This module can be used to maintain the iRules for both LTM and GTM
on a BIG-IP. iRules should be supplied in their string form using
normal strings (unlikely), file lookups (likely), or template
lookups (likely).
Tests for this module can be found here
https://github.com/F5Networks/f5-ansible/blob/master/roles/__bigip_irule/tasks/main.yaml
Platforms this was tested on are
11.6.1
12.0.0
12.1.0
* apk: Fix mutual exclusivity
Ensure that 'name' and 'upgrade' are mutually exclusive.
Also add a note to the documentation to say so.
Fixes: #2767
* Fix documentation
This change removes the loop watching for "/var/lock/subsys/lxc" from
the lxc-container module. This change simply runs the command within
a container using the lxc CLI tools which should be responcible for
locking and unlocking on their own.
Closes-Issue: https://github.com/ansible/ansible-modules-extras/issues/690
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
* Changed type of 'details' argument to bool on ecs_service_facts module.
* Changed type of 'autostart' argument to bool on virt_* modules.
* Changed types of 'autoconnect' and 'stp' argument to bool on nmcli module.
('create_connection_bridge(self)' and 'modify_connection_bridge(self)' are not implemented yet?)
* Added conversion of 'value' argument when 'vtype' is boolean on debconf module.
After commit 9392943 more properties are always sets with their defaults
values (e.g. service to 'any'). This causes no issue when the rule is created,
but causes an error message that says "The property 'X' cannot be found on this
object. Verify that the property exists." because the module checks for
any property value that has changed, but `netsh advfirewall firewall show rule`
does not list any property unless `verbose` is set. This patch solves this.
Fixes#2624
This module can be used to manipulate data centers in a BIG-IP.
It supports both the iControl SOAP and iControl REST APIs, but default
to the REST API. With this module, you can perform operations similar
to those available in tmsh to create data centers and set the contact,
location, and description of those data centers.
This module is most useful in the initial provisioning of a BIG-IP
This module can be used to directly manipulate the system database
variables in a BIG-IP. It supports both the iControl SOAP and iControl
REST APIs, but default to the REST API. With this module, you can
perform operations similar to those available in tmsh to set system
variables such as turning off the default setup screen.
This module is most useful in the initial provisioning of a BIG-IP
This module can be used to manage VLANs in BIG-IP on various software
versions. It is part of a bootstrapping effort underway to provide
modules necessary to bootstrap core settings in a BIG-IP.
Tests for this module can be found here
https://github.com/F5Networks/f5-ansible/blob/master/roles/__bigip_vlan/tasks/main.yaml
Platforms this was tested on are
- 11.5.4 HF1
- 11.6.0
- 12.0.0
- 12.1.0 HF1
Changes:
- Document missing 'path' option and remove redundant brew_path manipulation
- Add 'update_homebrew' option since 'brew cask update' as a synonym for
'brew update' is available nowadays
- Add additional missing aliases documentation
- Port additional improvements (expanded support for brews path, cask path
patterns etc.)
- Allow proper `list` type support for 'name' option.
This allows doing 'brew tap <url>' where the URL is not assumed to be on GitHub,
and the protocol doesn't have to be HTTP. Any location and protocol that git can
handle is fine.
While at it, allow proper `list` type support for 'name' option and update
module documentation for option aliases.
* fixes#2158
* handles version-specifiers (>,<,>=,<=,=) correctly
* adds option "oldpackage", which is passed to zypper
* this is implied as soon as a version is specified
* it can be used independently to allow downgrades coming from repos
* add __main__ check
* extend documentation on version specifier
* Create a Kinesis Stream.
* Tag a Kinesis Stream.
* Update the Retention Period of a Kinesis Stream.
* Delete a Kinesis Stream.
* Wait for a Kinesis Stream to be in an ACTIVE State.
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
No functional code changes were made.
* Create an AWS Nat Gateway.
* Delete an AWS Nat Gateway.
* If Nat Gateway exist in subnet and the option is passed to not create one, it will then return the Nat Gateway object.
* return a proper result set for getmaster/getslave
when not on a master/slave.
This allows for a cleaner error handling.
