadcast_domain_range: + description: + - broadcast domain range for the physical network[Pod or Zone]. + choices: [ POD, ZONE ] + type: str + domain: + description: + - Domain the network is owned by. + type: str + isolation_method: + description: + - Isolation method for the physical network. + choices: [ VLAN, GRE, L3 ] + type: str + network_speed: + description: + - The speed for the physical network. + choices: [1G, 10G] + type: str + tags: + description: + - A tag to identify this network. + - Physical networks support only one tag. + - To remove an existing tag pass an empty string. + aliases: + - tag + type: str + vlan: + description: + - The VLAN/VNI Ranges of the physical network. + type: str + nsps_enabled: + description: + - List of Network Service Providers to enable. + type: list + elements: str + nsps_disabled: + description: + - List of Network Service Providers to disable. + type: list + elements: str + state: + description: + - State of the physical network. + default: present + type: str + choices: [ present, absent, disabled, enabled ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a network is present + ngine_io.cloudstack.cs_physical_network: + name: net01 + zone: zone01 + isolation_method: VLAN + broadcast_domain_range: ZONE + +- name: Set a tag on a network + ngine_io.cloudstack.cs_physical_network: + name: net01 + tag: overlay + +- name: Remove tag on a network + ngine_io.cloudstack.cs_physical_network: + name: net01 + tag: "" + +- name: Ensure a network is enabled with specific nsps enabled + ngine_io.cloudstack.cs_physical_network: + name: net01 + zone: zone01 + isolation_method: VLAN + vlan: 100-200,300-400 + broadcast_domain_range: ZONE + state: enabled + nsps_enabled: + - virtualrouter + - internallbvm + - vpcvirtualrouter + +- name: Ensure a network is disabled + ngine_io.cloudstack.cs_physical_network: + name: net01 + zone: zone01 + state: disabled + +- name: Ensure a network is enabled + ngine_io.cloudstack.cs_physical_network: + name: net01 + zone: zone01 + state: enabled + +- name: Ensure a network is absent + ngine_io.cloudstack.cs_physical_network: + name: net01 + zone: zone01 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the network. + returned: success + type: str + sample: 3f8f25cd-c498-443f-9058-438cfbcbff50 +name: + description: Name of the network. + returned: success + type: str + sample: net01 +state: + description: State of the network [Enabled/Disabled]. + returned: success + type: str + sample: Enabled +broadcast_domain_range: + description: broadcastdomainrange of the network [POD / ZONE]. + returned: success + type: str + sample: ZONE +isolation_method: + description: isolationmethod of the network [VLAN/GRE/L3]. + returned: success + type: str + sample: VLAN +network_speed: + description: networkspeed of the network [1G/10G]. + returned: success + type: str + sample: 1G +zone: + description: Name of zone the physical network is in. + returned: success + type: str + sample: ch-gva-2 +domain: + description: Name of domain the network is in. + returned: success + type: str + sample: domain1 +nsps: + description: list of enabled or disabled Network Service Providers + type: complex + returned: on enabling/disabling of Network Service Providers + contains: + enabled: + description: list of Network Service Providers that were enabled + returned: on Network Service Provider enabling + type: list + sample: + - virtualrouter + disabled: + description: list of Network Service Providers that were disabled + returned: on Network Service Provider disabling + type: list + sample: + - internallbvm +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackPhysicalNetwork(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackPhysicalNetwork, self).__init__(module) + self.returns = { + 'isolationmethods': 'isolation_method', + 'broadcastdomainrange': 'broadcast_domain_range', + 'networkspeed': 'network_speed', + 'vlan': 'vlan', + 'tags': 'tags', + } + self.nsps = [] + self.vrouters = None + self.loadbalancers = None + + def _get_common_args(self): + args = { + 'name': self.module.params.get('name'), + 'isolationmethods': self.module.params.get('isolation_method'), + 'broadcastdomainrange': self.module.params.get('broadcast_domain_range'), + 'networkspeed': self.module.params.get('network_speed'), + 'tags': self.module.params.get('tags'), + 'vlan': self.module.params.get('vlan'), + } + + state = self.module.params.get('state') + if state in ['enabled', 'disabled']: + args['state'] = state.capitalize() + return args + + def get_physical_network(self, key=None): + physical_network = self.module.params.get('name') + if self.physical_network: + return self._get_by_key(key, self.physical_network) + + args = { + 'zoneid': self.get_zone(key='id') + } + physical_networks = self.query_api('listPhysicalNetworks', **args) + if physical_networks: + for net in physical_networks['physicalnetwork']: + if physical_network.lower() in [net['name'].lower(), net['id']]: + self.physical_network = net + self.result['physical_network'] = net['name'] + break + + return self._get_by_key(key, self.physical_network) + + def get_nsp(self, name=None): + if not self.nsps: + args = { + 'physicalnetworkid': self.get_physical_network(key='id') + } + res = self.query_api('listNetworkServiceProviders', **args) + + self.nsps = res['networkserviceprovider'] + + names = [] + for nsp in self.nsps: + names.append(nsp['name']) + if nsp['name'].lower() == name.lower(): + return nsp + + self.module.fail_json(msg="Failed: '{0}' not in network service providers list '[{1}]'".format(name, names)) + + def update_nsp(self, name=None, state=None, service_list=None): + nsp = self.get_nsp(name) + if not service_list and nsp['state'] == state: + return nsp + + args = { + 'id': nsp['id'], + 'servicelist': service_list, + 'state': state + } + if not self.module.check_mode: + res = self.query_api('updateNetworkServiceProvider', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + nsp = self.poll_job(res, 'networkserviceprovider') + + self.result['changed'] = True + return nsp + + def get_vrouter_element(self, nsp_name='virtualrouter'): + nsp = self.get_nsp(nsp_name) + nspid = nsp['id'] + if self.vrouters is None: + self.vrouters = dict() + res = self.query_api('listVirtualRouterElements', ) + for vrouter in res['virtualrouterelement']: + self.vrouters[vrouter['nspid']] = vrouter + + if nspid not in self.vrouters: + self.module.fail_json(msg="Failed: No VirtualRouterElement found for nsp '%s'" % nsp_name) + + return self.vrouters[nspid] + + def get_loadbalancer_element(self, nsp_name='internallbvm'): + nsp = self.get_nsp(nsp_name) + nspid = nsp['id'] + if self.loadbalancers is None: + self.loadbalancers = dict() + res = self.query_api('listInternalLoadBalancerElements', ) + for loadbalancer in res['internalloadbalancerelement']: + self.loadbalancers[loadbalancer['nspid']] = loadbalancer + + if nspid not in self.loadbalancers: + self.module.fail_json(msg="Failed: No Loadbalancer found for nsp '%s'" % nsp_name) + + return self.loadbalancers[nspid] + + def set_vrouter_element_state(self, enabled, nsp_name='virtualrouter'): + vrouter = self.get_vrouter_element(nsp_name) + if vrouter['enabled'] == enabled: + return vrouter + + args = { + 'id': vrouter['id'], + 'enabled': enabled + } + if not self.module.check_mode: + res = self.query_api('configureVirtualRouterElement', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vrouter = self.poll_job(res, 'virtualrouterelement') + + self.result['changed'] = True + return vrouter + + def set_loadbalancer_element_state(self, enabled, nsp_name='internallbvm'): + loadbalancer = self.get_loadbalancer_element(nsp_name=nsp_name) + if loadbalancer['enabled'] == enabled: + return loadbalancer + + args = { + 'id': loadbalancer['id'], + 'enabled': enabled + } + if not self.module.check_mode: + res = self.query_api('configureInternalLoadBalancerElement', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + loadbalancer = self.poll_job(res, 'internalloadbalancerelement') + + self.result['changed'] = True + return loadbalancer + + def present_network(self): + network = self.get_physical_network() + if network: + network = self._update_network() + else: + network = self._create_network() + return network + + def _create_network(self): + self.result['changed'] = True + args = dict(zoneid=self.get_zone(key='id')) + args.update(self._get_common_args()) + if self.get_domain(key='id'): + args['domainid'] = self.get_domain(key='id') + + if not self.module.check_mode: + resource = self.query_api('createPhysicalNetwork', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.network = self.poll_job(resource, 'physicalnetwork') + + return self.network + + def _update_network(self): + network = self.get_physical_network() + + args = dict(id=network['id']) + args.update(self._get_common_args()) + + if self.has_changed(args, network): + self.result['changed'] = True + + if not self.module.check_mode: + resource = self.query_api('updatePhysicalNetwork', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.physical_network = self.poll_job(resource, 'physicalnetwork') + return self.physical_network + + def absent_network(self): + physical_network = self.get_physical_network() + if physical_network: + self.result['changed'] = True + args = { + 'id': physical_network['id'], + } + if not self.module.check_mode: + resource = self.query_api('deletePhysicalNetwork', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(resource, 'success') + + return physical_network + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True, aliases=['physical_network']), + zone=dict(), + domain=dict(), + vlan=dict(), + nsps_disabled=dict(type='list', elements='str'), + nsps_enabled=dict(type='list', elements='str'), + network_speed=dict(choices=['1G', '10G']), + broadcast_domain_range=dict(choices=['POD', 'ZONE']), + isolation_method=dict(choices=['VLAN', 'GRE', 'L3']), + state=dict(choices=['present', 'enabled', 'disabled', 'absent'], default='present'), + tags=dict(aliases=['tag']), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_network = AnsibleCloudStackPhysicalNetwork(module) + state = module.params.get('state') + nsps_disabled = module.params.get('nsps_disabled', []) + nsps_enabled = module.params.get('nsps_enabled', []) + + if state in ['absent']: + network = acs_network.absent_network() + else: + network = acs_network.present_network() + if nsps_disabled is not None: + for name in nsps_disabled: + acs_network.update_nsp(name=name, state='Disabled') + + if nsps_enabled is not None: + for nsp_name in nsps_enabled: + if nsp_name.lower() in ['virtualrouter', 'vpcvirtualrouter']: + acs_network.set_vrouter_element_state(enabled=True, nsp_name=nsp_name) + elif nsp_name.lower() == 'internallbvm': + acs_network.set_loadbalancer_element_state(enabled=True, nsp_name=nsp_name) + + acs_network.update_nsp(name=nsp_name, state='Enabled') + + result = acs_network.get_result(network) + + if nsps_enabled: + result['nsps_enabled'] = nsps_enabled + if nsps_disabled: + result['nsps_disabled'] = nsps_disabled + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_pod.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_pod.py new file mode 100644 index 00000000..90ab2ef5 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_pod.py @@ -0,0 +1,289 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_pod +short_description: Manages pods on Apache CloudStack based clouds. +description: + - Create, update, delete pods. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the pod. + type: str + required: true + id: + description: + - uuid of the existing pod. + type: str + start_ip: + description: + - Starting IP address for the Pod. + - Required on I(state=present) + type: str + end_ip: + description: + - Ending IP address for the Pod. + type: str + netmask: + description: + - Netmask for the Pod. + - Required on I(state=present) + type: str + gateway: + description: + - Gateway for the Pod. + - Required on I(state=present) + type: str + zone: + description: + - Name of the zone in which the pod belongs to. + - If not set, default zone is used. + type: str + state: + description: + - State of the pod. + type: str + default: present + choices: [ present, enabled, disabled, absent ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a pod is present + ngine_io.cloudstack.cs_pod: + name: pod1 + zone: ch-zrh-ix-01 + start_ip: 10.100.10.101 + gateway: 10.100.10.1 + netmask: 255.255.255.0 + +- name: Ensure a pod is disabled + ngine_io.cloudstack.cs_pod: + name: pod1 + zone: ch-zrh-ix-01 + state: disabled + +- name: Ensure a pod is enabled + ngine_io.cloudstack.cs_pod: + name: pod1 + zone: ch-zrh-ix-01 + state: enabled + +- name: Ensure a pod is absent + ngine_io.cloudstack.cs_pod: + name: pod1 + zone: ch-zrh-ix-01 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the pod. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the pod. + returned: success + type: str + sample: pod01 +start_ip: + description: Starting IP of the pod. + returned: success + type: str + sample: 10.100.1.101 +end_ip: + description: Ending IP of the pod. + returned: success + type: str + sample: 10.100.1.254 +netmask: + description: Netmask of the pod. + returned: success + type: str + sample: 255.255.255.0 +gateway: + description: Gateway of the pod. + returned: success + type: str + sample: 10.100.1.1 +allocation_state: + description: State of the pod. + returned: success + type: str + sample: Enabled +zone: + description: Name of zone the pod is in. + returned: success + type: str + sample: ch-gva-2 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackPod(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackPod, self).__init__(module) + self.returns = { + 'endip': 'end_ip', + 'startip': 'start_ip', + 'gateway': 'gateway', + 'netmask': 'netmask', + 'allocationstate': 'allocation_state', + } + self.pod = None + + def _get_common_pod_args(self): + args = { + 'name': self.module.params.get('name'), + 'zoneid': self.get_zone(key='id'), + 'startip': self.module.params.get('start_ip'), + 'endip': self.module.params.get('end_ip'), + 'netmask': self.module.params.get('netmask'), + 'gateway': self.module.params.get('gateway') + } + state = self.module.params.get('state') + if state in ['enabled', 'disabled']: + args['allocationstate'] = state.capitalize() + return args + + def get_pod(self): + if not self.pod: + args = { + 'zoneid': self.get_zone(key='id') + } + + uuid = self.module.params.get('id') + if uuid: + args['id'] = uuid + else: + args['name'] = self.module.params.get('name') + + pods = self.query_api('listPods', **args) + if pods: + for pod in pods['pod']: + if not args['name']: + self.pod = self._transform_ip_list(pod) + break + elif args['name'] == pod['name']: + self.pod = self._transform_ip_list(pod) + break + return self.pod + + def present_pod(self): + pod = self.get_pod() + if pod: + pod = self._update_pod() + else: + pod = self._create_pod() + return pod + + def _create_pod(self): + required_params = [ + 'start_ip', + 'netmask', + 'gateway', + ] + self.module.fail_on_missing_params(required_params=required_params) + + pod = None + self.result['changed'] = True + args = self._get_common_pod_args() + if not self.module.check_mode: + res = self.query_api('createPod', **args) + pod = res['pod'] + return pod + + def _update_pod(self): + pod = self.get_pod() + args = self._get_common_pod_args() + args['id'] = pod['id'] + + if self.has_changed(args, pod): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updatePod', **args) + pod = res['pod'] + return pod + + def absent_pod(self): + pod = self.get_pod() + if pod: + self.result['changed'] = True + + args = { + 'id': pod['id'] + } + if not self.module.check_mode: + self.query_api('deletePod', **args) + return pod + + def _transform_ip_list(self, resource): + """ Workaround for 4.11 return API break """ + keys = ['endip', 'startip'] + if resource: + for key in keys: + if key in resource and isinstance(resource[key], list): + resource[key] = resource[key][0] + return resource + + def get_result(self, pod): + pod = self._transform_ip_list(pod) + super(AnsibleCloudStackPod, self).get_result(pod) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + id=dict(), + name=dict(required=True), + gateway=dict(), + netmask=dict(), + start_ip=dict(), + end_ip=dict(), + zone=dict(), + state=dict(choices=['present', 'enabled', 'disabled', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_pod = AnsibleCloudStackPod(module) + state = module.params.get('state') + if state in ['absent']: + pod = acs_pod.absent_pod() + else: + pod = acs_pod.present_pod() + + result = acs_pod.get_result(pod) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py new file mode 100644 index 00000000..3c80ccbb --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py @@ -0,0 +1,398 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_portforward +short_description: Manages port forwarding rules on Apache CloudStack based clouds. +description: + - Create, update and remove port forwarding rules. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + ip_address: + description: + - Public IP address the rule is assigned to. + type: str + required: true + vm: + description: + - Name of virtual machine which we make the port forwarding rule for. + - Required if I(state=present). + type: str + state: + description: + - State of the port forwarding rule. + type: str + default: present + choices: [ present, absent ] + protocol: + description: + - Protocol of the port forwarding rule. + type: str + default: tcp + choices: [ tcp, udp ] + public_port: + description: + - Start public port for this rule. + type: int + required: true + public_end_port: + description: + - End public port for this rule. + - If not specified equal I(public_port). + type: int + private_port: + description: + - Start private port for this rule. + type: int + required: true + private_end_port: + description: + - End private port for this rule. + - If not specified equal I(private_port). + type: int + open_firewall: + description: + - Whether the firewall rule for public port should be created, while creating the new rule. + - Not supported when forwarding ports in a VPC. + - Use M(cs_firewall) for managing firewall rules. + default: no + type: bool + vm_guest_ip: + description: + - VM guest NIC secondary IP address for the port forwarding rule. + type: str + network: + description: + - Name of the network. Required when forwarding ports in a VPC. + type: str + vpc: + description: + - Name of the VPC. + type: str + domain: + description: + - Domain the I(vm) is related to. + type: str + account: + description: + - Account the I(vm) is related to. + type: str + project: + description: + - Name of the project the I(vm) is located in. + type: str + zone: + description: + - Name of the zone in which the virtual machine is in. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: 1.2.3.4:80 -> web01:8080 + ngine_io.cloudstack.cs_portforward: + ip_address: 1.2.3.4 + vm: web01 + public_port: 80 + private_port: 8080 + +- name: forward SSH and open firewall + ngine_io.cloudstack.cs_portforward: + ip_address: '{{ public_ip }}' + vm: '{{ inventory_hostname }}' + public_port: '{{ ansible_ssh_port }}' + private_port: 22 + open_firewall: true + +- name: forward DNS traffic, but do not open firewall + ngine_io.cloudstack.cs_portforward: + ip_address: 1.2.3.4 + vm: '{{ inventory_hostname }}' + public_port: 53 + private_port: 53 + protocol: udp + +- name: remove ssh port forwarding + ngine_io.cloudstack.cs_portforward: + ip_address: 1.2.3.4 + public_port: 22 + private_port: 22 + state: absent + +- name: forward SSH in backend tier of VPC + ngine_io.cloudstack.cs_portforward: + ip_address: '{{ public_ip }}' + vm: '{{ inventory_hostname }}' + public_port: '{{ ansible_ssh_port }}' + private_port: 22 + vpc: myVPC + network: backend +''' + +RETURN = ''' +--- +id: + description: UUID of the public IP address. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +ip_address: + description: Public IP address. + returned: success + type: str + sample: 1.2.3.4 +protocol: + description: Protocol. + returned: success + type: str + sample: tcp +private_port: + description: Start port on the virtual machine's IP address. + returned: success + type: int + sample: 80 +private_end_port: + description: End port on the virtual machine's IP address. + returned: success + type: int + sample: 80 +public_port: + description: Start port on the public IP address. + returned: success + type: int + sample: 80 +public_end_port: + description: End port on the public IP address. + returned: success + type: int + sample: 80 +tags: + description: Tags related to the port forwarding. + returned: success + type: list + sample: [] +vm_name: + description: Name of the virtual machine. + returned: success + type: str + sample: web-01 +vm_display_name: + description: Display name of the virtual machine. + returned: success + type: str + sample: web-01 +vm_guest_ip: + description: IP of the virtual machine. + returned: success + type: str + sample: 10.101.65.152 +vpc: + description: Name of the VPC. + returned: success + type: str + sample: my_vpc +network: + description: Name of the network. + returned: success + type: str + sample: dmz +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec, cs_required_together + + +class AnsibleCloudStackPortforwarding(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackPortforwarding, self).__init__(module) + self.returns = { + 'virtualmachinedisplayname': 'vm_display_name', + 'virtualmachinename': 'vm_name', + 'ipaddress': 'ip_address', + 'vmguestip': 'vm_guest_ip', + 'publicip': 'public_ip', + 'protocol': 'protocol', + } + # these values will be casted to int + self.returns_to_int = { + 'publicport': 'public_port', + 'publicendport': 'public_end_port', + 'privateport': 'private_port', + 'privateendport': 'private_end_port', + } + self.portforwarding_rule = None + + def get_portforwarding_rule(self): + if not self.portforwarding_rule: + protocol = self.module.params.get('protocol') + public_port = self.module.params.get('public_port') + + args = { + 'ipaddressid': self.get_ip_address(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + } + portforwarding_rules = self.query_api('listPortForwardingRules', **args) + + if portforwarding_rules and 'portforwardingrule' in portforwarding_rules: + for rule in portforwarding_rules['portforwardingrule']: + if (protocol == rule['protocol'] and + public_port == int(rule['publicport'])): + self.portforwarding_rule = rule + break + return self.portforwarding_rule + + def present_portforwarding_rule(self): + portforwarding_rule = self.get_portforwarding_rule() + if portforwarding_rule: + portforwarding_rule = self.update_portforwarding_rule(portforwarding_rule) + else: + portforwarding_rule = self.create_portforwarding_rule() + + if portforwarding_rule: + portforwarding_rule = self.ensure_tags(resource=portforwarding_rule, resource_type='PortForwardingRule') + self.portforwarding_rule = portforwarding_rule + + return portforwarding_rule + + def create_portforwarding_rule(self): + args = { + 'protocol': self.module.params.get('protocol'), + 'publicport': self.module.params.get('public_port'), + 'publicendport': self.get_or_fallback('public_end_port', 'public_port'), + 'privateport': self.module.params.get('private_port'), + 'privateendport': self.get_or_fallback('private_end_port', 'private_port'), + 'openfirewall': self.module.params.get('open_firewall'), + 'vmguestip': self.get_vm_guest_ip(), + 'ipaddressid': self.get_ip_address(key='id'), + 'virtualmachineid': self.get_vm(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'networkid': self.get_network(key='id'), + } + + portforwarding_rule = None + self.result['changed'] = True + if not self.module.check_mode: + portforwarding_rule = self.query_api('createPortForwardingRule', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + portforwarding_rule = self.poll_job(portforwarding_rule, 'portforwardingrule') + return portforwarding_rule + + def update_portforwarding_rule(self, portforwarding_rule): + args = { + 'protocol': self.module.params.get('protocol'), + 'publicport': self.module.params.get('public_port'), + 'publicendport': self.get_or_fallback('public_end_port', 'public_port'), + 'privateport': self.module.params.get('private_port'), + 'privateendport': self.get_or_fallback('private_end_port', 'private_port'), + 'vmguestip': self.get_vm_guest_ip(), + 'ipaddressid': self.get_ip_address(key='id'), + 'virtualmachineid': self.get_vm(key='id'), + 'networkid': self.get_network(key='id'), + } + + if self.has_changed(args, portforwarding_rule): + self.result['changed'] = True + if not self.module.check_mode: + # API broken in 4.2.1?, workaround using remove/create instead of update + # portforwarding_rule = self.query_api('updatePortForwardingRule', **args) + self.absent_portforwarding_rule() + portforwarding_rule = self.query_api('createPortForwardingRule', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + portforwarding_rule = self.poll_job(portforwarding_rule, 'portforwardingrule') + return portforwarding_rule + + def absent_portforwarding_rule(self): + portforwarding_rule = self.get_portforwarding_rule() + + if portforwarding_rule: + self.result['changed'] = True + args = { + 'id': portforwarding_rule['id'], + } + if not self.module.check_mode: + res = self.query_api('deletePortForwardingRule', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'portforwardingrule') + return portforwarding_rule + + def get_result(self, portforwarding_rule): + super(AnsibleCloudStackPortforwarding, self).get_result(portforwarding_rule) + if portforwarding_rule: + for search_key, return_key in self.returns_to_int.items(): + if search_key in portforwarding_rule: + self.result[return_key] = int(portforwarding_rule[search_key]) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + ip_address=dict(required=True), + protocol=dict(choices=['tcp', 'udp'], default='tcp'), + public_port=dict(type='int', required=True), + public_end_port=dict(type='int'), + private_port=dict(type='int', required=True), + private_end_port=dict(type='int'), + state=dict(choices=['present', 'absent'], default='present'), + open_firewall=dict(type='bool', default=False), + vm_guest_ip=dict(), + vm=dict(), + vpc=dict(), + network=dict(), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_pf = AnsibleCloudStackPortforwarding(module) + state = module.params.get('state') + if state in ['absent']: + pf_rule = acs_pf.absent_portforwarding_rule() + else: + pf_rule = acs_pf.present_portforwarding_rule() + + result = acs_pf.get_result(pf_rule) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_project.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_project.py new file mode 100644 index 00000000..c52444ed --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_project.py @@ -0,0 +1,271 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_project +short_description: Manages projects on Apache CloudStack based clouds. +description: + - Create, update, suspend, activate and remove projects. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the project. + type: str + required: true + display_text: + description: + - Display text of the project. + - If not specified, I(name) will be used as I(display_text). + type: str + state: + description: + - State of the project. + type: str + default: present + choices: [ present, absent, active, suspended ] + domain: + description: + - Domain the project is related to. + type: str + account: + description: + - Account the project is related to. + type: str + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "If you want to delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a project + ngine_io.cloudstack.cs_project: + name: web + tags: + - { key: admin, value: john } + - { key: foo, value: bar } + +- name: Rename a project + ngine_io.cloudstack.cs_project: + name: web + display_text: my web project + +- name: Suspend an existing project + ngine_io.cloudstack.cs_project: + name: web + state: suspended + +- name: Activate an existing project + ngine_io.cloudstack.cs_project: + name: web + state: active + +- name: Remove a project + ngine_io.cloudstack.cs_project: + name: web + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the project. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the project. + returned: success + type: str + sample: web project +display_text: + description: Display text of the project. + returned: success + type: str + sample: web project +state: + description: State of the project. + returned: success + type: str + sample: Active +domain: + description: Domain the project is related to. + returned: success + type: str + sample: example domain +account: + description: Account the project is related to. + returned: success + type: str + sample: example account +tags: + description: List of resource tags associated with the project. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackProject(AnsibleCloudStack): + + def get_project(self): + if not self.project: + project = self.module.params.get('name') + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'fetch_list': True, + } + projects = self.query_api('listProjects', **args) + if projects: + for p in projects: + if project.lower() in [p['name'].lower(), p['id']]: + self.project = p + break + return self.project + + def present_project(self): + project = self.get_project() + if not project: + project = self.create_project(project) + else: + project = self.update_project(project) + if project: + project = self.ensure_tags(resource=project, resource_type='project') + # refresh resource + self.project = project + return project + + def update_project(self, project): + args = { + 'id': project['id'], + 'displaytext': self.get_or_fallback('display_text', 'name') + } + if self.has_changed(args, project): + self.result['changed'] = True + if not self.module.check_mode: + project = self.query_api('updateProject', **args) + + poll_async = self.module.params.get('poll_async') + if project and poll_async: + project = self.poll_job(project, 'project') + return project + + def create_project(self, project): + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'account': self.get_account('name'), + 'domainid': self.get_domain('id') + } + if not self.module.check_mode: + project = self.query_api('createProject', **args) + + poll_async = self.module.params.get('poll_async') + if project and poll_async: + project = self.poll_job(project, 'project') + return project + + def state_project(self, state='active'): + project = self.present_project() + + if project['state'].lower() != state: + self.result['changed'] = True + + args = { + 'id': project['id'] + } + if not self.module.check_mode: + if state == 'suspended': + project = self.query_api('suspendProject', **args) + else: + project = self.query_api('activateProject', **args) + + poll_async = self.module.params.get('poll_async') + if project and poll_async: + project = self.poll_job(project, 'project') + return project + + def absent_project(self): + project = self.get_project() + if project: + self.result['changed'] = True + + args = { + 'id': project['id'] + } + if not self.module.check_mode: + res = self.query_api('deleteProject', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + res = self.poll_job(res, 'project') + return project + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + state=dict(choices=['present', 'absent', 'active', 'suspended'], default='present'), + domain=dict(), + account=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_project = AnsibleCloudStackProject(module) + + state = module.params.get('state') + if state in ['absent']: + project = acs_project.absent_project() + + elif state in ['active', 'suspended']: + project = acs_project.state_project(state=state) + + else: + project = acs_project.present_project() + + result = acs_project.get_result(project) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_region.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_region.py new file mode 100644 index 00000000..327f7c1e --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_region.py @@ -0,0 +1,187 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_region +short_description: Manages regions on Apache CloudStack based clouds. +description: + - Add, update and remove regions. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + id: + description: + - ID of the region. + - Must be an number (int). + type: int + required: true + name: + description: + - Name of the region. + - Required if I(state=present) + type: str + endpoint: + description: + - Endpoint URL of the region. + - Required if I(state=present) + type: str + state: + description: + - State of the region. + type: str + default: present + choices: [ present, absent ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a region + ngine_io.cloudstack.cs_region: + id: 2 + name: geneva + endpoint: https://cloud.gva.example.com + +- name: remove a region with ID 2 + ngine_io.cloudstack.cs_region: + id: 2 + state: absent +''' + +RETURN = ''' +--- +id: + description: ID of the region. + returned: success + type: int + sample: 1 +name: + description: Name of the region. + returned: success + type: str + sample: local +endpoint: + description: Endpoint of the region. + returned: success + type: str + sample: http://cloud.example.com +gslb_service_enabled: + description: Whether the GSLB service is enabled or not. + returned: success + type: bool + sample: true +portable_ip_service_enabled: + description: Whether the portable IP service is enabled or not. + returned: success + type: bool + sample: true +''' + + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackRegion(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackRegion, self).__init__(module) + self.returns = { + 'endpoint': 'endpoint', + 'gslbserviceenabled': 'gslb_service_enabled', + 'portableipserviceenabled': 'portable_ip_service_enabled', + } + + def get_region(self): + id = self.module.params.get('id') + regions = self.query_api('listRegions', id=id) + if regions: + return regions['region'][0] + return None + + def present_region(self): + region = self.get_region() + if not region: + region = self._create_region(region=region) + else: + region = self._update_region(region=region) + return region + + def _create_region(self, region): + self.result['changed'] = True + args = { + 'id': self.module.params.get('id'), + 'name': self.module.params.get('name'), + 'endpoint': self.module.params.get('endpoint') + } + if not self.module.check_mode: + res = self.query_api('addRegion', **args) + region = res['region'] + return region + + def _update_region(self, region): + args = { + 'id': self.module.params.get('id'), + 'name': self.module.params.get('name'), + 'endpoint': self.module.params.get('endpoint') + } + if self.has_changed(args, region): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateRegion', **args) + region = res['region'] + return region + + def absent_region(self): + region = self.get_region() + if region: + self.result['changed'] = True + if not self.module.check_mode: + self.query_api('removeRegion', id=region['id']) + return region + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + id=dict(required=True, type='int'), + name=dict(), + endpoint=dict(), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + required_if=[ + ('state', 'present', ['name', 'endpoint']), + ], + supports_check_mode=True + ) + + acs_region = AnsibleCloudStackRegion(module) + + state = module.params.get('state') + if state == 'absent': + region = acs_region.absent_region() + else: + region = acs_region.present_region() + + result = acs_region.get_result(region) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_resourcelimit.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_resourcelimit.py new file mode 100644 index 00000000..fdca3bdd --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_resourcelimit.py @@ -0,0 +1,202 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_resourcelimit +short_description: Manages resource limits on Apache CloudStack based clouds. +description: + - Manage limits of resources for domains, accounts and projects. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + resource_type: + description: + - Type of the resource. + type: str + required: true + choices: + - instance + - ip_address + - volume + - snapshot + - template + - network + - vpc + - cpu + - memory + - primary_storage + - secondary_storage + aliases: [ type ] + limit: + description: + - Maximum number of the resource. + - Default is unlimited C(-1). + type: int + default: -1 + aliases: [ max ] + domain: + description: + - Domain the resource is related to. + type: str + account: + description: + - Account the resource is related to. + type: str + project: + description: + - Name of the project the resource is related to. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Update a resource limit for instances of a domain + ngine_io.cloudstack.cs_resourcelimit: + type: instance + limit: 10 + domain: customers + +- name: Update a resource limit for instances of an account + ngine_io.cloudstack.cs_resourcelimit: + type: instance + limit: 12 + account: moserre + domain: customers +''' + +RETURN = ''' +--- +recource_type: + description: Type of the resource + returned: success + type: str + sample: instance +limit: + description: Maximum number of the resource. + returned: success + type: int + sample: -1 +domain: + description: Domain the resource is related to. + returned: success + type: str + sample: example domain +account: + description: Account the resource is related to. + returned: success + type: str + sample: example account +project: + description: Project the resource is related to. + returned: success + type: str + sample: example project +''' + +# import cloudstack common +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_required_together, + cs_argument_spec +) + + +RESOURCE_TYPES = { + 'instance': 0, + 'ip_address': 1, + 'volume': 2, + 'snapshot': 3, + 'template': 4, + 'network': 6, + 'vpc': 7, + 'cpu': 8, + 'memory': 9, + 'primary_storage': 10, + 'secondary_storage': 11, +} + + +class AnsibleCloudStackResourceLimit(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackResourceLimit, self).__init__(module) + self.returns = { + 'max': 'limit', + } + + def get_resource_type(self): + resource_type = self.module.params.get('resource_type') + return RESOURCE_TYPES.get(resource_type) + + def get_resource_limit(self): + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'resourcetype': self.get_resource_type() + } + resource_limit = self.query_api('listResourceLimits', **args) + if resource_limit: + if 'limit' in resource_limit['resourcelimit'][0]: + resource_limit['resourcelimit'][0]['limit'] = int(resource_limit['resourcelimit'][0]) + return resource_limit['resourcelimit'][0] + self.module.fail_json(msg="Resource limit type '%s' not found." % self.module.params.get('resource_type')) + + def update_resource_limit(self): + resource_limit = self.get_resource_limit() + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'resourcetype': self.get_resource_type(), + 'max': self.module.params.get('limit', -1) + } + + if self.has_changed(args, resource_limit): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateResourceLimit', **args) + resource_limit = res['resourcelimit'] + return resource_limit + + def get_result(self, resource_limit): + self.result = super(AnsibleCloudStackResourceLimit, self).get_result(resource_limit) + self.result['resource_type'] = self.module.params.get('resource_type') + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + resource_type=dict(required=True, choices=list(RESOURCE_TYPES.keys()), aliases=['type']), + limit=dict(default=-1, aliases=['max'], type='int'), + domain=dict(), + account=dict(), + project=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_resource_limit = AnsibleCloudStackResourceLimit(module) + resource_limit = acs_resource_limit.update_resource_limit() + result = acs_resource_limit.get_result(resource_limit) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role.py new file mode 100644 index 00000000..01f23479 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role.py @@ -0,0 +1,205 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_role +short_description: Manages user roles on Apache CloudStack based clouds. +description: + - Create, update, delete user roles. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the role. + type: str + required: true + uuid: + description: + - ID of the role. + - If provided, I(uuid) is used as key. + type: str + aliases: [ id ] + role_type: + description: + - Type of the role. + - Only considered for creation. + type: str + default: User + choices: [ User, DomainAdmin, ResourceAdmin, Admin ] + description: + description: + - Description of the role. + type: str + state: + description: + - State of the role. + type: str + default: present + choices: [ present, absent ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure an user role is present + ngine_io.cloudstack.cs_role: + name: myrole_user + +- name: Ensure a role having particular ID is named as myrole_user + ngine_io.cloudstack.cs_role: + name: myrole_user + id: 04589590-ac63-4ffc-93f5-b698b8ac38b6 + +- name: Ensure a role is absent + ngine_io.cloudstack.cs_role: + name: myrole_user + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the role. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the role. + returned: success + type: str + sample: myrole +description: + description: Description of the role. + returned: success + type: str + sample: "This is my role description" +role_type: + description: Type of the role. + returned: success + type: str + sample: User +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackRole(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackRole, self).__init__(module) + self.returns = { + 'type': 'role_type', + } + + def get_role(self): + uuid = self.module.params.get('uuid') + if uuid: + args = { + 'id': uuid, + } + roles = self.query_api('listRoles', **args) + if roles: + return roles['role'][0] + else: + args = { + 'name': self.module.params.get('name'), + } + roles = self.query_api('listRoles', **args) + if roles: + return roles['role'][0] + return None + + def present_role(self): + role = self.get_role() + if role: + role = self._update_role(role) + else: + role = self._create_role(role) + return role + + def _create_role(self, role): + self.result['changed'] = True + args = { + 'name': self.module.params.get('name'), + 'type': self.module.params.get('role_type'), + 'description': self.module.params.get('description'), + } + if not self.module.check_mode: + res = self.query_api('createRole', **args) + role = res['role'] + return role + + def _update_role(self, role): + args = { + 'id': role['id'], + 'name': self.module.params.get('name'), + 'description': self.module.params.get('description'), + } + if self.has_changed(args, role): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateRole', **args) + + # The API as in 4.9 does not return an updated role yet + if 'role' not in res: + role = self.get_role() + else: + role = res['role'] + return role + + def absent_role(self): + role = self.get_role() + if role: + self.result['changed'] = True + args = { + 'id': role['id'], + } + if not self.module.check_mode: + self.query_api('deleteRole', **args) + return role + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + uuid=dict(aliases=['id']), + name=dict(required=True), + description=dict(), + role_type=dict(choices=['User', 'DomainAdmin', 'ResourceAdmin', 'Admin'], default='User'), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_role = AnsibleCloudStackRole(module) + state = module.params.get('state') + if state == 'absent': + role = acs_role.absent_role() + else: + role = acs_role.present_role() + + result = acs_role.get_result(role) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role_permission.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role_permission.py new file mode 100644 index 00000000..8755f158 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_role_permission.py @@ -0,0 +1,345 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, David Passante (@dpassante) +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_role_permission +short_description: Manages role permissions on Apache CloudStack based clouds. +description: + - Create, update and remove CloudStack role permissions. + - Managing role permissions only supported in CloudStack >= 4.9. +author: David Passante (@dpassante) +version_added: 0.1.0 +options: + name: + description: + - The API name of the permission. + type: str + required: true + role: + description: + - Name or ID of the role. + type: str + required: true + permission: + description: + - The rule permission, allow or deny. Defaulted to deny. + type: str + choices: [ allow, deny ] + default: deny + state: + description: + - State of the role permission. + type: str + choices: [ present, absent ] + default: present + description: + description: + - The description of the role permission. + type: str + parent: + description: + - The parent role permission uuid. use 0 to move this rule at the top of the list. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a role permission + ngine_io.cloudstack.cs_role_permission: + role: My_Custom_role + name: createVPC + permission: allow + description: My comments + +- name: Remove a role permission + ngine_io.cloudstack.cs_role_permission: + state: absent + role: My_Custom_role + name: createVPC + +- name: Update a system role permission + ngine_io.cloudstack.cs_role_permission: + role: Domain Admin + name: createVPC + permission: deny + +- name: Update rules order. Move the rule at the top of list + ngine_io.cloudstack.cs_role_permission: + role: Domain Admin + name: createVPC + parent: 0 +''' + +RETURN = ''' +--- +id: + description: The ID of the role permission. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: The API name of the permission. + returned: success + type: str + sample: createVPC +permission: + description: The permission type of the api name. + returned: success + type: str + sample: allow +role_id: + description: The ID of the role to which the role permission belongs. + returned: success + type: str + sample: c6f7a5fc-43f8-11e5-a151-feff819cdc7f +description: + description: The description of the role permission + returned: success + type: str + sample: Deny createVPC for users +''' + +from distutils.version import LooseVersion + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackRolePermission(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackRolePermission, self).__init__(module) + cloudstack_min_version = LooseVersion('4.9.2') + + self.returns = { + 'id': 'id', + 'roleid': 'role_id', + 'rule': 'name', + 'permission': 'permission', + 'description': 'description', + } + self.role_permission = None + + self.cloudstack_version = self._cloudstack_ver() + + if self.cloudstack_version < cloudstack_min_version: + self.fail_json(msg="This module requires CloudStack >= %s." % cloudstack_min_version) + + def _cloudstack_ver(self): + capabilities = self.get_capabilities() + return LooseVersion(capabilities['cloudstackversion']) + + def _get_role_id(self): + role = self.module.params.get('role') + if not role: + return None + + res = self.query_api('listRoles') + roles = res['role'] + if roles: + for r in roles: + if role in [r['name'], r['id']]: + return r['id'] + self.fail_json(msg="Role '%s' not found" % role) + + def _get_role_perm(self): + role_permission = self.role_permission + + args = { + 'roleid': self._get_role_id(), + } + + rp = self.query_api('listRolePermissions', **args) + + if rp: + role_permission = rp['rolepermission'] + + return role_permission + + def _get_rule(self, rule=None): + if not rule: + rule = self.module.params.get('name') + + if self._get_role_perm(): + for _rule in self._get_role_perm(): + if rule == _rule['rule'] or rule == _rule['id']: + return _rule + + return None + + def _get_rule_order(self): + perms = self._get_role_perm() + rules = [] + + if perms: + for i, rule in enumerate(perms): + rules.append(rule['id']) + + return rules + + def replace_rule(self): + old_rule = self._get_rule() + + if old_rule: + rules_order = self._get_rule_order() + old_pos = rules_order.index(old_rule['id']) + + self.remove_role_perm() + + new_rule = self.create_role_perm() + + if new_rule: + perm_order = self.order_permissions(int(old_pos - 1), new_rule['id']) + + return perm_order + + return None + + def order_permissions(self, parent, rule_id): + rules = self._get_rule_order() + + if isinstance(parent, int): + parent_pos = parent + elif parent == '0': + parent_pos = -1 + else: + parent_rule = self._get_rule(parent) + if not parent_rule: + self.fail_json(msg="Parent rule '%s' not found" % parent) + + parent_pos = rules.index(parent_rule['id']) + + r_id = rules.pop(rules.index(rule_id)) + + rules.insert((parent_pos + 1), r_id) + rules = ','.join(map(str, rules)) + + return rules + + def create_or_update_role_perm(self): + role_permission = self._get_rule() + + if not role_permission: + role_permission = self.create_role_perm() + else: + role_permission = self.update_role_perm(role_permission) + + return role_permission + + def create_role_perm(self): + role_permission = None + + self.result['changed'] = True + + args = { + 'rule': self.module.params.get('name'), + 'description': self.module.params.get('description'), + 'roleid': self._get_role_id(), + 'permission': self.module.params.get('permission'), + } + + if not self.module.check_mode: + res = self.query_api('createRolePermission', **args) + role_permission = res['rolepermission'] + + return role_permission + + def update_role_perm(self, role_perm): + perm_order = None + + if not self.module.params.get('parent'): + args = { + 'ruleid': role_perm['id'], + 'roleid': role_perm['roleid'], + 'permission': self.module.params.get('permission'), + } + + if self.has_changed(args, role_perm, only_keys=['permission']): + self.result['changed'] = True + + if not self.module.check_mode: + if self.cloudstack_version >= LooseVersion('4.11.0'): + self.query_api('updateRolePermission', **args) + role_perm = self._get_rule() + else: + perm_order = self.replace_rule() + else: + perm_order = self.order_permissions(self.module.params.get('parent'), role_perm['id']) + + if perm_order: + args = { + 'roleid': role_perm['roleid'], + 'ruleorder': perm_order, + } + + self.result['changed'] = True + + if not self.module.check_mode: + self.query_api('updateRolePermission', **args) + role_perm = self._get_rule() + + return role_perm + + def remove_role_perm(self): + role_permission = self._get_rule() + + if role_permission: + self.result['changed'] = True + + args = { + 'id': role_permission['id'], + } + + if not self.module.check_mode: + self.query_api('deleteRolePermission', **args) + + return role_permission + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + role=dict(required=True), + name=dict(required=True), + permission=dict(choices=['allow', 'deny'], default='deny'), + description=dict(), + state=dict(choices=['present', 'absent'], default='present'), + parent=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['permission', 'parent'], + ), + supports_check_mode=True + ) + + acs_role_perm = AnsibleCloudStackRolePermission(module) + + state = module.params.get('state') + if state in ['absent']: + role_permission = acs_role_perm.remove_role_perm() + else: + role_permission = acs_role_perm.create_or_update_role_perm() + + result = acs_role_perm.get_result(role_permission) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_router.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_router.py new file mode 100644 index 00000000..e14a7609 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_router.py @@ -0,0 +1,368 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_router +short_description: Manages routers on Apache CloudStack based clouds. +description: + - Start, restart, stop and destroy routers. + - I(state=present) is not able to create routers, use M(cs_network) instead. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the router. + type: str + required: true + service_offering: + description: + - Name or id of the service offering of the router. + type: str + domain: + description: + - Domain the router is related to. + type: str + account: + description: + - Account the router is related to. + type: str + project: + description: + - Name of the project the router is related to. + type: str + zone: + description: + - Name of the zone the router is deployed in. + - If not set, all zones are used. + type: str + state: + description: + - State of the router. + type: str + default: present + choices: [ present, absent, started, stopped, restarted ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +# Ensure the router has the desired service offering, no matter if +# the router is running or not. +- name: Present router + ngine_io.cloudstack.cs_router: + name: r-40-VM + service_offering: System Offering for Software Router + +- name: Ensure started + ngine_io.cloudstack.cs_router: + name: r-40-VM + state: started + +# Ensure started with desired service offering. +# If the service offerings changes, router will be rebooted. +- name: Ensure started with desired service offering + ngine_io.cloudstack.cs_router: + name: r-40-VM + service_offering: System Offering for Software Router + state: started + +- name: Ensure stopped + ngine_io.cloudstack.cs_router: + name: r-40-VM + state: stopped + +- name: Remove a router + ngine_io.cloudstack.cs_router: + name: r-40-VM + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the router. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the router. + returned: success + type: str + sample: r-40-VM +created: + description: Date of the router was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +template_version: + description: Version of the system VM template. + returned: success + type: str + sample: 4.5.1 +requires_upgrade: + description: Whether the router needs to be upgraded to the new template. + returned: success + type: bool + sample: false +redundant_state: + description: Redundant state of the router. + returned: success + type: str + sample: UNKNOWN +role: + description: Role of the router. + returned: success + type: str + sample: VIRTUAL_ROUTER +zone: + description: Name of zone the router is in. + returned: success + type: str + sample: ch-gva-2 +service_offering: + description: Name of the service offering the router has. + returned: success + type: str + sample: System Offering For Software Router +state: + description: State of the router. + returned: success + type: str + sample: Active +domain: + description: Domain the router is related to. + returned: success + type: str + sample: ROOT +account: + description: Account the router is related to. + returned: success + type: str + sample: admin +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackRouter(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackRouter, self).__init__(module) + self.returns = { + 'serviceofferingname': 'service_offering', + 'version': 'template_version', + 'requiresupgrade': 'requires_upgrade', + 'redundantstate': 'redundant_state', + 'role': 'role' + } + self.router = None + + def get_service_offering_id(self): + service_offering = self.module.params.get('service_offering') + if not service_offering: + return None + + args = { + 'issystem': True + } + + service_offerings = self.query_api('listServiceOfferings', **args) + if service_offerings: + for s in service_offerings['serviceoffering']: + if service_offering in [s['name'], s['id']]: + return s['id'] + self.module.fail_json(msg="Service offering '%s' not found" % service_offering) + + def get_router(self): + if not self.router: + router = self.module.params.get('name') + + args = { + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'listall': True, + 'fetch_list': True, + } + + if self.module.params.get('zone'): + args['zoneid'] = self.get_zone(key='id') + + routers = self.query_api('listRouters', **args) + if routers: + for r in routers: + if router.lower() in [r['name'].lower(), r['id']]: + self.router = r + break + return self.router + + def start_router(self): + router = self.get_router() + if not router: + self.module.fail_json(msg="Router not found") + + if router['state'].lower() != "running": + self.result['changed'] = True + + args = { + 'id': router['id'], + } + + if not self.module.check_mode: + res = self.query_api('startRouter', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + router = self.poll_job(res, 'router') + return router + + def stop_router(self): + router = self.get_router() + if not router: + self.module.fail_json(msg="Router not found") + + if router['state'].lower() != "stopped": + self.result['changed'] = True + + args = { + 'id': router['id'], + } + + if not self.module.check_mode: + res = self.query_api('stopRouter', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + router = self.poll_job(res, 'router') + return router + + def reboot_router(self): + router = self.get_router() + if not router: + self.module.fail_json(msg="Router not found") + + self.result['changed'] = True + + args = { + 'id': router['id'], + } + + if not self.module.check_mode: + res = self.query_api('rebootRouter', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + router = self.poll_job(res, 'router') + return router + + def absent_router(self): + router = self.get_router() + if router: + self.result['changed'] = True + + args = { + 'id': router['id'], + } + + if not self.module.check_mode: + res = self.query_api('destroyRouter', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'router') + return router + + def present_router(self): + router = self.get_router() + if not router: + self.module.fail_json(msg="Router can not be created using the API, see cs_network.") + + args = { + 'id': router['id'], + 'serviceofferingid': self.get_service_offering_id(), + } + + state = self.module.params.get('state') + + if self.has_changed(args, router): + self.result['changed'] = True + + if not self.module.check_mode: + current_state = router['state'].lower() + + self.stop_router() + router = self.query_api('changeServiceForRouter', **args) + + if state in ['restarted', 'started']: + router = self.start_router() + + # if state=present we get to the state before the service + # offering change. + elif state == "present" and current_state == "running": + router = self.start_router() + + elif state == "started": + router = self.start_router() + + elif state == "stopped": + router = self.stop_router() + + elif state == "restarted": + router = self.reboot_router() + + return router + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + service_offering=dict(), + state=dict(choices=['present', 'started', 'stopped', 'restarted', 'absent'], default="present"), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_router = AnsibleCloudStackRouter(module) + + state = module.params.get('state') + if state in ['absent']: + router = acs_router.absent_router() + else: + router = acs_router.present_router() + + result = acs_router.get_result(router) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup.py new file mode 100644 index 00000000..5d8ba2b9 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup.py @@ -0,0 +1,193 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_securitygroup +short_description: Manages security groups on Apache CloudStack based clouds. +description: + - Create and remove security groups. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the security group. + type: str + required: true + description: + description: + - Description of the security group. + type: str + state: + description: + - State of the security group. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the security group is related to. + type: str + account: + description: + - Account the security group is related to. + type: str + project: + description: + - Name of the project the security group to be created in. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a security group + ngine_io.cloudstack.cs_securitygroup: + name: default + description: default security group + +- name: remove a security group + ngine_io.cloudstack.cs_securitygroup: + name: default + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the security group. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: Name of security group. + returned: success + type: str + sample: app +description: + description: Description of security group. + returned: success + type: str + sample: application security group +tags: + description: List of resource tags associated with the security group. + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +project: + description: Name of project the security group is related to. + returned: success + type: str + sample: Production +domain: + description: Domain the security group is related to. + returned: success + type: str + sample: example domain +account: + description: Account the security group is related to. + returned: success + type: str + sample: example account +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec, cs_required_together + + +class AnsibleCloudStackSecurityGroup(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackSecurityGroup, self).__init__(module) + self.security_group = None + + def get_security_group(self): + if not self.security_group: + + args = { + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'securitygroupname': self.module.params.get('name'), + } + sgs = self.query_api('listSecurityGroups', **args) + if sgs: + self.security_group = sgs['securitygroup'][0] + return self.security_group + + def create_security_group(self): + security_group = self.get_security_group() + if not security_group: + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'description': self.module.params.get('description'), + } + + if not self.module.check_mode: + res = self.query_api('createSecurityGroup', **args) + security_group = res['securitygroup'] + + return security_group + + def remove_security_group(self): + security_group = self.get_security_group() + if security_group: + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + } + + if not self.module.check_mode: + self.query_api('deleteSecurityGroup', **args) + + return security_group + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + description=dict(), + state=dict(choices=['present', 'absent'], default='present'), + project=dict(), + account=dict(), + domain=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_sg = AnsibleCloudStackSecurityGroup(module) + + state = module.params.get('state') + if state in ['absent']: + sg = acs_sg.remove_security_group() + else: + sg = acs_sg.create_security_group() + + result = acs_sg.get_result(sg) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup_rule.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup_rule.py new file mode 100644 index 00000000..2bd269e8 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_securitygroup_rule.py @@ -0,0 +1,379 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_securitygroup_rule +short_description: Manages security group rules on Apache CloudStack based clouds. +description: + - Add and remove security group rules. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + security_group: + description: + - Name of the security group the rule is related to. The security group must be existing. + type: str + required: true + state: + description: + - State of the security group rule. + type: str + default: present + choices: [ present, absent ] + protocol: + description: + - Protocol of the security group rule. + type: str + default: tcp + choices: [ tcp, udp, icmp, ah, esp, gre ] + type: + description: + - Ingress or egress security group rule. + type: str + default: ingress + choices: [ ingress, egress ] + cidr: + description: + - CIDR (full notation) to be used for security group rule. + type: str + default: 0.0.0.0/0 + user_security_group: + description: + - Security group this rule is based of. + type: str + start_port: + description: + - Start port for this rule. Required if I(protocol=tcp) or I(protocol=udp). + type: int + aliases: [ port ] + end_port: + description: + - End port for this rule. Required if I(protocol=tcp) or I(protocol=udp), but I(start_port) will be used if not set. + type: int + icmp_type: + description: + - Type of the icmp message being sent. Required if I(protocol=icmp). + type: int + icmp_code: + description: + - Error code for this icmp message. Required if I(protocol=icmp). + type: int + project: + description: + - Name of the project the security group to be created in. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +--- +- name: allow inbound port 80/tcp from 1.2.3.4 added to security group 'default' + ngine_io.cloudstack.cs_securitygroup_rule: + security_group: default + port: 80 + cidr: 1.2.3.4/32 + +- name: allow tcp/udp outbound added to security group 'default' + ngine_io.cloudstack.cs_securitygroup_rule: + security_group: default + type: egress + start_port: 1 + end_port: 65535 + protocol: '{{ item }}' + with_items: + - tcp + - udp + +- name: allow inbound icmp from 0.0.0.0/0 added to security group 'default' + ngine_io.cloudstack.cs_securitygroup_rule: + security_group: default + protocol: icmp + icmp_code: -1 + icmp_type: -1 + +- name: remove rule inbound port 80/tcp from 0.0.0.0/0 from security group 'default' + ngine_io.cloudstack.cs_securitygroup_rule: + security_group: default + port: 80 + state: absent + +- name: allow inbound port 80/tcp from security group web added to security group 'default' + ngine_io.cloudstack.cs_securitygroup_rule: + security_group: default + port: 80 + user_security_group: web +''' + +RETURN = ''' +--- +id: + description: UUID of the of the rule. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +security_group: + description: security group of the rule. + returned: success + type: str + sample: default +type: + description: type of the rule. + returned: success + type: str + sample: ingress +cidr: + description: CIDR of the rule. + returned: success and cidr is defined + type: str + sample: 0.0.0.0/0 +user_security_group: + description: user security group of the rule. + returned: success and user_security_group is defined + type: str + sample: default +protocol: + description: protocol of the rule. + returned: success + type: str + sample: tcp +start_port: + description: start port of the rule. + returned: success + type: int + sample: 80 +end_port: + description: end port of the rule. + returned: success + type: int + sample: 80 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec, cs_required_together + + +class AnsibleCloudStackSecurityGroupRule(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackSecurityGroupRule, self).__init__(module) + self.returns = { + 'icmptype': 'icmp_type', + 'icmpcode': 'icmp_code', + 'endport': 'end_port', + 'startport': 'start_port', + 'protocol': 'protocol', + 'cidr': 'cidr', + 'securitygroupname': 'user_security_group', + } + + def _tcp_udp_match(self, rule, protocol, start_port, end_port): + return (protocol in ['tcp', 'udp'] and + protocol == rule['protocol'] and + start_port == int(rule['startport']) and + end_port == int(rule['endport'])) + + def _icmp_match(self, rule, protocol, icmp_code, icmp_type): + return (protocol == 'icmp' and + protocol == rule['protocol'] and + icmp_code == int(rule['icmpcode']) and + icmp_type == int(rule['icmptype'])) + + def _ah_esp_gre_match(self, rule, protocol): + return (protocol in ['ah', 'esp', 'gre'] and + protocol == rule['protocol']) + + def _type_security_group_match(self, rule, security_group_name): + return (security_group_name and + 'securitygroupname' in rule and + security_group_name == rule['securitygroupname']) + + def _type_cidr_match(self, rule, cidr): + return ('cidr' in rule and + cidr == rule['cidr']) + + def _get_rule(self, rules): + user_security_group_name = self.module.params.get('user_security_group') + cidr = self.module.params.get('cidr') + protocol = self.module.params.get('protocol') + start_port = self.module.params.get('start_port') + end_port = self.get_or_fallback('end_port', 'start_port') + icmp_code = self.module.params.get('icmp_code') + icmp_type = self.module.params.get('icmp_type') + + if protocol in ['tcp', 'udp'] and (start_port is None or end_port is None): + self.module.fail_json(msg="no start_port or end_port set for protocol '%s'" % protocol) + + if protocol == 'icmp' and (icmp_type is None or icmp_code is None): + self.module.fail_json(msg="no icmp_type or icmp_code set for protocol '%s'" % protocol) + + for rule in rules: + if user_security_group_name: + type_match = self._type_security_group_match(rule, user_security_group_name) + else: + type_match = self._type_cidr_match(rule, cidr) + + protocol_match = (self._tcp_udp_match(rule, protocol, start_port, end_port) or + self._icmp_match(rule, protocol, icmp_code, icmp_type) or + self._ah_esp_gre_match(rule, protocol)) + + if type_match and protocol_match: + return rule + return None + + def get_security_group(self, security_group_name=None): + if not security_group_name: + security_group_name = self.module.params.get('security_group') + args = { + 'securitygroupname': security_group_name, + 'projectid': self.get_project('id'), + } + sgs = self.query_api('listSecurityGroups', **args) + if not sgs or 'securitygroup' not in sgs: + self.module.fail_json(msg="security group '%s' not found" % security_group_name) + return sgs['securitygroup'][0] + + def add_rule(self): + security_group = self.get_security_group() + + args = {} + user_security_group_name = self.module.params.get('user_security_group') + + # the user_security_group and cidr are mutually_exclusive, but cidr is defaulted to 0.0.0.0/0. + # that is why we ignore if we have a user_security_group. + if user_security_group_name: + args['usersecuritygrouplist'] = [] + user_security_group = self.get_security_group(user_security_group_name) + args['usersecuritygrouplist'].append({ + 'group': user_security_group['name'], + 'account': user_security_group['account'], + }) + else: + args['cidrlist'] = self.module.params.get('cidr') + + args['protocol'] = self.module.params.get('protocol') + args['startport'] = self.module.params.get('start_port') + args['endport'] = self.get_or_fallback('end_port', 'start_port') + args['icmptype'] = self.module.params.get('icmp_type') + args['icmpcode'] = self.module.params.get('icmp_code') + args['projectid'] = self.get_project('id') + args['securitygroupid'] = security_group['id'] + + rule = None + res = None + sg_type = self.module.params.get('type') + if sg_type == 'ingress': + if 'ingressrule' in security_group: + rule = self._get_rule(security_group['ingressrule']) + if not rule: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('authorizeSecurityGroupIngress', **args) + + elif sg_type == 'egress': + if 'egressrule' in security_group: + rule = self._get_rule(security_group['egressrule']) + if not rule: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('authorizeSecurityGroupEgress', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + security_group = self.poll_job(res, 'securitygroup') + key = sg_type + "rule" # ingressrule / egressrule + if key in security_group: + rule = security_group[key][0] + return rule + + def remove_rule(self): + security_group = self.get_security_group() + rule = None + res = None + sg_type = self.module.params.get('type') + if sg_type == 'ingress': + rule = self._get_rule(security_group['ingressrule']) + if rule: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('revokeSecurityGroupIngress', id=rule['ruleid']) + + elif sg_type == 'egress': + rule = self._get_rule(security_group['egressrule']) + if rule: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('revokeSecurityGroupEgress', id=rule['ruleid']) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + res = self.poll_job(res, 'securitygroup') + return rule + + def get_result(self, security_group_rule): + super(AnsibleCloudStackSecurityGroupRule, self).get_result(security_group_rule) + self.result['type'] = self.module.params.get('type') + self.result['security_group'] = self.module.params.get('security_group') + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + security_group=dict(required=True), + type=dict(choices=['ingress', 'egress'], default='ingress'), + cidr=dict(default='0.0.0.0/0'), + user_security_group=dict(), + protocol=dict(choices=['tcp', 'udp', 'icmp', 'ah', 'esp', 'gre'], default='tcp'), + icmp_type=dict(type='int'), + icmp_code=dict(type='int'), + start_port=dict(type='int', aliases=['port']), + end_port=dict(type='int'), + state=dict(choices=['present', 'absent'], default='present'), + project=dict(), + poll_async=dict(type='bool', default=True), + )) + required_together = cs_required_together() + required_together.extend([ + ['icmp_type', 'icmp_code'], + ]) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=required_together, + mutually_exclusive=( + ['icmp_type', 'start_port'], + ['icmp_type', 'end_port'], + ['icmp_code', 'start_port'], + ['icmp_code', 'end_port'], + ), + supports_check_mode=True + ) + + acs_sg_rule = AnsibleCloudStackSecurityGroupRule(module) + + state = module.params.get('state') + if state in ['absent']: + sg_rule = acs_sg_rule.remove_rule() + else: + sg_rule = acs_sg_rule.add_rule() + + result = acs_sg_rule.get_result(sg_rule) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_service_offering.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_service_offering.py new file mode 100644 index 00000000..8d17d521 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_service_offering.py @@ -0,0 +1,574 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import (absolute_import, division, print_function) +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_service_offering +description: + - Create and delete service offerings for guest and system VMs. + - Update display_text of existing service offering. +short_description: Manages service offerings on Apache CloudStack based clouds. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + disk_bytes_read_rate: + description: + - Bytes read rate of the disk offering. + type: int + aliases: [ bytes_read_rate ] + disk_bytes_write_rate: + description: + - Bytes write rate of the disk offering. + type: int + aliases: [ bytes_write_rate ] + cpu_number: + description: + - The number of CPUs of the service offering. + type: int + cpu_speed: + description: + - The CPU speed of the service offering in MHz. + type: int + limit_cpu_usage: + description: + - Restrict the CPU usage to committed service offering. + type: bool + deployment_planner: + description: + - The deployment planner heuristics used to deploy a VM of this offering. + - If not set, the value of global config I(vm.deployment.planner) is used. + type: str + display_text: + description: + - Display text of the service offering. + - If not set, I(name) will be used as I(display_text) while creating. + type: str + domain: + description: + - Domain the service offering is related to. + - Public for all domains and subdomains if not set. + type: str + host_tags: + description: + - The host tags for this service offering. + type: list + elements: str + aliases: + - host_tag + hypervisor_snapshot_reserve: + description: + - Hypervisor snapshot reserve space as a percent of a volume. + - Only for managed storage using Xen or VMware. + type: int + is_iops_customized: + description: + - Whether compute offering iops is custom or not. + type: bool + aliases: [ disk_iops_customized ] + disk_iops_read_rate: + description: + - IO requests read rate of the disk offering. + type: int + disk_iops_write_rate: + description: + - IO requests write rate of the disk offering. + type: int + disk_iops_max: + description: + - Max. iops of the compute offering. + type: int + disk_iops_min: + description: + - Min. iops of the compute offering. + type: int + is_system: + description: + - Whether it is a system VM offering or not. + type: bool + default: no + is_volatile: + description: + - Whether the virtual machine needs to be volatile or not. + - Every reboot of VM the root disk is detached then destroyed and a fresh root disk is created and attached to VM. + type: bool + memory: + description: + - The total memory of the service offering in MB. + type: int + name: + description: + - Name of the service offering. + type: str + required: true + network_rate: + description: + - Data transfer rate in Mb/s allowed. + - Supported only for non-system offering and system offerings having I(system_vm_type=domainrouter). + type: int + offer_ha: + description: + - Whether HA is set for the service offering. + type: bool + provisioning_type: + description: + - Provisioning type used to create volumes. + type: str + choices: + - thin + - sparse + - fat + service_offering_details: + description: + - Details for planner, used to store specific parameters. + - A list of dictionaries having keys C(key) and C(value). + type: list + elements: dict + state: + description: + - State of the service offering. + type: str + choices: + - present + - absent + default: present + storage_type: + description: + - The storage type of the service offering. + type: str + choices: + - local + - shared + system_vm_type: + description: + - The system VM type. + - Required if I(is_system=yes). + type: str + choices: + - domainrouter + - consoleproxy + - secondarystoragevm + storage_tags: + description: + - The storage tags for this service offering. + type: list + elements: str + aliases: + - storage_tag + is_customized: + description: + - Whether the offering is customizable or not. + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a non-volatile compute service offering with local storage + ngine_io.cloudstack.cs_service_offering: + name: Micro + display_text: Micro 512mb 1cpu + cpu_number: 1 + cpu_speed: 2198 + memory: 512 + host_tags: eco + storage_type: local + +- name: Create a volatile compute service offering with shared storage + ngine_io.cloudstack.cs_service_offering: + name: Tiny + display_text: Tiny 1gb 1cpu + cpu_number: 1 + cpu_speed: 2198 + memory: 1024 + storage_type: shared + is_volatile: yes + host_tags: eco + storage_tags: eco + +- name: Create or update a volatile compute service offering with shared storage + ngine_io.cloudstack.cs_service_offering: + name: Tiny + display_text: Tiny 1gb 1cpu + cpu_number: 1 + cpu_speed: 2198 + memory: 1024 + storage_type: shared + is_volatile: yes + host_tags: eco + storage_tags: eco + +- name: Create or update a custom compute service offering + ngine_io.cloudstack.cs_service_offering: + name: custom + display_text: custom compute offer + is_customized: yes + storage_type: shared + host_tags: eco + storage_tags: eco + +- name: Remove a compute service offering + ngine_io.cloudstack.cs_service_offering: + name: Tiny + state: absent + +- name: Create or update a system offering for the console proxy + ngine_io.cloudstack.cs_service_offering: + name: System Offering for Console Proxy 2GB + display_text: System Offering for Console Proxy 2GB RAM + is_system: yes + system_vm_type: consoleproxy + cpu_number: 1 + cpu_speed: 2198 + memory: 2048 + storage_type: shared + storage_tags: perf + +- name: Remove a system offering + ngine_io.cloudstack.cs_service_offering: + name: System Offering for Console Proxy 2GB + is_system: yes + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the service offering + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +cpu_number: + description: Number of CPUs in the service offering + returned: success + type: int + sample: 4 +cpu_speed: + description: Speed of CPUs in MHz in the service offering + returned: success + type: int + sample: 2198 +disk_iops_max: + description: Max iops of the disk offering + returned: success + type: int + sample: 1000 +disk_iops_min: + description: Min iops of the disk offering + returned: success + type: int + sample: 500 +disk_bytes_read_rate: + description: Bytes read rate of the service offering + returned: success + type: int + sample: 1000 +disk_bytes_write_rate: + description: Bytes write rate of the service offering + returned: success + type: int + sample: 1000 +disk_iops_read_rate: + description: IO requests per second read rate of the service offering + returned: success + type: int + sample: 1000 +disk_iops_write_rate: + description: IO requests per second write rate of the service offering + returned: success + type: int + sample: 1000 +created: + description: Date the offering was created + returned: success + type: str + sample: 2017-11-19T10:48:59+0000 +display_text: + description: Display text of the offering + returned: success + type: str + sample: Micro 512mb 1cpu +domain: + description: Domain the offering is into + returned: success + type: str + sample: ROOT +host_tags: + description: List of host tags + returned: success + type: list + sample: [ 'eco' ] +storage_tags: + description: List of storage tags + returned: success + type: list + sample: [ 'eco' ] +is_system: + description: Whether the offering is for system VMs or not + returned: success + type: bool + sample: false +is_iops_customized: + description: Whether the offering uses custom IOPS or not + returned: success + type: bool + sample: false +is_volatile: + description: Whether the offering is volatile or not + returned: success + type: bool + sample: false +limit_cpu_usage: + description: Whether the CPU usage is restricted to committed service offering + returned: success + type: bool + sample: false +memory: + description: Memory of the system offering + returned: success + type: int + sample: 512 +name: + description: Name of the system offering + returned: success + type: str + sample: Micro +offer_ha: + description: Whether HA support is enabled in the offering or not + returned: success + type: bool + sample: false +provisioning_type: + description: Provisioning type used to create volumes + returned: success + type: str + sample: thin +storage_type: + description: Storage type used to create volumes + returned: success + type: str + sample: shared +system_vm_type: + description: System VM type of this offering + returned: success + type: str + sample: consoleproxy +service_offering_details: + description: Additioanl service offering details + returned: success + type: dict + sample: "{'vgpuType': 'GRID K180Q','pciDevice':'Group of NVIDIA Corporation GK107GL [GRID K1] GPUs'}" +network_rate: + description: Data transfer rate in megabits per second allowed + returned: success + type: int + sample: 1000 +is_customized: + description: Whether the offering is customizable or not + returned: success + type: bool + sample: false +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackServiceOffering(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackServiceOffering, self).__init__(module) + self.returns = { + 'cpunumber': 'cpu_number', + 'cpuspeed': 'cpu_speed', + 'deploymentplanner': 'deployment_planner', + 'diskBytesReadRate': 'disk_bytes_read_rate', + 'diskBytesWriteRate': 'disk_bytes_write_rate', + 'diskIopsReadRate': 'disk_iops_read_rate', + 'diskIopsWriteRate': 'disk_iops_write_rate', + 'maxiops': 'disk_iops_max', + 'miniops': 'disk_iops_min', + 'hypervisorsnapshotreserve': 'hypervisor_snapshot_reserve', + 'iscustomized': 'is_customized', + 'iscustomizediops': 'is_iops_customized', + 'issystem': 'is_system', + 'isvolatile': 'is_volatile', + 'limitcpuuse': 'limit_cpu_usage', + 'memory': 'memory', + 'networkrate': 'network_rate', + 'offerha': 'offer_ha', + 'provisioningtype': 'provisioning_type', + 'serviceofferingdetails': 'service_offering_details', + 'storagetype': 'storage_type', + 'systemvmtype': 'system_vm_type', + 'tags': 'storage_tags', + } + + def get_service_offering(self): + args = { + 'name': self.module.params.get('name'), + 'domainid': self.get_domain(key='id'), + 'issystem': self.module.params.get('is_system'), + 'systemvmtype': self.module.params.get('system_vm_type'), + } + service_offerings = self.query_api('listServiceOfferings', **args) + if service_offerings: + return service_offerings['serviceoffering'][0] + + def present_service_offering(self): + service_offering = self.get_service_offering() + if not service_offering: + service_offering = self._create_offering(service_offering) + else: + service_offering = self._update_offering(service_offering) + + return service_offering + + def absent_service_offering(self): + service_offering = self.get_service_offering() + if service_offering: + self.result['changed'] = True + if not self.module.check_mode: + args = { + 'id': service_offering['id'], + } + self.query_api('deleteServiceOffering', **args) + return service_offering + + def _create_offering(self, service_offering): + self.result['changed'] = True + + system_vm_type = self.module.params.get('system_vm_type') + is_system = self.module.params.get('is_system') + + required_params = [] + if is_system and not system_vm_type: + required_params.append('system_vm_type') + self.module.fail_on_missing_params(required_params=required_params) + + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'bytesreadrate': self.module.params.get('disk_bytes_read_rate'), + 'byteswriterate': self.module.params.get('disk_bytes_write_rate'), + 'cpunumber': self.module.params.get('cpu_number'), + 'cpuspeed': self.module.params.get('cpu_speed'), + 'customizediops': self.module.params.get('is_iops_customized'), + 'deploymentplanner': self.module.params.get('deployment_planner'), + 'domainid': self.get_domain(key='id'), + 'hosttags': self.module.params.get('host_tags'), + 'hypervisorsnapshotreserve': self.module.params.get('hypervisor_snapshot_reserve'), + 'iopsreadrate': self.module.params.get('disk_iops_read_rate'), + 'iopswriterate': self.module.params.get('disk_iops_write_rate'), + 'maxiops': self.module.params.get('disk_iops_max'), + 'miniops': self.module.params.get('disk_iops_min'), + 'issystem': is_system, + 'isvolatile': self.module.params.get('is_volatile'), + 'memory': self.module.params.get('memory'), + 'networkrate': self.module.params.get('network_rate'), + 'offerha': self.module.params.get('offer_ha'), + 'provisioningtype': self.module.params.get('provisioning_type'), + 'serviceofferingdetails': self.module.params.get('service_offering_details'), + 'storagetype': self.module.params.get('storage_type'), + 'systemvmtype': system_vm_type, + 'tags': self.module.params.get('storage_tags'), + 'limitcpuuse': self.module.params.get('limit_cpu_usage'), + 'customized': self.module.params.get('is_customized') + } + if not self.module.check_mode: + res = self.query_api('createServiceOffering', **args) + service_offering = res['serviceoffering'] + return service_offering + + def _update_offering(self, service_offering): + args = { + 'id': service_offering['id'], + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + } + if self.has_changed(args, service_offering): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateServiceOffering', **args) + service_offering = res['serviceoffering'] + return service_offering + + def get_result(self, service_offering): + super(AnsibleCloudStackServiceOffering, self).get_result(service_offering) + if service_offering: + if 'hosttags' in service_offering: + self.result['host_tags'] = service_offering['hosttags'].split(',') or [service_offering['hosttags']] + + # Prevent confusion, the api returns a tags key for storage tags. + if 'tags' in service_offering: + self.result['storage_tags'] = service_offering['tags'].split(',') or [service_offering['tags']] + if 'tags' in self.result: + del self.result['tags'] + + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + cpu_number=dict(type='int'), + cpu_speed=dict(type='int'), + limit_cpu_usage=dict(type='bool'), + deployment_planner=dict(), + domain=dict(), + host_tags=dict(type='list', elements='str', aliases=['host_tag']), + hypervisor_snapshot_reserve=dict(type='int'), + disk_bytes_read_rate=dict(type='int', aliases=['bytes_read_rate']), + disk_bytes_write_rate=dict(type='int', aliases=['bytes_write_rate']), + disk_iops_read_rate=dict(type='int'), + disk_iops_write_rate=dict(type='int'), + disk_iops_max=dict(type='int'), + disk_iops_min=dict(type='int'), + is_system=dict(type='bool', default=False), + is_volatile=dict(type='bool'), + is_iops_customized=dict(type='bool', aliases=['disk_iops_customized']), + memory=dict(type='int'), + network_rate=dict(type='int'), + offer_ha=dict(type='bool'), + provisioning_type=dict(choices=['thin', 'sparse', 'fat']), + service_offering_details=dict(type='list', elements='dict'), + storage_type=dict(choices=['local', 'shared']), + system_vm_type=dict(choices=['domainrouter', 'consoleproxy', 'secondarystoragevm']), + storage_tags=dict(type='list', elements='str', aliases=['storage_tag']), + state=dict(choices=['present', 'absent'], default='present'), + is_customized=dict(type='bool'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_so = AnsibleCloudStackServiceOffering(module) + + state = module.params.get('state') + if state == "absent": + service_offering = acs_so.absent_service_offering() + else: + service_offering = acs_so.present_service_offering() + + result = acs_so.get_result(service_offering) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_snapshot_policy.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_snapshot_policy.py new file mode 100644 index 00000000..bd11f367 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_snapshot_policy.py @@ -0,0 +1,349 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_snapshot_policy +short_description: Manages volume snapshot policies on Apache CloudStack based clouds. +description: + - Create, update and delete volume snapshot policies. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + volume: + description: + - Name of the volume. + - Either I(volume) or I(vm) is required. + type: str + volume_type: + description: + - Type of the volume. + type: str + choices: + - DATADISK + - ROOT + vm: + description: + - Name of the instance to select the volume from. + - Use I(volume_type) if VM has a DATADISK and ROOT volume. + - In case of I(volume_type=DATADISK), additionally use I(device_id) if VM has more than one DATADISK volume. + - Either I(volume) or I(vm) is required. + type: str + device_id: + description: + - ID of the device on a VM the volume is attached to. + - This will only be considered if VM has multiple DATADISK volumes. + type: int + vpc: + description: + - Name of the vpc the instance is deployed in. + type: str + interval_type: + description: + - Interval of the snapshot. + type: str + default: daily + choices: [ hourly, daily, weekly, monthly ] + aliases: [ interval ] + max_snaps: + description: + - Max number of snapshots. + type: int + default: 8 + aliases: [ max ] + schedule: + description: + - Time the snapshot is scheduled. Required if I(state=present). + - 'Format for I(interval_type=HOURLY): C(MM)' + - 'Format for I(interval_type=DAILY): C(MM:HH)' + - 'Format for I(interval_type=WEEKLY): C(MM:HH:DD (1-7))' + - 'Format for I(interval_type=MONTHLY): C(MM:HH:DD (1-28))' + type: str + time_zone: + description: + - Specifies a timezone for this command. + type: str + default: UTC + aliases: [ timezone ] + state: + description: + - State of the snapshot policy. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the volume is related to. + type: str + account: + description: + - Account the volume is related to. + type: str + project: + description: + - Name of the project the volume is related to. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: ensure a snapshot policy daily at 1h00 UTC + ngine_io.cloudstack.cs_snapshot_policy: + volume: ROOT-478 + schedule: '00:1' + max_snaps: 3 + +- name: ensure a snapshot policy daily at 1h00 UTC on the second DATADISK of VM web-01 + ngine_io.cloudstack.cs_snapshot_policy: + vm: web-01 + volume_type: DATADISK + device_id: 2 + schedule: '00:1' + max_snaps: 3 + +- name: ensure a snapshot policy hourly at minute 5 UTC + ngine_io.cloudstack.cs_snapshot_policy: + volume: ROOT-478 + schedule: '5' + interval_type: hourly + max_snaps: 1 + +- name: ensure a snapshot policy weekly on Sunday at 05h00, TZ Europe/Zurich + ngine_io.cloudstack.cs_snapshot_policy: + volume: ROOT-478 + schedule: '00:5:1' + interval_type: weekly + max_snaps: 1 + time_zone: 'Europe/Zurich' + +- name: ensure a snapshot policy is absent + ngine_io.cloudstack.cs_snapshot_policy: + volume: ROOT-478 + interval_type: hourly + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the snapshot policy. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +interval_type: + description: interval type of the snapshot policy. + returned: success + type: str + sample: daily +schedule: + description: schedule of the snapshot policy. + returned: success + type: str + sample: +max_snaps: + description: maximum number of snapshots retained. + returned: success + type: int + sample: 10 +time_zone: + description: the time zone of the snapshot policy. + returned: success + type: str + sample: Etc/UTC +volume: + description: the volume of the snapshot policy. + returned: success + type: str + sample: Etc/UTC +zone: + description: Name of zone the volume is related to. + returned: success + type: str + sample: ch-gva-2 +project: + description: Name of project the volume is related to. + returned: success + type: str + sample: Production +account: + description: Account the volume is related to. + returned: success + type: str + sample: example account +domain: + description: Domain the volume is related to. + returned: success + type: str + sample: example domain +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackSnapshotPolicy(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackSnapshotPolicy, self).__init__(module) + self.returns = { + 'schedule': 'schedule', + 'timezone': 'time_zone', + 'maxsnaps': 'max_snaps', + } + self.interval_types = { + 'hourly': 0, + 'daily': 1, + 'weekly': 2, + 'monthly': 3, + } + self.volume = None + + def get_interval_type(self): + interval_type = self.module.params.get('interval_type') + return self.interval_types[interval_type] + + def get_volume(self, key=None): + if self.volume: + return self._get_by_key(key, self.volume) + + args = { + 'name': self.module.params.get('volume'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'virtualmachineid': self.get_vm(key='id', filter_zone=False), + 'type': self.module.params.get('volume_type'), + } + volumes = self.query_api('listVolumes', **args) + if volumes: + if volumes['count'] > 1: + device_id = self.module.params.get('device_id') + if not device_id: + self.module.fail_json(msg="Found more then 1 volume: combine params 'vm', 'volume_type', 'device_id' and/or 'volume' to select the volume") + else: + for v in volumes['volume']: + if v.get('deviceid') == device_id: + self.volume = v + return self._get_by_key(key, self.volume) + self.module.fail_json(msg="No volume found with device id %s" % device_id) + self.volume = volumes['volume'][0] + return self._get_by_key(key, self.volume) + return None + + def get_snapshot_policy(self): + args = { + 'volumeid': self.get_volume(key='id') + } + policies = self.query_api('listSnapshotPolicies', **args) + if policies: + for policy in policies['snapshotpolicy']: + if policy['intervaltype'] == self.get_interval_type(): + return policy + return None + + def present_snapshot_policy(self): + required_params = [ + 'schedule', + ] + self.module.fail_on_missing_params(required_params=required_params) + + policy = self.get_snapshot_policy() + args = { + 'id': policy.get('id') if policy else None, + 'intervaltype': self.module.params.get('interval_type'), + 'schedule': self.module.params.get('schedule'), + 'maxsnaps': self.module.params.get('max_snaps'), + 'timezone': self.module.params.get('time_zone'), + 'volumeid': self.get_volume(key='id') + } + if not policy or (policy and self.has_changed(policy, args, only_keys=['schedule', 'maxsnaps', 'timezone'])): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('createSnapshotPolicy', **args) + policy = res['snapshotpolicy'] + return policy + + def absent_snapshot_policy(self): + policy = self.get_snapshot_policy() + if policy: + self.result['changed'] = True + args = { + 'id': policy['id'] + } + if not self.module.check_mode: + self.query_api('deleteSnapshotPolicies', **args) + return policy + + def get_result(self, policy): + super(AnsibleCloudStackSnapshotPolicy, self).get_result(policy) + if policy and 'intervaltype' in policy: + for key, value in self.interval_types.items(): + if value == policy['intervaltype']: + self.result['interval_type'] = key + break + volume = self.get_volume() + if volume: + volume_results = { + 'volume': volume.get('name'), + 'zone': volume.get('zonename'), + 'project': volume.get('project'), + 'account': volume.get('account'), + 'domain': volume.get('domain'), + } + self.result.update(volume_results) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + volume=dict(), + volume_type=dict(choices=['DATADISK', 'ROOT']), + vm=dict(), + device_id=dict(type='int'), + vpc=dict(), + interval_type=dict(default='daily', choices=['hourly', 'daily', 'weekly', 'monthly'], aliases=['interval']), + schedule=dict(), + time_zone=dict(default='UTC', aliases=['timezone']), + max_snaps=dict(type='int', default=8, aliases=['max']), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + required_one_of=( + ['vm', 'volume'], + ), + supports_check_mode=True + ) + + acs_snapshot_policy = AnsibleCloudStackSnapshotPolicy(module) + + state = module.params.get('state') + if state in ['absent']: + policy = acs_snapshot_policy.absent_snapshot_policy() + else: + policy = acs_snapshot_policy.present_snapshot_policy() + + result = acs_snapshot_policy.get_result(policy) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_sshkeypair.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_sshkeypair.py new file mode 100644 index 00000000..3e32171c --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_sshkeypair.py @@ -0,0 +1,261 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_sshkeypair +short_description: Manages SSH keys on Apache CloudStack based clouds. +description: + - Create, register and remove SSH keys. + - If no key was found and no public key was provided and a new SSH + private/public key pair will be created and the private key will be returned. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of public key. + type: str + required: true + domain: + description: + - Domain the public key is related to. + type: str + account: + description: + - Account the public key is related to. + type: str + project: + description: + - Name of the project the public key to be registered in. + type: str + state: + description: + - State of the public key. + type: str + default: present + choices: [ present, absent ] + public_key: + description: + - String of the public key. + type: str +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a new private / public key pair + ngine_io.cloudstack.cs_sshkeypair: + name: linus@example.com + register: key + +- debug: + msg: 'Private key is {{ key.private_key }}' + +- name: remove a public key by its name + ngine_io.cloudstack.cs_sshkeypair: + name: linus@example.com + state: absent + +- name: register your existing local public key + ngine_io.cloudstack.cs_sshkeypair: + name: linus@example.com + public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" +''' + +RETURN = ''' +--- +id: + description: UUID of the SSH public key. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: Name of the SSH public key. + returned: success + type: str + sample: linus@example.com +fingerprint: + description: Fingerprint of the SSH public key. + returned: success + type: str + sample: "86:5e:a3:e8:bd:95:7b:07:7c:c2:5c:f7:ad:8b:09:28" +private_key: + description: Private key of generated SSH keypair. + returned: changed + type: str + sample: "-----BEGIN RSA PRIVATE KEY-----\nMII...8tO\n-----END RSA PRIVATE KEY-----\n" +''' + +import traceback + +SSHPUBKEYS_IMP_ERR = None +try: + import sshpubkeys + HAS_LIB_SSHPUBKEYS = True +except ImportError: + SSHPUBKEYS_IMP_ERR = traceback.format_exc() + HAS_LIB_SSHPUBKEYS = False + +from ansible.module_utils.basic import AnsibleModule, missing_required_lib +from ansible.module_utils._text import to_native +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_required_together, + cs_argument_spec +) + + +class AnsibleCloudStackSshKey(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackSshKey, self).__init__(module) + self.returns = { + 'privatekey': 'private_key', + 'fingerprint': 'fingerprint', + } + self.ssh_key = None + + def register_ssh_key(self, public_key): + ssh_key = self.get_ssh_key() + args = self._get_common_args() + name = self.module.params.get('name') + + res = None + if not ssh_key: + self.result['changed'] = True + args['publickey'] = public_key + if not self.module.check_mode: + args['name'] = name + res = self.query_api('registerSSHKeyPair', **args) + else: + fingerprint = self._get_ssh_fingerprint(public_key) + if ssh_key['fingerprint'] != fingerprint: + self.result['changed'] = True + if not self.module.check_mode: + # delete the ssh key with matching name but wrong fingerprint + args['name'] = name + self.query_api('deleteSSHKeyPair', **args) + + elif ssh_key['name'].lower() != name.lower(): + self.result['changed'] = True + if not self.module.check_mode: + # delete the ssh key with matching fingerprint but wrong name + args['name'] = ssh_key['name'] + self.query_api('deleteSSHKeyPair', **args) + # First match for key retrievement will be the fingerprint. + # We need to make another lookup if there is a key with identical name. + self.ssh_key = None + ssh_key = self.get_ssh_key() + if ssh_key and ssh_key['fingerprint'] != fingerprint: + args['name'] = name + self.query_api('deleteSSHKeyPair', **args) + + if not self.module.check_mode and self.result['changed']: + args['publickey'] = public_key + args['name'] = name + res = self.query_api('registerSSHKeyPair', **args) + + if res and 'keypair' in res: + ssh_key = res['keypair'] + + return ssh_key + + def create_ssh_key(self): + ssh_key = self.get_ssh_key() + if not ssh_key: + self.result['changed'] = True + args = self._get_common_args() + args['name'] = self.module.params.get('name') + if not self.module.check_mode: + res = self.query_api('createSSHKeyPair', **args) + ssh_key = res['keypair'] + return ssh_key + + def remove_ssh_key(self, name=None): + ssh_key = self.get_ssh_key() + if ssh_key: + self.result['changed'] = True + args = self._get_common_args() + args['name'] = name or self.module.params.get('name') + if not self.module.check_mode: + self.query_api('deleteSSHKeyPair', **args) + return ssh_key + + def _get_common_args(self): + return { + 'domainid': self.get_domain('id'), + 'account': self.get_account('name'), + 'projectid': self.get_project('id') + } + + def get_ssh_key(self): + if not self.ssh_key: + public_key = self.module.params.get('public_key') + if public_key: + # Query by fingerprint of the public key + args_fingerprint = self._get_common_args() + args_fingerprint['fingerprint'] = self._get_ssh_fingerprint(public_key) + ssh_keys = self.query_api('listSSHKeyPairs', **args_fingerprint) + if ssh_keys and 'sshkeypair' in ssh_keys: + self.ssh_key = ssh_keys['sshkeypair'][0] + # When key has not been found by fingerprint, use the name + if not self.ssh_key: + args_name = self._get_common_args() + args_name['name'] = self.module.params.get('name') + ssh_keys = self.query_api('listSSHKeyPairs', **args_name) + if ssh_keys and 'sshkeypair' in ssh_keys: + self.ssh_key = ssh_keys['sshkeypair'][0] + return self.ssh_key + + def _get_ssh_fingerprint(self, public_key): + key = sshpubkeys.SSHKey(public_key) + if hasattr(key, 'hash_md5'): + return key.hash_md5().replace(to_native('MD5:'), to_native('')) + return key.hash() + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + public_key=dict(), + domain=dict(), + account=dict(), + project=dict(), + state=dict(choices=['present', 'absent'], default='present'), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + if not HAS_LIB_SSHPUBKEYS: + module.fail_json(msg=missing_required_lib("sshpubkeys"), exception=SSHPUBKEYS_IMP_ERR) + + acs_sshkey = AnsibleCloudStackSshKey(module) + state = module.params.get('state') + if state in ['absent']: + ssh_key = acs_sshkey.remove_ssh_key() + else: + public_key = module.params.get('public_key') + if public_key: + ssh_key = acs_sshkey.register_ssh_key(public_key) + else: + ssh_key = acs_sshkey.create_ssh_key() + + result = acs_sshkey.get_result(ssh_key) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_staticnat.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_staticnat.py new file mode 100644 index 00000000..5d223715 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_staticnat.py @@ -0,0 +1,249 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_staticnat +short_description: Manages static NATs on Apache CloudStack based clouds. +description: + - Create, update and remove static NATs. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + ip_address: + description: + - Public IP address the static NAT is assigned to. + type: str + required: true + vm: + description: + - Name of virtual machine which we make the static NAT for. + - Required if I(state=present). + type: str + vm_guest_ip: + description: + - VM guest NIC secondary IP address for the static NAT. + type: str + network: + description: + - Network the IP address is related to. + type: str + vpc: + description: + - VPC the network related to. + type: str + state: + description: + - State of the static NAT. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the static NAT is related to. + type: str + account: + description: + - Account the static NAT is related to. + type: str + project: + description: + - Name of the project the static NAT is related to. + type: str + zone: + description: + - Name of the zone in which the virtual machine is in. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a static NAT for IP 1.2.3.4 to web01 + ngine_io.cloudstack.cs_staticnat: + ip_address: 1.2.3.4 + vm: web01 + +- name: Remove a static NAT + ngine_io.cloudstack.cs_staticnat: + ip_address: 1.2.3.4 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the ip_address. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +ip_address: + description: Public IP address. + returned: success + type: str + sample: 1.2.3.4 +vm_name: + description: Name of the virtual machine. + returned: success + type: str + sample: web-01 +vm_display_name: + description: Display name of the virtual machine. + returned: success + type: str + sample: web-01 +vm_guest_ip: + description: IP of the virtual machine. + returned: success + type: str + sample: 10.101.65.152 +zone: + description: Name of zone the static NAT is related to. + returned: success + type: str + sample: ch-gva-2 +project: + description: Name of project the static NAT is related to. + returned: success + type: str + sample: Production +account: + description: Account the static NAT is related to. + returned: success + type: str + sample: example account +domain: + description: Domain the static NAT is related to. + returned: success + type: str + sample: example domain +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackStaticNat(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackStaticNat, self).__init__(module) + self.returns = { + 'virtualmachinedisplayname': 'vm_display_name', + 'virtualmachinename': 'vm_name', + 'ipaddress': 'ip_address', + 'vmipaddress': 'vm_guest_ip', + } + + def create_static_nat(self, ip_address): + self.result['changed'] = True + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'ipaddressid': ip_address['id'], + 'vmguestip': self.get_vm_guest_ip(), + 'networkid': self.get_network(key='id') + } + if not self.module.check_mode: + self.query_api('enableStaticNat', **args) + + # reset ip address and query new values + self.ip_address = None + ip_address = self.get_ip_address() + return ip_address + + def update_static_nat(self, ip_address): + args = { + 'virtualmachineid': self.get_vm(key='id'), + 'ipaddressid': ip_address['id'], + 'vmguestip': self.get_vm_guest_ip(), + 'networkid': self.get_network(key='id') + } + # make an alias, so we can use has_changed() + ip_address['vmguestip'] = ip_address['vmipaddress'] + if self.has_changed(args, ip_address, ['vmguestip', 'virtualmachineid']): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('disableStaticNat', ipaddressid=ip_address['id']) + self.poll_job(res, 'staticnat') + + self.query_api('enableStaticNat', **args) + + # reset ip address and query new values + self.ip_address = None + ip_address = self.get_ip_address() + return ip_address + + def present_static_nat(self): + ip_address = self.get_ip_address() + if not ip_address['isstaticnat']: + ip_address = self.create_static_nat(ip_address) + else: + ip_address = self.update_static_nat(ip_address) + return ip_address + + def absent_static_nat(self): + ip_address = self.get_ip_address() + if ip_address['isstaticnat']: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('disableStaticNat', ipaddressid=ip_address['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'staticnat') + return ip_address + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + ip_address=dict(required=True), + vm=dict(), + vm_guest_ip=dict(), + network=dict(), + vpc=dict(), + state=dict(choices=['present', 'absent'], default='present'), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_static_nat = AnsibleCloudStackStaticNat(module) + + state = module.params.get('state') + if state in ['absent']: + ip_address = acs_static_nat.absent_static_nat() + else: + ip_address = acs_static_nat.present_static_nat() + + result = acs_static_nat.get_result(ip_address) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_storage_pool.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_storage_pool.py new file mode 100644 index 00000000..e4034587 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_storage_pool.py @@ -0,0 +1,489 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, Netservers Ltd. <support@netservers.co.uk> +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_storage_pool +short_description: Manages Primary Storage Pools on Apache CloudStack based clouds. +description: + - Create, update, put into maintenance, disable, enable and remove storage pools. +author: + - Netservers Ltd. (@netservers) + - René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the storage pool. + type: str + required: true + zone: + description: + - Name of the zone in which the host should be deployed. + - If not set, default zone is used. + type: str + storage_url: + description: + - URL of the storage pool. + - Required if I(state=present). + type: str + pod: + description: + - Name of the pod. + type: str + cluster: + description: + - Name of the cluster. + type: str + scope: + description: + - The scope of the storage pool. + - Defaults to cluster when C(cluster) is provided, otherwise zone. + type: str + choices: [ cluster, zone ] + managed: + description: + - Whether the storage pool should be managed by CloudStack. + - Only considered on creation. + type: bool + hypervisor: + description: + - Required when creating a zone scoped pool. + - Possible values are C(KVM), C(VMware), C(BareMetal), C(XenServer), C(LXC), C(HyperV), C(UCS), C(OVM), C(Simulator). + type: str + storage_tags: + description: + - Tags associated with this storage pool. + type: list + elements: str + aliases: [ storage_tag ] + provider: + description: + - Name of the storage provider e.g. SolidFire, SolidFireShared, DefaultPrimary, CloudByte. + type: str + default: DefaultPrimary + capacity_bytes: + description: + - Bytes CloudStack can provision from this storage pool. + type: int + capacity_iops: + description: + - Bytes CloudStack can provision from this storage pool. + type: int + allocation_state: + description: + - Allocation state of the storage pool. + type: str + choices: [ enabled, disabled, maintenance ] + state: + description: + - State of the storage pool. + type: str + default: present + choices: [ present, absent ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: ensure a zone scoped storage_pool is present + ngine_io.cloudstack.cs_storage_pool: + zone: zone01 + storage_url: rbd://admin:SECRET@ceph-mons.domain/poolname + provider: DefaultPrimary + name: Ceph RBD + scope: zone + hypervisor: KVM + +- name: ensure a cluster scoped storage_pool is disabled + ngine_io.cloudstack.cs_storage_pool: + name: Ceph RBD + zone: zone01 + cluster: cluster01 + pod: pod01 + storage_url: rbd://admin:SECRET@ceph-the-mons.domain/poolname + provider: DefaultPrimary + scope: cluster + allocation_state: disabled + +- name: ensure a cluster scoped storage_pool is in maintenance + ngine_io.cloudstack.cs_storage_pool: + name: Ceph RBD + zone: zone01 + cluster: cluster01 + pod: pod01 + storage_url: rbd://admin:SECRET@ceph-the-mons.domain/poolname + provider: DefaultPrimary + scope: cluster + allocation_state: maintenance + +- name: ensure a storage_pool is absent + ngine_io.cloudstack.cs_storage_pool: + name: Ceph RBD + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the pool. + returned: success + type: str + sample: a3fca65a-7db1-4891-b97c-48806a978a96 +created: + description: Date of the pool was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +capacity_iops: + description: IOPS CloudStack can provision from this storage pool + returned: when available + type: int + sample: 60000 +zone: + description: The name of the zone. + returned: success + type: str + sample: Zone01 +cluster: + description: The name of the cluster. + returned: when scope is cluster + type: str + sample: Cluster01 +pod: + description: The name of the pod. + returned: when scope is cluster + type: str + sample: Cluster01 +disk_size_allocated: + description: The pool's currently allocated disk space. + returned: success + type: int + sample: 2443517624320 +disk_size_total: + description: The total size of the pool. + returned: success + type: int + sample: 3915055693824 +disk_size_used: + description: The pool's currently used disk size. + returned: success + type: int + sample: 1040862622180 +scope: + description: The scope of the storage pool. + returned: success + type: str + sample: cluster +hypervisor: + description: Hypervisor related to this storage pool. + returned: when available + type: str + sample: KVM +state: + description: The state of the storage pool as returned by the API. + returned: success + type: str + sample: Up +allocation_state: + description: The state of the storage pool. + returned: success + type: str + sample: enabled +path: + description: The storage pool path used in the storage_url. + returned: success + type: str + sample: poolname +overprovision_factor: + description: The overprovision factor of the storage pool. + returned: success + type: str + sample: 2.0 +suitable_for_migration: + description: Whether the storage pool is suitable to migrate a volume or not. + returned: success + type: bool + sample: false +storage_capabilities: + description: Capabilities of the storage pool. + returned: success + type: dict + sample: {"VOLUME_SNAPSHOT_QUIESCEVM": "false"} +storage_tags: + description: the tags for the storage pool. + returned: success + type: list + sample: ["perf", "ssd"] +''' + +# import cloudstack common +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackStoragePool(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackStoragePool, self).__init__(module) + self.returns = { + 'capacityiops': 'capacity_iops', + 'podname': 'pod', + 'clustername': 'cluster', + 'disksizeallocated': 'disk_size_allocated', + 'disksizetotal': 'disk_size_total', + 'disksizeused': 'disk_size_used', + 'scope': 'scope', + 'hypervisor': 'hypervisor', + 'type': 'type', + 'ip_address': 'ipaddress', + 'path': 'path', + 'overprovisionfactor': 'overprovision_factor', + 'storagecapabilities': 'storage_capabilities', + 'suitableformigration': 'suitable_for_migration', + } + self.allocation_states = { + # Host state: param state + 'Up': 'enabled', + 'Disabled': 'disabled', + 'Maintenance': 'maintenance', + } + self.storage_pool = None + + def _get_common_args(self): + return { + 'name': self.module.params.get('name'), + 'url': self.module.params.get('storage_url'), + 'zoneid': self.get_zone(key='id'), + 'provider': self.get_storage_provider(), + 'scope': self.module.params.get('scope'), + 'hypervisor': self.module.params.get('hypervisor'), + 'capacitybytes': self.module.params.get('capacity_bytes'), + 'capacityiops': self.module.params.get('capacity_iops'), + } + + def _allocation_state_enabled_disabled_changed(self, pool, allocation_state): + if allocation_state in ['enabled', 'disabled']: + for pool_state, param_state in self.allocation_states.items(): + if pool_state == pool['state'] and allocation_state != param_state: + return True + return False + + def _handle_allocation_state(self, pool, state=None): + allocation_state = state or self.module.params.get('allocation_state') + if not allocation_state: + return pool + + if self.allocation_states.get(pool['state']) == allocation_state: + return pool + + # Cancel maintenance if target state is enabled/disabled + elif allocation_state in ['enabled', 'disabled']: + pool = self._cancel_maintenance(pool) + pool = self._update_storage_pool(pool=pool, allocation_state=allocation_state) + + # Only an enabled host can put in maintenance + elif allocation_state == 'maintenance': + pool = self._update_storage_pool(pool=pool, allocation_state='enabled') + pool = self._enable_maintenance(pool=pool) + + return pool + + def _create_storage_pool(self): + args = self._get_common_args() + args.update({ + 'clusterid': self.get_cluster(key='id'), + 'podid': self.get_pod(key='id'), + 'managed': self.module.params.get('managed'), + }) + + scope = self.module.params.get('scope') + if scope is None: + args['scope'] = 'cluster' if args['clusterid'] else 'zone' + + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('createStoragePool', **args) + return res['storagepool'] + + def _update_storage_pool(self, pool, allocation_state=None): + args = { + 'id': pool['id'], + 'capacitybytes': self.module.params.get('capacity_bytes'), + 'capacityiops': self.module.params.get('capacity_iops'), + 'tags': self.get_storage_tags(), + } + + if self.has_changed(args, pool) or self._allocation_state_enabled_disabled_changed(pool, allocation_state): + self.result['changed'] = True + args['enabled'] = allocation_state == 'enabled' if allocation_state in ['enabled', 'disabled'] else None + if not self.module.check_mode: + res = self.query_api('updateStoragePool', **args) + pool = res['storagepool'] + return pool + + def _enable_maintenance(self, pool): + if pool['state'].lower() != "maintenance": + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('enableStorageMaintenance', id=pool['id']) + pool = self.poll_job(res, 'storagepool') + return pool + + def _cancel_maintenance(self, pool): + if pool['state'].lower() == "maintenance": + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('cancelStorageMaintenance', id=pool['id']) + pool = self.poll_job(res, 'storagepool') + return pool + + def get_storage_tags(self): + storage_tags = self.module.params.get('storage_tags') + if storage_tags is None: + return None + return ','.join(storage_tags) + + def get_storage_pool(self, key=None): + if self.storage_pool is None: + zoneid = self.get_zone(key='id') + clusterid = self.get_cluster(key='id') + podid = self.get_pod(key='id') + + args = { + 'zoneid': zoneid, + 'podid': podid, + 'clusterid': clusterid, + 'name': self.module.params.get('name'), + } + + res = self.query_api('listStoragePools', **args) + if 'storagepool' not in res: + return None + + self.storage_pool = res['storagepool'][0] + + return self.storage_pool + + def present_storage_pool(self): + pool = self.get_storage_pool() + if pool: + pool = self._update_storage_pool(pool=pool) + else: + pool = self._create_storage_pool() + + if pool: + pool = self._handle_allocation_state(pool=pool) + + return pool + + def absent_storage_pool(self): + pool = self.get_storage_pool() + if pool: + self.result['changed'] = True + + args = { + 'id': pool['id'], + } + if not self.module.check_mode: + # Only a pool in maintenance can be deleted + self._handle_allocation_state(pool=pool, state='maintenance') + self.query_api('deleteStoragePool', **args) + return pool + + def get_storage_provider(self, type="primary"): + args = { + 'type': type, + } + provider = self.module.params.get('provider') + storage_providers = self.query_api('listStorageProviders', **args) + for sp in storage_providers.get('dataStoreProvider') or []: + if sp['name'].lower() == provider.lower(): + return provider + self.fail_json(msg="Storage provider %s not found" % provider) + + def get_cluster(self, key=None): + cluster = self.module.params.get('cluster') + if not cluster: + return None + + args = { + 'name': cluster, + 'zoneid': self.get_zone(key='id'), + } + + clusters = self.query_api('listClusters', **args) + if clusters: + return self._get_by_key(key, clusters['cluster'][0]) + + self.fail_json(msg="Cluster %s not found" % cluster) + + def get_result(self, pool): + super(AnsibleCloudStackStoragePool, self).get_result(pool) + if pool: + self.result['storage_url'] = "%s://%s/%s" % (pool['type'], pool['ipaddress'], pool['path']) + self.result['scope'] = pool['scope'].lower() + self.result['storage_tags'] = pool['tags'].split(',') if pool.get('tags') else [] + self.result['allocation_state'] = self.allocation_states.get(pool['state']) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + storage_url=dict(), + zone=dict(), + pod=dict(), + cluster=dict(), + scope=dict(choices=['zone', 'cluster']), + hypervisor=dict(), + provider=dict(default='DefaultPrimary'), + capacity_bytes=dict(type='int'), + capacity_iops=dict(type='int'), + managed=dict(type='bool'), + storage_tags=dict(type='list', elements='str', aliases=['storage_tag']), + allocation_state=dict(choices=['enabled', 'disabled', 'maintenance']), + state=dict(choices=['present', 'absent'], default='present'), + )) + + required_together = cs_required_together() + required_together.extend([ + ['pod', 'cluster'], + ]) + module = AnsibleModule( + argument_spec=argument_spec, + required_together=required_together, + required_if=[ + ('state', 'present', ['storage_url']), + ], + supports_check_mode=True + ) + + acs_storage_pool = AnsibleCloudStackStoragePool(module) + + state = module.params.get('state') + if state in ['absent']: + pool = acs_storage_pool.absent_storage_pool() + else: + pool = acs_storage_pool.present_storage_pool() + + result = acs_storage_pool.get_result(pool) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_template.