[ecs_service] fix assign_public ip for network configuration (#41685)
* fix assign_public ip for ecs_service * used module.botocore_at_least instead of distutils
This commit is contained in:
parent
14598ab3e2
commit
5a72eef0a3
3 changed files with 141 additions and 0 deletions
|
@ -102,6 +102,7 @@ options:
|
||||||
- network configuration of the service. Only applicable for task definitions created with C(awsvpc) I(network_mode).
|
- network configuration of the service. Only applicable for task definitions created with C(awsvpc) I(network_mode).
|
||||||
- I(network_configuration) has two keys, I(subnets), a list of subnet IDs to which the task is attached and I(security_groups),
|
- I(network_configuration) has two keys, I(subnets), a list of subnet IDs to which the task is attached and I(security_groups),
|
||||||
a list of group names or group IDs for the task
|
a list of group names or group IDs for the task
|
||||||
|
- assign_public_ip requires botocore >= 1.8.4
|
||||||
version_added: 2.6
|
version_added: 2.6
|
||||||
launch_type:
|
launch_type:
|
||||||
description:
|
description:
|
||||||
|
@ -324,6 +325,10 @@ class EcsServiceManager:
|
||||||
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
|
except (botocore.exceptions.ClientError, botocore.exceptions.BotoCoreError) as e:
|
||||||
self.module.fail_json_aws(e, msg="Couldn't look up security groups")
|
self.module.fail_json_aws(e, msg="Couldn't look up security groups")
|
||||||
result['securityGroups'] = groups
|
result['securityGroups'] = groups
|
||||||
|
if 'assign_public_ip' in network_config and self.module.botocore_at_least('1.8.4'):
|
||||||
|
result['assign_public_ip'] = 'assign_public_ip'
|
||||||
|
else:
|
||||||
|
self.module.fail_json(msg='botocore needs to be version 1.8.4 or higher to use assign_public_ip in network_configuration')
|
||||||
return dict(awsvpcConfiguration=result)
|
return dict(awsvpcConfiguration=result)
|
||||||
|
|
||||||
def find_in_array(self, array_of_services, service_name, field_name='serviceArn'):
|
def find_in_array(self, array_of_services, service_name, field_name='serviceArn'):
|
||||||
|
|
|
@ -0,0 +1,129 @@
|
||||||
|
- hosts: localhost
|
||||||
|
connection: local
|
||||||
|
vars:
|
||||||
|
resource_prefix: 'ansible-testing'
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- block:
|
||||||
|
- name: set up aws connection info
|
||||||
|
set_fact:
|
||||||
|
aws_connection_info: &aws_connection_info
|
||||||
|
aws_access_key: "{{ aws_access_key }}"
|
||||||
|
aws_secret_key: "{{ aws_secret_key }}"
|
||||||
|
security_token: "{{ security_token }}"
|
||||||
|
region: "{{ aws_region }}"
|
||||||
|
no_log: True
|
||||||
|
|
||||||
|
- name: create ecs cluster
|
||||||
|
ecs_cluster:
|
||||||
|
name: "{{ resource_prefix }}"
|
||||||
|
state: present
|
||||||
|
<<: *aws_connection_info
|
||||||
|
|
||||||
|
- name: create ecs_taskdefinition with bridged network
|
||||||
|
ecs_taskdefinition:
|
||||||
|
containers:
|
||||||
|
- name: my_container
|
||||||
|
image: ubuntu
|
||||||
|
memory: 128
|
||||||
|
family: "{{ resource_prefix }}"
|
||||||
|
state: present
|
||||||
|
network_mode: bridge
|
||||||
|
<<: *aws_connection_info
|
||||||
|
register: ecs_taskdefinition_creation
|
||||||
|
|
||||||
|
- name: create ecs_taskdefinition with awsvpc network
|
||||||
|
ecs_taskdefinition:
|
||||||
|
containers:
|
||||||
|
- name: my_container
|
||||||
|
image: ubuntu
|
||||||
|
memory: 128
|
||||||
|
family: "{{ resource_prefix }}-vpc"
|
||||||
|
state: present
|
||||||
|
network_mode: awsvpc
|
||||||
|
<<: *aws_connection_info
|
||||||
|
register: ecs_taskdefinition_creation_vpc
|
||||||
|
|
||||||
|
- name: ecs_taskdefinition works fine even when older botocore is used
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- ecs_taskdefinition_creation_vpc.changed
|
||||||
|
|
||||||
|
- name: create ecs_service using awsvpc network_configuration
|
||||||
|
ecs_service:
|
||||||
