mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-10-23 20:44:00 -07:00
proxmox inventory: fix urllib3 InsecureRequestWarnings not suppressing when a token is used (#9099)
* proxmox inventory: fix urllib3 InsecureRequestWarnings not suppressing when a token is used
* proxmox inventory: add changelog fragment
* proxmox inventory: add forgotten pr number
* Update changelog.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 886d4a6596
)
Co-authored-by: Mikhail Vorontsov <52924343+mephs@users.noreply.github.com>
687 lines
28 KiB
Python
687 lines
28 KiB
Python
# -*- coding: utf-8 -*-
|
|
# Copyright (C) 2016 Guido Günther <agx@sigxcpu.org>, Daniel Lobato Garcia <dlobatog@redhat.com>
|
|
# Copyright (c) 2018 Ansible Project
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
from __future__ import (absolute_import, division, print_function)
|
|
|
|
__metaclass__ = type
|
|
|
|
DOCUMENTATION = '''
|
|
name: proxmox
|
|
short_description: Proxmox inventory source
|
|
version_added: "1.2.0"
|
|
author:
|
|
- Jeffrey van Pelt (@Thulium-Drake) <jeff@vanpelt.one>
|
|
requirements:
|
|
- requests >= 1.1
|
|
description:
|
|
- Get inventory hosts from a Proxmox PVE cluster.
|
|
- "Uses a configuration file as an inventory source, it must end in C(.proxmox.yml) or C(.proxmox.yaml)"
|
|
- Will retrieve the first network interface with an IP for Proxmox nodes.
|
|
- Can retrieve LXC/QEMU configuration as facts.
|
|
extends_documentation_fragment:
|
|
- constructed
|
|
- inventory_cache
|
|
options:
|
|
plugin:
|
|
description: The name of this plugin, it should always be set to V(community.general.proxmox) for this plugin to recognize it as it's own.
|
|
required: true
|
|
choices: ['community.general.proxmox']
|
|
type: str
|
|
url:
|
|
description:
|
|
- URL to Proxmox cluster.
|
|
- If the value is not specified in the inventory configuration, the value of environment variable E(PROXMOX_URL) will be used instead.
|
|
- Since community.general 4.7.0 you can also use templating to specify the value of the O(url).
|
|
default: 'http://localhost:8006'
|
|
type: str
|
|
env:
|
|
- name: PROXMOX_URL
|
|
version_added: 2.0.0
|
|
user:
|
|
description:
|
|
- Proxmox authentication user.
|
|
- If the value is not specified in the inventory configuration, the value of environment variable E(PROXMOX_USER) will be used instead.
|
|
- Since community.general 4.7.0 you can also use templating to specify the value of the O(user).
|
|
required: true
|
|
type: str
|
|
env:
|
|
- name: PROXMOX_USER
|
|
version_added: 2.0.0
|
|
password:
|
|
description:
|
|
- Proxmox authentication password.
|
|
- If the value is not specified in the inventory configuration, the value of environment variable E(PROXMOX_PASSWORD) will be used instead.
|
|
- Since community.general 4.7.0 you can also use templating to specify the value of the O(password).
|
|
- If you do not specify a password, you must set O(token_id) and O(token_secret) instead.
|
|
type: str
|
|
env:
|
|
- name: PROXMOX_PASSWORD
|
|
version_added: 2.0.0
|
|
token_id:
|
|
description:
|
|
- Proxmox authentication token ID.
|
|
- If the value is not specified in the inventory configuration, the value of environment variable E(PROXMOX_TOKEN_ID) will be used instead.
|
|
- To use token authentication, you must also specify O(token_secret). If you do not specify O(token_id) and O(token_secret),
|
|
you must set a password instead.
|
|
- Make sure to grant explicit pve permissions to the token or disable 'privilege separation' to use the users' privileges instead.
|
|
version_added: 4.8.0
|
|
type: str
|
|
env:
|
|
- name: PROXMOX_TOKEN_ID
|
|
token_secret:
|
|
description:
|
|
- Proxmox authentication token secret.
|
|
- If the value is not specified in the inventory configuration, the value of environment variable E(PROXMOX_TOKEN_SECRET) will be used instead.
|
|
- To use token authentication, you must also specify O(token_id). If you do not specify O(token_id) and O(token_secret),
|
|
you must set a password instead.
|
|
version_added: 4.8.0
|
|
type: str
|
|
env:
|
|
- name: PROXMOX_TOKEN_SECRET
|
|
validate_certs:
|
|
description: Verify SSL certificate if using HTTPS.
|
|
type: boolean
|
|
default: true
|
|
group_prefix:
|
|
description: Prefix to apply to Proxmox groups.
|
|
default: proxmox_
|
|
type: str
|
|
facts_prefix:
|
|
description: Prefix to apply to LXC/QEMU config facts.
|
|
default: proxmox_
|
|
type: str
|
|
want_facts:
|
|
description:
|
|
- Gather LXC/QEMU configuration facts.
|
|
- When O(want_facts) is set to V(true) more details about QEMU VM status are possible, besides the running and stopped states.
|
|
Currently if the VM is running and it is suspended, the status will be running and the machine will be in C(running) group,
|
|
but its actual state will be paused. See O(qemu_extended_statuses) for how to retrieve the real status.
|
|
default: false
|
|
type: bool
|
|
qemu_extended_statuses:
|
|
description:
|
|
- Requires O(want_facts) to be set to V(true) to function. This will allow you to differentiate between C(paused) and C(prelaunch)
|
|
statuses of the QEMU VMs.
|
|
- This introduces multiple groups [prefixed with O(group_prefix)] C(prelaunch) and C(paused).
|
|
default: false
|
|
type: bool
|
|
version_added: 5.1.0
|
|
want_proxmox_nodes_ansible_host:
|
|
version_added: 3.0.0
|
|
description:
|
|
- Whether to set C(ansible_host) for proxmox nodes.
|
|
- When set to V(true) (default), will use the first available interface. This can be different from what you expect.
|
|
- The default of this option changed from V(true) to V(false) in community.general 6.0.0.
|
|
type: bool
|
|
default: false
|
|
exclude_nodes:
|
|
description: Exclude proxmox nodes and the nodes-group from the inventory output.
|
|
type: bool
|
|
default: false
|
|
version_added: 8.1.0
|
|
filters:
|
|
version_added: 4.6.0
|
|
description: A list of Jinja templates that allow filtering hosts.
|
|
type: list
|
|
elements: str
|
|
default: []
|
|
strict:
|
|
version_added: 2.5.0
|
|
compose:
|
|
version_added: 2.5.0
|
|
groups:
|
|
version_added: 2.5.0
|
|
keyed_groups:
|
|
version_added: 2.5.0
|
|
'''
|
|
|
|
EXAMPLES = '''
|
|
# Minimal example which will not gather additional facts for QEMU/LXC guests
|
|
# By not specifying a URL the plugin will attempt to connect to the controller host on port 8006
|
|
# my.proxmox.yml
|
|
plugin: community.general.proxmox
|
|
user: ansible@pve
|
|
password: secure
|
|
# Note that this can easily give you wrong values as ansible_host. See further below for
|
|
# an example where this is set to `false` and where ansible_host is set with `compose`.
|
|
want_proxmox_nodes_ansible_host: true
|
|
|
|
# Instead of login with password, proxmox supports api token authentication since release 6.2.
|
|
plugin: community.general.proxmox
|
|
user: ci@pve
|
|
token_id: gitlab-1
|
|
token_secret: fa256e9c-26ab-41ec-82da-707a2c079829
|
|
|
|
# The secret can also be a vault string or passed via the environment variable TOKEN_SECRET.
|
|
token_secret: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
62353634333163633336343265623632626339313032653563653165313262343931643431656138
|
|
6134333736323265656466646539663134306166666237630a653363623262636663333762316136
|
|
34616361326263383766366663393837626437316462313332663736623066656237386531663731
|
|
3037646432383064630a663165303564623338666131353366373630656661333437393937343331
|
|
32643131386134396336623736393634373936356332623632306561356361323737313663633633
|
|
6231313333666361656537343562333337323030623732323833
|
|
|
|
# More complete example demonstrating the use of 'want_facts' and the constructed options
|
|
# Note that using facts returned by 'want_facts' in constructed options requires 'want_facts=true'
|
|
# my.proxmox.yml
|
|
plugin: community.general.proxmox
|
|
url: http://pve.domain.com:8006
|
|
user: ansible@pve
|
|
password: secure
|
|
want_facts: true
|
|
keyed_groups:
|
|
# proxmox_tags_parsed is an example of a fact only returned when 'want_facts=true'
|
|
- key: proxmox_tags_parsed
|
|
separator: ""
|
|
prefix: group
|
|
groups:
|
|
webservers: "'web' in (proxmox_tags_parsed|list)"
|
|
mailservers: "'mail' in (proxmox_tags_parsed|list)"
|
|
compose:
|
|
ansible_port: 2222
|
|
# Note that this can easily give you wrong values as ansible_host. See further below for
|
|
# an example where this is set to `false` and where ansible_host is set with `compose`.
|
|
want_proxmox_nodes_ansible_host: true
|
|
|
|
# Using the inventory to allow ansible to connect via the first IP address of the VM / Container
|
|
# (Default is connection by name of QEMU/LXC guests)
|
|
# Note: my_inv_var demonstrates how to add a string variable to every host used by the inventory.
|
|
# my.proxmox.yml
|
|
plugin: community.general.proxmox
|
|
url: http://192.168.1.2:8006
|
|
user: ansible@pve
|
|
password: secure
|
|
validate_certs: false # only do this when you trust the network!
|
|
want_facts: true
|
|
want_proxmox_nodes_ansible_host: false
|
|
compose:
|
|
ansible_host: proxmox_ipconfig0.ip | default(proxmox_net0.ip) | ipaddr('address')
|
|
my_inv_var_1: "'my_var1_value'"
|
|
my_inv_var_2: >
|
|
"my_var_2_value"
|
|
|
|
# Specify the url, user and password using templating
|
|
# my.proxmox.yml
|
|
plugin: community.general.proxmox
|
|
url: "{{ lookup('ansible.builtin.ini', 'url', section='proxmox', file='file.ini') }}"
|
|
user: "{{ lookup('ansible.builtin.env','PM_USER') | default('ansible@pve') }}"
|
|
password: "{{ lookup('community.general.random_string', base64=True) }}"
|
|
# Note that this can easily give you wrong values as ansible_host. See further up for
|
|
# an example where this is set to `false` and where ansible_host is set with `compose`.
|
|
want_proxmox_nodes_ansible_host: true
|
|
|
|
'''
|
|
|
|
import itertools
|
|
import re
|
|
|
|
from ansible.module_utils.common._collections_compat import MutableMapping
|
|
|
|
from ansible.errors import AnsibleError
|
|
from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
|
|
from ansible.module_utils.common.text.converters import to_native
|
|
from ansible.module_utils.six import string_types
|
|
from ansible.module_utils.six.moves.urllib.parse import urlencode
|
|
from ansible.utils.display import Display
|
|
|
|
from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
|
|
from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
|
|
|
|
# 3rd party imports
|
|
try:
|
|
import requests
|
|
if LooseVersion(requests.__version__) < LooseVersion('1.1.0'):
|
|
raise ImportError
|
|
HAS_REQUESTS = True
|
|
except ImportError:
|
|
HAS_REQUESTS = False
|
|
|
|
display = Display()
|
|
|
|
|
|
class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
|
|
''' Host inventory parser for ansible using Proxmox as source. '''
|
|
|
|
NAME = 'community.general.proxmox'
|
|
|
|
def __init__(self):
|
|
|
|
super(InventoryModule, self).__init__()
|
|
|
|
# from config
|
|
self.proxmox_url = None
|
|
|
|
self.session = None
|
|
self.cache_key = None
|
|
self.use_cache = None
|
|
|
|
def verify_file(self, path):
|
|
|
|
valid = False
|
|
if super(InventoryModule, self).verify_file(path):
|
|
if path.endswith(('proxmox.yaml', 'proxmox.yml')):
|
|
valid = True
|
|
else:
|
|
self.display.vvv('Skipping due to inventory source not ending in "proxmox.yaml" nor "proxmox.yml"')
|
|
return valid
|
|
|
|
def _get_session(self):
|
|
if not self.session:
|
|
self.session = requests.session()
|
|
self.session.verify = self.get_option('validate_certs')
|
|
return self.session
|
|
|
|
def _get_auth(self):
|
|
|
|
validate_certs = self.get_option('validate_certs')
|
|
|
|
if validate_certs is False:
|
|
from requests.packages.urllib3 import disable_warnings
|
|
disable_warnings()
|
|
|
|
if self.proxmox_password:
|
|
|
|
credentials = urlencode({'username': self.proxmox_user, 'password': self.proxmox_password})
|
|
|
|
a = self._get_session()
|
|
|
|
ret = a.post('%s/api2/json/access/ticket' % self.proxmox_url, data=credentials)
|
|
|
|
json = ret.json()
|
|
|
|
self.headers = {
|
|
# only required for POST/PUT/DELETE methods, which we are not using currently
|
|
# 'CSRFPreventionToken': json['data']['CSRFPreventionToken'],
|
|
'Cookie': 'PVEAuthCookie={0}'.format(json['data']['ticket'])
|
|
}
|
|
|
|
else:
|
|
|
|
self.headers = {'Authorization': 'PVEAPIToken={0}!{1}={2}'.format(self.proxmox_user, self.proxmox_token_id, self.proxmox_token_secret)}
|
|
|
|
def _get_json(self, url, ignore_errors=None):
|
|
|
|
if not self.use_cache or url not in self._cache.get(self.cache_key, {}):
|
|
|
|
if self.cache_key not in self._cache:
|
|
self._cache[self.cache_key] = {'url': ''}
|
|
|
|
data = []
|
|
s = self._get_session()
|
|
while True:
|
|
ret = s.get(url, headers=self.headers)
|
|
if ignore_errors and ret.status_code in ignore_errors:
|
|
break
|
|
ret.raise_for_status()
|
|
json = ret.json()
|
|
|
|
# process results
|
|
# FIXME: This assumes 'return type' matches a specific query,
|
|
# it will break if we expand the queries and they dont have different types
|
|
if 'data' not in json:
|
|
# /hosts/:id does not have a 'data' key
|
|
data = json
|
|
break
|
|
elif isinstance(json['data'], MutableMapping):
|
|
# /facts are returned as dict in 'data'
|
|
data = json['data']
|
|
break
|
|
else:
|
|
if json['data']:
|
|
# /hosts 's 'results' is a list of all hosts, returned is paginated
|
|
data = data + json['data']
|
|
break
|
|
|
|
self._cache[self.cache_key][url] = data
|
|
|
|
return make_unsafe(self._cache[self.cache_key][url])
|
|
|
|
def _get_nodes(self):
|
|
return self._get_json("%s/api2/json/nodes" % self.proxmox_url)
|
|
|
|
def _get_pools(self):
|
|
return self._get_json("%s/api2/json/pools" % self.proxmox_url)
|
|
|
|
def _get_lxc_per_node(self, node):
|
|
return self._get_json("%s/api2/json/nodes/%s/lxc" % (self.proxmox_url, node))
|
|
|
|
def _get_qemu_per_node(self, node):
|
|
return self._get_json("%s/api2/json/nodes/%s/qemu" % (self.proxmox_url, node))
|
|
|
|
def _get_members_per_pool(self, pool):
|
|
ret = self._get_json("%s/api2/json/pools/%s" % (self.proxmox_url, pool))
|
|
return ret['members']
|
|
|
|
def _get_node_ip(self, node):
|
|
ret = self._get_json("%s/api2/json/nodes/%s/network" % (self.proxmox_url, node))
|
|
|
|
for iface in ret:
|
|
try:
|
|
return iface['address']
|
|
except Exception:
|
|
return None
|
|
|
|
def _get_lxc_interfaces(self, properties, node, vmid):
|
|
status_key = self._fact('status')
|
|
|
|
if status_key not in properties or not properties[status_key] == 'running':
|
|
return
|
|
|
|
ret = self._get_json("%s/api2/json/nodes/%s/lxc/%s/interfaces" % (self.proxmox_url, node, vmid), ignore_errors=[501])
|
|
if not ret:
|
|
return
|
|
|
|
result = []
|
|
|
|
for iface in ret:
|
|
result_iface = {
|
|
'name': iface['name'],
|
|
'hwaddr': iface['hwaddr']
|
|
}
|
|
|
|
if 'inet' in iface:
|
|
result_iface['inet'] = iface['inet']
|
|
|
|
if 'inet6' in iface:
|
|
result_iface['inet6'] = iface['inet6']
|
|
|
|
result.append(result_iface)
|
|
|
|
properties[self._fact('lxc_interfaces')] = result
|
|
|
|
def _get_agent_network_interfaces(self, node, vmid, vmtype):
|
|
result = []
|
|
|
|
try:
|
|
ifaces = self._get_json(
|
|
"%s/api2/json/nodes/%s/%s/%s/agent/network-get-interfaces" % (
|
|
self.proxmox_url, node, vmtype, vmid
|
|
)
|
|
)['result']
|
|
|
|
if "error" in ifaces:
|
|
if "class" in ifaces["error"]:
|
|
# This happens on Windows, even though qemu agent is running, the IP address
|
|
# cannot be fetched, as it's unsupported, also a command disabled can happen.
|
|
errorClass = ifaces["error"]["class"]
|
|
if errorClass in ["Unsupported"]:
|
|
self.display.v("Retrieving network interfaces from guest agents on windows with older qemu-guest-agents is not supported")
|
|
elif errorClass in ["CommandDisabled"]:
|
|
self.display.v("Retrieving network interfaces from guest agents has been disabled")
|
|
return result
|
|
|
|
for iface in ifaces:
|
|
result.append({
|
|
'name': iface['name'],
|
|
'mac-address': iface['hardware-address'] if 'hardware-address' in iface else '',
|
|
'ip-addresses': ["%s/%s" % (ip['ip-address'], ip['prefix']) for ip in iface['ip-addresses']] if 'ip-addresses' in iface else []
|
|
})
|
|
except requests.HTTPError:
|
|
pass
|
|
|
|
return result
|
|
|
|
def _get_vm_config(self, properties, node, vmid, vmtype, name):
|
|
ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/config" % (self.proxmox_url, node, vmtype, vmid))
|
|
|
|
properties[self._fact('node')] = node
|
|
properties[self._fact('vmid')] = vmid
|
|
properties[self._fact('vmtype')] = vmtype
|
|
|
|
plaintext_configs = [
|
|
'description',
|
|
]
|
|
|
|
for config in ret:
|
|
key = self._fact(config)
|
|
value = ret[config]
|
|
try:
|
|
# fixup disk images as they have no key
|
|
if config == 'rootfs' or config.startswith(('virtio', 'sata', 'ide', 'scsi')):
|
|
value = ('disk_image=' + value)
|
|
|
|
# Additional field containing parsed tags as list
|
|
if config == 'tags':
|
|
stripped_value = value.strip()
|
|
if stripped_value:
|
|
parsed_key = key + "_parsed"
|
|
properties[parsed_key] = [tag.strip() for tag in stripped_value.replace(',', ';').split(";")]
|
|
|
|
# The first field in the agent string tells you whether the agent is enabled
|
|
# the rest of the comma separated string is extra config for the agent.
|
|
# In some (newer versions of proxmox) instances it can be 'enabled=1'.
|
|
if config == 'agent':
|
|
agent_enabled = 0
|
|
try:
|
|
agent_enabled = int(value.split(',')[0])
|
|
except ValueError:
|
|
if value.split(',')[0] == "enabled=1":
|
|
agent_enabled = 1
|
|
if agent_enabled:
|
|
agent_iface_value = self._get_agent_network_interfaces(node, vmid, vmtype)
|
|
if agent_iface_value:
|
|
agent_iface_key = self.to_safe('%s%s' % (key, "_interfaces"))
|
|
properties[agent_iface_key] = agent_iface_value
|
|
|
|
if config == 'lxc':
|
|
out_val = {}
|
|
for k, v in value:
|
|
if k.startswith('lxc.'):
|
|
k = k[len('lxc.'):]
|
|
out_val[k] = v
|
|
value = out_val
|
|
|
|
if config not in plaintext_configs and isinstance(value, string_types) \
|
|
and all("=" in v for v in value.split(",")):
|
|
# split off strings with commas to a dict
|
|
# skip over any keys that cannot be processed
|
|
try:
|
|
value = dict(key.split("=", 1) for key in value.split(","))
|
|
except Exception:
|
|
continue
|
|
|
|
properties[key] = value
|
|
except NameError:
|
|
return None
|
|
|
|
def _get_vm_status(self, properties, node, vmid, vmtype, name):
|
|
ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/status/current" % (self.proxmox_url, node, vmtype, vmid))
|
|
properties[self._fact('status')] = ret['status']
|
|
if vmtype == 'qemu':
|
|
properties[self._fact('qmpstatus')] = ret['qmpstatus']
|
|
|
|
def _get_vm_snapshots(self, properties, node, vmid, vmtype, name):
|
|
ret = self._get_json("%s/api2/json/nodes/%s/%s/%s/snapshot" % (self.proxmox_url, node, vmtype, vmid))
|
|
snapshots = [snapshot['name'] for snapshot in ret if snapshot['name'] != 'current']
|
|
properties[self._fact('snapshots')] = snapshots
|
|
|
|
def to_safe(self, word):
|
|
'''Converts 'bad' characters in a string to underscores so they can be used as Ansible groups
|
|
#> ProxmoxInventory.to_safe("foo-bar baz")
|
|
'foo_barbaz'
|
|
'''
|
|
regex = r"[^A-Za-z0-9\_]"
|
|
return re.sub(regex, "_", word.replace(" ", ""))
|
|
|
|
def _fact(self, name):
|
|
'''Generate a fact's full name from the common prefix and a name.'''