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_template.py new file mode 100644 index 00000000..16902595 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_template.py @@ -0,0 +1,741 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_template +short_description: Manages templates on Apache CloudStack based clouds. +description: + - Register templates from an URL. + - Create templates from a ROOT volume of a stopped VM or its snapshot. + - Update, extract and delete templates. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the template. + type: str + required: true + url: + description: + - URL of where the template is hosted on I(state=present). + - URL to which the template would be extracted on I(state=extracted). + - Mutually exclusive with I(vm). + type: str + vm: + description: + - VM name the template will be created from its volume or alternatively from a snapshot. + - VM must be in stopped state if created from its volume. + - Mutually exclusive with I(url). + type: str + snapshot: + description: + - Name of the snapshot, created from the VM ROOT volume, the template will be created from. + - I(vm) is required together with this argument. + type: str + os_type: + description: + - OS type that best represents the OS of this template. + type: str + checksum: + description: + - The MD5 checksum value of this template. + - If set, we search by checksum instead of name. + type: str + is_public: + description: + - Register the template to be publicly available to all users. + - Only used if I(state) is C(present). + type: bool + is_featured: + description: + - Register the template to be featured. + - Only used if I(state) is C(present). + type: bool + is_dynamically_scalable: + description: + - Register the template having XS/VMware tools installed in order to support dynamic scaling of VM CPU/memory. + - Only used if I(state) is C(present). + type: bool + cross_zones: + description: + - Whether the template should be synced or removed across zones. + - Only used if I(state) is C(present) or C(absent). + default: no + type: bool + mode: + description: + - Mode for the template extraction. + - Only used if I(state=extracted). + type: str + default: http_download + choices: [ http_download, ftp_upload ] + domain: + description: + - Domain the template, snapshot or VM is related to. + type: str + account: + description: + - Account the template, snapshot or VM is related to. + type: str + project: + description: + - Name of the project the template to be registered in. + type: str + zone: + description: + - Name of the zone you wish the template to be registered or deleted from. + - If not specified, first found zone will be used. + type: str + template_filter: + description: + - Name of the filter used to search for the template. + - The filter C(all) was added in 2.7. + type: str + default: self + choices: [ all, featured, self, selfexecutable, sharedexecutable, executable, community ] + template_find_options: + description: + - Options to find a template uniquely. + - More than one allowed. + type: list + elements: str + choices: [ display_text, checksum, cross_zones ] + aliases: [ template_find_option ] + default: [] + hypervisor: + description: + - Name the hypervisor to be used for creating the new template. + - Relevant when using I(state=present). + - Possible values are C(KVM), C(VMware), C(BareMetal), C(XenServer), C(LXC), C(HyperV), C(UCS), C(OVM), C(Simulator). + type: str + requires_hvm: + description: + - Whether the template requires HVM or not. + - Only considered while creating the template. + type: bool + password_enabled: + description: + - Enable template password reset support. + type: bool + template_tag: + description: + - The tag for this template. + type: str + sshkey_enabled: + description: + - True if the template supports the sshkey upload feature. + - Only considered if I(url) is used (API limitation). + type: bool + is_routing: + description: + - Sets the template type to routing, i.e. if template is used to deploy routers. + - Only considered if I(url) is used. + type: bool + format: + description: + - The format for the template. + - Only considered if I(state=present). + type: str + choices: [ QCOW2, RAW, VHD, OVA ] + is_extractable: + description: + - Allows the template or its derivatives to be extractable. + type: bool + details: + description: + - Template details in key/value pairs. + type: str + bits: + description: + - 32 or 64 bits support. + type: int + default: 64 + choices: [ 32, 64 ] + display_text: + description: + - Display text of the template. + type: str + state: + description: + - State of the template. + type: str + default: present + choices: [ present, absent, extracted ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: register a systemvm template + ngine_io.cloudstack.cs_template: + name: systemvm-vmware-4.5 + url: "http://packages.shapeblue.com/systemvmtemplate/4.5/systemvm64template-4.5-vmware.ova" + hypervisor: VMware + format: OVA + cross_zones: yes + os_type: Debian GNU/Linux 7(64-bit) + +- name: Create a template from a stopped virtual machine's volume + ngine_io.cloudstack.cs_template: + name: Debian 9 (64-bit) 20GB ({{ ansible_date_time.date }}) + vm: debian-9-base-vm + os_type: Debian GNU/Linux 9 (64-bit) + zone: tokio-ix + password_enabled: yes + is_public: yes + + +# Note: Use template_find_option(s) when a template name is not unique +- name: Create a template from a stopped virtual machine's volume + ngine_io.cloudstack.cs_template: + name: Debian 9 (64-bit) + display_text: Debian 9 (64-bit) 20GB ({{ ansible_date_time.date }}) + template_find_option: display_text + vm: debian-9-base-vm + os_type: Debian GNU/Linux 9 (64-bit) + zone: tokio-ix + password_enabled: yes + is_public: yes + +- name: create a template from a virtual machine's root volume snapshot + ngine_io.cloudstack.cs_template: + name: Debian 9 (64-bit) Snapshot ROOT-233_2015061509114 + snapshot: ROOT-233_2015061509114 + os_type: Debian GNU/Linux 9 (64-bit) + zone: tokio-ix + password_enabled: yes + is_public: yes + +- name: Remove a template + ngine_io.cloudstack.cs_template: + name: systemvm-4.2 + cross_zones: yes + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the template or extracted object. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: Name of the template or extracted object. + returned: success + type: str + sample: Debian 7 64-bit +display_text: + description: Display text of the template. + returned: if available + type: str + sample: Debian 7.7 64-bit minimal 2015-03-19 +checksum: + description: MD5 checksum of the template. + returned: if available + type: str + sample: 0b31bccccb048d20b551f70830bb7ad0 +status: + description: Status of the template or extracted object. + returned: success + type: str + sample: Download Complete +is_ready: + description: True if the template is ready to be deployed from. + returned: if available + type: bool + sample: true +is_public: + description: True if the template is public. + returned: if available + type: bool + sample: true +is_featured: + description: True if the template is featured. + returned: if available + type: bool + sample: true +is_extractable: + description: True if the template is extractable. + returned: if available + type: bool + sample: true +format: + description: Format of the template. + returned: if available + type: str + sample: OVA +os_type: + description: Type of the OS. + returned: if available + type: str + sample: CentOS 6.5 (64-bit) +password_enabled: + description: True if the reset password feature is enabled, false otherwise. + returned: if available + type: bool + sample: false +sshkey_enabled: + description: true if template is sshkey enabled, false otherwise. + returned: if available + type: bool + sample: false +cross_zones: + description: true if the template is managed across all zones, false otherwise. + returned: if available + type: bool + sample: false +template_type: + description: Type of the template. + returned: if available + type: str + sample: USER +created: + description: Date of registering. + returned: success + type: str + sample: 2015-03-29T14:57:06+0200 +template_tag: + description: Template tag related to this template. + returned: if available + type: str + sample: special +hypervisor: + description: Hypervisor related to this template. + returned: if available + type: str + sample: VMware +mode: + description: Mode of extraction + returned: on state=extracted + type: str + sample: http_download +state: + description: State of the extracted template + returned: on state=extracted + type: str + sample: DOWNLOAD_URL_CREATED +url: + description: Url to which the template is extracted to + returned: on state=extracted + type: str + sample: "http://1.2.3.4/userdata/eb307f13-4aca-45e8-b157-a414a14e6b04.ova" +tags: + description: List of resource tags associated with the template. + returned: if available + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +zone: + description: Name of zone the template is registered in. + returned: success + type: str + sample: zuerich +domain: + description: Domain the template is related to. + returned: success + type: str + sample: example domain +account: + description: Account the template is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the template is related to. + returned: success + type: str + sample: Production +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackTemplate(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackTemplate, self).__init__(module) + self.returns = { + 'checksum': 'checksum', + 'status': 'status', + 'isready': 'is_ready', + 'templatetag': 'template_tag', + 'sshkeyenabled': 'sshkey_enabled', + 'passwordenabled': 'password_enabled', + 'templatetype': 'template_type', + 'ostypename': 'os_type', + 'crossZones': 'cross_zones', + 'format': 'format', + 'hypervisor': 'hypervisor', + 'url': 'url', + 'extractMode': 'mode', + 'state': 'state', + } + + def _get_args(self): + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'bits': self.module.params.get('bits'), + 'isdynamicallyscalable': self.module.params.get('is_dynamically_scalable'), + 'isextractable': self.module.params.get('is_extractable'), + 'isfeatured': self.module.params.get('is_featured'), + 'ispublic': self.module.params.get('is_public'), + 'passwordenabled': self.module.params.get('password_enabled'), + 'requireshvm': self.module.params.get('requires_hvm'), + 'templatetag': self.module.params.get('template_tag'), + 'ostypeid': self.get_os_type(key='id'), + } + + if not args['ostypeid']: + self.module.fail_json(msg="Missing required arguments: os_type") + + return args + + def get_root_volume(self, key=None): + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'virtualmachineid': self.get_vm(key='id'), + 'type': "ROOT" + } + volumes = self.query_api('listVolumes', **args) + if volumes: + return self._get_by_key(key, volumes['volume'][0]) + self.module.fail_json(msg="Root volume for '%s' not found" % self.get_vm('name')) + + def get_snapshot(self, key=None): + snapshot = self.module.params.get('snapshot') + if not snapshot: + return None + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'volumeid': self.get_root_volume('id'), + 'fetch_list': True, + } + snapshots = self.query_api('listSnapshots', **args) + if snapshots: + for s in snapshots: + if snapshot in [s['name'], s['id']]: + return self._get_by_key(key, s) + self.module.fail_json(msg="Snapshot '%s' not found" % snapshot) + + def present_template(self): + template = self.get_template() + if template: + template = self.update_template(template) + elif self.module.params.get('url'): + template = self.register_template() + elif self.module.params.get('vm'): + template = self.create_template() + else: + self.fail_json(msg="one of the following is required on state=present: url, vm") + return template + + def create_template(self): + template = None + self.result['changed'] = True + + args = self._get_args() + snapshot_id = self.get_snapshot(key='id') + if snapshot_id: + args['snapshotid'] = snapshot_id + else: + args['volumeid'] = self.get_root_volume('id') + + if not self.module.check_mode: + template = self.query_api('createTemplate', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + template = self.poll_job(template, 'template') + + if template: + template = self.ensure_tags(resource=template, resource_type='Template') + + return template + + def register_template(self): + required_params = [ + 'format', + 'url', + 'hypervisor', + ] + self.module.fail_on_missing_params(required_params=required_params) + template = None + self.result['changed'] = True + args = self._get_args() + args.update({ + 'url': self.module.params.get('url'), + 'format': self.module.params.get('format'), + 'checksum': self.module.params.get('checksum'), + 'isextractable': self.module.params.get('is_extractable'), + 'isrouting': self.module.params.get('is_routing'), + 'sshkeyenabled': self.module.params.get('sshkey_enabled'), + 'hypervisor': self.get_hypervisor(), + 'domainid': self.get_domain(key='id'), + 'account': self.get_account(key='name'), + 'projectid': self.get_project(key='id'), + }) + + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + else: + args['zoneid'] = -1 + + if not self.module.check_mode: + self.query_api('registerTemplate', **args) + template = self.get_template() + return template + + def update_template(self, template): + args = { + 'id': template['id'], + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'format': self.module.params.get('format'), + 'isdynamicallyscalable': self.module.params.get('is_dynamically_scalable'), + 'isrouting': self.module.params.get('is_routing'), + 'ostypeid': self.get_os_type(key='id'), + 'passwordenabled': self.module.params.get('password_enabled'), + } + if self.has_changed(args, template): + self.result['changed'] = True + if not self.module.check_mode: + self.query_api('updateTemplate', **args) + template = self.get_template() + + args = { + 'id': template['id'], + 'isextractable': self.module.params.get('is_extractable'), + 'isfeatured': self.module.params.get('is_featured'), + 'ispublic': self.module.params.get('is_public'), + } + if self.has_changed(args, template): + self.result['changed'] = True + if not self.module.check_mode: + self.query_api('updateTemplatePermissions', **args) + # Refresh + template = self.get_template() + + if template: + template = self.ensure_tags(resource=template, resource_type='Template') + + return template + + def _is_find_option(self, param_name): + return param_name in self.module.params.get('template_find_options') + + def _find_option_match(self, template, param_name, internal_name=None): + if not internal_name: + internal_name = param_name + + if param_name in self.module.params.get('template_find_options'): + param_value = self.module.params.get(param_name) + + if not param_value: + self.fail_json(msg="The param template_find_options has %s but param was not provided." % param_name) + + if template[internal_name] == param_value: + return True + return False + + def get_template(self): + args = { + 'name': self.module.params.get('name'), + 'templatefilter': self.module.params.get('template_filter'), + 'domainid': self.get_domain(key='id'), + 'account': self.get_account(key='name'), + 'projectid': self.get_project(key='id') + } + + cross_zones = self.module.params.get('cross_zones') + if not cross_zones: + args['zoneid'] = self.get_zone(key='id') + + template_found = None + + templates = self.query_api('listTemplates', **args) + if templates: + for tmpl in templates['template']: + + if self._is_find_option('cross_zones') and not self._find_option_match( + template=tmpl, + param_name='cross_zones', + internal_name='crossZones'): + continue + + if self._is_find_option('checksum') and not self._find_option_match( + template=tmpl, + param_name='checksum'): + continue + + if self._is_find_option('display_text') and not self._find_option_match( + template=tmpl, + param_name='display_text', + internal_name='displaytext'): + continue + + if not template_found: + template_found = tmpl + # A cross zones template has one entry per zone but the same id + elif tmpl['id'] == template_found['id']: + continue + else: + self.fail_json(msg="Multiple templates found matching provided params. Please use template_find_options.") + + return template_found + + def extract_template(self): + template = self.get_template() + if not template: + self.module.fail_json(msg="Failed: template not found") + + if self.module.params.get('cross_zones'): + self.module.warn('cross_zones parameter is ignored when state is extracted') + + args = { + 'id': template['id'], + 'url': self.module.params.get('url'), + 'mode': self.module.params.get('mode'), + 'zoneid': self.get_zone(key='id') + } + self.result['changed'] = True + + if not self.module.check_mode: + template = self.query_api('extractTemplate', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + template = self.poll_job(template, 'template') + return template + + def remove_template(self): + template = self.get_template() + if template: + self.result['changed'] = True + + args = { + 'id': template['id'] + } + if not self.module.params.get('cross_zones'): + args['zoneid'] = self.get_zone(key='id') + + if not self.module.check_mode: + res = self.query_api('deleteTemplate', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + res = self.poll_job(res, 'template') + return template + + def get_result(self, template): + super(AnsibleCloudStackTemplate, self).get_result(template) + if template: + if 'isextractable' in template: + self.result['is_extractable'] = True if template['isextractable'] else False + if 'isfeatured' in template: + self.result['is_featured'] = True if template['isfeatured'] else False + if 'ispublic' in template: + self.result['is_public'] = True if template['ispublic'] else False + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + url=dict(), + vm=dict(), + snapshot=dict(), + os_type=dict(), + is_public=dict(type='bool'), + is_featured=dict(type='bool'), + is_dynamically_scalable=dict(type='bool'), + is_extractable=dict(type='bool'), + is_routing=dict(type='bool'), + checksum=dict(), + template_filter=dict(default='self', choices=['all', 'featured', 'self', 'selfexecutable', 'sharedexecutable', 'executable', 'community']), + template_find_options=dict( + type='list', + elements='str', + choices=['display_text', 'checksum', 'cross_zones'], + aliases=['template_find_option'], + default=[], + ), + hypervisor=dict(), + requires_hvm=dict(type='bool'), + password_enabled=dict(type='bool', no_log=False), + template_tag=dict(), + sshkey_enabled=dict(type='bool'), + format=dict(choices=['QCOW2', 'RAW', 'VHD', 'OVA']), + details=dict(), + bits=dict(type='int', choices=[32, 64], default=64), + state=dict(choices=['present', 'absent', 'extracted'], default='present'), + cross_zones=dict(type='bool', default=False), + mode=dict(choices=['http_download', 'ftp_upload'], default='http_download'), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['url', 'vm'], + ['zone', 'cross_zones'], + ), + supports_check_mode=True + ) + + acs_tpl = AnsibleCloudStackTemplate(module) + + state = module.params.get('state') + if state == 'absent': + tpl = acs_tpl.remove_template() + + elif state == 'extracted': + tpl = acs_tpl.extract_template() + else: + tpl = acs_tpl.present_template() + + result = acs_tpl.get_result(tpl) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_traffic_type.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_traffic_type.py new file mode 100644 index 00000000..22ec3ec3 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_traffic_type.py @@ -0,0 +1,321 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2019, Patryk D. Cichy <patryk.d.cichy@gmail.com> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_traffic_type +short_description: Manages traffic types on CloudStack Physical Networks +description: + - Add, remove, update Traffic Types associated with CloudStack Physical Networks. +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +author: + - Patryk Cichy (@PatTheSilent) +version_added: 0.1.0 +options: + physical_network: + description: + - the name of the Physical Network + required: true + type: str + zone: + description: + - Name of the zone with the physical network. + - Default zone will be used if this is empty. + type: str + traffic_type: + description: + - the trafficType to be added to the physical network. + required: true + choices: [Management, Guest, Public, Storage] + type: str + state: + description: + - State of the traffic type + choices: [present, absent] + default: present + type: str + hyperv_networklabel: + description: + - The network name label of the physical device dedicated to this traffic on a HyperV host. + type: str + isolation_method: + description: + - Use if the physical network has multiple isolation types and traffic type is public. + choices: [vlan, vxlan] + type: str + kvm_networklabel: + description: + - The network name label of the physical device dedicated to this traffic on a KVM host. + type: str + ovm3_networklabel: + description: + - The network name of the physical device dedicated to this traffic on an OVM3 host. + type: str + vlan: + description: + - The VLAN id to be used for Management traffic by VMware host. + type: str + vmware_networklabel: + description: + - The network name label of the physical device dedicated to this traffic on a VMware host. + type: str + xen_networklabel: + description: + - The network name label of the physical device dedicated to this traffic on a XenServer host. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +''' + +EXAMPLES = ''' +- name: add a traffic type + ngine_io.cloudstack.cs_traffic_type: + physical_network: public-network + traffic_type: Guest + zone: test-zone + +- name: update traffic type + ngine_io.cloudstack.cs_traffic_type: + physical_network: public-network + traffic_type: Guest + kvm_networklabel: cloudbr0 + zone: test-zone + +- name: remove traffic type + ngine_io.cloudstack.cs_traffic_type: + physical_network: public-network + traffic_type: Public + state: absent + zone: test-zone +''' + +RETURN = ''' +--- +id: + description: ID of the network provider + returned: success + type: str + sample: 659c1840-9374-440d-a412-55ca360c9d3c +traffic_type: + description: the trafficType that was added to the physical network + returned: success + type: str + sample: Public +hyperv_networklabel: + description: The network name label of the physical device dedicated to this traffic on a HyperV host + returned: success + type: str + sample: HyperV Internal Switch +kvm_networklabel: + description: The network name label of the physical device dedicated to this traffic on a KVM host + returned: success + type: str + sample: cloudbr0 +ovm3_networklabel: + description: The network name of the physical device dedicated to this traffic on an OVM3 host + returned: success + type: str + sample: cloudbr0 +physical_network: + description: the physical network this belongs to + returned: success + type: str + sample: 28ed70b7-9a1f-41bf-94c3-53a9f22da8b6 +vmware_networklabel: + description: The network name label of the physical device dedicated to this traffic on a VMware host + returned: success + type: str + sample: Management Network +xen_networklabel: + description: The network name label of the physical device dedicated to this traffic on a XenServer host + returned: success + type: str + sample: xenbr0 +zone: + description: Name of zone the physical network is in. + returned: success + type: str + sample: ch-gva-2 +''' + +from ..module_utils.cloudstack import AnsibleCloudStack, cs_argument_spec, cs_required_together +from ansible.module_utils.basic import AnsibleModule + + +class AnsibleCloudStackTrafficType(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackTrafficType, self).__init__(module) + self.returns = { + 'traffictype': 'traffic_type', + 'hypervnetworklabel': 'hyperv_networklabel', + 'kvmnetworklabel': 'kvm_networklabel', + 'ovm3networklabel': 'ovm3_networklabel', + 'physicalnetworkid': 'physical_network', + 'vmwarenetworklabel': 'vmware_networklabel', + 'xennetworklabel': 'xen_networklabel' + } + + self.traffic_type = None + + def _get_label_args(self): + label_args = dict() + if self.module.params.get('hyperv_networklabel'): + label_args.update(dict(hypervnetworklabel=self.module.params.get('hyperv_networklabel'))) + if self.module.params.get('kvm_networklabel'): + label_args.update(dict(kvmnetworklabel=self.module.params.get('kvm_networklabel'))) + if self.module.params.get('ovm3_networklabel'): + label_args.update(dict(ovm3networklabel=self.module.params.get('ovm3_networklabel'))) + if self.module.params.get('vmware_networklabel'): + label_args.update(dict(vmwarenetworklabel=self.module.params.get('vmware_networklabel'))) + return label_args + + def _get_additional_args(self): + additional_args = dict() + + if self.module.params.get('isolation_method'): + additional_args.update(dict(isolationmethod=self.module.params.get('isolation_method'))) + + if self.module.params.get('vlan'): + additional_args.update(dict(vlan=self.module.params.get('vlan'))) + + additional_args.update(self._get_label_args()) + + return additional_args + + def get_traffic_types(self): + args = { + 'physicalnetworkid': self.get_physical_network(key='id') + } + traffic_types = self.query_api('listTrafficTypes', **args) + return traffic_types + + def get_traffic_type(self): + if self.traffic_type: + return self.traffic_type + + traffic_type = self.module.params.get('traffic_type') + + traffic_types = self.get_traffic_types() + + if traffic_types: + for t_type in traffic_types['traffictype']: + if traffic_type.lower() in [t_type['traffictype'].lower(), t_type['id']]: + self.traffic_type = t_type + break + return self.traffic_type + + def present_traffic_type(self): + traffic_type = self.get_traffic_type() + if traffic_type: + self.traffic_type = self.update_traffic_type() + else: + self.result['changed'] = True + self.traffic_type = self.add_traffic_type() + + return self.traffic_type + + def add_traffic_type(self): + traffic_type = self.module.params.get('traffic_type') + args = { + 'physicalnetworkid': self.get_physical_network(key='id'), + 'traffictype': traffic_type + } + args.update(self._get_additional_args()) + if not self.module.check_mode: + resource = self.query_api('addTrafficType', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.traffic_type = self.poll_job(resource, 'traffictype') + return self.traffic_type + + def absent_traffic_type(self): + traffic_type = self.get_traffic_type() + if traffic_type: + + args = { + 'id': traffic_type['id'] + } + self.result['changed'] = True + if not self.module.check_mode: + resource = self.query_api('deleteTrafficType', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(resource, 'traffictype') + + return traffic_type + + def update_traffic_type(self): + + traffic_type = self.get_traffic_type() + args = { + 'id': traffic_type['id'] + } + args.update(self._get_label_args()) + if self.has_changed(args, traffic_type): + self.result['changed'] = True + if not self.module.check_mode: + resource = self.query_api('updateTrafficType', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.traffic_type = self.poll_job(resource, 'traffictype') + + return self.traffic_type + + +def setup_module_object(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + physical_network=dict(required=True), + zone=dict(), + state=dict(choices=['present', 'absent'], default='present'), + traffic_type=dict(required=True, choices=['Management', 'Guest', 'Public', 'Storage']), + hyperv_networklabel=dict(), + isolation_method=dict(choices=['vlan', 'vxlan']), + kvm_networklabel=dict(), + ovm3_networklabel=dict(), + vlan=dict(), + vmware_networklabel=dict(), + xen_networklabel=dict(), + poll_async=dict(type='bool', default=True) + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + return module + + +def execute_module(module): + actt = AnsibleCloudStackTrafficType(module) + state = module.params.get('state') + + if state in ['present']: + result = actt.present_traffic_type() + else: + result = actt.absent_traffic_type() + + return actt.get_result(result) + + +def main(): + module = setup_module_object() + result = execute_module(module) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_user.