* A more uniform return of result keys for getmaster/slave
* rename archive -> arcfile (where it's a file descriptor)
* additional return
* simplify logic around 'archive?' flag
* maintain os separator after arcroot
* use function instead of lambda for filter, ensure file exists before file.cmp'ing it
* track errored files and fail if there are any
* Don't include the archive in the archive if it falls within an archived path
* If remove=True and the archive would be in an archived path, fail.
* Fix single-file zip file compression
* Add more documentation about 'state' return
This manages compressed files or archives of many compressed files. You can maintain or update .gz, .bz2 compressed files, .zip archives, or tarballs compressed with gzip or bzip2.
Possible use cases:
* Back up user home directories
* Ensure large text files are always compressed
* Archive trees for distribution
This module was using python 2.6 string .format().
To enable the module to run on python2.4, replace
the .format formatting with '%s' based string formatting.
There was also a use of a 'filename' variable in the
NosystemdTimezone.get() method that was never set.
An import of 'os' was also added for clarity.
Replace the use of python 2.6+ string .format() method
use with the python 2.4 compatible '%s' formatting to
make the github_key module py2.4 compatible.
policy should now accept and handle correctly both data structures or JSON strings
removed unused tag_set var
refactored code to make conditions clearer
rebased to allow for ceph changes, left ceph update on todo list
* Add `active` and `inactive` states to the lvol module
* Honor the previous state of the changed variable
* Move active/inactive states to active boolean parameter
* Bump version_added to make Travis happy
* Avoid bailing early is size isn't specified
* Add invocation examples
* Move "no size" up for code clarity
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
Additionally, this patch fixes a couple bugs in the module that were
preventing it from being idempotent.
The user adding part is not properly guarded by a try...except
block, so pymongo exceptions can escape from it.
Also there's a double-guarding where roles are given.
Fixes: #2575
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
No functional code changes were made.
* zypper cleanup checks for failure/diff
* move check for changed/failed from functions back to main
* handle all cases identially
* generate diff together
* fix module name
* Add ipmi modules for power and boot management
* ipmi_power - module for power management
Parameters:
- name
- port
- user
- password
- state
- timeout
* ipmi_boot - module for boot order management
Parameters:
- name
- port
- user
- password
- bootdev
- state
- persist
- uefi
* Fixed copyright
* Supported check mode
Also added description for RETURN
* Added ipmi to list of excludes of tests for python2.4
* added no_log=True for secrets
* added type for port and mark bootdev as required field
* New module wakeonlan to send out magic WOL packets
For a local project managing desktop Windows systems at an elementary school, we want to send out wake-on-lan packets to all systems before continuing using Ansible.
That is the purpose of this module.
PS We can make this module idempotent by implementing arping support using scapy. At some point I may add this, at this time I simply plan on using wait_for to check if the system is online.
* Improved documentation and notes
* Improve the documentation a bit
* Fix Travis warnings and review remarks
* Fix exception handling to support both python2 and python3
* Documentation changes
* added zypper refresh support
* removed trailing symbols
* added forced zypper refresh support similar to update_cache for apt module
* removed unnecessary blocks and cleaned up the logic for refresh
* added update_cache as alias for refresh to be similar to apt/yum module
* update zypper module according to comments
* priority needs zypper version >= 1.12.25
* gpgcheck needs zypper version >= 1.6.2
* output warnings if version not sufficient for option
* fixes#2548
* Add os_stack module for create and delete stack
* Add ansible module for creating and deleting heat stack
* Parameters:
- stack name
- template
- environment_files (list)
- parameters (dict)
- timeout
- rollback
- state: In a near futur I would like to improve
this module by providing a way updating the stack
if already exist. Shade doesn't offer this functionality
AFAIK
* Add update stack feature
* Update added_version and return doc
* Add copyright for os_stack module
* Add wait user choice and minor fixes
* Remove Todo for Shade 1.8.0 and bad line example
* Add documentation for the return values
* Fix type on return value
* Fix yaml syntax
* Cast message to string instead
* add missing check mode
* Fix Kubernetes API auth regression from 393e43b8
Commit 393e43b8 renames url_username and url_password to username and
password, which breaks authentication to a Kubernetes API endpoint as
fetch_url() in ansible.module_utils.urls relies on url_username and
url_password being set.
* Add aliases for clustering/kubernetes.py
- username as alias for url_username
- password as alias for url_password
2.1 introduces overwrite_multiple, which can overwrite more than one
exisiting repo (with matching alias or URL). Allow more than 2 repos to
be overwritten, since openSuSE allow more than one repo with the same
URL if the alias is different.
* Fix bug where we were actually checking for the availability of the
requested package name and not 'sqlports' even if that was the goal.
* Add check that the sqlports database file exists before using it.
* Sprinkle some debug messages for an easier time following the code when
developing.
* Such package names requires at least OpenBSD 6.0.
* Rework get_package_state() to use 'pkg_info -Iq inst:' instead of 'pkg_info -e'
because it understands the branch syntax. It also means we can get rid of
some additional special handling.
This was suggested by Marc Espie:
http://marc.info/?l=openbsd-tech&m=146659756711614&w=2
* Drop get_current_name() because the use of 'pkg_info -Iq inst:' in
get_package_state() means we already have that information available without
needing to do custom parsing. This was also necessary because a name such as
"postfix%stable" does not in itself contain the version information necessary
for the custom parsing. pkg_info -Iq translates such a name to the actual
package name seamlessly.
* Add support for finding more than one package for the supplied package name
which may happen if we only supply a stem.
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
No functional code changes were made.
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
No functional code changes were made.
The external_ids 'type' was not defined in the argument spec of
openvswitch_bridge. This caused 'external_ids' to be converted to a
string leading to an error when later calling exp_external_ids.items().
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
No functional code changes were made.
* influxdb: retention_policy: infinite retention is returned as 0 from influxdb
* influxdb: retention_policy: database_name argument should be required
A number of coding conventions have been adopted for new F5 modules
that are in development. To ensure common usage across the modules,
this module needed to be updated to reflect those conventions.
Prior to 2.1, imports of module_utils was actually a preprocessor-like
substitution. So importing at the bottom helped preserve line numbers when
debugging. We'll be moving these to the top of files as time goes on.
Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
Ceph Object Gateway (Ceph RGW) is an object storage interface built on top of
librados to provide applications with a RESTful gateway to Ceph Storage
Clusters:
http://docs.ceph.com/docs/master/radosgw/
This patch adds the required bits to handle buckets with the RGW S3 RESTful API
properly.
It sticks to the AWS behaviour where possible while avoiding not yet
implemented features in the Ceph RGW API.
Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
I am taking over much of the development of modules old
and new for F5 and to meet the coding conventions for our
modules, I am aiming at newer python versions.
Therefore, I will be excluding python 2.4
This patch adds support for the server_port module. It
additionally updates the documentation in the module for
it.
The changes were tested in the f5-ansible repository to
ensure no breaking changes were made. This argument allows
modules to be used on BIG-IPs that are listening on
non-standard ports.
PR #1299 introduced the service_address parameter but specified a
default value of localhost. This is a breaking change; prior to that,
the consul module would always assume that the service should advertise
the address that the Consul agent was listening on. With this change,
the consul module will now default to advertising localhost to all nodes
for the service, which isn't the desired behavior. This changes the
default back to None which is the implicit default prior to #1299.
* Implement mounts in proxmox module
mounts in proxmox are the additionnal disk devices set in a guests.
We handle the mounts the same way that netif devices, using a
dictionnary with keys being mp0, mp1,…
* Add version_added
Seems to be a requirement but I didn't see that anywhere.
Hope it'll fix the travis-ci issue
* add a new modify command
for now, allows adding or modifying hosts in the dhcp subsystem
* fix some pep8 things that escaped
* add modify in the list in the doc
* added mention of adding modify in version 2.1
* handle the test mode case for modify
* modify the code for finer check mode support
added profile examples as my firewall task would pass yet no firewall rule was created until I added
profile: Domain,Private,Public
When setting a Firewall rule on Windows Server 2008 R2 manually, these three are selected as default, useful to have in the documentation maybe?