|
name: "{{ resource_prefix }}-vpc"
|
||||||
|
cluster: "{{ resource_prefix }}"
|
||||||
|
task_definition: "{{ resource_prefix }}-vpc"
|
||||||
|
desired_count: 1
|
||||||
|
network_configuration:
|
||||||
|
subnets:
|
||||||
|
- subnet-abcd1234
|
||||||
|
groups:
|
||||||
|
- sg-abcd1234
|
||||||
|
assign_public_ip: true
|
||||||
|
state: present
|
||||||
|
<<: *aws_connection_info
|
||||||
|
register: ecs_service_creation_vpc
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: check that graceful failure message is returned from ecs_service
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- ecs_service_creation_vpc.failed
|
||||||
|
- 'ecs_service_creation_vpc.msg == "botocore needs to be version 1.8.4 or higher to use assign_public_ip in network_configuration"'
|
||||||
|
|
||||||
|
always:
|
||||||
|
- name: scale down ecs service
|
||||||
|
ecs_service:
|
||||||
|
name: "{{ resource_prefix }}"
|
||||||
|
cluster: "{{ resource_prefix }}"
|
||||||
|
task_definition: "{{ resource_prefix }}"
|
||||||
|
desired_count: 0
|
||||||
|
state: present
|
||||||
|
<<: *aws_connection_info
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: pause to wait for scale down
|
||||||
|
pause:
|
||||||
|
seconds: 30
|
||||||
|
|
||||||
|
- name: remove ecs service
|
||||||
|
ecs_service:
|
||||||
|
name: "{{ resource_prefix }}"
|
||||||
|
cluster: "{{ resource_prefix }}"
|
||||||
|
task_definition: "{{ resource_prefix }}"
|
||||||
|
desired_count: 1
|
||||||
|
state: absent
|
||||||
|
<<: *aws_connection_info
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: remove ecs task definition
|
||||||
|
ecs_taskdefinition:
|
||||||
|
containers:
|
||||||
|
- name: my_container
|
||||||
|
image: ubuntu
|
||||||
|
memory: 128
|
||||||
|
family: "{{ resource_prefix }}"
|
||||||
|
revision: "{{ ecs_taskdefinition_creation.taskdefinition.revision }}"
|
||||||
|
state: absent
|
||||||
|
<<: *aws_connection_info
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: remove ecs task definition vpc
|
||||||
|
ecs_taskdefinition:
|
||||||
|
containers:
|
||||||
|
- name: my_container
|
||||||
|
image: ubuntu
|
||||||
|
memory: 128
|
||||||
|
family: "{{ resource_prefix }}-vpc"
|
||||||
|
revision: "{{ ecs_taskdefinition_creation_vpc.taskdefinition.revision }}"
|
||||||
|
state: absent
|
||||||
|
<<: *aws_connection_info
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: remove ecs cluster
|
||||||
|
ecs_cluster:
|
||||||
|
name: "{{ resource_prefix }}"
|
||||||
|
state: absent
|
||||||
|
<<: *aws_connection_info
|
||||||
|
ignore_errors: yes
|
|
@ -18,6 +18,13 @@ source "${MYTMPDIR}/botocore-1.7.40/bin/activate"
|
||||||
$PYTHON -m pip install 'botocore<=1.7.40' boto3
|
$PYTHON -m pip install 'botocore<=1.7.40' boto3
|
||||||
ansible-playbook -i ../../inventory -e @../../integration_config.yml -e @../../cloud-config-aws.yml -v playbooks/network_fail.yml "$@"
|
ansible-playbook -i ../../inventory -e @../../integration_config.yml -e @../../cloud-config-aws.yml -v playbooks/network_fail.yml "$@"
|
||||||
|
|
||||||
|
# Test graceful failure for assign public ip
|
||||||
|
# applies for botocore >= 1.7.44 and < 1.8.4
|
||||||
|
virtualenv --system-site-packages --python "${PYTHON}" "${MYTMPDIR}/botocore-1.7.44"
|
||||||
|
source "${MYTMPDIR}/botocore-1.7.44/bin/activate"
|
||||||
|
$PYTHON -m pip install 'botocore>=1.7.44,<1.8.4' boto3
|
||||||
|
ansible-playbook -i ../../inventory -e @../../integration_config.yml -e @../../cloud-config-aws.yml -v playbooks/network_assign_public_ip_fail.yml "$@"
|
||||||
|
|
||||||
# Run full test suite
|
# Run full test suite
|
||||||
virtualenv --system-site-packages --python "${PYTHON}" "${MYTMPDIR}/botocore-recent"
|
virtualenv --system-site-packages --python "${PYTHON}" "${MYTMPDIR}/botocore-recent"
|
||||||
source "${MYTMPDIR}/botocore-recent/bin/activate"
|
source "${MYTMPDIR}/botocore-recent/bin/activate"
|
||||||
|
|
Loading…
Reference in a new issue