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_user.py new file mode 100644 index 00000000..816e5f70 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_user.py @@ -0,0 +1,436 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_user +short_description: Manages users on Apache CloudStack based clouds. +description: + - Create, update, disable, lock, enable and remove users. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + username: + description: + - Username of the user. + type: str + required: true + account: + description: + - Account the user will be created under. + - Required on I(state=present). + type: str + password: + description: + - Password of the user to be created. + - Required on I(state=present). + - Only considered on creation and will not be updated if user exists. + type: str + first_name: + description: + - First name of the user. + - Required on I(state=present). + type: str + last_name: + description: + - Last name of the user. + - Required on I(state=present). + type: str + email: + description: + - Email of the user. + - Required on I(state=present). + type: str + timezone: + description: + - Timezone of the user. + type: str + keys_registered: + description: + - If API keys of the user should be generated. + - "Note: Keys can not be removed by the API again." + type: bool + default: no + domain: + description: + - Domain the user is related to. + type: str + default: ROOT + state: + description: + - State of the user. + - C(unlocked) is an alias for C(enabled). + type: str + default: present + choices: [ present, absent, enabled, disabled, locked, unlocked ] + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create an user in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_user: + account: developers + username: johndoe + password: S3Cur3 + last_name: Doe + first_name: John + email: john.doe@example.com + domain: CUSTOMERS + +- name: Lock an existing user in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_user: + username: johndoe + domain: CUSTOMERS + state: locked + +- name: Disable an existing user in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_user: + username: johndoe + domain: CUSTOMERS + state: disabled + +- name: Enable/unlock an existing user in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_user: + username: johndoe + domain: CUSTOMERS + state: enabled + +- name: Remove an user in domain 'CUSTOMERS' + ngine_io.cloudstack.cs_user: + name: customer_xy + domain: CUSTOMERS + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the user. + returned: success + type: str + sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 +username: + description: Username of the user. + returned: success + type: str + sample: johndoe +fist_name: + description: First name of the user. + returned: success + type: str + sample: John +last_name: + description: Last name of the user. + returned: success + type: str + sample: Doe +email: + description: Emailof the user. + returned: success + type: str + sample: john.doe@example.com +user_api_key: + description: API key of the user. + returned: success + type: str + sample: JLhcg8VWi8DoFqL2sSLZMXmGojcLnFrOBTipvBHJjySODcV4mCOo29W2duzPv5cALaZnXj5QxDx3xQfaQt3DKg +user_api_secret: + description: API secret of the user. + returned: success + type: str + sample: FUELo3LB9fa1UopjTLPdqLv_6OXQMJZv9g9N4B_Ao3HFz8d6IGFCV9MbPFNM8mwz00wbMevja1DoUNDvI8C9-g +account: + description: Account name of the user. + returned: success + type: str + sample: developers +account_type: + description: Type of the account. + returned: success + type: str + sample: user +timezone: + description: Timezone of the user. + returned: success + type: str + sample: enabled +created: + description: Date the user was created. + returned: success + type: str + sample: Doe +state: + description: State of the user. + returned: success + type: str + sample: enabled +domain: + description: Domain the user is related. + returned: success + type: str + sample: ROOT +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackUser(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackUser, self).__init__(module) + self.returns = { + 'username': 'username', + 'firstname': 'first_name', + 'lastname': 'last_name', + 'email': 'email', + 'secretkey': 'user_api_secret', + 'apikey': 'user_api_key', + 'timezone': 'timezone', + } + self.account_types = { + 'user': 0, + 'root_admin': 1, + 'domain_admin': 2, + } + self.user = None + + def get_account_type(self): + account_type = self.module.params.get('account_type') + return self.account_types[account_type] + + def get_user(self): + if not self.user: + args = { + 'domainid': self.get_domain('id'), + 'fetch_list': True, + } + + users = self.query_api('listUsers', **args) + + if users: + user_name = self.module.params.get('username') + for u in users: + if user_name.lower() == u['username'].lower(): + self.user = u + break + return self.user + + def enable_user(self): + user = self.get_user() + if not user: + user = self.present_user() + + if user['state'].lower() != 'enabled': + self.result['changed'] = True + args = { + 'id': user['id'], + } + if not self.module.check_mode: + res = self.query_api('enableUser', **args) + user = res['user'] + return user + + def lock_user(self): + user = self.get_user() + if not user: + user = self.present_user() + + # we need to enable the user to lock it. + if user['state'].lower() == 'disabled': + user = self.enable_user() + + if user['state'].lower() != 'locked': + self.result['changed'] = True + + args = { + 'id': user['id'], + } + + if not self.module.check_mode: + res = self.query_api('lockUser', **args) + user = res['user'] + + return user + + def disable_user(self): + user = self.get_user() + if not user: + user = self.present_user() + + if user['state'].lower() != 'disabled': + self.result['changed'] = True + args = { + 'id': user['id'], + } + if not self.module.check_mode: + user = self.query_api('disableUser', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + user = self.poll_job(user, 'user') + return user + + def present_user(self): + required_params = [ + 'account', + 'email', + 'password', + 'first_name', + 'last_name', + ] + self.module.fail_on_missing_params(required_params=required_params) + + user = self.get_user() + if user: + user = self._update_user(user) + else: + user = self._create_user(user) + return user + + def _get_common_args(self): + return { + 'firstname': self.module.params.get('first_name'), + 'lastname': self.module.params.get('last_name'), + 'email': self.module.params.get('email'), + 'timezone': self.module.params.get('timezone'), + } + + def _create_user(self, user): + self.result['changed'] = True + + args = self._get_common_args() + args.update({ + 'account': self.get_account(key='name'), + 'domainid': self.get_domain('id'), + 'username': self.module.params.get('username'), + 'password': self.module.params.get('password'), + }) + + if not self.module.check_mode: + res = self.query_api('createUser', **args) + user = res['user'] + + # register user api keys + if self.module.params.get('keys_registered'): + res = self.query_api('registerUserKeys', id=user['id']) + user.update(res['userkeys']) + + return user + + def _update_user(self, user): + args = self._get_common_args() + args.update({ + 'id': user['id'], + }) + + if self.has_changed(args, user): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateUser', **args) + + user = res['user'] + + # register user api keys + if 'apikey' not in user and self.module.params.get('keys_registered'): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('registerUserKeys', id=user['id']) + user.update(res['userkeys']) + return user + + def absent_user(self): + user = self.get_user() + if user: + self.result['changed'] = True + + if not self.module.check_mode: + self.query_api('deleteUser', id=user['id']) + + return user + + def get_result(self, user): + super(AnsibleCloudStackUser, self).get_result(user) + if user: + if 'accounttype' in user: + for key, value in self.account_types.items(): + if value == user['accounttype']: + self.result['account_type'] = key + break + + # secretkey has been removed since CloudStack 4.10 from listUsers API + if self.module.params.get('keys_registered') and 'apikey' in user and 'secretkey' not in user: + user_keys = self.query_api('getUserKeys', id=user['id']) + if user_keys: + self.result['user_api_secret'] = user_keys['userkeys'].get('secretkey') + + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + username=dict(required=True), + account=dict(), + state=dict(choices=['present', 'absent', 'enabled', 'disabled', 'locked', 'unlocked'], default='present'), + domain=dict(default='ROOT'), + email=dict(), + first_name=dict(), + last_name=dict(), + password=dict(no_log=True), + timezone=dict(), + keys_registered=dict(type='bool', default=False), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_acc = AnsibleCloudStackUser(module) + + state = module.params.get('state') + + if state == 'absent': + user = acs_acc.absent_user() + + elif state in ['enabled', 'unlocked']: + user = acs_acc.enable_user() + + elif state == 'disabled': + user = acs_acc.disable_user() + + elif state == 'locked': + user = acs_acc.lock_user() + + else: + user = acs_acc.present_user() + + result = acs_acc.get_result(user) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vlan_ip_range.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vlan_ip_range.py new file mode 100644 index 00000000..aaca4158 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vlan_ip_range.py @@ -0,0 +1,397 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2018, David Passante <@dpassante> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_vlan_ip_range +short_description: Manages VLAN IP ranges on Apache CloudStack based clouds. +description: + - Create and delete VLAN IP range. +author: David Passante (@dpassante) +version_added: 0.1.0 +options: + network: + description: + - The network name or id. + - Required if I(for_virtual_network) and I(physical_network) are not set. + type: str + physical_network: + description: + - The physical network name or id. + type: str + start_ip: + description: + - The beginning IPv4 address in the VLAN IP range. + - Only considered on create. + type: str + required: true + end_ip: + description: + - The ending IPv4 address in the VLAN IP range. + - If not specified, value of I(start_ip) is used. + - Only considered on create. + type: str + gateway: + description: + - The gateway of the VLAN IP range. + - Required if I(state=present). + type: str + netmask: + description: + - The netmask of the VLAN IP range. + - Required if I(state=present). + type: str + start_ipv6: + description: + - The beginning IPv6 address in the IPv6 network range. + - Only considered on create. + type: str + end_ipv6: + description: + - The ending IPv6 address in the IPv6 network range. + - If not specified, value of I(start_ipv6) is used. + - Only considered on create. + type: str + gateway_ipv6: + description: + - The gateway of the IPv6 network. + - Only considered on create. + type: str + cidr_ipv6: + description: + - The CIDR of IPv6 network, must be at least /64. + type: str + vlan: + description: + - The ID or VID of the network. + - If not specified, will be defaulted to the vlan of the network. + type: str + pod: + description: + - Name of the pod. + type: str + version_added: 1.0.0 + state: + description: + - State of the network ip range. + type: str + default: present + choices: [ present, absent ] + zone: + description: + - The Zone ID of the VLAN IP range. + - If not set, default zone is used. + type: str + domain: + description: + - Domain of the account owning the VLAN. + type: str + account: + description: + - Account who owns the VLAN. + - Mutually exclusive with I(project). + type: str + project: + description: + - Project who owns the VLAN. + - Mutually exclusive with I(account). + type: str + for_virtual_network: + description: + - C(yes) if VLAN is of Virtual type, C(no) if Direct. + - If set to C(yes) but neither I(physical_network) or I(network) is set CloudStack will try to add the + VLAN range to the Physical Network with a Public traffic type. + type: bool + default: no + version_added: 1.0.0 + for_system_vms: + description: + - C(yes) if IP range is set to system vms, C(no) if not + type: bool + default: no +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create a VLAN IP range for network test + ngine_io.cloudstack.cs_vlan_ip_range: + network: test + vlan: 98 + start_ip: 10.2.4.10 + end_ip: 10.2.4.100 + gateway: 10.2.4.1 + netmask: 255.255.255.0 + zone: zone-02 + +- name: remove a VLAN IP range for network test + ngine_io.cloudstack.cs_vlan_ip_range: + state: absent + network: test + start_ip: 10.2.4.10 + end_ip: 10.2.4.100 + zone: zone-02 +''' + +RETURN = ''' +--- +id: + description: UUID of the VLAN IP range. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +network: + description: The network of vlan range + returned: if available + type: str + sample: test +vlan: + description: The ID or VID of the VLAN. + returned: success + type: str + sample: vlan://98 +gateway: + description: IPv4 gateway. + returned: success + type: str + sample: 10.2.4.1 +netmask: + description: IPv4 netmask. + returned: success + type: str + sample: 255.255.255.0 +gateway_ipv6: + description: IPv6 gateway. + returned: if available + type: str + sample: 2001:db8::1 +cidr_ipv6: + description: The CIDR of IPv6 network. + returned: if available + type: str + sample: 2001:db8::/64 +zone: + description: Name of zone. + returned: success + type: str + sample: zone-02 +domain: + description: Domain name of the VLAN IP range. + returned: success + type: str + sample: ROOT +account: + description: Account who owns the network. + returned: if available + type: str + sample: example account +project: + description: Project who owns the network. + returned: if available + type: str + sample: example project +for_systemvms: + description: Whether VLAN IP range is dedicated to system vms or not. + returned: success + type: bool + sample: false +for_virtual_network: + description: Whether VLAN IP range is of Virtual type or not. + returned: success + type: bool + sample: false +physical_network: + description: The physical network VLAN IP range belongs to. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +start_ip: + description: The start ip of the VLAN IP range. + returned: success + type: str + sample: 10.2.4.10 +end_ip: + description: The end ip of the VLAN IP range. + returned: success + type: str + sample: 10.2.4.100 +start_ipv6: + description: The start ipv6 of the VLAN IP range. + returned: if available + type: str + sample: 2001:db8::10 +end_ipv6: + description: The end ipv6 of the VLAN IP range. + returned: if available + type: str + sample: 2001:db8::50 +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackVlanIpRange(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVlanIpRange, self).__init__(module) + self.returns = { + 'startip': 'start_ip', + 'endip': 'end_ip', + 'physicalnetworkid': 'physical_network', + 'vlan': 'vlan', + 'forsystemvms': 'for_systemvms', + 'forvirtualnetwork': 'for_virtual_network', + 'gateway': 'gateway', + 'netmask': 'netmask', + 'ip6gateway': 'gateway_ipv6', + 'ip6cidr': 'cidr_ipv6', + 'startipv6': 'start_ipv6', + 'endipv6': 'end_ipv6', + } + self.ip_range = None + + def get_vlan_ip_range(self): + if not self.ip_range: + args = { + 'zoneid': self.get_zone(key='id'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'networkid': self.get_network(key='id'), + } + + res = self.query_api('listVlanIpRanges', **args) + if res: + ip_range_list = res['vlaniprange'] + + params = { + 'startip': self.module.params.get('start_ip'), + 'endip': self.get_or_fallback('end_ip', 'start_ip'), + } + + for ipr in ip_range_list: + if params['startip'] == ipr['startip'] and params['endip'] == ipr['endip']: + self.ip_range = ipr + break + + return self.ip_range + + def present_vlan_ip_range(self): + ip_range = self.get_vlan_ip_range() + + if not ip_range: + ip_range = self.create_vlan_ip_range() + + return ip_range + + def create_vlan_ip_range(self): + self.result['changed'] = True + + vlan = self.module.params.get('vlan') + + args = { + 'zoneid': self.get_zone(key='id'), + 'projectid': self.get_project(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'startip': self.module.params.get('start_ip'), + 'endip': self.get_or_fallback('end_ip', 'start_ip'), + 'netmask': self.module.params.get('netmask'), + 'gateway': self.module.params.get('gateway'), + 'startipv6': self.module.params.get('start_ipv6'), + 'endipv6': self.get_or_fallback('end_ipv6', 'start_ipv6'), + 'ip6gateway': self.module.params.get('gateway_ipv6'), + 'ip6cidr': self.module.params.get('cidr_ipv6'), + 'vlan': self.get_network(key='vlan') if not vlan else vlan, + 'networkid': self.get_network(key='id'), + 'forvirtualnetwork': self.module.params.get('for_virtual_network'), + 'forsystemvms': self.module.params.get('for_system_vms'), + 'podid': self.get_pod(key='id'), + } + if self.module.params.get('physical_network'): + args['physicalnetworkid'] = self.get_physical_network(key='id') + + if not self.module.check_mode: + res = self.query_api('createVlanIpRange', **args) + + self.ip_range = res['vlan'] + + return self.ip_range + + def absent_vlan_ip_range(self): + ip_range = self.get_vlan_ip_range() + + if ip_range: + self.result['changed'] = True + + args = { + 'id': ip_range['id'], + } + + if not self.module.check_mode: + self.query_api('deleteVlanIpRange', **args) + + return ip_range + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + network=dict(type='str'), + physical_network=dict(type='str'), + zone=dict(type='str'), + start_ip=dict(type='str', required=True), + end_ip=dict(type='str'), + gateway=dict(type='str'), + netmask=dict(type='str'), + start_ipv6=dict(type='str'), + end_ipv6=dict(type='str'), + gateway_ipv6=dict(type='str'), + cidr_ipv6=dict(type='str'), + vlan=dict(type='str'), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(type='str'), + account=dict(type='str'), + project=dict(type='str'), + pod=dict(type='str'), + for_virtual_network=dict(type='bool', default=False), + for_system_vms=dict(type='bool', default=False), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['account', 'project'], + ), + required_if=(("state", "present", ("gateway", "netmask")),), + supports_check_mode=True, + ) + + acs_vlan_ip_range = AnsibleCloudStackVlanIpRange(module) + + state = module.params.get('state') + if state == 'absent': + ipr = acs_vlan_ip_range.absent_vlan_ip_range() + + else: + ipr = acs_vlan_ip_range.present_vlan_ip_range() + + result = acs_vlan_ip_range.get_result(ipr) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vmsnapshot.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vmsnapshot.py new file mode 100644 index 00000000..83b77a70 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vmsnapshot.py @@ -0,0 +1,278 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_vmsnapshot +short_description: Manages VM snapshots on Apache CloudStack based clouds. +description: + - Create, remove and revert VM from snapshots. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Unique Name of the snapshot. In CloudStack terms display name. + type: str + required: true + aliases: [ display_name ] + vm: + description: + - Name of the virtual machine. + type: str + required: true + description: + description: + - Description of the snapshot. + type: str + snapshot_memory: + description: + - Snapshot memory if set to true. + default: no + type: bool + zone: + description: + - Name of the zone in which the VM is in. If not set, default zone is used. + type: str + project: + description: + - Name of the project the VM is assigned to. + type: str + state: + description: + - State of the snapshot. + type: str + default: present + choices: [ present, absent, revert ] + domain: + description: + - Domain the VM snapshot is related to. + type: str + account: + description: + - Account the VM snapshot is related to. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a VM snapshot of disk and memory before an upgrade + ngine_io.cloudstack.cs_vmsnapshot: + name: Snapshot before upgrade + vm: web-01 + snapshot_memory: yes + +- name: Revert a VM to a snapshot after a failed upgrade + ngine_io.cloudstack.cs_vmsnapshot: + name: Snapshot before upgrade + vm: web-01 + state: revert + +- name: Remove a VM snapshot after successful upgrade + ngine_io.cloudstack.cs_vmsnapshot: + name: Snapshot before upgrade + vm: web-01 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the snapshot. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: Name of the snapshot. + returned: success + type: str + sample: snapshot before update +display_name: + description: Display name of the snapshot. + returned: success + type: str + sample: snapshot before update +created: + description: date of the snapshot. + returned: success + type: str + sample: 2015-03-29T14:57:06+0200 +current: + description: true if the snapshot is current + returned: success + type: bool + sample: True +state: + description: state of the vm snapshot + returned: success + type: str + sample: Allocated +type: + description: type of vm snapshot + returned: success + type: str + sample: DiskAndMemory +description: + description: description of vm snapshot + returned: success + type: str + sample: snapshot brought to you by Ansible +domain: + description: Domain the vm snapshot is related to. + returned: success + type: str + sample: example domain +account: + description: Account the vm snapshot is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the vm snapshot is related to. + returned: success + type: str + sample: Production +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackVmSnapshot(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVmSnapshot, self).__init__(module) + self.returns = { + 'type': 'type', + 'current': 'current', + } + + def get_snapshot(self): + args = { + 'virtualmachineid': self.get_vm('id'), + 'account': self.get_account('name'), + 'domainid': self.get_domain('id'), + 'projectid': self.get_project('id'), + 'name': self.module.params.get('name'), + } + snapshots = self.query_api('listVMSnapshot', **args) + if snapshots: + return snapshots['vmSnapshot'][0] + return None + + def create_snapshot(self): + snapshot = self.get_snapshot() + if not snapshot: + self.result['changed'] = True + + args = { + 'virtualmachineid': self.get_vm('id'), + 'name': self.module.params.get('name'), + 'description': self.module.params.get('description'), + 'snapshotmemory': self.module.params.get('snapshot_memory'), + } + if not self.module.check_mode: + res = self.query_api('createVMSnapshot', **args) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + snapshot = self.poll_job(res, 'vmsnapshot') + + if snapshot: + snapshot = self.ensure_tags(resource=snapshot, resource_type='Snapshot') + + return snapshot + + def remove_snapshot(self): + snapshot = self.get_snapshot() + if snapshot: + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('deleteVMSnapshot', vmsnapshotid=snapshot['id']) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + res = self.poll_job(res, 'vmsnapshot') + return snapshot + + def revert_vm_to_snapshot(self): + snapshot = self.get_snapshot() + if snapshot: + self.result['changed'] = True + + if snapshot['state'] != "Ready": + self.module.fail_json(msg="snapshot state is '%s', not ready, could not revert VM" % snapshot['state']) + + if not self.module.check_mode: + res = self.query_api('revertToVMSnapshot', vmsnapshotid=snapshot['id']) + + poll_async = self.module.params.get('poll_async') + if res and poll_async: + res = self.poll_job(res, 'vmsnapshot') + return snapshot + + self.module.fail_json(msg="snapshot not found, could not revert VM") + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True, aliases=['display_name']), + vm=dict(required=True), + description=dict(), + zone=dict(), + snapshot_memory=dict(type='bool', default=False), + state=dict(choices=['present', 'absent', 'revert'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_vmsnapshot = AnsibleCloudStackVmSnapshot(module) + + state = module.params.get('state') + if state in ['revert']: + snapshot = acs_vmsnapshot.revert_vm_to_snapshot() + elif state in ['absent']: + snapshot = acs_vmsnapshot.remove_snapshot() + else: + snapshot = acs_vmsnapshot.create_snapshot() + + result = acs_vmsnapshot.get_result(snapshot) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_volume.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_volume.py new file mode 100644 index 00000000..5947675c --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_volume.py @@ -0,0 +1,561 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2015, Jefferson Girão <jefferson@girao.net> +# Copyright (c) 2015, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_volume +short_description: Manages volumes on Apache CloudStack based clouds. +description: + - Create, destroy, attach, detach, extract or upload volumes. +author: + - Jefferson Girão (@jeffersongirao) + - René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the volume. + - I(name) can only contain ASCII letters. + type: str + required: true + account: + description: + - Account the volume is related to. + type: str + device_id: + description: + - ID of the device on a VM the volume is attached to. + - Only considered if I(state) is C(attached). + type: int + custom_id: + description: + - Custom id to the resource. + - Allowed to Root Admins only. + type: str + disk_offering: + description: + - Name of the disk offering to be used. + - Required one of I(disk_offering), I(snapshot) if volume is not already I(state=present). + type: str + display_volume: + description: + - Whether to display the volume to the end user or not. + - Allowed to Root Admins only. + type: bool + domain: + description: + - Name of the domain the volume to be deployed in. + type: str + max_iops: + description: + - Max iops + type: int + min_iops: + description: + - Min iops + type: int + project: + description: + - Name of the project the volume to be deployed in. + type: str + size: + description: + - Size of disk in GB + type: int + snapshot: + description: + - The snapshot name for the disk volume. + - Required one of I(disk_offering), I(snapshot) if volume is not already I(state=present). + type: str + force: + description: + - Force removal of volume even it is attached to a VM. + - Considered on I(state=absent) only. + default: no + type: bool + shrink_ok: + description: + - Whether to allow to shrink the volume. + default: no + type: bool + vm: + description: + - Name of the virtual machine to attach the volume to. + type: str + zone: + description: + - Name of the zone in which the volume should be deployed. + - If not set, default zone is used. + type: str + state: + description: + - State of the volume. + type: str + default: present + choices: [ present, absent, attached, detached, extracted, uploaded ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "To delete all tags, set a empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + url: + description: + - URL to which the volume would be extracted on I(state=extracted) + - or the URL where to download the volume on I(state=uploaded). + - Only considered if I(state) is C(extracted) or C(uploaded). + type: str + mode: + description: + - Mode for the volume extraction. + - Only considered if I(state=extracted). + type: str + choices: [ http_download, ftp_upload ] + default: http_download + format: + description: + - The format for the volume. + - Only considered if I(state=uploaded). + type: str + choices: [ QCOW2, RAW, VHD, VHDX, OVA ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: create volume within project and zone with specified storage options + ngine_io.cloudstack.cs_volume: + name: web-vm-1-volume + project: Integration + zone: ch-zrh-ix-01 + disk_offering: PerfPlus Storage + size: 20 + +- name: create/attach volume to instance + ngine_io.cloudstack.cs_volume: + name: web-vm-1-volume + disk_offering: PerfPlus Storage + size: 20 + vm: web-vm-1 + state: attached + +- name: detach volume + ngine_io.cloudstack.cs_volume: + name: web-vm-1-volume + state: detached + +- name: remove volume + ngine_io.cloudstack.cs_volume: + name: web-vm-1-volume + state: absent + +- name: Extract DATA volume to make it downloadable + ngine_io.cloudstack.cs_volume: + state: extracted + name: web-vm-1-volume + register: data_vol_out + +- name: Create new volume by downloading source volume + ngine_io.cloudstack.cs_volume: + state: uploaded + name: web-vm-1-volume-2 + format: VHD + url: "{{ data_vol_out.url }}" +''' + +RETURN = ''' +id: + description: ID of the volume. + returned: success + type: str + sample: +name: + description: Name of the volume. + returned: success + type: str + sample: web-volume-01 +display_name: + description: Display name of the volume. + returned: success + type: str + sample: web-volume-01 +group: + description: Group the volume belongs to + returned: success + type: str + sample: web +domain: + description: Domain the volume belongs to + returned: success + type: str + sample: example domain +project: + description: Project the volume belongs to + returned: success + type: str + sample: Production +zone: + description: Name of zone the volume is in. + returned: success + type: str + sample: ch-gva-2 +created: + description: Date of the volume was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +attached: + description: Date of the volume was attached. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +type: + description: Disk volume type. + returned: success + type: str + sample: DATADISK +size: + description: Size of disk volume. + returned: success + type: int + sample: 20 +vm: + description: Name of the vm the volume is attached to (not returned when detached) + returned: success + type: str + sample: web-01 +state: + description: State of the volume + returned: success + type: str + sample: Attached +device_id: + description: Id of the device on user vm the volume is attached to (not returned when detached) + returned: success + type: int + sample: 1 +url: + description: The url of the uploaded volume or the download url depending extraction mode. + returned: success when I(state=extracted) + type: str + sample: http://1.12.3.4/userdata/387e2c7c-7c42-4ecc-b4ed-84e8367a1965.vhd +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_required_together, + cs_argument_spec +) + + +class AnsibleCloudStackVolume(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVolume, self).__init__(module) + self.returns = { + 'group': 'group', + 'attached': 'attached', + 'vmname': 'vm', + 'deviceid': 'device_id', + 'type': 'type', + 'size': 'size', + 'url': 'url', + } + self.volume = None + + def get_volume(self): + if not self.volume: + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'displayvolume': self.module.params.get('display_volume'), + 'type': 'DATADISK', + 'fetch_list': True, + } + # Do not filter on DATADISK when state=extracted + if self.module.params.get('state') == 'extracted': + del args['type'] + + volumes = self.query_api('listVolumes', **args) + if volumes: + volume_name = self.module.params.get('name') + for v in volumes: + if volume_name.lower() == v['name'].lower(): + self.volume = v + break + return self.volume + + def get_snapshot(self, key=None): + snapshot = self.module.params.get('snapshot') + if not snapshot: + return None + + args = { + 'name': snapshot, + 'account': self.get_account('name'), + 'domainid': self.get_domain('id'), + 'projectid': self.get_project('id'), + } + snapshots = self.query_api('listSnapshots', **args) + if snapshots: + return self._get_by_key(key, snapshots['snapshot'][0]) + self.module.fail_json(msg="Snapshot with name %s not found" % snapshot) + + def present_volume(self): + volume = self.get_volume() + if volume: + volume = self.update_volume(volume) + else: + disk_offering_id = self.get_disk_offering(key='id') + snapshot_id = self.get_snapshot(key='id') + + if not disk_offering_id and not snapshot_id: + self.module.fail_json(msg="Required one of: disk_offering,snapshot") + + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'diskofferingid': disk_offering_id, + 'displayvolume': self.module.params.get('display_volume'), + 'maxiops': self.module.params.get('max_iops'), + 'miniops': self.module.params.get('min_iops'), + 'projectid': self.get_project(key='id'), + 'size': self.module.params.get('size'), + 'snapshotid': snapshot_id, + 'zoneid': self.get_zone(key='id') + } + if not self.module.check_mode: + res = self.query_api('createVolume', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + if volume: + volume = self.ensure_tags(resource=volume, resource_type='Volume') + self.volume = volume + + return volume + + def attached_volume(self): + volume = self.present_volume() + + if volume: + if volume.get('virtualmachineid') != self.get_vm(key='id'): + self.result['changed'] = True + + if not self.module.check_mode: + volume = self.detached_volume() + + if 'attached' not in volume: + self.result['changed'] = True + + args = { + 'id': volume['id'], + 'virtualmachineid': self.get_vm(key='id'), + 'deviceid': self.module.params.get('device_id'), + } + if not self.module.check_mode: + res = self.query_api('attachVolume', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + return volume + + def detached_volume(self): + volume = self.present_volume() + + if volume: + if 'attached' not in volume: + return volume + + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('detachVolume', id=volume['id']) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + return volume + + def absent_volume(self): + volume = self.get_volume() + + if volume: + if 'attached' in volume and not self.module.params.get('force'): + self.module.fail_json(msg="Volume '%s' is attached, use force=true for detaching and removing the volume." % volume.get('name')) + + self.result['changed'] = True + if not self.module.check_mode: + volume = self.detached_volume() + res = self.query_api('deleteVolume', id=volume['id']) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'volume') + + return volume + + def update_volume(self, volume): + args_resize = { + 'id': volume['id'], + 'diskofferingid': self.get_disk_offering(key='id'), + 'maxiops': self.module.params.get('max_iops'), + 'miniops': self.module.params.get('min_iops'), + 'size': self.module.params.get('size') + } + # change unit from bytes to giga bytes to compare with args + volume_copy = volume.copy() + volume_copy['size'] = volume_copy['size'] / (2**30) + + if self.has_changed(args_resize, volume_copy): + + self.result['changed'] = True + if not self.module.check_mode: + args_resize['shrinkok'] = self.module.params.get('shrink_ok') + res = self.query_api('resizeVolume', **args_resize) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + self.volume = volume + + return volume + + def extract_volume(self): + volume = self.get_volume() + if not volume: + self.module.fail_json(msg="Failed: volume not found") + + args = { + 'id': volume['id'], + 'url': self.module.params.get('url'), + 'mode': self.module.params.get('mode').upper(), + 'zoneid': self.get_zone(key='id') + } + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('extractVolume', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + self.volume = volume + + return volume + + def upload_volume(self): + volume = self.get_volume() + if not volume: + disk_offering_id = self.get_disk_offering(key='id') + + self.result['changed'] = True + + args = { + 'name': self.module.params.get('name'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'format': self.module.params.get('format'), + 'url': self.module.params.get('url'), + 'diskofferingid': disk_offering_id, + } + if not self.module.check_mode: + res = self.query_api('uploadVolume', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + volume = self.poll_job(res, 'volume') + if volume: + volume = self.ensure_tags(resource=volume, resource_type='Volume') + self.volume = volume + + return volume + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + disk_offering=dict(), + display_volume=dict(type='bool'), + max_iops=dict(type='int'), + min_iops=dict(type='int'), + size=dict(type='int'), + snapshot=dict(), + vm=dict(), + device_id=dict(type='int'), + custom_id=dict(), + force=dict(type='bool', default=False), + shrink_ok=dict(type='bool', default=False), + state=dict(default='present', choices=[ + 'present', + 'absent', + 'attached', + 'detached', + 'extracted', + 'uploaded', + ]), + zone=dict(), + domain=dict(), + account=dict(), + project=dict(), + poll_async=dict(type='bool', default=True), + tags=dict(type='list', elements='dict', aliases=['tag']), + url=dict(), + mode=dict(choices=['http_download', 'ftp_upload'], default='http_download'), + format=dict(choices=['QCOW2', 'RAW', 'VHD', 'VHDX', 'OVA']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + mutually_exclusive=( + ['snapshot', 'disk_offering'], + ), + required_if=[ + ('state', 'uploaded', ['url', 'format']), + ], + supports_check_mode=True + ) + + acs_vol = AnsibleCloudStackVolume(module) + + state = module.params.get('state') + + if state in ['absent']: + volume = acs_vol.absent_volume() + elif state in ['attached']: + volume = acs_vol.attached_volume() + elif state in ['detached']: + volume = acs_vol.detached_volume() + elif state == 'extracted': + volume = acs_vol.extract_volume() + elif state == 'uploaded': + volume = acs_vol.upload_volume() + else: + volume = acs_vol.present_volume() + + result = acs_vol.get_result(volume) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc.py new file mode 100644 index 00000000..45837dd2 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc.py @@ -0,0 +1,391 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_vpc +short_description: "Manages VPCs on Apache CloudStack based clouds." +description: + - Create, update and delete VPCs. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the VPC. + type: str + required: true + display_text: + description: + - Display text of the VPC. + - If not set, I(name) will be used for creating. + type: str + cidr: + description: + - CIDR of the VPC, e.g. 10.1.0.0/16 + - All VPC guest networks' CIDRs must be within this CIDR. + - Required on I(state=present). + type: str + network_domain: + description: + - Network domain for the VPC. + - All networks inside the VPC will belong to this domain. + - Only considered while creating the VPC, can not be changed. + type: str + vpc_offering: + description: + - Name of the VPC offering. + - If not set, default VPC offering is used. + type: str + clean_up: + description: + - Whether to redeploy a VPC router or not when I(state=restarted) + type: bool + state: + description: + - State of the VPC. + - The state C(present) creates a started VPC. + - The state C(stopped) is only considered while creating the VPC, added in version 2.6. + type: str + default: present + choices: + - present + - absent + - stopped + - restarted + domain: + description: + - Domain the VPC is related to. + type: str + account: + description: + - Account the VPC is related to. + type: str + project: + description: + - Name of the project the VPC is related to. + type: str + zone: + description: + - Name of the zone. + - If not set, default zone is used. + type: str + tags: + description: + - List of tags. Tags are a list of dictionaries having keys I(key) and I(value). + - "For deleting all tags, set an empty list e.g. I(tags: [])." + type: list + elements: dict + aliases: [ tag ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a VPC is present but not started after creating + ngine_io.cloudstack.cs_vpc: + name: my_vpc + display_text: My example VPC + cidr: 10.10.0.0/16 + state: stopped + +- name: Ensure a VPC is present and started after creating + ngine_io.cloudstack.cs_vpc: + name: my_vpc + display_text: My example VPC + cidr: 10.10.0.0/16 + +- name: Ensure a VPC is absent + ngine_io.cloudstack.cs_vpc: + name: my_vpc + state: absent + +- name: Ensure a VPC is restarted with clean up + ngine_io.cloudstack.cs_vpc: + name: my_vpc + clean_up: yes + state: restarted +''' + +RETURN = ''' +--- +id: + description: "UUID of the VPC." + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: "Name of the VPC." + returned: success + type: str + sample: my_vpc +display_text: + description: "Display text of the VPC." + returned: success + type: str + sample: My example VPC +cidr: + description: "CIDR of the VPC." + returned: success + type: str + sample: 10.10.0.0/16 +network_domain: + description: "Network domain of the VPC." + returned: success + type: str + sample: example.com +region_level_vpc: + description: "Whether the VPC is region level or not." + returned: success + type: bool + sample: true +restart_required: + description: "Whether the VPC router needs a restart or not." + returned: success + type: bool + sample: true +distributed_vpc_router: + description: "Whether the VPC uses distributed router or not." + returned: success + type: bool + sample: true +redundant_vpc_router: + description: "Whether the VPC has redundant routers or not." + returned: success + type: bool + sample: true +domain: + description: "Domain the VPC is related to." + returned: success + type: str + sample: example domain +account: + description: "Account the VPC is related to." + returned: success + type: str + sample: example account +project: + description: "Name of project the VPC is related to." + returned: success + type: str + sample: Production +zone: + description: "Name of zone the VPC is in." + returned: success + type: str + sample: ch-gva-2 +state: + description: "State of the VPC." + returned: success + type: str + sample: Enabled +tags: + description: "List of resource tags associated with the VPC." + returned: success + type: list + sample: '[ { "key": "foo", "value": "bar" } ]' +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackVpc(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVpc, self).__init__(module) + self.returns = { + 'cidr': 'cidr', + 'networkdomain': 'network_domain', + 'redundantvpcrouter': 'redundant_vpc_router', + 'distributedvpcrouter': 'distributed_vpc_router', + 'regionlevelvpc': 'region_level_vpc', + 'restartrequired': 'restart_required', + } + self.vpc = None + + def get_vpc_offering(self, key=None): + vpc_offering = self.module.params.get('vpc_offering') + args = { + 'state': 'Enabled', + } + if vpc_offering: + args['name'] = vpc_offering + fail_msg = "VPC offering not found or not enabled: %s" % vpc_offering + else: + args['isdefault'] = True + fail_msg = "No enabled default VPC offering found" + + vpc_offerings = self.query_api('listVPCOfferings', **args) + if vpc_offerings: + # The API name argument filter also matches substrings, we have to + # iterate over the results to get an exact match + for vo in vpc_offerings['vpcoffering']: + if 'name' in args: + if args['name'] == vo['name']: + return self._get_by_key(key, vo) + # Return the first offering found, if not queried for the name + else: + return self._get_by_key(key, vo) + self.module.fail_json(msg=fail_msg) + + def get_vpc(self): + if self.vpc: + return self.vpc + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'fetch_list': True, + } + vpcs = self.query_api('listVPCs', **args) + if vpcs: + vpc_name = self.module.params.get('name') + for v in vpcs: + if vpc_name in [v['name'], v['displaytext'], v['id']]: + # Fail if the identifier matches more than one VPC + if self.vpc: + self.module.fail_json(msg="More than one VPC found with the provided identifyer: %s" % vpc_name) + else: + self.vpc = v + return self.vpc + + def restart_vpc(self): + self.result['changed'] = True + vpc = self.get_vpc() + if vpc and not self.module.check_mode: + args = { + 'id': vpc['id'], + 'cleanup': self.module.params.get('clean_up'), + } + res = self.query_api('restartVPC', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'vpc') + return vpc + + def present_vpc(self): + vpc = self.get_vpc() + if not vpc: + vpc = self._create_vpc(vpc) + else: + vpc = self._update_vpc(vpc) + + if vpc: + vpc = self.ensure_tags(resource=vpc, resource_type='Vpc') + return vpc + + def _create_vpc(self, vpc): + self.result['changed'] = True + args = { + 'name': self.module.params.get('name'), + 'displaytext': self.get_or_fallback('display_text', 'name'), + 'networkdomain': self.module.params.get('network_domain'), + 'vpcofferingid': self.get_vpc_offering(key='id'), + 'cidr': self.module.params.get('cidr'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'zoneid': self.get_zone(key='id'), + 'start': self.module.params.get('state') != 'stopped' + } + self.result['diff']['after'] = args + if not self.module.check_mode: + res = self.query_api('createVPC', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + vpc = self.poll_job(res, 'vpc') + return vpc + + def _update_vpc(self, vpc): + args = { + 'id': vpc['id'], + 'displaytext': self.module.params.get('display_text'), + } + if self.has_changed(args, vpc): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateVPC', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + vpc = self.poll_job(res, 'vpc') + return vpc + + def absent_vpc(self): + vpc = self.get_vpc() + if vpc: + self.result['changed'] = True + self.result['diff']['before'] = vpc + if not self.module.check_mode: + res = self.query_api('deleteVPC', id=vpc['id']) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'vpc') + return vpc + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + cidr=dict(), + display_text=dict(), + vpc_offering=dict(), + network_domain=dict(), + clean_up=dict(type='bool'), + state=dict(choices=['present', 'absent', 'stopped', 'restarted'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + tags=dict(type='list', elements='dict', aliases=['tag']), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + required_if=[ + ('state', 'present', ['cidr']), + ], + supports_check_mode=True, + ) + + acs_vpc = AnsibleCloudStackVpc(module) + + state = module.params.get('state') + if state == 'absent': + vpc = acs_vpc.absent_vpc() + elif state == 'restarted': + vpc = acs_vpc.restart_vpc() + else: + vpc = acs_vpc.present_vpc() + + result = acs_vpc.get_result(vpc) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc_offering.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc_offering.py new file mode 100644 index 00000000..be129a1e --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpc_offering.py @@ -0,0 +1,319 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, David Passante (@dpassante) +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_vpc_offering +short_description: Manages vpc offerings on Apache CloudStack based clouds. +description: + - Create, update, enable, disable and remove CloudStack VPC offerings. +author: David Passante (@dpassante) +version_added: 0.1.0 +options: + name: + description: + - The name of the vpc offering + type: str + required: true + state: + description: + - State of the vpc offering. + type: str + choices: [ enabled, present, disabled, absent ] + default: present + display_text: + description: + - Display text of the vpc offerings + type: str + service_capabilities: + description: + - Desired service capabilities as part of vpc offering. + type: list + elements: dict + aliases: [ service_capability ] + service_offering: + description: + - The name or ID of the service offering for the VPC router appliance. + type: str + supported_services: + description: + - Services supported by the vpc offering + type: list + elements: str + aliases: [ supported_service ] + service_providers: + description: + - provider to service mapping. If not specified, the provider for the service will be mapped to the default provider on the physical network + type: list + elements: dict + aliases: [ service_provider ] + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Create a vpc offering and enable it + ngine_io.cloudstack.cs_vpc_offering: + name: my_vpc_offering + display_text: vpc offering description + state: enabled + supported_services: [ Dns, Dhcp ] + service_providers: + - {service: 'dns', provider: 'VpcVirtualRouter'} + - {service: 'dhcp', provider: 'VpcVirtualRouter'} + +- name: Create a vpc offering with redundant router + ngine_io.cloudstack.cs_vpc_offering: + name: my_vpc_offering + display_text: vpc offering description + supported_services: [ Dns, Dhcp, SourceNat ] + service_providers: + - {service: 'dns', provider: 'VpcVirtualRouter'} + - {service: 'dhcp', provider: 'VpcVirtualRouter'} + - {service: 'SourceNat', provider: 'VpcVirtualRouter'} + service_capabilities: + - {service: 'SourceNat', capabilitytype: 'RedundantRouter', capabilityvalue: true} + +- name: Create a region level vpc offering with distributed router + ngine_io.cloudstack.cs_vpc_offering: + name: my_vpc_offering + display_text: vpc offering description + state: present + supported_services: [ Dns, Dhcp, SourceNat ] + service_providers: + - {service: 'dns', provider: 'VpcVirtualRouter'} + - {service: 'dhcp', provider: 'VpcVirtualRouter'} + - {service: 'SourceNat', provider: 'VpcVirtualRouter'} + service_capabilities: + - {service: 'Connectivity', capabilitytype: 'DistributedRouter', capabilityvalue: true} + - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC', capabilityvalue: true} + +- name: Remove a vpc offering + ngine_io.cloudstack.cs_vpc_offering: + name: my_vpc_offering + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the vpc offering. + returned: success + type: str + sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f +name: + description: The name of the vpc offering + returned: success + type: str + sample: MyCustomVPCOffering +display_text: + description: The display text of the vpc offering + returned: success + type: str + sample: My vpc offering +state: + description: The state of the vpc offering + returned: success + type: str + sample: Enabled +service_offering_id: + description: The service offering ID. + returned: success + type: str + sample: c5f7a5fc-43f8-11e5-a151-feff819cdc9f +is_default: + description: Whether VPC offering is the default offering or not. + returned: success + type: bool + sample: false +region_level: + description: Indicated if the offering can support region level vpc. + returned: success + type: bool + sample: false +distributed: + description: Indicates if the vpc offering supports distributed router for one-hop forwarding. + returned: success + type: bool + sample: false +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackVPCOffering(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVPCOffering, self).__init__(module) + self.returns = { + 'serviceofferingid': 'service_offering_id', + 'isdefault': 'is_default', + 'distributedvpcrouter': 'distributed', + 'supportsregionLevelvpc': 'region_level', + } + self.vpc_offering = None + + def get_vpc_offering(self): + if self.vpc_offering: + return self.vpc_offering + + args = { + 'name': self.module.params.get('name'), + } + vo = self.query_api('listVPCOfferings', **args) + + if vo: + for vpc_offer in vo['vpcoffering']: + if args['name'] == vpc_offer['name']: + self.vpc_offering = vpc_offer + + return self.vpc_offering + + def get_service_offering_id(self): + service_offering = self.module.params.get('service_offering') + if not service_offering: + return None + + args = { + 'issystem': True + } + + service_offerings = self.query_api('listServiceOfferings', **args) + if service_offerings: + for s in service_offerings['serviceoffering']: + if service_offering in [s['name'], s['id']]: + return s['id'] + self.fail_json(msg="Service offering '%s' not found" % service_offering) + + def create_or_update(self): + vpc_offering = self.get_vpc_offering() + + if not vpc_offering: + vpc_offering = self.create_vpc_offering() + + return self.update_vpc_offering(vpc_offering) + + def create_vpc_offering(self): + vpc_offering = None + self.result['changed'] = True + args = { + 'name': self.module.params.get('name'), + 'state': self.module.params.get('state'), + 'displaytext': self.module.params.get('display_text'), + 'supportedservices': self.module.params.get('supported_services'), + 'serviceproviderlist': self.module.params.get('service_providers'), + 'serviceofferingid': self.get_service_offering_id(), + 'servicecapabilitylist': self.module.params.get('service_capabilities'), + } + + required_params = [ + 'display_text', + 'supported_services', + ] + self.module.fail_on_missing_params(required_params=required_params) + + if not self.module.check_mode: + res = self.query_api('createVPCOffering', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpc_offering = self.poll_job(res, 'vpcoffering') + + return vpc_offering + + def delete_vpc_offering(self): + vpc_offering = self.get_vpc_offering() + + if vpc_offering: + self.result['changed'] = True + + args = { + 'id': vpc_offering['id'], + } + + if not self.module.check_mode: + res = self.query_api('deleteVPCOffering', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpc_offering = self.poll_job(res, 'vpcoffering') + + return vpc_offering + + def update_vpc_offering(self, vpc_offering): + if not vpc_offering: + return vpc_offering + + args = { + 'id': vpc_offering['id'], + 'state': self.module.params.get('state'), + 'name': self.module.params.get('name'), + 'displaytext': self.module.params.get('display_text'), + } + + if args['state'] in ['enabled', 'disabled']: + args['state'] = args['state'].title() + else: + del args['state'] + + if self.has_changed(args, vpc_offering): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateVPCOffering', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpc_offering = self.poll_job(res, 'vpcoffering') + + return vpc_offering + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + display_text=dict(), + state=dict(choices=['enabled', 'present', 'disabled', 'absent'], default='present'), + service_capabilities=dict(type='list', elements='dict', aliases=['service_capability']), + service_offering=dict(), + supported_services=dict(type='list', elements='str', aliases=['supported_service']), + service_providers=dict(type='list', elements='dict', aliases=['service_provider']), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_vpc_offering = AnsibleCloudStackVPCOffering(module) + + state = module.params.get('state') + if state in ['absent']: + vpc_offering = acs_vpc_offering.delete_vpc_offering() + else: + vpc_offering = acs_vpc_offering.create_or_update() + + result = acs_vpc_offering.get_result(vpc_offering) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_connection.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_connection.py new file mode 100644 index 00000000..4f77b561 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_connection.py @@ -0,0 +1,349 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = r''' +--- +module: cs_vpn_connection +short_description: Manages site-to-site VPN connections on Apache CloudStack based clouds. +description: + - Create and remove VPN connections. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + vpc: + description: + - Name of the VPC the VPN connection is related to. + type: str + required: true + vpn_customer_gateway: + description: + - Name of the VPN customer gateway. + type: str + required: true + passive: + description: + - State of the VPN connection. + - Only considered when I(state=present). + default: no + type: bool + force: + description: + - Activate the VPN gateway if not already activated on I(state=present). + - Also see M(cs_vpn_gateway). + default: no + type: bool + state: + description: + - State of the VPN connection. + type: str + default: present + choices: [ present, absent ] + zone: + description: + - Name of the zone the VPC is related to. + - If not set, default zone is used. + type: str + domain: + description: + - Domain the VPN connection is related to. + type: str + account: + description: + - Account the VPN connection is related to. + type: str + project: + description: + - Name of the project the VPN connection is related to. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = r''' +- name: Create a VPN connection with activated VPN gateway + ngine_io.cloudstack.cs_vpn_connection: + vpn_customer_gateway: my vpn connection + vpc: my vpc + +- name: Create a VPN connection and force VPN gateway activation + ngine_io.cloudstack.cs_vpn_connection: + vpn_customer_gateway: my vpn connection + vpc: my vpc + force: yes + +- name: Remove a vpn connection + ngine_io.cloudstack.cs_vpn_connection: + vpn_customer_gateway: my vpn connection + vpc: my vpc + state: absent +''' + +RETURN = r''' +--- +id: + description: UUID of the VPN connection. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +vpn_gateway_id: + description: UUID of the VPN gateway. + returned: success + type: str + sample: 04589590-ac63-93f5-4ffc-b698b8ac38b6 +domain: + description: Domain the VPN connection is related to. + returned: success + type: str + sample: example domain +account: + description: Account the VPN connection is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the VPN connection is related to. + returned: success + type: str + sample: Production +created: + description: Date the connection was created. + returned: success + type: str + sample: 2014-12-01T14:57:57+0100 +dpd: + description: Whether dead pear detection is enabled or not. + returned: success + type: bool + sample: true +esp_lifetime: + description: Lifetime in seconds of phase 2 VPN connection. + returned: success + type: int + sample: 86400 +esp_policy: + description: IKE policy of the VPN connection. + returned: success + type: str + sample: aes256-sha1;modp1536 +force_encap: + description: Whether encapsulation for NAT traversal is enforced or not. + returned: success + type: bool + sample: true +ike_lifetime: + description: Lifetime in seconds of phase 1 VPN connection. + returned: success + type: int + sample: 86400 +ike_policy: + description: ESP policy of the VPN connection. + returned: success + type: str + sample: aes256-sha1;modp1536 +cidrs: + description: List of CIDRs of the customer gateway. + returned: success + type: list + sample: [ 10.10.10.0/24 ] +passive: + description: Whether the connection is passive or not. + returned: success + type: bool + sample: false +public_ip: + description: IP address of the VPN gateway. + returned: success + type: str + sample: 10.100.212.10 +gateway: + description: IP address of the VPN customer gateway. + returned: success + type: str + sample: 10.101.214.10 +state: + description: State of the VPN connection. + returned: success + type: str + sample: Connected +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackVpnConnection(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVpnConnection, self).