resmo / ansible-cloudstack Goto Github PK
View Code? Open in Web Editor NEWansible modules for using cloudstack
ansible modules for using cloudstack
@resmo VPC support seen in the wild at:
https://github.com/SafeSwissCloud/ansible-cloudstack-vpc/blob/master/patches/cs_ip_address.py
Hi @resmo looks like we can't specify disk size on exoscale:
this:
- name: Start head-node VM
local_action:
module: cloudstack_vm
name: head-node1
template: Linux Ubuntu 14.04 LTS 64-bit 10G Disk (2014-10-28-3b8b26)
service_offering: Tiny
Gives an unknown template error. But I I use Linux Ubuntu 14.04 LTS 64-bit
and
disk_size: 10
It has no effect.
that's due to the naming convention of the exoscale template, which hard codes the disk sizes.
Any chance to check that ?
I'm hitting the error More than one rule having name lb_group_worker-http. Please pass 'ip_address' as well.
, even though I'm already passing the IP address and there is only a single rule with this name.
There is a second loadbalancer rule with a similar name, however: lb_group_worker-https
Other rules with more unique names (like lb_group_master
) work fine.
It looks like the CloudStack API does not match rule names exactly, as it should.
Hi @resmo any chance you could add the usersecuritygrouplist variable in the cloudstack_sg_rule file.
It allows to create a rule where the source is another security group (without passing a cidr as source).
its very helpful for exoscale.
thanks
TASK: [cs_staticnat] **********************************************************
failed: [127.0.0.1 -> 127.0.0.1] => {"failed": true, "parsed": false}
Traceback (most recent call last):
File "/home/milamber/.ansible/tmp/ansible-tmp-1440009370.83-101564793180131/cs_staticnat", line 2280, in
main()
File "/home/milamber/.ansible/tmp/ansible-tmp-1440009370.83-101564793180131/cs_staticnat", line 657, in main
acs_static_nat = AnsibleCloudStackStaticNat(module)
File "/home/milamber/.ansible/tmp/ansible-tmp-1440009370.83-101564793180131/cs_staticnat", line 525, in init
super(AnsibleCloudStackPortforwarding, self).init(module)
NameError: global name 'AnsibleCloudStackPortforwarding' is not defined
It only check the name currently. Given we know the public key during runtime, we should be able to generate the finger print and use that in the query other than the name. Not sure how easy was it to do it in Python though.
Best,
Dong
When we create VM's on CloudStack we want to specify the ipaddresses. We have multihomed machine spreading datacenters and need to separate networks as well.
The api is more extensive than the cloudstack_vm implements:
http://cloudstack.apache.org/docs/api/apidocs-4.2/user/deployVirtualMachine.html
being able to specify ipaddress would be an improvement, addnictovirtualmachine even better and also iptonetworklist.
Great work, thanks a lot for this.
Where do I put this if I have my own ansible installation (meaning I install ansible from source) ?
thanks
Hi @resmo any chance you could add the usersecuritygrouplist variable in the cloudstack_sg_rule file.
It allows to create a rule where the source is another security group (without passing a cidr as source).
its very helpful for exoscale.
thanks
@resmo me again, trolling…:)
Would love to see tag support. So we can tag VMs.
In the API those:
createEgressFirewallRule (A)
deleteEgressFirewallRule (A)
listEgressFirewallRules
updateEgressFirewallRule (A)
were listed under Firewall, so not sure should this be a separate module or part of the firewall one you already done.
Best,
Dong
Did you ever try register ISO with a URL?
I got an error like this:
TASK: [test] ******************************************************************
failed: [localhost -> 127.0.0.1] => {"failed": true}
msg: CloudStackException: ('HTTP 431 response from CloudStack', <Response [431]>, {u'errorcode': 431, u'uuidList': [], u'cserrorcode': 9999, u'errortext': u'Unsupported scheme for url: http%3A%2F%2Fstable.release.core-os.net%2Famd64-usr%2Fcurrent%2Fcoreos_production_iso_image.iso'})
I did try cloudmonkey and it works. Seems the endpoint doesn't like this kind of encoding?
