ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-27 15:11:23 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Support for accelerated networking and network security group for scaleset vms (#34788)

Browse source 
* Support for accelerated networking and network security group for scaleset vms
This commit is contained in:
Madhura-CSI 2018-08-17 03:22:12 +05:30 committed by John R Barker
commit 47cb3856b5
2 changed files with 229 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

45
lib/ansible/modules/cloud/azure/azure_rm_virtualmachine_scaleset.py
View file

@ -183,6 +183,20 @@ options:
- "It can be 'all' or a list with any of the following: ['network_interfaces', 'virtual_storage', 'public_ips']." - "It can be 'all' or a list with any of the following: ['network_interfaces', 'virtual_storage', 'public_ips']."
- Any other input will be ignored. - Any other input will be ignored.
default: ['all'] default: ['all']
enable_accelerated_networking:
description:
- Indicates whether user wants to allow accelerated networking for virtual machines in scaleset being created.
version_added: "2.7"
type: bool
security_group:
description:
- Existing security group with which to associate the subnet.
- It can be the security group name which is in the same resource group.
- It can be the resource Id.
- It can be a dict which contains C(name) and C(resource_group) of the security group.
version_added: "2.7"
aliases:
- security_group_name
extends_documentation_fragment: extends_documentation_fragment:
- azure - azure
@ -351,7 +365,7 @@ except ImportError:
# This is handled in azure_rm_common # This is handled in azure_rm_common
pass pass
from ansible.module_utils.azure_rm_common import AzureRMModuleBase, azure_id_to_dict from ansible.module_utils.azure_rm_common import AzureRMModuleBase, azure_id_to_dict, format_resource_id
AZURE_OBJECT_CLASS = 'VirtualMachineScaleSet' AZURE_OBJECT_CLASS = 'VirtualMachineScaleSet'
@ -388,6 +402,8 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
virtual_network_resource_group=dict(type='str'), virtual_network_resource_group=dict(type='str'),
virtual_network_name=dict(type='str', aliases=['virtual_network']), virtual_network_name=dict(type='str', aliases=['virtual_network']),
remove_on_absent=dict(type='list', default=['all']), remove_on_absent=dict(type='list', default=['all']),
enable_accelerated_networking=dict(type='bool'),
security_group=dict(type='raw', aliases=['security_group_name'])
) )
self.resource_group = None self.resource_group = None
@ -414,6 +430,8 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
self.tags = None self.tags = None
self.differences = None self.differences = None
self.load_balancer = None self.load_balancer = None
self.enable_accelerated_networking = None
self.security_group = None
self.results = dict( self.results = dict(
changed=False, changed=False,
@ -428,6 +446,8 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
def exec_module(self, **kwargs): def exec_module(self, **kwargs):
nsg = None
for key in list(self.module_arg_spec.keys()) + ['tags']: for key in list(self.module_arg_spec.keys()) + ['tags']:
setattr(self, key, kwargs[key]) setattr(self, key, kwargs[key])
@ -604,6 +624,11 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
managed_disk = self.compute_models.VirtualMachineScaleSetManagedDiskParameters(storage_account_type=self.managed_disk_type) managed_disk = self.compute_models.VirtualMachineScaleSetManagedDiskParameters(storage_account_type=self.managed_disk_type)
if self.security_group:
nsg = self.parse_nsg()
if nsg:
self.security_group = self.network_models.NetworkSecurityGroup(id=nsg.get('id'))
vmss_resource = self.compute_models.VirtualMachineScaleSet( vmss_resource = self.compute_models.VirtualMachineScaleSet(
self.location, self.location,
tags=self.tags, tags=self.tags,
@ -643,7 +668,9 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
load_balancer_backend_address_pools=load_balancer_backend_address_pools, load_balancer_backend_address_pools=load_balancer_backend_address_pools,
load_balancer_inbound_nat_pools=load_balancer_inbound_nat_pools load_balancer_inbound_nat_pools=load_balancer_inbound_nat_pools
) )
] ],
enable_accelerated_networking=self.enable_accelerated_networking,
network_security_group=self.security_group
) )
] ]
) )
@ -854,6 +881,20 @@ class AzureRMVirtualMachineScaleSet(AzureRMModuleBase):
return True return True
return False return False
def parse_nsg(self):
nsg = self.security_group
resource_group = self.resource_group
if isinstance(self.security_group, dict):
nsg = self.security_group.get('name')
resource_group = self.security_group.get('resource_group', self.resource_group)
id = format_resource_id(val=nsg,
subscription_id=self.subscription_id,
namespace='Microsoft.Network',
types='networkSecurityGroups',
resource_group=resource_group)
name = azure_id_to_dict(id).get('name')
return dict(id=id, name=name)
def main(): def main():
AzureRMVirtualMachineScaleSet() AzureRMVirtualMachineScaleSet()

208
test/integration/targets/azure_rm_virtualmachine_scaleset/tasks/main.yml
View file