__init__(module) + self.returns = { + 'dpd': 'dpd', + 'esplifetime': 'esp_lifetime', + 'esppolicy': 'esp_policy', + 'gateway': 'gateway', + 'ikepolicy': 'ike_policy', + 'ikelifetime': 'ike_lifetime', + 'publicip': 'public_ip', + 'passive': 'passive', + 's2svpngatewayid': 'vpn_gateway_id', + } + self.vpn_customer_gateway = None + + def get_vpn_customer_gateway(self, key=None, identifier=None, refresh=False): + if not refresh and self.vpn_customer_gateway: + return self._get_by_key(key, self.vpn_customer_gateway) + + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'fetch_list': True, + } + + vpn_customer_gateway = identifier or self.module.params.get('vpn_customer_gateway') + vcgws = self.query_api('listVpnCustomerGateways', **args) + if vcgws: + for vcgw in vcgws: + if vpn_customer_gateway.lower() in [vcgw['id'], vcgw['name'].lower()]: + self.vpn_customer_gateway = vcgw + return self._get_by_key(key, self.vpn_customer_gateway) + self.fail_json(msg="VPN customer gateway not found: %s" % vpn_customer_gateway) + + def get_vpn_gateway(self, key=None): + args = { + 'vpcid': self.get_vpc(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + } + vpn_gateways = self.query_api('listVpnGateways', **args) + if vpn_gateways: + return self._get_by_key(key, vpn_gateways['vpngateway'][0]) + + elif self.module.params.get('force'): + if self.module.check_mode: + return {} + res = self.query_api('createVpnGateway', **args) + vpn_gateway = self.poll_job(res, 'vpngateway') + return self._get_by_key(key, vpn_gateway) + + self.fail_json(msg="VPN gateway not found and not forced to create one") + + def get_vpn_connection(self): + args = { + 'vpcid': self.get_vpc(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + } + + vpn_conns = self.query_api('listVpnConnections', **args) + if vpn_conns: + for vpn_conn in vpn_conns['vpnconnection']: + if self.get_vpn_customer_gateway(key='id') == vpn_conn['s2scustomergatewayid']: + return vpn_conn + + def present_vpn_connection(self): + vpn_conn = self.get_vpn_connection() + + args = { + 's2scustomergatewayid': self.get_vpn_customer_gateway(key='id'), + 's2svpngatewayid': self.get_vpn_gateway(key='id'), + 'passive': self.module.params.get('passive'), + } + + if not vpn_conn: + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('createVpnConnection', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpn_conn = self.poll_job(res, 'vpnconnection') + + return vpn_conn + + def absent_vpn_connection(self): + vpn_conn = self.get_vpn_connection() + + if vpn_conn: + self.result['changed'] = True + + args = { + 'id': vpn_conn['id'] + } + + if not self.module.check_mode: + res = self.query_api('deleteVpnConnection', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'vpnconnection') + + return vpn_conn + + def get_result(self, vpn_conn): + super(AnsibleCloudStackVpnConnection, self).get_result(vpn_conn) + if vpn_conn: + if 'cidrlist' in vpn_conn: + self.result['cidrs'] = vpn_conn['cidrlist'].split(',') or [vpn_conn['cidrlist']] + # Ensure we return a bool + self.result['force_encap'] = True if vpn_conn.get('forceencap') else False + args = { + 'key': 'name', + 'identifier': vpn_conn['s2scustomergatewayid'], + 'refresh': True, + } + self.result['vpn_customer_gateway'] = self.get_vpn_customer_gateway(**args) + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + vpn_customer_gateway=dict(required=True), + vpc=dict(required=True), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + passive=dict(type='bool', default=False), + force=dict(type='bool', default=False), + state=dict(choices=['present', 'absent'], default='present'), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_vpn_conn = AnsibleCloudStackVpnConnection(module) + + state = module.params.get('state') + if state == "absent": + vpn_conn = acs_vpn_conn.absent_vpn_connection() + else: + vpn_conn = acs_vpn_conn.present_vpn_connection() + + result = acs_vpn_conn.get_result(vpn_conn) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_customer_gateway.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_customer_gateway.py new file mode 100644 index 00000000..915784cc --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_customer_gateway.py @@ -0,0 +1,343 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +DOCUMENTATION = r''' +--- +module: cs_vpn_customer_gateway +short_description: Manages site-to-site VPN customer gateway configurations on Apache CloudStack based clouds. +description: + - Create, update and remove VPN customer gateways. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the gateway. + type: str + required: true + cidrs: + description: + - List of guest CIDRs behind the gateway. + - Required if I(state=present). + type: list + elements: str + aliases: [ cidr ] + gateway: + description: + - Public IP address of the gateway. + - Required if I(state=present). + type: str + esp_policy: + description: + - ESP policy in the format e.g. C(aes256-sha1;modp1536). + - Required if I(state=present). + type: str + ike_policy: + description: + - IKE policy in the format e.g. C(aes256-sha1;modp1536). + - Required if I(state=present). + type: str + ipsec_psk: + description: + - IPsec Preshared-Key. + - Cannot contain newline or double quotes. + - Required if I(state=present). + type: str + ike_lifetime: + description: + - Lifetime in seconds of phase 1 VPN connection. + - Defaulted to 86400 by the API on creation if not set. + type: int + esp_lifetime: + description: + - Lifetime in seconds of phase 2 VPN connection. + - Defaulted to 3600 by the API on creation if not set. + type: int + dpd: + description: + - Enable Dead Peer Detection. + - Disabled per default by the API on creation if not set. + type: bool + force_encap: + description: + - Force encapsulation for NAT traversal. + - Disabled per default by the API on creation if not set. + type: bool + state: + description: + - State of the VPN customer gateway. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the VPN customer gateway is related to. + type: str + account: + description: + - Account the VPN customer gateway is related to. + type: str + project: + description: + - Name of the project the VPN gateway is related to. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + default: yes + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = r''' +- name: Create a vpn customer gateway + ngine_io.cloudstack.cs_vpn_customer_gateway: + name: my vpn customer gateway + cidrs: + - 192.168.123.0/24 + - 192.168.124.0/24 + esp_policy: aes256-sha1;modp1536 + gateway: 10.10.1.1 + ike_policy: aes256-sha1;modp1536 + ipsec_psk: "S3cr3Tk3Y" + +- name: Remove a vpn customer gateway + ngine_io.cloudstack.cs_vpn_customer_gateway: + name: my vpn customer gateway + state: absent +''' + +RETURN = r''' +--- +id: + description: UUID of the VPN customer gateway. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +gateway: + description: IP address of the VPN customer gateway. + returned: success + type: str + sample: 10.100.212.10 +domain: + description: Domain the VPN customer gateway is related to. + returned: success + type: str + sample: example domain +account: + description: Account the VPN customer gateway is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the VPN customer gateway is related to. + returned: success + type: str + sample: Production +dpd: + description: Whether dead pear detection is enabled or not. + returned: success + type: bool + sample: true +esp_lifetime: + description: Lifetime in seconds of phase 2 VPN connection. + returned: success + type: int + sample: 86400 +esp_policy: + description: IKE policy of the VPN customer gateway. + returned: success + type: str + sample: aes256-sha1;modp1536 +force_encap: + description: Whether encapsulation for NAT traversal is enforced or not. + returned: success + type: bool + sample: true +ike_lifetime: + description: Lifetime in seconds of phase 1 VPN connection. + returned: success + type: int + sample: 86400 +ike_policy: + description: ESP policy of the VPN customer gateway. + returned: success + type: str + sample: aes256-sha1;modp1536 +name: + description: Name of this customer gateway. + returned: success + type: str + sample: my vpn customer gateway +cidrs: + description: List of CIDRs of this customer gateway. + returned: success + type: list + sample: [ 10.10.10.0/24 ] +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackVpnCustomerGateway(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVpnCustomerGateway, self).__init__(module) + self.returns = { + 'dpd': 'dpd', + 'esplifetime': 'esp_lifetime', + 'esppolicy': 'esp_policy', + 'gateway': 'gateway', + 'ikepolicy': 'ike_policy', + 'ikelifetime': 'ike_lifetime', + 'ipaddress': 'ip_address', + } + + def _common_args(self): + return { + 'name': self.module.params.get('name'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'cidrlist': ','.join(self.module.params.get('cidrs')) if self.module.params.get('cidrs') is not None else None, + 'esppolicy': self.module.params.get('esp_policy'), + 'esplifetime': self.module.params.get('esp_lifetime'), + 'ikepolicy': self.module.params.get('ike_policy'), + 'ikelifetime': self.module.params.get('ike_lifetime'), + 'ipsecpsk': self.module.params.get('ipsec_psk'), + 'dpd': self.module.params.get('dpd'), + 'forceencap': self.module.params.get('force_encap'), + 'gateway': self.module.params.get('gateway'), + } + + def get_vpn_customer_gateway(self): + args = { + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id'), + 'fetch_list': True, + } + vpn_customer_gateway = self.module.params.get('name') + vpn_customer_gateways = self.query_api('listVpnCustomerGateways', **args) + if vpn_customer_gateways: + for vgw in vpn_customer_gateways: + if vpn_customer_gateway.lower() in [vgw['id'], vgw['name'].lower()]: + return vgw + + def present_vpn_customer_gateway(self): + vpn_customer_gateway = self.get_vpn_customer_gateway() + required_params = [ + 'cidrs', + 'esp_policy', + 'gateway', + 'ike_policy', + 'ipsec_psk', + ] + self.module.fail_on_missing_params(required_params=required_params) + + if not vpn_customer_gateway: + vpn_customer_gateway = self._create_vpn_customer_gateway(vpn_customer_gateway) + else: + vpn_customer_gateway = self._update_vpn_customer_gateway(vpn_customer_gateway) + + return vpn_customer_gateway + + def _create_vpn_customer_gateway(self, vpn_customer_gateway): + self.result['changed'] = True + args = self._common_args() + if not self.module.check_mode: + res = self.query_api('createVpnCustomerGateway', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpn_customer_gateway = self.poll_job(res, 'vpncustomergateway') + return vpn_customer_gateway + + def _update_vpn_customer_gateway(self, vpn_customer_gateway): + args = self._common_args() + args.update({'id': vpn_customer_gateway['id']}) + if self.has_changed(args, vpn_customer_gateway, skip_diff_for_keys=['ipsecpsk']): + self.result['changed'] = True + if not self.module.check_mode: + res = self.query_api('updateVpnCustomerGateway', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + vpn_customer_gateway = self.poll_job(res, 'vpncustomergateway') + return vpn_customer_gateway + + def absent_vpn_customer_gateway(self): + vpn_customer_gateway = self.get_vpn_customer_gateway() + if vpn_customer_gateway: + self.result['changed'] = True + args = { + 'id': vpn_customer_gateway['id'] + } + if not self.module.check_mode: + res = self.query_api('deleteVpnCustomerGateway', **args) + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'vpncustomergateway') + + return vpn_customer_gateway + + def get_result(self, vpn_customer_gateway): + super(AnsibleCloudStackVpnCustomerGateway, self).get_result(vpn_customer_gateway) + if vpn_customer_gateway: + if 'cidrlist' in vpn_customer_gateway: + self.result['cidrs'] = vpn_customer_gateway['cidrlist'].split(',') or [vpn_customer_gateway['cidrlist']] + # Ensure we return a bool + self.result['force_encap'] = True if vpn_customer_gateway.get('forceencap') else False + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + name=dict(required=True), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + cidrs=dict(type='list', elements='str', aliases=['cidr']), + esp_policy=dict(), + esp_lifetime=dict(type='int'), + gateway=dict(), + ike_policy=dict(), + ike_lifetime=dict(type='int'), + ipsec_psk=dict(no_log=True), + dpd=dict(type='bool'), + force_encap=dict(type='bool'), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_vpn_cgw = AnsibleCloudStackVpnCustomerGateway(module) + + state = module.params.get('state') + if state == "absent": + vpn_customer_gateway = acs_vpn_cgw.absent_vpn_customer_gateway() + else: + vpn_customer_gateway = acs_vpn_cgw.present_vpn_customer_gateway() + + result = acs_vpn_cgw.get_result(vpn_customer_gateway) + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_gateway.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_gateway.py new file mode 100644 index 00000000..7bc3ab0b --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_vpn_gateway.py @@ -0,0 +1,204 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2017, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_vpn_gateway +short_description: Manages site-to-site VPN gateways on Apache CloudStack based clouds. +description: + - Creates and removes VPN site-to-site gateways. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + vpc: + description: + - Name of the VPC. + type: str + required: true + state: + description: + - State of the VPN gateway. + type: str + default: present + choices: [ present, absent ] + domain: + description: + - Domain the VPN gateway is related to. + type: str + account: + description: + - Account the VPN gateway is related to. + type: str + project: + description: + - Name of the project the VPN gateway is related to. + type: str + zone: + description: + - Name of the zone the VPC is related to. + - If not set, default zone is used. + type: str + poll_async: + description: + - Poll async jobs until job has finished. + type: bool + default: yes +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a vpn gateway is present + ngine_io.cloudstack.cs_vpn_gateway: + vpc: my VPC + +- name: Ensure a vpn gateway is absent + ngine_io.cloudstack.cs_vpn_gateway: + vpc: my VPC + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the VPN site-to-site gateway. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +public_ip: + description: IP address of the VPN site-to-site gateway. + returned: success + type: str + sample: 10.100.212.10 +vpc: + description: Name of the VPC. + returned: success + type: str + sample: My VPC +domain: + description: Domain the VPN site-to-site gateway is related to. + returned: success + type: str + sample: example domain +account: + description: Account the VPN site-to-site gateway is related to. + returned: success + type: str + sample: example account +project: + description: Name of project the VPN site-to-site gateway is related to. + returned: success + type: str + sample: Production +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together +) + + +class AnsibleCloudStackVpnGateway(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackVpnGateway, self).__init__(module) + self.returns = { + 'publicip': 'public_ip' + } + + def get_vpn_gateway(self): + args = { + 'vpcid': self.get_vpc(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id') + } + vpn_gateways = self.query_api('listVpnGateways', **args) + if vpn_gateways: + return vpn_gateways['vpngateway'][0] + return None + + def present_vpn_gateway(self): + vpn_gateway = self.get_vpn_gateway() + if not vpn_gateway: + self.result['changed'] = True + args = { + 'vpcid': self.get_vpc(key='id'), + 'account': self.get_account(key='name'), + 'domainid': self.get_domain(key='id'), + 'projectid': self.get_project(key='id') + } + if not self.module.check_mode: + res = self.query_api('createVpnGateway', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + vpn_gateway = self.poll_job(res, 'vpngateway') + + return vpn_gateway + + def absent_vpn_gateway(self): + vpn_gateway = self.get_vpn_gateway() + if vpn_gateway: + self.result['changed'] = True + args = { + 'id': vpn_gateway['id'] + } + if not self.module.check_mode: + res = self.query_api('deleteVpnGateway', **args) + + poll_async = self.module.params.get('poll_async') + if poll_async: + self.poll_job(res, 'vpngateway') + + return vpn_gateway + + def get_result(self, vpn_gateway): + super(AnsibleCloudStackVpnGateway, self).get_result(vpn_gateway) + if vpn_gateway: + self.result['vpc'] = self.get_vpc(key='name') + return self.result + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + vpc=dict(required=True), + state=dict(choices=['present', 'absent'], default='present'), + domain=dict(), + account=dict(), + project=dict(), + zone=dict(), + poll_async=dict(type='bool', default=True), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_vpn_gw = AnsibleCloudStackVpnGateway(module) + + state = module.params.get('state') + if state == "absent": + vpn_gateway = acs_vpn_gw.absent_vpn_gateway() + else: + vpn_gateway = acs_vpn_gw.present_vpn_gateway() + + result = acs_vpn_gw.get_result(vpn_gateway) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone.py new file mode 100644 index 00000000..51348086 --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone.py @@ -0,0 +1,377 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_zone +short_description: Manages zones on Apache CloudStack based clouds. +description: + - Create, update and remove zones. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + name: + description: + - Name of the zone. + type: str + required: true + id: + description: + - uuid of the existing zone. + type: str + state: + description: + - State of the zone. + type: str + default: present + choices: [ present, enabled, disabled, absent ] + domain: + description: + - Domain the zone is related to. + - Zone is a public zone if not set. + type: str + network_domain: + description: + - Network domain for the zone. + type: str + network_type: + description: + - Network type of the zone. + type: str + default: Basic + choices: [ Basic, Advanced ] + dns1: + description: + - First DNS for the zone. + - Required if I(state=present) + type: str + dns2: + description: + - Second DNS for the zone. + type: str + internal_dns1: + description: + - First internal DNS for the zone. + - If not set I(dns1) will be used on I(state=present). + type: str + internal_dns2: + description: + - Second internal DNS for the zone. + type: str + dns1_ipv6: + description: + - First DNS for IPv6 for the zone. + type: str + dns2_ipv6: + description: + - Second DNS for IPv6 for the zone. + type: str + guest_cidr_address: + description: + - Guest CIDR address for the zone. + type: str + dhcp_provider: + description: + - DHCP provider for the Zone. + type: str + local_storage_enabled: + description: + - Whether to enable local storage for the zone or not.. + type: bool + securitygroups_enabled: + description: + - Whether the zone is security group enabled or not. + type: bool +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Ensure a zone is present + ngine_io.cloudstack.cs_zone: + name: ch-zrh-ix-01 + dns1: 8.8.8.8 + dns2: 8.8.4.4 + network_type: basic + +- name: Ensure a zone is disabled + ngine_io.cloudstack.cs_zone: + name: ch-zrh-ix-01 + state: disabled + +- name: Ensure a zone is enabled + ngine_io.cloudstack.cs_zone: + name: ch-zrh-ix-01 + state: enabled + +- name: Ensure a zone is absent + ngine_io.cloudstack.cs_zone: + name: ch-zrh-ix-01 + state: absent +''' + +RETURN = ''' +--- +id: + description: UUID of the zone. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 +name: + description: Name of the zone. + returned: success + type: str + sample: zone01 +dns1: + description: First DNS for the zone. + returned: success + type: str + sample: 8.8.8.8 +dns2: + description: Second DNS for the zone. + returned: success + type: str + sample: 8.8.4.4 +internal_dns1: + description: First internal DNS for the zone. + returned: success + type: str + sample: 8.8.8.8 +internal_dns2: + description: Second internal DNS for the zone. + returned: success + type: str + sample: 8.8.4.4 +dns1_ipv6: + description: First IPv6 DNS for the zone. + returned: success + type: str + sample: "2001:4860:4860::8888" +dns2_ipv6: + description: Second IPv6 DNS for the zone. + returned: success + type: str + sample: "2001:4860:4860::8844" +allocation_state: + description: State of the zone. + returned: success + type: str + sample: Enabled +domain: + description: Domain the zone is related to. + returned: success + type: str + sample: ROOT +network_domain: + description: Network domain for the zone. + returned: success + type: str + sample: example.com +network_type: + description: Network type for the zone. + returned: success + type: str + sample: basic +local_storage_enabled: + description: Local storage offering enabled. + returned: success + type: bool + sample: false +securitygroups_enabled: + description: Security groups support is enabled. + returned: success + type: bool + sample: false +guest_cidr_address: + description: Guest CIDR address for the zone + returned: success + type: str + sample: 10.1.1.0/24 +dhcp_provider: + description: DHCP provider for the zone + returned: success + type: str + sample: VirtualRouter +zone_token: + description: Zone token + returned: success + type: str + sample: ccb0a60c-79c8-3230-ab8b-8bdbe8c45bb7 +tags: + description: List of resource tags associated with the zone. + returned: success + type: list + sample: [ { "key": "foo", "value": "bar" } ] +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, + cs_required_together, +) + + +class AnsibleCloudStackZone(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackZone, self).__init__(module) + self.returns = { + 'dns1': 'dns1', + 'dns2': 'dns2', + 'internaldns1': 'internal_dns1', + 'internaldns2': 'internal_dns2', + 'ipv6dns1': 'dns1_ipv6', + 'ipv6dns2': 'dns2_ipv6', + 'domain': 'network_domain', + 'networktype': 'network_type', + 'securitygroupsenabled': 'securitygroups_enabled', + 'localstorageenabled': 'local_storage_enabled', + 'guestcidraddress': 'guest_cidr_address', + 'dhcpprovider': 'dhcp_provider', + 'allocationstate': 'allocation_state', + 'zonetoken': 'zone_token', + } + self.zone = None + + def _get_common_zone_args(self): + args = { + 'name': self.module.params.get('name'), + 'dns1': self.module.params.get('dns1'), + 'dns2': self.module.params.get('dns2'), + 'internaldns1': self.get_or_fallback('internal_dns1', 'dns1'), + 'internaldns2': self.get_or_fallback('internal_dns2', 'dns2'), + 'ipv6dns1': self.module.params.get('dns1_ipv6'), + 'ipv6dns2': self.module.params.get('dns2_ipv6'), + 'networktype': self.module.params.get('network_type'), + 'domain': self.module.params.get('network_domain'), + 'localstorageenabled': self.module.params.get('local_storage_enabled'), + 'guestcidraddress': self.module.params.get('guest_cidr_address'), + 'dhcpprovider': self.module.params.get('dhcp_provider'), + } + state = self.module.params.get('state') + if state in ['enabled', 'disabled']: + args['allocationstate'] = state.capitalize() + return args + + def get_zone(self): + if not self.zone: + args = {} + + uuid = self.module.params.get('id') + if uuid: + args['id'] = uuid + zones = self.query_api('listZones', **args) + if zones: + self.zone = zones['zone'][0] + return self.zone + + args['name'] = self.module.params.get('name') + zones = self.query_api('listZones', **args) + if zones: + self.zone = zones['zone'][0] + return self.zone + + def present_zone(self): + zone = self.get_zone() + if zone: + zone = self._update_zone() + else: + zone = self._create_zone() + return zone + + def _create_zone(self): + required_params = [ + 'dns1', + ] + self.module.fail_on_missing_params(required_params=required_params) + + self.result['changed'] = True + + args = self._get_common_zone_args() + args['domainid'] = self.get_domain(key='id') + args['securitygroupenabled'] = self.module.params.get('securitygroups_enabled') + + zone = None + if not self.module.check_mode: + res = self.query_api('createZone', **args) + zone = res['zone'] + return zone + + def _update_zone(self): + zone = self.get_zone() + + args = self._get_common_zone_args() + args['id'] = zone['id'] + + if self.has_changed(args, zone): + self.result['changed'] = True + + if not self.module.check_mode: + res = self.query_api('updateZone', **args) + zone = res['zone'] + return zone + + def absent_zone(self): + zone = self.get_zone() + if zone: + self.result['changed'] = True + + args = { + 'id': zone['id'] + } + if not self.module.check_mode: + self.query_api('deleteZone', **args) + + return zone + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + id=dict(), + name=dict(required=True), + dns1=dict(), + dns2=dict(), + internal_dns1=dict(), + internal_dns2=dict(), + dns1_ipv6=dict(), + dns2_ipv6=dict(), + network_type=dict(default='Basic', choices=['Basic', 'Advanced']), + network_domain=dict(), + guest_cidr_address=dict(), + dhcp_provider=dict(), + local_storage_enabled=dict(type='bool'), + securitygroups_enabled=dict(type='bool'), + state=dict(choices=['present', 'enabled', 'disabled', 'absent'], default='present'), + domain=dict(), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + required_together=cs_required_together(), + supports_check_mode=True + ) + + acs_zone = AnsibleCloudStackZone(module) + + state = module.params.get('state') + if state in ['absent']: + zone = acs_zone.absent_zone() + else: + zone = acs_zone.present_zone() + + result = acs_zone.get_result(zone) + + module.exit_json(**result) + + +if __name__ == '__main__': + main() diff --git a/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone_info.py b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone_info.py new file mode 100644 index 00000000..1581cdbf --- /dev/null +++ b/collections-debian-merged/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_zone_info.py @@ -0,0 +1,207 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016, René Moser <mail@renemoser.net> +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +DOCUMENTATION = ''' +--- +module: cs_zone_info +short_description: Gathering information about zones from Apache CloudStack based clouds. +description: + - Gathering information from the API of a zone. +author: René Moser (@resmo) +version_added: 0.1.0 +options: + zone: + description: + - Name of the zone. + - If not specified, all zones are returned + type: str + aliases: [ name ] +extends_documentation_fragment: +- ngine_io.cloudstack.cloudstack +''' + +EXAMPLES = ''' +- name: Gather information from a zone + ngine_io.cloudstack.cs_zone_info: + zone: ch-gva-1 + register: zone + +- name: Show the returned results of the registered variable + debug: + msg: "{{ zone }}" + +- name: Gather information from all zones + ngine_io.cloudstack.cs_zone_info: + register: zones + +- name: Show information on all zones + debug: + msg: "{{ zones }}" +''' + +RETURN = ''' +--- +zones: + description: A list of matching zones. + type: list + returned: success + contains: + id: + description: UUID of the zone. + returned: success + type: str + sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6 + name: + description: Name of the zone. + returned: success + type: str + sample: zone01 + dns1: + description: First DNS for the zone. + returned: success + type: str + sample: 8.8.8.8 + dns2: + description: Second DNS for the zone. + returned: success + type: str + sample: 8.8.4.4 + internal_dns1: + description: First internal DNS for the zone. + returned: success + type: str + sample: 8.8.8.8 + internal_dns2: + description: Second internal DNS for the zone. + returned: success + type: str + sample: 8.8.4.4 + dns1_ipv6: + description: First IPv6 DNS for the zone. + returned: success + type: str + sample: "2001:4860:4860::8888" + dns2_ipv6: + description: Second IPv6 DNS for the zone. + returned: success + type: str + sample: "2001:4860:4860::8844" + allocation_state: + description: State of the zone. + returned: success + type: str + sample: Enabled + domain: + description: Domain the zone is related to. + returned: success + type: str + sample: ROOT + network_domain: + description: Network domain for the zone. + returned: success + type: str + sample: example.com + network_type: + description: Network type for the zone. + returned: success + type: str + sample: basic + local_storage_enabled: + description: Local storage offering enabled. + returned: success + type: bool + sample: false + securitygroups_enabled: + description: Security groups support is enabled. + returned: success + type: bool + sample: false + guest_cidr_address: + description: Guest CIDR address for the zone + returned: success + type: str + sample: 10.1.1.0/24 + dhcp_provider: + description: DHCP provider for the zone + returned: success + type: str + sample: VirtualRouter + zone_token: + description: Zone token + returned: success + type: str + sample: ccb0a60c-79c8-3230-ab8b-8bdbe8c45bb7 + tags: + description: List of resource tags associated with the zone. + returned: success + type: list + sample: [ { "key": "foo", "value": "bar" } ] +''' + +from ansible.module_utils.basic import AnsibleModule +from ..module_utils.cloudstack import ( + AnsibleCloudStack, + cs_argument_spec, +) + + +class AnsibleCloudStackZoneInfo(AnsibleCloudStack): + + def __init__(self, module): + super(AnsibleCloudStackZoneInfo, self).__init__(module) + self.returns = { + 'dns1': 'dns1', + 'dns2': 'dns2', + 'internaldns1': 'internal_dns1', + 'internaldns2': 'internal_dns2', + 'ipv6dns1': 'dns1_ipv6', + 'ipv6dns2': 'dns2_ipv6', + 'domain': 'network_domain', + 'networktype': 'network_type', + 'securitygroupsenabled': 'securitygroups_enabled', + 'localstorageenabled': 'local_storage_enabled', + 'guestcidraddress': 'guest_cidr_address', + 'dhcpprovider': 'dhcp_provider', + 'allocationstate': 'allocation_state', + 'zonetoken': 'zone_token', + } + + def get_zone(self): + if self.module.params['zone']: + zones = [super(AnsibleCloudStackZoneInfo, self).get_zone()] + else: + zones = self.query_api('listZones') + if zones: + zones = zones['zone'] + else: + zones = [] + return { + 'zones': [self.update_result(resource) for resource in zones] + } + + +def main(): + argument_spec = cs_argument_spec() + argument_spec.update(dict( + zone=dict(type='str', aliases=['name']), + )) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + ) + + acs_zone_info = AnsibleCloudStackZoneInfo(module=module) + result = acs_zone_info.get_zone() + module.exit_json(**result) + + +if __name__ == '__main__': + main() |