New SELinux module sefcontext to set SELinux file context mappings
This module implements `semanage fcontext` in an idempotent way.
It supports check-mode and diff-mode.
Without these fixes using the modules would result in the following error:
implementation error: unknown type <type 'bool'> requested for validate_certs
The external_ids 'type' was not defined in the argument spec of
openvswitch_port. This lead 'external_ids' to be converted to a
string, when the value was not defined. Further down the code this
was leading to an exception in some cases. By defining the type
all is right.
This commit fixes incorrect type of the "params" option of the
"yum_repository" module. Without this fix the value of the "params"
option is read as a string instead of as a dictionary which makes
it impossible to define any additional YUM repository parameters.
According to module checklist:
- Descriptions should always start with a Capital letter and end with a
full stop.
- Ensure that you make use of U() for urls, C() for files and options,
I() for params, M() for modules.
* Streamlined ec2_elb_facts module return values with naming in ec2_elb_lb (hosted zones)
* Keep the old return values for hosted zone to keep backwards compatibility
fix syntax problems:
* it is possible that sql injection is done, therefore the [DBNAME] syntax is used.
* it is not possible to use default escape on cursor.execute for DBNAME, since it will insert single quotes around the name and this will cause syntax problems / single quotes within the actual DBNAME
implement autocommit setting, since some content can not be imported within transaction
fix for automatic tests
fix problems with named instances, corrected error message regarding configuration file
remove unused placeholder
Using pymssql string interpolation
Cursor does string interpolation at script execution
Handled edge cases in import and delete
updated ansible version number
The arg spec for update_catalog include 'type=bool'
and 'choices=["yes", "no"] which can never both be
true.
Remove the 'choices' directive, and update doc string.
Fixes#2144
- Avoiding the use of 'with ... as ...' and 'except ... as ...' constructs.
- Make use of posixpath.join() rather than concatenating slashes ourselves
(To avoid having consecutive slashes which broke something on our side)
* New AWS module for managing VPC Networks ACLs
Moved return outside of try block
botocore.exceptions to support python 2.5
For some reason Travis is using Python V2.4 to run the tests - My code is valid
duplicate file
* Fixed NameError Exception- module not being passed when calling some boto3 client methods
* Fixes a bug reported by @dennisconrad, where the nacl is not created when subnets list is empty
* nacl property changed to name and fixes a bug where nacl is not deleted when subnets list is empty
* Updates to version and requirements
* Fix 'vpc' param to 'vpc_id' to match documentation and convention
* known_hosts: clarify key format in documentation
Add a small clarification to the documentation about the format of the
"key" parameter.
Should make #664 less of a issue for newcomers.
* known_hosts: normalize key entry to simplify input
Keys are normalized before comparing input with present keys. This
should make it easier to deal with some corner cases, such as having a
hashed entry for some host and trying to add it as non-hashed.
* known_hosts: allow multiple entries per host
In order to support multiple key types and allow the installed ssh
version to decide which is more secure, the module now only overwrites
an existing entry in known_hosts if the provided key is of the same
type.
Old keys of different types must be explicitly removed. Setting
state to "absent" and providing no key will remove all entries for the
host.
* Fix problem with 'restarted' state not restarting the apppool when it is in running state
* Implemeting code review comments
Comment from previous commit “You basically want to start the pool if
it's stopped and requested state is started or restarted, otherwise if
requested state is restarted, restart it.” This commit implements the
behavior stated in the PR comment
* Added more robust error handling
* Add Win Synchronize module
Renamed win_synchronize to win_robocopy
Updating email address
Adding "flags" argument.
Adding a "flags" argument that will allow the user to pass args
directly to robocopy.
If "flags" is set, recurse and purge will be ignored.
Add return code to output
Added bits to support check mode
Fixing typo in Documentation
Updated Documentation to have "RETURNED" field
Updated win_robocopy.py to have the RETURNED field. I also noticed
that win_robocopy.ps1 wasn't really using the "changed" attribute,
so I went in and made sure it was being set appropriately.
Forcing bool type for recurse and purge flag
Updated "version_added"
Since they both depend on library that cannot run on python2.4,
cf https://github.com/ansible/ansible/pull/15870, we can use
directly the python 2.6 syntax, as seen on the porting doc.