Best,
Dong
Seems you removed the following two lines:
result = {}
result['changed'] = False
before
state = module.params.get('state')
Now we get errors like this:
File "/home/dong/.ansible/tmp/ansible-tmp-1426522421.37-197318843812041/cloudstack_sshkey", line 294, in get_result
self.result['fingerprint'] = ssh_key['fingerprint']
AttributeError: AnsibleCloudStackSshKey instance has no attribute 'result'
@resmo thanks for your hard work on this. It's super useful
The sg, sg rules and cloudstack_vm works.
It would be great to add userdata support in the cloudstack_vm module. something like
- local_action:
module: cloudstack_vm
name: foobar
userdata: /path/to/userdata
Hi René.
I can't find documentation on how to support multiple environments. It would be nice if we could use the inventory list with a list of "independent management servers", and have the module search the respective cloudstack.ini .... is it supported, or am I missing something?
Type back,
-NT
Cloudstack only stores a limited amount of grouping information.
For example, it is not possible to assign multiple host groups to a host.
This script can be used alongside cloudstack.py
to generate additional groups based on hostname regex matches:
import sys
import json
import re
hosts = json.load(sys.stdin)
for host in hosts['all']['hosts']:
for check in sys.argv[1:]:
(group, sep, rex) = check.partition('=')
#print >> sys.stderr, "{} ? {} -> {}".format(host, rex, group)
if rex and re.search(rex, host):
#print >> sys.stderr, "{} -> {}".format(host, group)
if group not in hosts:
hosts[group] = {
'hosts': []
}
hosts[group]['hosts'].append(host)
print(json.dumps(hosts, indent=2))
It would be nice to have this feature added to cloudstack.py
, for example with a multi-option like --hostgroup <group_name>=<regex>
Thank you for using it.
How to get a module reference of the HTML?
@resmo in:
https://github.com/resmo/ansible-cloudstack/blob/master/cloudstack_vm.py#L423
res is not defined.
If zone A already has host named: host1
Then trying to deploy host1 into zone B won't work as the current code would think it already exists.
Best,
Dong
A simple question: currently it seems setting state to Expunged won't work, Ansible detected the change yet the VM is still happily living.
We will get this error msg if we try 'expunge' command from cs or cloudmonkey on a running VM:
Error 530, Please destroy vm with specified vmId before expunge
Does that mean in order to totally remove a VM, we need to have two tasks: first destroy then expunge?
At least in the API for command 'destroy virtualmachine' we can give a parameter 'expunge=true'. I understand this is purely a design issue. Not sure how would Ansible philosophy handle this.
On a cloudstack cloud with an advanced zone we see lots of HTTPS errors due to maximum connection retries reached.
While it might be a setup/limit issue on the cloud. Is there a way to configure Ansible to avoid those issues, increase the time during polls on the API ?
This error is seen with a simple play that starts a single instance. the instance actually starts but the play fails. So ansible has to be doing multiple cs polls. to get the status of the VM (async, job status poll).
Hi @resmo shouldn't ansible skip a task if it's already created (idempotent…).
When I create a security group that has already been created, I see the cloudstack error:
failed: [localhost -> 127.0.0.1] => {"failed": true}
msg: CloudStackException: ('HTTP 431 response from CloudStack', <Response [431]>, {u'errorcode': 431, u'uuidList': [], u'cserrorcode': 4350, u'errortext': u'Unable to create security group, a group with name foobar already exisits.'})
FATAL: all hosts have already failed -- aborting
I am sure there is an easy way in ansible to skip through this ?
I try to create firewall rule, I always have this error : "No networks available" but the rule is created.
Here is my playbook :
- hosts: all
sudo: no
gather_facts: no
connection: local
tasks:
- cs_firewall:
ip_address: 178.170.72.99
start_port: 1234
end_port: 1234
cidr: 17.0.0.0/8
state: present
When using state: absent
to remove an ISO image, cs_iso will always report a changed state, but it does not fail if the image can't be removed.
This can occur when the image is still attached to a virtual machine, for example.
My python-cs is version 0.8.2.
Hi @resmo I am still looking into it, but there seems to be a bug when you try to add rules to a sec group that are from different protocols.
Say you add a ssh rule and then an icmp rule….it won't work. or so it seems.
I am looking at the code right now.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.