|
|
return self.to_safe('%s%s' % (self.facts_prefix, name.lower()))
|
|
|
|
def _group(self, name):
|
|
'''Generate a group's full name from the common prefix and a name.'''
|
|
return self.to_safe('%s%s' % (self.group_prefix, name.lower()))
|
|
|
|
def _can_add_host(self, name, properties):
|
|
'''Ensure that a host satisfies all defined hosts filters. If strict mode is
|
|
enabled, any error during host filter compositing will lead to an AnsibleError
|
|
being raised, otherwise the filter will be ignored.
|
|
'''
|
|
for host_filter in self.host_filters:
|
|
try:
|
|
if not self._compose(host_filter, properties):
|
|
return False
|
|
except Exception as e: # pylint: disable=broad-except
|
|
message = "Could not evaluate host filter %s for host %s - %s" % (host_filter, name, to_native(e))
|
|
if self.strict:
|
|
raise AnsibleError(message)
|
|
display.warning(message)
|
|
return True
|
|
|
|
def _add_host(self, name, variables):
|
|
self.inventory.add_host(name)
|
|
for k, v in variables.items():
|
|
self.inventory.set_variable(name, k, v)
|
|
variables = self.inventory.get_host(name).get_vars()
|
|
self._set_composite_vars(self.get_option('compose'), variables, name, strict=self.strict)
|
|
self._add_host_to_composed_groups(self.get_option('groups'), variables, name, strict=self.strict)
|
|
self._add_host_to_keyed_groups(self.get_option('keyed_groups'), variables, name, strict=self.strict)
|
|
|
|
def _handle_item(self, node, ittype, item):
|
|
'''Handle an item from the list of LXC containers and Qemu VM. The
|
|
return value will be either None if the item was skipped or the name of
|
|
the item if it was added to the inventory.'''
|
|
if item.get('template'):
|
|
return None
|
|
|
|
properties = dict()
|
|
name, vmid = item['name'], item['vmid']
|
|
|
|
# get status, config and snapshots if want_facts == True
|
|
want_facts = self.get_option('want_facts')
|
|
if want_facts:
|
|
self._get_vm_status(properties, node, vmid, ittype, name)
|
|
self._get_vm_config(properties, node, vmid, ittype, name)
|
|
self._get_vm_snapshots(properties, node, vmid, ittype, name)
|
|
|
|
if ittype == 'lxc':
|
|
self._get_lxc_interfaces(properties, node, vmid)
|
|
|
|
# ensure the host satisfies filters
|
|
if not self._can_add_host(name, properties):
|
|
return None
|
|
|
|
# add the host to the inventory
|
|
self._add_host(name, properties)
|
|
node_type_group = self._group('%s_%s' % (node, ittype))
|
|
self.inventory.add_child(self._group('all_' + ittype), name)
|
|
self.inventory.add_child(node_type_group, name)
|
|
|
|
item_status = item['status']
|
|
if item_status == 'running':
|
|
if want_facts and ittype == 'qemu' and self.get_option('qemu_extended_statuses'):
|
|
# get more details about the status of the qemu VM
|
|
item_status = properties.get(self._fact('qmpstatus'), item_status)
|
|
self.inventory.add_child(self._group('all_%s' % (item_status, )), name)
|
|
|
|
return name
|
|
|
|
def _populate_pool_groups(self, added_hosts):
|
|
'''Generate groups from Proxmox resource pools, ignoring VMs and
|
|
containers that were skipped.'''