@ -28,6 +28,16 @@
name: testLB name: testLB
public_ip_address_name: testPublicIP public_ip_address_name: testPublicIP
- name: Create network security group within same resource group of VMSS.
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: testNetworkSecurityGroup
- name: Create network security group in different resource group of VMSS.
azure_rm_securitygroup:
resource_group: "{{ resource_group_secondary }}"
name: testNetworkSecurityGroup2
- name: Create VMSS - name: Create VMSS
azure_rm_virtualmachine_scaleset: azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}" resource_group: "{{ resource_group }}"
@ -132,23 +142,12 @@
state: absent state: absent
remove_on_absent: ['all'] remove_on_absent: ['all']
vm_size: Standard_DS1_v2 vm_size: Standard_DS1_v2
admin_username: testuser
capacity: 2 capacity: 2
virtual_network_name: testVnet
subnet_name: testSubnet
upgrade_policy: Manual
tier: Standard
os_disk_caching: ReadWrite
image: image:
offer: CoreOS offer: CoreOS
publisher: CoreOS publisher: CoreOS
sku: Stable sku: Stable
version: latest version: latest
data_disks:
- lun: 0
disk_size_gb: 64
caching: ReadWrite
managed_disk_type: Standard_LRS
- name: Create VMSS (check mode) - name: Create VMSS (check mode)
azure_rm_virtualmachine_scaleset: azure_rm_virtualmachine_scaleset:
@ -183,7 +182,7 @@
assert: assert:
that: results.changed that: results.changed
- name: Create VMSS (check mode) - name: Create VMSS
azure_rm_virtualmachine_scaleset: azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}" resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}1 name: testVMSS{{ rpfx }}1
@ -222,23 +221,186 @@
state: absent state: absent
remove_on_absent: ['all'] remove_on_absent: ['all']
vm_size: Standard_DS1_v2 vm_size: Standard_DS1_v2
admin_username: testuser
capacity: 2 capacity: 2
virtual_network_name: testVnet
subnet_name: testSubnet
upgrade_policy: Manual
tier: Standard
os_disk_caching: ReadWrite
image: image:
offer: CoreOS offer: CoreOS
publisher: CoreOS publisher: CoreOS
sku: Stable sku: Stable
version: latest version: latest
data_disks:
- lun: 0 - name: Create VMSS with security group in same resource group, with accelerated networking(check mode).
disk_size_gb: 64 azure_rm_virtualmachine_scaleset:
caching: ReadWrite resource_group: "{{ resource_group }}"
managed_disk_type: Standard_LRS name: testVMSS{{ rpfx }}2
vm_size: Standard_D3_v2
capacity: 1
virtual_network_name: testVnet
subnet_name: testSubnet
admin_username: testuser
ssh_password_enabled: true
admin_password: "Password1234!"
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
upgrade_policy: Manual
security_group: testNetworkSecurityGroup
enable_accelerated_networking: yes
register: results
check_mode: yes
- name: Assert that VMSS can be created
assert:
that: results.changed
- name: Create VMSS with security group in same resource group, with accelerated networking.
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}2
vm_size: Standard_D3_v2
capacity: 1
virtual_network_name: testVnet
subnet_name: testSubnet
admin_username: testuser
ssh_password_enabled: true
admin_password: "Password1234!"
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
upgrade_policy: Manual
security_group: testNetworkSecurityGroup
enable_accelerated_networking: yes
register: results
- name: Assert that VMSS ran
assert:
that:
- 'results.changed'
- 'results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.enableAcceleratedNetworking == true'
- 'results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.networkSecurityGroup != {}'
- name: Delete VMSS
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}2
state: absent
remove_on_absent: ['all']
vm_size: Standard_D3_v2
capacity: 1
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
- name: Create VMSS with security group in different resource group(check mode).
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}3
vm_size: Standard_DS1_v2
capacity: 1
virtual_network_name: testVnet
subnet_name: testSubnet
admin_username: testuser
ssh_password_enabled: true
admin_password: "Password1234!"
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
upgrade_policy: Manual
security_group:
name: testNetworkSecurityGroup2
resource_group: "{{ resource_group_secondary }}"
register: results
check_mode: yes
- name: Assert that VMSS ran
assert:
that: results.changed
- name: Create VMSS with security group in different resource group.
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}3
vm_size: Standard_DS1_v2
capacity: 1
virtual_network_name: testVnet
subnet_name: testSubnet
admin_username: testuser
ssh_password_enabled: true
admin_password: "Password1234!"
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
upgrade_policy: Manual
security_group:
name: testNetworkSecurityGroup2
resource_group: "{{ resource_group_secondary }}"
register: results
- name: Assert that VMSS ran
assert:
that:
- 'results.changed'
- '"testNetworkSecurityGroup2" in results.ansible_facts.azure_vmss.properties.virtualMachineProfile.networkProfile.networkInterfaceConfigurations.0.properties.networkSecurityGroup.id'
- name: Delete VMSS
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}3
state: absent
remove_on_absent: ['all']
vm_size: Standard_DS1_v2
capacity: 1
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
- name: Fail when instance type is not supported to enable accelerated networking
azure_rm_virtualmachine_scaleset:
resource_group: "{{ resource_group }}"
name: testVMSS{{ rpfx }}4
vm_size: Standard_DS1_v2
virtual_network_name: testVnet
subnet_name: testSubnet
admin_username: testuser
ssh_password_enabled: true
admin_password: "Password1234!"
image:
offer: CoreOS
publisher: CoreOS
sku: Stable
version: latest
upgrade_policy: Manual
enable_accelerated_networking: yes
register: results
ignore_errors: yes
- name: Assert failure to show that accelerated networking is enabled only with supported instance types.
assert:
that:
- '"VMSizeIsNotPermittedToEnableAcceleratedNetworkingForVmss" in results.msg'
- name: Delete network security group
azure_rm_securitygroup:
resource_group: "{{ resource_group }}"
name: testNetworkSecurityGroup
state: absent
- name: Delete network security group
azure_rm_securitygroup:
resource_group: "{{ resource_group_secondary }}"
name: testNetworkSecurityGroup2
state: absent
- name: Delete load balancer - name: Delete load balancer
azure_rm_loadbalancer: azure_rm_loadbalancer: