cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

ec2_vpc_net refactor

Browse source
This commit is contained in:
whiter 2015-06-27 21:54:19 +10:00 committed by Matt Clay
parent b7a13e263f
commit 54b02ee0da
1 changed files with 137 additions and 187 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

324
lib/ansible/modules/cloud/amazon/ec2_vpc_net.py
View file

@ -17,10 +17,11 @@
DOCUMENTATION = ''' DOCUMENTATION = '''
--- ---
module: ec2_vpc_net module: ec2_vpc_net
short_description: configure AWS virtual private clouds short_description: Configure AWS virtual private clouds
description: description:
- Create or terminates AWS virtual private clouds. This module has a dependency on python-boto. - Create or terminate AWS virtual private clouds. This module has a dependency on python-boto.
version_added: "2.0" version_added: "2.0"
author: Jonathan Davila (@defionscode)
options: options:
name: name:
description: description:
@ -30,23 +31,25 @@ options:
description: description:
- The CIDR of the VPC - The CIDR of the VPC
required: yes required: yes
aliases: []
tenancy: tenancy:
description: description:
- Whether to be default or dedicated tenancy. This cannot be changed after the VPC has been created. - Whether to be default or dedicated tenancy. This cannot be changed after the VPC has been created.
required: false required: false
default: default default: default
choices: [ 'default', 'dedicated' ]
dns_support: dns_support:
description: description:
- Whether to enable AWS DNS support. - Whether to enable AWS DNS support.
required: false required: false
default: true default: yes
choices: [ 'yes', 'no' ]
dns_hostnames: dns_hostnames:
description: description:
- Whether to enable AWS hostname support. - Whether to enable AWS hostname support.
required: false required: false
default: true default: yes
dhcp_id: choices: [ 'yes', 'no' ]
dhcp_opts_id:
description: description:
- the id of the DHCP options to use for this vpc - the id of the DHCP options to use for this vpc
default: null default: null
@ -61,30 +64,32 @@ options:
- The state of the VPC. Either absent or present. - The state of the VPC. Either absent or present.
default: present default: present
required: false required: false
choices: [ 'present', 'absent' ]
multi_ok: multi_ok:
description: description:
- By default the module will not create another VPC if there is another VPC with the same name and CIDR block. Specify this as true if you want duplicate VPCs created. - By default the module will not create another VPC if there is another VPC with the same name and CIDR block. Specify this as true if you want duplicate VPCs created.
default: false default: false
required: false required: false
author: Jonathan Davila
extends_documentation_fragment: aws extends_documentation_fragment: aws
''' '''
EXAMPLES = ''' EXAMPLES = '''
# Note: These examples do not set authentication details, see the AWS Guide for details.
# Create a VPC with dedicate tenancy and a couple of tags # Create a VPC with dedicate tenancy and a couple of tags
- ec2_vpc: - ec2_vpc_net:
name: Module_dev2 name: Module_dev2
cidr_block: 170.10.0.0/16 cidr_block: 10.10.0.0/16
region: us-east-1 region: us-east-1
tags: tags:
new_vpc: ec2_vpc_module module: ec2_vpc_net
this: works22 this: works
tenancy: dedicated tenancy: dedicated
''' '''
import time import time
import sys import sys
@ -92,8 +97,7 @@ try:
import boto import boto
import boto.ec2 import boto.ec2
import boto.vpc import boto.vpc
from boto.exception import EC2ResponseError from boto.exception import BotoServerError
HAS_BOTO=True HAS_BOTO=True
except ImportError: except ImportError:
HAS_BOTO=False HAS_BOTO=False
@ -110,12 +114,11 @@ def boto_exception(err):
return error return error
def vpc_exists(module, vpc, name, cidr_block, multi): def vpc_exists(module, vpc, name, cidr_block, multi):
"""Returns True or False in regards to the existance of a VPC. When supplied """Returns True or False in regards to the existence of a VPC. When supplied
with a CIDR, it will check for matching tags to determine if it is a match with a CIDR, it will check for matching tags to determine if it is a match
otherwise it will assume the VPC does not exist and thus return false. otherwise it will assume the VPC does not exist and thus return false.
""" """
exists=False matched_vpc = None
matched_vpc=None
try: try:
matching_vpcs=vpc.get_all_vpcs(filters={'tag:Name' : name, 'cidr-block' : cidr_block}) matching_vpcs=vpc.get_all_vpcs(filters={'tag:Name' : name, 'cidr-block' : cidr_block})
@ -123,114 +126,69 @@ def vpc_exists(module, vpc, name, cidr_block, multi):
e_msg=boto_exception(e) e_msg=boto_exception(e)
module.fail_json(msg=e_msg) module.fail_json(msg=e_msg)
if len(matching_vpcs) == 1 and not multi: if len(matching_vpcs) == 1:
exists=True matched_vpc = matching_vpcs[0]
matched_vpc=str(matching_vpcs).split(':')[1].split(']')[0] elif len(matching_vpcs) > 1:
elif len(matching_vpcs) > 1 and not multi: if multi:
module.fail_json(msg='Currently there are %d VPCs that have the same name and ' module.fail_json(msg='Currently there are %d VPCs that have the same name and '
'CIDR block you specified. If you would like to create ' 'CIDR block you specified. If you would like to create '
'the VPC anyways please pass True to the multi_ok param.' % len(matching_vpcs)) 'the VPC anyway please pass True to the multi_ok param.' % len(matching_vpcs))
return exists, matched_vpc return matched_vpc
def vpc_needs_update(module, vpc, vpc_id, dns_support, dns_hostnames, dhcp_id, tags):
"""This returns True or False. Intended to run after vpc_exists.
It will check all the characteristics of the parameters passed and compare them
to the active VPC. If any discrepancy is found, it will report true, meaning that
the VPC needs to be update in order to match the specified state in the params.
"""
update_dhcp=False
update_tags=False
dhcp_match=False
try:
dhcp_list=vpc.get_all_dhcp_options()
if dhcp_id is not None:
has_default=vpc.get_all_vpcs(filters={'dhcp-options-id' : 'default', 'vpc-id' : vpc_id})
for opts in dhcp_list:
if (str(opts).split(':')[1] == dhcp_id) or has_default:
dhcp_match=True
break
else:
pass
except Exception, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
if not dhcp_match or (has_default and dhcp_id != 'default'):
update_dhcp=True
if dns_hostnames and dns_support == False:
module.fail_json('In order to enable DNS Hostnames you must have DNS support enabled')
else:
# Note: Boto currently doesn't currently provide an interface to ec2-describe-vpc-attribute
# which is needed in order to detect the current status of DNS options. For now we just update
# the attribute each time and is not used as a changed-factor.
try:
vpc.modify_vpc_attribute(vpc_id, enable_dns_support=dns_support)
vpc.modify_vpc_attribute(vpc_id, enable_dns_hostnames=dns_hostnames)
except Exception, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
if tags:
try:
current_tags = dict((t.name, t.value) for t in vpc.get_all_tags(filters={'resource-id': vpc_id}))
if not set(tags.items()).issubset(set(current_tags.items())):
update_tags=True
except Exception, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
return update_dhcp, update_tags
def update_vpc_tags(module, vpc, vpc_id, tags, name): def update_vpc_tags(vpc, module, vpc_obj, tags, name):
if tags is None:
tags = dict()
tags.update({'Name': name}) tags.update({'Name': name})
try: try:
vpc.create_tags(vpc_id, tags) current_tags = dict((t.name, t.value) for t in vpc.get_all_tags(filters={'resource-id': vpc_obj.id}))
updated_tags=dict((t.name, t.value) for t in vpc.get_all_tags(filters={'resource-id': vpc_id})) if sorted(current_tags) != sorted(tags):
vpc.create_tags(vpc_obj.id, tags)
return True
else:
return False
except Exception, e: except Exception, e:
e_msg=boto_exception(e) e_msg=boto_exception(e)
module.fail_json(msg=e_msg) module.fail_json(msg=e_msg)
return updated_tags def update_dhcp_opts(connection, module, vpc_obj, dhcp_id):
if vpc_obj.dhcp_options_id != dhcp_id:
connection.associate_dhcp_options(dhcp_id, vpc_obj.id)
return True
else:
return False
def get_vpc_values(vpc_obj):
def update_dhcp_opts(module, vpc, vpc_id, dhcp_id): if vpc_obj is not None:
try: vpc_values = vpc_obj.__dict__
vpc.associate_dhcp_options(dhcp_id, vpc_id) if "region" in vpc_values:
dhcp_list=vpc.get_all_dhcp_options() vpc_values.pop("region")
except Exception, e: if "item" in vpc_values:
e_msg=boto_exception(e) vpc_values.pop("item")
module.fail_json(msg=e_msg) if "connection" in vpc_values:
vpc_values.pop("connection")
for opts in dhcp_list: return vpc_values
vpc_dhcp=vpc.get_all_vpcs(filters={'dhcp-options-id' : opts, 'vpc-id' : vpc_id}) else:
matched=False return None
if opts == dhcp_id:
matched=True
return opts
if matched == False:
return dhcp_id
def main(): def main():
argument_spec=ec2_argument_spec() argument_spec=ec2_argument_spec()
argument_spec.update(dict( argument_spec.update(dict(
name=dict(type='str', default=None, required=True), name = dict(type='str', default=None, required=True),
cidr_block=dict(type='str', default=None, required=True), cidr_block = dict(type='str', default=None, required=True),
tenancy=dict(choices=['default', 'dedicated'], default='default'), tenancy = dict(choices=['default', 'dedicated'], default='default'),
dns_support=dict(type='bool', default=True), dns_support = dict(type='bool', default=True),
dns_hostnames=dict(type='bool', default=True), dns_hostnames = dict(type='bool', default=True),
dhcp_opts_id=dict(type='str', default=None, required=False), dhcp_opts_id = dict(type='str', default=None, required=False),
tags=dict(type='dict', required=False, default=None), tags = dict(type='dict', required=False, default=None),
state=dict(choices=['present', 'absent'], default='present'), state = dict(choices=['present', 'absent'], default='present'),
region=dict(type='str', required=True), multi_ok = dict(type='bool', default=False)
multi_ok=dict(type='bool', default=False)
) )
) )
@ -239,7 +197,7 @@ def main():
) )
if not HAS_BOTO: if not HAS_BOTO:
module.fail_json(msg='Boto is required for this module') module.fail_json(msg='boto is required for this module')
name=module.params.get('name') name=module.params.get('name')
cidr_block=module.params.get('cidr_block') cidr_block=module.params.get('cidr_block')
@ -250,93 +208,85 @@ def main():
tags=module.params.get('tags') tags=module.params.get('tags')
state=module.params.get('state') state=module.params.get('state')
multi=module.params.get('multi_ok') multi=module.params.get('multi_ok')
changed=False changed=False
new_dhcp_opts=None
new_tags=None
update_dhcp=False
update_tags=False
region, ec2_url, aws_connect_kwargs=get_aws_connection_info(module)
try:
vpc=boto.vpc.connect_to_region(
region,
**aws_connect_kwargs
)
except boto.exception.NoAuthHandlerFound, e:
module.fail_json(msg=str(e))
already_exists, vpc_id=vpc_exists(module, vpc, name, cidr_block, multi)
if already_exists:
update_dhcp, update_tags=vpc_needs_update(module, vpc, vpc_id, dns_support, dns_hostnames, dhcp_id, tags)
if update_dhcp or update_tags:
changed=True
region, ec2_url, aws_connect_params = get_aws_connection_info(module)
if region:
try: try:
e_tags=dict((t.name, t.value) for t in vpc.get_all_tags(filters={'resource-id': vpc_id})) connection = connect_to_aws(boto.vpc, region, **aws_connect_params)
dhcp_list=vpc.get_all_dhcp_options() except (boto.exception.NoAuthHandlerFound, StandardError), e:
has_default=vpc.get_all_vpcs(filters={'dhcp-options-id' : 'default', 'vpc-id' : vpc_id}) module.fail_json(msg=str(e))
except Exception, e: else:
e_msg=boto_exception(e) module.fail_json(msg="region must be specified")
module.fail_json(msg=e_msg)
if dns_hostnames and not dns_support:
dhcp_opts=None module.fail_json('In order to enable DNS Hostnames you must also enable DNS support')
try:
for opts in dhcp_list:
if vpc.get_all_vpcs(filters={'dhcp-options-id' : opts, 'vpc-id' : vpc_id}):
dhcp_opts=opts
break
else:
pass
except Exception, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
if not dhcp_opts and has_default:
dhcp_opts='default'
if state == 'present': if state == 'present':
if not changed and already_exists: # Check if VPC exists
module.exit_json(changed=changed, vpc_id=vpc_id) vpc_obj = vpc_exists(module, connection, name, cidr_block, multi)
elif changed:
if update_dhcp: if vpc_obj is None:
dhcp_opts=update_dhcp_opts(module, vpc, vpc_id, dhcp_id)
if update_tags:
e_tags=update_vpc_tags(module, vpc, vpc_id, tags, name)
module.exit_json(changed=changed, name=name, dhcp_options_id=dhcp_opts, tags=e_tags)
if not already_exists:
try: try:
vpc_id=str(vpc.create_vpc(cidr_block, instance_tenancy=tenancy)).split(':')[1] vpc_obj = connection.create_vpc(cidr_block, instance_tenancy=tenancy)
vpc.create_tags(vpc_id, dict(Name=name)) changed = True
except Exception, e: except BotoServerError, e:
e_msg=boto_exception(e) module.fail_json(msg=e)
module.fail_json(msg=e_msg)
if dhcp_id is not None:
try:
if update_dhcp_opts(connection, module, vpc_obj, dhcp_id):
changed = True
except BotoServerError, e:
module.fail_json(msg=e)
if tags is not None or name is not None:
try:
if update_vpc_tags(connection, module, vpc_obj, tags, name):
changed = True
except BotoServerError, e:
module.fail_json(msg=e)
update_dhcp, update_tags=vpc_needs_update(module, vpc, vpc_id, dns_support, dns_hostnames, dhcp_id, tags) # Note: Boto currently doesn't currently provide an interface to ec2-describe-vpc-attribute
# which is needed in order to detect the current status of DNS options. For now we just update
# the attribute each time and is not used as a changed-factor.
try:
connection.modify_vpc_attribute(vpc_obj.id, enable_dns_support=dns_support)
connection.modify_vpc_attribute(vpc_obj.id, enable_dns_hostnames=dns_hostnames)
except BotoServerError, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
# get the vpc obj again in case it has changed
try:
vpc_obj = connection.get_all_vpcs(vpc_obj.id)[0]
except BotoServerError, e:
e_msg=boto_exception(e)
module.fail_json(msg=e_msg)
module.exit_json(changed=changed, vpc=get_vpc_values(vpc_obj))
if update_dhcp:
new_dhcp_opts=update_dhcp_opts(module, vpc, vpc_id, dhcp_id)
if update_tags:
new_tags=update_vpc_tags(module, vpc, vpc_id, tags, name)
module.exit_json(changed=True, name=name, vpc_id=vpc_id, dhcp_options=new_dhcp_opts, tags=new_tags)
elif state == 'absent': elif state == 'absent':
if already_exists:
changed=True # Check if VPC exists
vpc_obj = vpc_exists(module, connection, name, cidr_block, multi)
if vpc_obj is not None:
try: try:
vpc.delete_vpc(vpc_id) connection.delete_vpc(vpc_obj.id)
module.exit_json(changed=changed, vpc_id=vpc_id) vpc_obj = None
except Exception, e: changed = True
e_msg=boto_exception(e) except BotoServerError, e:
e_msg = boto_exception(e)
module.fail_json(msg="%s. You may want to use the ec2_vpc_subnet, ec2_vpc_igw, " module.fail_json(msg="%s. You may want to use the ec2_vpc_subnet, ec2_vpc_igw, "
"and/or ec2_vpc_rt modules to ensure the other components are absent." % e_msg) "and/or ec2_vpc_route_table modules to ensure the other components are absent." % e_msg)
else:
module.exit_json(msg="VPC is absent") module.exit_json(changed=changed, vpc=get_vpc_values(vpc_obj))
# import module snippets # import module snippets
from ansible.module_utils.basic import * from ansible.module_utils.basic import *
from ansible.module_utils.ec2 import * from ansible.module_utils.ec2 import *