Due to ansible/jinja2 templating, it is difficult to use the monitor message template variables as they need to be surrounded by `{{` and `}}`, this change addresses that issue by allowing the user to use `[[` and `]]` instead.
The lvol module has a different logic in check-mode for knowing when a change is induced. And this logic is *only* based on a size check. However during a normal run, it is the lvreduce or lvextend tool that decides when a change is performed (or when the requested and existing sizes differ). So while in check-mode the module reports a change, in real run-mode it does not in fact changes anything an reports ok.
One solution would be to implement the exact size-comparison logic that is implemented in lvextend and lvreduce, but we opted to use the `--test` option to each command to verify if a change is induced or not. In effect both check-mode and run-mode use the exact same logic and conclusion.
Instead of doing an unpack, deliberately specify which parameters you
want to use. This allows us to flexibly add more parameters to the
f5_argument_spec without having to rewrite all the modules that use
it.
Functionally this commit changes nothing, it just provides for a
different way of accessing the parameters to the module
* refactor zypper module
Cleanup:
* remove mention of old_zypper (no longer supported)
* requirement goes up to zypper 1.0, SLES 11.0, openSUSE 11.1
* allows to use newer features (xml output)
* already done for zypper_repository
* use zypper instead of rpm to get old version information, based on work by @jasonmader
* don't use rpm, zypper can do everything itself
* run zypper only twice, first to determine current state, then to apply changes
New features:
* determine change by parsing zypper xmlout
* determine failure by checking return code
* allow simulataneous installation/removal of packages (using '-' and '+' prefix)
* allows to swap out alternatives without removing packages depending
on them
* implement checkmode, using zypper --dry-run
* implement diffmode
* implement 'name=* state=latest' and 'name=* state=latest type=patch'
* add force parameter, handed to zypper to allow downgrade or change of vendor/architecture
Fixes/Replaces:
* fixes#1627, give changed=False on installed patches
* fixes#2094, handling URLs for packages
* fixes#1461, fixes#546, allow state=latest name='*'
* fixes#299, changed=False on second install, actually this was fixed earlier, but it is explicitly tested now
* fixes#1824, add type=application
* fixes#1256, install rpm from path, this is done by passing URLs and paths directly to zypper
* fix typo in package_update_all
* minor fixes
* remove commented code block
* bump version added to 2.2
* deal with zypper return codes 103 and 106
* Add git_config module
This module can be used for reading and writing git configuration at all
three scopes (local, global and system). It supports --diff and --check
out of the box.
This module is based off of the following gist:
https://gist.github.com/mgedmin/b38c74e2d25cb4f47908
I tidied it up and added support for the following:
- Reading values on top of writing them
- Reading and writing values at any scope
The original author is credited in the documentation for the module.
* Respond to review feedback
- Improve documentation by adding choices for parameters, requirements
for module, and add missing description for scope parameter.
- Fail gracefully when git is not installed (followed example of puppet
module).
- Remove trailing whitespace.
* Change repo parameter to type 'path'
This ensures that all paths are automatically expanded appropriately.
* Set locale to C before running commands to ensure consistent error messages
This is important to ensure error message parsing occurs correctly.
* Adjust comment
As is done in other ansible modules, this adds the __main__ check
to the module so that the module code itself can be used as a library.
For instance, when testing the code.
It's not particularly obvious that removing an application will remove it
from ufw's own state, potentially leaving ports open on your box if you
upload your configuration.
Whilst this applies to a lot of things in Ansible, firewall rules might
cross some sort of line that justifies such a warning in his instance.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
1) Removed kubectl functionality. We'll move that into a different
module in the future. Also removed post/put/patch/delete options,
as they are not Ansible best practice.
2) Expanded error handling in areas where tracebacks were most likely,
based on bad data from users, etc.
3) Added an 'insecure' option and made the password param optional, to
enable the use of the local insecure port.
4) Allowed the data (both inline and from the file) to support multiple
items via a list. This is common in YAML files where mutliple docs
are used to create/remove multiple resources in one shot.
5) General bug fixing.