Add common auth handling across openstack modules
Taking a page out of the ec2 config, make sure that all of the OpenStack modules handle the inbound auth config in the same way. The one outlier is keystone wrt auth_url.
This commit is contained in:
parent
f254c915f0
commit
8a6a8d8af2
11 changed files with 71 additions and 126 deletions
|
@ -217,26 +217,23 @@ def _glance_delete_image(module, params, client):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
|
argument_spec = openstack_argument_spec()
|
||||||
|
argument_spec.update(dict(
|
||||||
|
name = dict(required=True),
|
||||||
|
disk_format = dict(default='qcow2', choices=['aki', 'vhd', 'vmdk', 'raw', 'qcow2', 'vdi', 'iso']),
|
||||||
|
container_format = dict(default='bare', choices=['aki', 'ari', 'bare', 'ovf']),
|
||||||
|
owner = dict(default=None),
|
||||||
|
min_disk = dict(default=None),
|
||||||
|
min_ram = dict(default=None),
|
||||||
|
is_public = dict(default=True),
|
||||||
|
copy_from = dict(default= None),
|
||||||
|
timeout = dict(default=180),
|
||||||
|
file = dict(default=None),
|
||||||
|
endpoint_type = dict(default='publicURL', choices=['publicURL', 'internalURL']),
|
||||||
|
state = dict(default='present', choices=['absent', 'present'])
|
||||||
|
))
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
argument_spec = dict(
|
argument_spec=argument_spec,
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required=True),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
name = dict(required=True),
|
|
||||||
disk_format = dict(default='qcow2', choices=['aki', 'vhd', 'vmdk', 'raw', 'qcow2', 'vdi', 'iso']),
|
|
||||||
container_format = dict(default='bare', choices=['aki', 'ari', 'bare', 'ovf']),
|
|
||||||
owner = dict(default=None),
|
|
||||||
min_disk = dict(default=None),
|
|
||||||
min_ram = dict(default=None),
|
|
||||||
is_public = dict(default=True),
|
|
||||||
copy_from = dict(default= None),
|
|
||||||
timeout = dict(default=180),
|
|
||||||
file = dict(default=None),
|
|
||||||
endpoint_type = dict(default='publicURL', choices=['publicURL', 'internalURL']),
|
|
||||||
state = dict(default='present', choices=['absent', 'present'])
|
|
||||||
),
|
|
||||||
mutually_exclusive = [['file','copy_from']],
|
mutually_exclusive = [['file','copy_from']],
|
||||||
)
|
)
|
||||||
if module.params['state'] == 'present':
|
if module.params['state'] == 'present':
|
||||||
|
@ -258,4 +255,5 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
|
@ -287,11 +287,8 @@ def ensure_role_absent(keystone, uesr, tenant, role, check_mode):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec=dict(
|
argument_spec.update(dict(
|
||||||
user=dict(required=False),
|
|
||||||
password=dict(required=False),
|
|
||||||
tenant=dict(required=False),
|
|
||||||
tenant_description=dict(required=False),
|
tenant_description=dict(required=False),
|
||||||
email=dict(required=False),
|
email=dict(required=False),
|
||||||
role=dict(required=False),
|
role=dict(required=False),
|
||||||
|
@ -302,7 +299,11 @@ def main():
|
||||||
login_user=dict(required=False),
|
login_user=dict(required=False),
|
||||||
login_password=dict(required=False),
|
login_password=dict(required=False),
|
||||||
login_tenant_name=dict(required=False)
|
login_tenant_name=dict(required=False)
|
||||||
),
|
))
|
||||||
|
# keystone operations themselves take an endpoint, not a keystone auth_url
|
||||||
|
del(argument_spec['auth_url'])
|
||||||
|
module = AnsibleModule(
|
||||||
|
argument_spec=argument_spec,
|
||||||
supports_check_mode=True,
|
supports_check_mode=True,
|
||||||
mutually_exclusive=[['token', 'login_user'],
|
mutually_exclusive=[['token', 'login_user'],
|
||||||
['token', 'login_password'],
|
['token', 'login_password'],
|
||||||
|
@ -388,5 +389,6 @@ def dispatch(keystone, user=None, password=None, tenant=None,
|
||||||
|
|
||||||
# import module snippets
|
# import module snippets
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
main()
|
main()
|
||||||
|
|
|
@ -226,32 +226,8 @@ def _get_server_state(module, nova):
