add support for AWS NLB - fixes #30701 (#30907)

* add support for NLB

* added version for parameter type
This commit is contained in:
Deepakkothandan 2017-12-07 09:06:50 +01:00 committed by ansibot
parent b91117dac8
commit 78858a5b12

View file

@ -101,12 +101,20 @@ options:
description: description:
- A dictionary of one or more tags to assign to the load balancer. - A dictionary of one or more tags to assign to the load balancer.
required: false required: false
type:
description:
- Type of Load Balaner, Application or Network Load Balancer.
required: false
default: application
choices: ['application', 'network']
version_added: "2.5"
extends_documentation_fragment: extends_documentation_fragment:
- aws - aws
- ec2 - ec2
notes: notes:
- Listeners are matched based on port. If a listener's port is changed then a new listener will be created. - Listeners are matched based on port. If a listener's port is changed then a new listener will be created.
- Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created. - Listener rules are matched based on priority. If a rule's priority is changed then a new rule will be created.
- Security Groups is not a valid parameter for Network Load Balancer.
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -186,6 +194,21 @@ EXAMPLES = '''
Type: forward Type: forward
state: present state: present
# Create an NLB with listeners
- elb_application_lb:
name: myelb
subnets:
- subnet-400d543b
- subnet-b57b7edc
listeners:
- Protocol: TCP # Required. The protocol can only be TCP for Network Load Balancer.
Port: 80 # Required. The port on which the load balancer is listening.
DefaultActions:
- Type: forward # Required. Only 'forward' is accepted at this time
TargetGroupName: wp-testing
type: network
state: present
# Remove an ELB # Remove an ELB
- elb_application_lb: - elb_application_lb:
name: myelb name: myelb
@ -803,14 +826,20 @@ def create_or_update_elb(connection, connection_ec2, module):
params = dict() params = dict()
params['Name'] = module.params.get("name") params['Name'] = module.params.get("name")
params['Subnets'] = module.params.get("subnets") params['Subnets'] = module.params.get("subnets")
try: params['Type'] = module.params.get("type")
params['SecurityGroups'] = get_ec2_security_group_ids_from_names(module.params.get('security_groups'), connection_ec2, boto3=True)
except ValueError as e: if params['Type'] == 'application':
module.fail_json(msg=str(e), exception=traceback.format_exc()) is_alb = True
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) if is_alb:
except NoCredentialsError as e: try:
module.fail_json(msg="AWS authentication problem. " + e.message, exception=traceback.format_exc()) params['SecurityGroups'] = get_ec2_security_group_ids_from_names(module.params.get('security_groups'), connection_ec2, boto3=True)
except ValueError as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
except ClientError as e:
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
except NoCredentialsError as e:
module.fail_json(msg="AWS authentication problem. " + e.message, exception=traceback.format_exc())
params['Scheme'] = module.params.get("scheme") params['Scheme'] = module.params.get("scheme")
if module.params.get("tags"): if module.params.get("tags"):
@ -837,12 +866,13 @@ def create_or_update_elb(connection, connection_ec2, module):
changed = True changed = True
# Security Groups # Security Groups
if set(elb['SecurityGroups']) != set(params['SecurityGroups']): if is_alb:
try: if set(elb['SecurityGroups']) != set(params['SecurityGroups']):
connection.set_security_groups(LoadBalancerArn=elb['LoadBalancerArn'], SecurityGroups=params['SecurityGroups']) try:
except ClientError as e: connection.set_security_groups(LoadBalancerArn=elb['LoadBalancerArn'], SecurityGroups=params['SecurityGroups'])
module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response)) except ClientError as e:
changed = True module.fail_json(msg=e.message, exception=traceback.format_exc(), **camel_dict_to_snake_dict(e.response))
changed = True
# Tags - only need to play with tags if tags parameter has been set to something # Tags - only need to play with tags if tags parameter has been set to something
if module.params.get("tags"): if module.params.get("tags"):
@ -886,18 +916,19 @@ def create_or_update_elb(connection, connection_ec2, module):
# Get current attributes # Get current attributes
current_elb_attributes = get_elb_attributes(connection, module, elb['LoadBalancerArn']) current_elb_attributes = get_elb_attributes(connection, module, elb['LoadBalancerArn'])
if access_logs_enabled and current_elb_attributes['access_logs_s3_enabled'] != "true": if is_alb:
update_attributes.append({'Key': 'access_logs.s3.enabled', 'Value': "true"}) if access_logs_enabled and current_elb_attributes['access_logs_s3_enabled'] != "true":
if not access_logs_enabled and current_elb_attributes['access_logs_s3_enabled'] != "false": update_attributes.append({'Key': 'access_logs.s3.enabled', 'Value': "true"})
update_attributes.append({'Key': 'access_logs.s3.enabled', 'Value': 'false'}) if not access_logs_enabled and current_elb_attributes['access_logs_s3_enabled'] != "false":
if access_logs_s3_bucket is not None and access_logs_s3_bucket != current_elb_attributes['access_logs_s3_bucket']: update_attributes.append({'Key': 'access_logs.s3.enabled', 'Value': 'false'})
update_attributes.append({'Key': 'access_logs.s3.bucket', 'Value': access_logs_s3_bucket}) if access_logs_s3_bucket is not None and access_logs_s3_bucket != current_elb_attributes['access_logs_s3_bucket']:
if access_logs_s3_prefix is not None and access_logs_s3_prefix != current_elb_attributes['access_logs_s3_prefix']: update_attributes.append({'Key': 'access_logs.s3.bucket', 'Value': access_logs_s3_bucket})
update_attributes.append({'Key': 'access_logs.s3.prefix', 'Value': access_logs_s3_prefix}) if access_logs_s3_prefix is not None and access_logs_s3_prefix != current_elb_attributes['access_logs_s3_prefix']:
if deletion_protection and current_elb_attributes['deletion_protection_enabled'] != "true": update_attributes.append({'Key': 'access_logs.s3.prefix', 'Value': access_logs_s3_prefix})
update_attributes.append({'Key': 'deletion_protection.enabled', 'Value': "true"}) if deletion_protection and current_elb_attributes['deletion_protection_enabled'] != "true":
if not deletion_protection and current_elb_attributes['deletion_protection_enabled'] != "false": update_attributes.append({'Key': 'deletion_protection.enabled', 'Value': "true"})
update_attributes.append({'Key': 'deletion_protection.enabled', 'Value': "false"}) if not deletion_protection and current_elb_attributes['deletion_protection_enabled'] != "false":
update_attributes.append({'Key': 'deletion_protection.enabled', 'Value': "false"})
if idle_timeout is not None and str(idle_timeout) != current_elb_attributes['idle_timeout_timeout_seconds']: if idle_timeout is not None and str(idle_timeout) != current_elb_attributes['idle_timeout_timeout_seconds']:
update_attributes.append({'Key': 'idle_timeout.timeout_seconds', 'Value': str(idle_timeout)}) update_attributes.append({'Key': 'idle_timeout.timeout_seconds', 'Value': str(idle_timeout)})
@ -981,6 +1012,7 @@ def main():
scheme=dict(default='internet-facing', choices=['internet-facing', 'internal']), scheme=dict(default='internet-facing', choices=['internet-facing', 'internal']),
state=dict(choices=['present', 'absent'], type='str'), state=dict(choices=['present', 'absent'], type='str'),
tags=dict(default={}, type='dict'), tags=dict(default={}, type='dict'),
type=dict(default='application', type='str', choices=['application', 'network']),
wait_timeout=dict(type='int'), wait_timeout=dict(type='int'),
wait=dict(type='bool') wait=dict(type='bool')
) )
@ -988,7 +1020,7 @@ def main():
module = AnsibleModule(argument_spec=argument_spec, module = AnsibleModule(argument_spec=argument_spec,
required_if=[ required_if=[
('state', 'present', ['subnets', 'security_groups']) ('state', 'present', ['subnets'])
], ],
required_together=( required_together=(
['access_logs_enabled', 'access_logs_s3_bucket', 'access_logs_s3_prefix'] ['access_logs_enabled', 'access_logs_s3_bucket', 'access_logs_s3_prefix']