|
|
for pool in self._get_pools():
|
|
poolid = pool.get('poolid')
|
|
if not poolid:
|
|
continue
|
|
pool_group = self._group('pool_' + poolid)
|
|
self.inventory.add_group(pool_group)
|
|
|
|
for member in self._get_members_per_pool(poolid):
|
|
name = member.get('name')
|
|
if name and name in added_hosts:
|
|
self.inventory.add_child(pool_group, name)
|
|
|
|
def _populate(self):
|
|
|
|
# create common groups
|
|
default_groups = ['lxc', 'qemu', 'running', 'stopped']
|
|
|
|
if self.get_option('qemu_extended_statuses'):
|
|
default_groups.extend(['prelaunch', 'paused'])
|
|
|
|
for group in default_groups:
|
|
self.inventory.add_group(self._group('all_%s' % (group)))
|
|
nodes_group = self._group('nodes')
|
|
if not self.exclude_nodes:
|
|
self.inventory.add_group(nodes_group)
|
|
|
|
want_proxmox_nodes_ansible_host = self.get_option("want_proxmox_nodes_ansible_host")
|
|
|
|
# gather vm's on nodes
|
|
self._get_auth()
|
|
hosts = []
|
|
for node in self._get_nodes():
|
|
if not node.get('node'):
|
|
continue
|
|
if not self.exclude_nodes:
|
|
self.inventory.add_host(node['node'])
|
|
if node['type'] == 'node' and not self.exclude_nodes:
|
|
self.inventory.add_child(nodes_group, node['node'])
|
|
|
|
if node['status'] == 'offline':
|
|
continue
|
|
|
|
# get node IP address
|
|
if want_proxmox_nodes_ansible_host and not self.exclude_nodes:
|
|
ip = self._get_node_ip(node['node'])
|
|
self.inventory.set_variable(node['node'], 'ansible_host', ip)
|
|
|
|
# Setting composite variables
|
|
if not self.exclude_nodes:
|
|
variables = self.inventory.get_host(node['node']).get_vars()
|
|
self._set_composite_vars(self.get_option('compose'), variables, node['node'], strict=self.strict)
|
|
|
|
# add LXC/Qemu groups for the node
|
|
for ittype in ('lxc', 'qemu'):
|
|
node_type_group = self._group('%s_%s' % (node['node'], ittype))
|
|
self.inventory.add_group(node_type_group)
|
|
|
|
# get LXC containers and Qemu VMs for this node
|
|
lxc_objects = zip(itertools.repeat('lxc'), self._get_lxc_per_node(node['node']))
|
|
qemu_objects = zip(itertools.repeat('qemu'), self._get_qemu_per_node(node['node']))
|
|
for ittype, item in itertools.chain(lxc_objects, qemu_objects):
|
|
name = self._handle_item(node['node'], ittype, item)
|
|
if name is not None:
|
|
hosts.append(name)
|
|
|
|
# gather vm's in pools
|
|
self._populate_pool_groups(hosts)
|
|
|
|
def parse(self, inventory, loader, path, cache=True):
|
|
if not HAS_REQUESTS:
|
|
raise AnsibleError('This module requires Python Requests 1.1.0 or higher: '
|
|
'https://github.com/psf/requests.')
|
|
|
|
super(InventoryModule, self).parse(inventory, loader, path)
|
|
|
|
# read config from file, this sets 'options'
|
|
self._read_config_data(path)
|
|
|
|
# read and template auth options
|
|
for o in ('url', 'user', 'password', 'token_id', 'token_secret'):
|
|
v = self.get_option(o)
|
|
if self.templar.is_template(v):
|
|
v = self.templar.template(v, disable_lookups=False)
|
|
setattr(self, 'proxmox_%s' % o, v)
|
|
|
|
# some more cleanup and validation
|
|
self.proxmox_url = self.proxmox_url.rstrip('/')
|
|
|
|
if self.proxmox_password is None and (self.proxmox_token_id is None or self.proxmox_token_secret is None):
|
|
raise AnsibleError('You must specify either a password or both token_id and token_secret.')
|
|
|
|
if self.get_option('qemu_extended_statuses') and not self.get_option('want_facts'):
|
|
raise AnsibleError('You must set want_facts to True if you want to use qemu_extended_statuses.')
|
|
# read rest of options
|
|
self.exclude_nodes = self.get_option('exclude_nodes')
|
|
self.cache_key = self.get_cache_key(path)
|
|
self.use_cache = cache and self.get_option('cache')
|
|
self.host_filters = self.get_option('filters')
|
|
self.group_prefix = self.get_option('group_prefix')
|
|
self.facts_prefix = self.get_option('facts_prefix')
|
|
self.strict = self.get_option('strict')
|
|
|
|
# actually populate inventory
|
|
self._populate()
|