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
# Consume standard OpenStack environment variables.
|
argument_spec = openstack_argument_spec()
|
||||||
# This is mainly only useful for ad-hoc command line operation as
|
argument_spec.update(dict(
|
||||||
# in playbooks one would assume variables would be used appropriately
|
|
||||||
OS_USERNAME=os.environ.get('OS_USERNAME', 'admin')
|
|
||||||
OS_PASSWORD=os.environ.get('OS_PASSWORD', None)
|
|
||||||
login_password_arg = dict()
|
|
||||||
if OS_PASSWORD:
|
|
||||||
login_password_arg['default'] = OS_PASSWORD
|
|
||||||
else:
|
|
||||||
login_password_arg['required'] = True
|
|
||||||
OS_TENANT_NAME=os.environ.get('OS_TENANT_NAME', None)
|
|
||||||
tenant_name_arg = dict()
|
|
||||||
if OS_TENANT_NAME:
|
|
||||||
tenant_name_arg['default'] = OS_TENANT_NAME
|
|
||||||
else:
|
|
||||||
tenant_name_arg['required'] = True
|
|
||||||
OS_REGION_NAME=os.environ.get('OS_REGION_NAME', None)
|
|
||||||
OS_AUTH_URL=os.environ.get('OS_AUTH_URL', 'http://127.0.0.1:35357/v2.0/')
|
|
||||||
|
|
||||||
module = AnsibleModule(
|
|
||||||
argument_spec = dict(
|
|
||||||
login_username = dict(default=OS_USERNAME),
|
|
||||||
login_password = login_password_arg,
|
|
||||||
login_tenant_name = tenant_name_arg,
|
|
||||||
auth_url = dict(default=OS_AUTH_URL),
|
|
||||||
region_name = dict(default=OS_REGION_NAME),
|
|
||||||
name = dict(required=True),
|
name = dict(required=True),
|
||||||
image_id = dict(default=None),
|
image_id = dict(default=None),
|
||||||
flavor_id = dict(default=1),
|
flavor_id = dict(default=1),
|
||||||
|
@ -262,9 +238,9 @@ def main():
|
||||||
wait = dict(default='yes', choices=['yes', 'no']),
|
wait = dict(default='yes', choices=['yes', 'no']),
|
||||||
wait_for = dict(default=180),
|
wait_for = dict(default=180),
|
||||||
state = dict(default='present', choices=['absent', 'present']),
|
state = dict(default='present', choices=['absent', 'present']),
|
||||||
user_data = dict(default=None)
|
user_data = dict(default=None),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
nova = nova_client.Client(module.params['login_username'],
|
nova = nova_client.Client(module.params['login_username'],
|
||||||
module.params['login_password'],
|
module.params['login_password'],
|
||||||
|
@ -291,5 +267,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -87,18 +87,13 @@ EXAMPLES = '''
|
||||||
'''
|
'''
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
name = dict(required=True),
|
name = dict(required=True),
|
||||||
public_key = dict(default=None),
|
public_key = dict(default=None),
|
||||||
state = dict(default='present', choices=['absent', 'present'])
|
state = dict(default='present', choices=['absent', 'present'])
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
nova = nova_client.Client(module.params['login_username'],
|
nova = nova_client.Client(module.params['login_username'],
|
||||||
module.params['login_password'],
|
module.params['login_password'],
|
||||||
|
@ -138,5 +133,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -220,19 +220,14 @@ def _update_floating_ip(neutron, module, port_id, floating_ip_id):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
network_name = dict(required=True),
|
network_name = dict(required=True),
|
||||||
instance_name = dict(required=True),
|
instance_name = dict(required=True),
|
||||||
state = dict(default='present', choices=['absent', 'present']),
|
state = dict(default='present', choices=['absent', 'present']),
|
||||||
internal_network_name = dict(default=None),
|
internal_network_name = dict(default=None),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
nova = nova_client.Client(module.params['login_username'], module.params['login_password'],
|
nova = nova_client.Client(module.params['login_username'], module.params['login_password'],
|
||||||
|
@ -266,5 +261,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -178,18 +178,13 @@ def _update_floating_ip(neutron, module, port_id, floating_ip_id):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
ip_address = dict(required=True),
|
ip_address = dict(required=True),
|
||||||
instance_name = dict(required=True),
|
instance_name = dict(required=True),
|
||||||
state = dict(default='present', choices=['absent', 'present'])
|
state = dict(default='present', choices=['absent', 'present'])
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
nova = nova_client.Client(module.params['login_username'], module.params['login_password'],
|
nova = nova_client.Client(module.params['login_username'], module.params['login_password'],
|
||||||
|
@ -218,5 +213,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -230,13 +230,8 @@ def _delete_network(module, net_id, neutron):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
name = dict(required=True),
|
name = dict(required=True),
|
||||||
tenant_name = dict(default=None),
|
tenant_name = dict(default=None),
|
||||||
provider_network_type = dict(default=None, choices=['local', 'vlan', 'flat', 'gre']),
|
provider_network_type = dict(default=None, choices=['local', 'vlan', 'flat', 'gre']),
|
||||||
|
@ -246,8 +241,8 @@ def main():
|
||||||
shared = dict(default=False, type='bool'),
|
shared = dict(default=False, type='bool'),
|
||||||
admin_state_up = dict(default=True, type='bool'),
|
admin_state_up = dict(default=True, type='bool'),
|
||||||
state = dict(default='present', choices=['absent', 'present'])
|
state = dict(default='present', choices=['absent', 'present'])
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
if module.params['provider_network_type'] in ['vlan' , 'flat']:
|
if module.params['provider_network_type'] in ['vlan' , 'flat']:
|
||||||
if not module.params['provider_physical_network']:
|
if not module.params['provider_physical_network']:
|
||||||
|
@ -279,5 +274,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -175,19 +175,14 @@ def _delete_router(module, neutron, router_id):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
name = dict(required=True),
|
name = dict(required=True),
|
||||||
tenant_name = dict(default=None),
|
tenant_name = dict(default=None),
|
||||||
state = dict(default='present', choices=['absent', 'present']),
|
state = dict(default='present', choices=['absent', 'present']),
|
||||||
admin_state_up = dict(type='bool', default=True),
|
admin_state_up = dict(type='bool', default=True),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
neutron = _get_neutron_client(module, module.params)
|
neutron = _get_neutron_client(module, module.params)
|
||||||
_set_tenant_id(module)
|
_set_tenant_id(module)
|
||||||
|
@ -210,5 +205,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -174,18 +174,13 @@ def _remove_gateway_router(neutron, module, router_id):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
router_name = dict(required=True),
|
router_name = dict(required=True),
|
||||||
network_name = dict(required=True),
|
network_name = dict(required=True),
|
||||||
state = dict(default='present', choices=['absent', 'present']),
|
state = dict(default='present', choices=['absent', 'present']),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
neutron = _get_neutron_client(module, module.params)
|
neutron = _get_neutron_client(module, module.params)
|
||||||
router_id = _get_router_id(module, neutron)
|
router_id = _get_router_id(module, neutron)
|
||||||
|
@ -213,5 +208,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -208,19 +208,14 @@ def _remove_interface_router(neutron, module, router_id, subnet_id):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
router_name = dict(required=True),
|
router_name = dict(required=True),
|
||||||
subnet_name = dict(required=True),
|
subnet_name = dict(required=True),
|
||||||
tenant_name = dict(default=None),
|
tenant_name = dict(default=None),
|
||||||
state = dict(default='present', choices=['absent', 'present']),
|
state = dict(default='present', choices=['absent', 'present']),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
|
|
||||||
neutron = _get_neutron_client(module, module.params)
|
neutron = _get_neutron_client(module, module.params)
|
||||||
_set_tenant_id(module)
|
_set_tenant_id(module)
|
||||||
|
@ -249,5 +244,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
|
@ -252,13 +252,8 @@ def _delete_subnet(module, neutron, subnet_id):
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
||||||
module = AnsibleModule(
|
argument_spec = openstack_argument_spec()
|
||||||
argument_spec = dict(
|
argument_spec.update(dict(
|
||||||
login_username = dict(default='admin'),
|
|
||||||
login_password = dict(required=True),
|
|
||||||
login_tenant_name = dict(required='True'),
|
|
||||||
auth_url = dict(default='http://127.0.0.1:35357/v2.0/'),
|
|
||||||
region_name = dict(default=None),
|
|
||||||
name = dict(required=True),
|
name = dict(required=True),
|
||||||
network_name = dict(required=True),
|
network_name = dict(required=True),
|
||||||
cidr = dict(required=True),
|
cidr = dict(required=True),
|
||||||
|
@ -270,8 +265,8 @@ def main():
|
||||||
dns_nameservers = dict(default=None),
|
dns_nameservers = dict(default=None),
|
||||||
allocation_pool_start = dict(default=None),
|
allocation_pool_start = dict(default=None),
|
||||||
allocation_pool_end = dict(default=None),
|
allocation_pool_end = dict(default=None),
|
||||||
),
|
))
|
||||||
)
|
module = AnsibleModule(argument_spec=argument_spec)
|
||||||
neutron = _get_neutron_client(module, module.params)
|
neutron = _get_neutron_client(module, module.params)
|
||||||
_set_tenant_id(module)
|
_set_tenant_id(module)
|
||||||
if module.params['state'] == 'present':
|
if module.params['state'] == 'present':
|
||||||
|
@ -291,5 +286,6 @@ def main():
|
||||||
|
|
||||||
# this is magic, see lib/ansible/module.params['common.py
|
# this is magic, see lib/ansible/module.params['common.py
|
||||||
from ansible.module_utils.basic import *
|
from ansible.module_utils.basic import *
|
||||||
|
from ansible.module_utils.openstack import *
|
||||||
main()
|
main()
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue