From 8c7267f9b9af29a6a75178c04e946ca097b84da1 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Sat, 25 Oct 2014 19:27:47 -0700 Subject: [PATCH 1/3] Add support for new OpenStack modules Incoming cloud config for OpenStack is complex due to plugins and deployer choices. Rather than having the logic spread all over the OpenStack modules, centralize it in the module_utils code. --- lib/ansible/module_utils/openstack.py | 40 +++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/lib/ansible/module_utils/openstack.py b/lib/ansible/module_utils/openstack.py index 64f95437143..5c4503f94ce 100644 --- a/lib/ansible/module_utils/openstack.py +++ b/lib/ansible/module_utils/openstack.py @@ -30,6 +30,9 @@ import os def openstack_argument_spec(): + # DEPRECATED: This argument spec is only used for the deprecated old + # OpenStack modules. It turns out that modern OpenStack auth is WAY + # more complex than this. # Consume standard OpenStack environment variables. # This is mainly only useful for ad-hoc command line operation as # in playbooks one would assume variables would be used appropriately @@ -67,3 +70,40 @@ def openstack_find_nova_addresses(addresses, ext_tag, key_name=None): ret.append(interface_spec['addr']) return ret +def openstack_full_argument_spec(**kwargs): + spec = dict( + cloud=dict(default=None), + auth_plugin=dict(default=None), + auth=dict(default=None), + auth_token=dict(default=None), + region_name=dict(default=None), + availability_zone=dict(default=None), + state=dict(default='present', choices=['absent', 'present']), + wait=dict(default=True, type='bool'), + timeout=dict(default=180, type='int'), + endpoint_type=dict( + default='publicURL', choices=['publicURL', 'internalURL'] + ) + ) + spec.update(kwargs) + return spec + + +def openstack_module_kwargs(**kwargs): + ret = dict( + required_one_of=[ + ['cloud', 'auth'], + ], + mutually_exclusive=[ + ['auth', 'auth_token'], + ['auth_plugin', 'auth_token'], + ], + ) + for key in ('mutually_exclusive', 'required_together', 'required_one_of'): + if key in kwargs: + if key in ret: + ret[key].extend(kwargs[key]) + else: + ret[key] = kwargs[key] + + return ret From 9b17918bc992481efb51d8df972b879499424e79 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Sun, 26 Oct 2014 10:24:54 -0700 Subject: [PATCH 2/3] Add doc fragment for new OpenStack modules --- .../utils/module_docs_fragments/openstack.py | 88 +++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 lib/ansible/utils/module_docs_fragments/openstack.py diff --git a/lib/ansible/utils/module_docs_fragments/openstack.py b/lib/ansible/utils/module_docs_fragments/openstack.py new file mode 100644 index 00000000000..d740bc719c3 --- /dev/null +++ b/lib/ansible/utils/module_docs_fragments/openstack.py @@ -0,0 +1,88 @@ +# Copyright (c) 2014 Hewlett-Packard Development Company, L.P. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + + +class ModuleDocFragment(object): + + # Standard openstack documentation fragment + DOCUMENTATION = ''' +options: + cloud: + description: + - Named cloud to operate against. Provides default values for I(auth) and I(auth_plugin) + required: false + auth: + description: + - Dictionary containing auth information as needed by the cloud's auth + plugin strategy. For the default I{password) plugin, this would contain + I(auth_url), I(username), I(password), I(project_name) and any + information about domains if the cloud supports them. For other plugins, + this param will need to contain whatever parameters that auth plugin + requires. This parameter is not needed if a named cloud is provided. + required: false + auth_plugin: + description: + - Name of the auth plugin to use. If the cloud uses something other than + password authentication, the name of the plugin should be indicated here + and the contents of the I(auth) parameter should be updated accordingly. + required: false + default: password + auth_token: + description: + - An auth token obtained previously. If I(auth_token) is given, + I(auth) and I(auth_plugin) are not needed. + region_name: + description: + - Name of the region. + required: false + availability_zone: + description: + - Name of the availability zone. + required: false + state: + description: + - Should the resource be present or absent. + choices: [present, absent] + default: present + wait: + description: + - Should ansible wait until the requested resource is complete. + required: false + default: "yes" + choices: ["yes", "no"] + timeout: + description: + - How long should ansible wait for the requested resource. + required: false + default: 180 + endpoint_type: + description: + - Endpoint URL type to fetch from the service catalog. + choices: [publicURL, internalURL] + required: false + default: publicURL +requirements: + - shade +notes: + - The standard OpenStack environment variables, such as C(OS_USERNAME) + may be user instead of providing explicit values. + - Auth information is driven by os-client-config, which means that values + can come from a yaml config file in /etc/ansible/openstack.yaml, + /etc/openstack/clouds.yaml or ~/.config/openstack/clouds.yaml, then from + standard environment variables, then finally by explicit parameters in + plays. +''' From 3188f7f1c15b4910d54d6f0ea7c4b2704a1a8337 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Wed, 11 Feb 2015 19:11:42 -0500 Subject: [PATCH 3/3] Add new OpenStack Inventory module This inventory module is based on the shade library like the new os_ modules. It shares the ability to configure itself from os-client-config configuration files or from the standard OS_ environment variables. More importantly the guts of the code to get the server vars is now shared with os_compute_facts. This means that playbooks that provision compute hosts and then want to run plays on them can refer to server variables in exactly the same way whether the provsioning play ran first or whether the play ran in the context of a pre-existing inventory. --- plugins/inventory/openstack.py | 145 +++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100755 plugins/inventory/openstack.py diff --git a/plugins/inventory/openstack.py b/plugins/inventory/openstack.py new file mode 100755 index 00000000000..c49d3c1fc43 --- /dev/null +++ b/plugins/inventory/openstack.py @@ -0,0 +1,145 @@ +#!/usr/bin/env python + +# Copyright (c) 2012, Marco Vito Moscaritolo +# Copyright (c) 2013, Jesse Keating +# Copyright (c) 2014, Hewlett-Packard Development Company, L.P. +# +# This module is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this software. If not, see . + +import argparse +import collections +import os +import sys +import time + +try: + import json +except: + import simplejson as json + +import os_client_config +import shade + + +class OpenStackInventory(object): + + def __init__(self, private=False, refresh=False): + self.openstack_config = os_client_config.config.OpenStackConfig( + os_client_config.config.CONFIG_FILES.append( + '/etc/ansible/openstack.yml'), + private) + self.clouds = shade.openstack_clouds(self.openstack_config) + self.refresh = refresh + + self.cache_max_age = self.openstack_config.get_cache_max_age() + cache_path = self.openstack_config.get_cache_path() + + # Cache related + if not os.path.exists(cache_path): + os.makedirs(cache_path) + self.cache_file = os.path.join(cache_path, "ansible-inventory.cache") + + def is_cache_stale(self): + ''' Determines if cache file has expired, or if it is still valid ''' + if os.path.isfile(self.cache_file): + mod_time = os.path.getmtime(self.cache_file) + current_time = time.time() + if (mod_time + self.cache_max_age) > current_time: + return False + return True + + def get_host_groups(self): + if self.refresh or self.is_cache_stale(): + groups = self.get_host_groups_from_cloud() + self.write_cache(groups) + else: + return json.load(open(self.cache_file, 'r')) + return groups + + def write_cache(self, groups): + with open(self.cache_file, 'w') as cache_file: + cache_file.write(self.json_format_dict(groups)) + + def get_host_groups_from_cloud(self): + groups = collections.defaultdict(list) + hostvars = collections.defaultdict(dict) + + for cloud in self.clouds: + + # Cycle on servers + for server in cloud.list_servers(): + + meta = cloud.get_server_meta(server) + + if 'interface_ip' not in meta['server_vars']: + # skip this host if it doesn't have a network address + continue + + server_vars = meta['server_vars'] + hostvars[server.name][ + 'ansible_ssh_host'] = server_vars['interface_ip'] + hostvars[server.name]['openstack'] = server_vars + + for group in meta['groups']: + groups[group].append(server.name) + + if hostvars: + groups['_meta'] = {'hostvars': hostvars} + return groups + + def json_format_dict(self, data): + return json.dumps(data, sort_keys=True, indent=2) + + def list_instances(self): + groups = self.get_host_groups() + # Return server list + print(self.json_format_dict(groups)) + + def get_host(self, hostname): + groups = self.get_host_groups() + hostvars = groups['_meta']['hostvars'] + if hostname in hostvars: + print(self.json_format_dict(hostvars[hostname])) + + +def parse_args(): + parser = argparse.ArgumentParser(description='OpenStack Inventory Module') + parser.add_argument('--private', + action='store_true', + help='Use private address for ansible host') + parser.add_argument('--refresh', action='store_true', + help='Refresh cached information') + group = parser.add_mutually_exclusive_group(required=True) + group.add_argument('--list', action='store_true', + help='List active servers') + group.add_argument('--host', help='List details about the specific host') + return parser.parse_args() + + +def main(): + args = parse_args() + try: + inventory = OpenStackInventory(args.private, args.refresh) + if args.list: + inventory.list_instances() + elif args.host: + inventory.get_host(args.host) + except shade.OpenStackCloudException as e: + print(e.message) + sys.exit(1) + sys.exit(0) + + +if __name__ == '__main__': + main()