From 0610f09dabc6d221acff0ac56aa45dbeb54fcd34 Mon Sep 17 00:00:00 2001 From: Tim Rupp Date: Fri, 13 Oct 2017 22:19:46 -0700 Subject: [PATCH] Adds various provision fixes (#31731) * vcmp provisioning support * documentation fixes * fixes for python3 causing an exception --- .../modules/network/f5/bigip_provision.py | 126 +++++++++++++----- .../network/f5/test_bigip_provision.py | 2 + 2 files changed, 93 insertions(+), 35 deletions(-) diff --git a/lib/ansible/modules/network/f5/bigip_provision.py b/lib/ansible/modules/network/f5/bigip_provision.py index 88cad615ff..de3a1463fc 100644 --- a/lib/ansible/modules/network/f5/bigip_provision.py +++ b/lib/ansible/modules/network/f5/bigip_provision.py @@ -4,14 +4,18 @@ # Copyright (c) 2017 F5 Networks Inc. # GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ['preview'], 'supported_by': 'community'} -DOCUMENTATION = ''' +DOCUMENTATION = r''' --- module: bigip_provision -short_description: Manage BIG-IP module provisioning. +short_description: Manage BIG-IP module provisioning description: - Manage BIG-IP module provisioning. This module will only provision at the standard levels of Dedicated, Nominal, and Minimum. @@ -35,6 +39,7 @@ options: - pem - sam - swg + - vcmp level: description: - Sets the provisioning level for the requested modules. Changing the @@ -68,45 +73,48 @@ author: - Tim Rupp (@caphrim007) ''' -EXAMPLES = ''' +EXAMPLES = r''' - name: Provision PEM at "nominal" level bigip_provision: - server: "lb.mydomain.com" - module: "pem" - level: "nominal" - password: "secret" - user: "admin" - validate_certs: "no" + server: lb.mydomain.com + module: pem + level: nominal + password: secret + user: admin + validate_certs: no delegate_to: localhost - name: Provision a dedicated SWG. This will unprovision every other module bigip_provision: - server: "lb.mydomain.com" - module: "swg" - password: "secret" - level: "dedicated" - user: "admin" - validate_certs: "no" + server: lb.mydomain.com + module: swg + password: secret + level: dedicated + user: admin + validate_certs: no delegate_to: localhost ''' -RETURN = ''' +RETURN = r''' level: - description: The new provisioning level of the module. - returned: changed - type: string - sample: "minimum" + description: The new provisioning level of the module. + returned: changed + type: string + sample: minimum ''' import time -from ansible.module_utils.f5_utils import ( - AnsibleF5Client, - AnsibleF5Parameters, - HAS_F5SDK, - F5ModuleError, - iControlUnexpectedHTTPError -) +from ansible.module_utils.f5_utils import AnsibleF5Client +from ansible.module_utils.f5_utils import AnsibleF5Parameters +from ansible.module_utils.f5_utils import HAS_F5SDK +from ansible.module_utils.f5_utils import F5ModuleError +from f5.sdk_exception import LazyAttributesRequired + +try: + from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError +except ImportError: + HAS_F5SDK = False class Parameters(AnsibleF5Parameters): @@ -200,7 +208,10 @@ class ModuleManager(object): if self.client.check_mode: return True self.update_on_device() - self.wait_for_module_provisioning() + self._wait_for_module_provisioning() + if self.want.module == 'vcmp': + self._wait_for_reboot() + self._wait_for_module_provisioning() return True def should_update(self): @@ -232,7 +243,15 @@ class ModuleManager(object): if self.client.check_mode: return True self.remove_from_device() - self.wait_for_module_provisioning() + self._wait_for_module_provisioning() + + # For vCMP, because it has to reboot, we also wait for mcpd to become available + # before "moving on", or else the REST API would not be available and subsequent + # Tasks would fail. + if self.want.module == 'vcmp': + self._wait_for_reboot() + self._wait_for_module_provisioning() + if self.exists(): raise F5ModuleError("Failed to de-provision the module") return True @@ -243,7 +262,7 @@ class ModuleManager(object): resource = resource.load() resource.update(level='none') - def wait_for_module_provisioning(self): + def _wait_for_module_provisioning(self): # To prevent things from running forever, the hack is to check # for mprov's status twice. If mprov is finished, then in most # cases (not ASM) the provisioning is probably ready. @@ -252,7 +271,7 @@ class ModuleManager(object): # Sleep a little to let provisioning settle and begin properly time.sleep(5) - while nops < 4: + while nops < 3: try: if not self._is_mprov_running_on_device(): nops += 1 @@ -261,17 +280,54 @@ class ModuleManager(object): except Exception: # This can be caused by restjavad restarting. pass - time.sleep(10) + time.sleep(5) def _is_mprov_running_on_device(self): output = self.client.api.tm.util.bash.exec_cmd( 'run', utilCmdArgs='-c "ps aux | grep \'[m]prov\'"' ) - if hasattr(output, 'commandResult'): - return True + try: + if hasattr(output, 'commandResult'): + return True + except LazyAttributesRequired: + pass return False + def _get_last_reboot(self): + output = self.client.api.tm.util.bash.exec_cmd( + 'run', + utilCmdArgs='-c "/usr/bin/last reboot | head - 1"' + ) + try: + if hasattr(output, 'commandResult'): + return str(output.commandResult) + except LazyAttributesRequired: + pass + return None + + def _wait_for_reboot(self): + nops = 0 + + last_reboot = self._get_last_reboot() + + # Sleep a little to let provisioning settle and begin properly + time.sleep(5) + + while nops < 6: + try: + next_reboot = self._get_last_reboot() + if next_reboot is None: + nops = 0 + if next_reboot == last_reboot: + nops = 0 + else: + nops += 1 + except Exception: + # This can be caused by restjavad restarting. + pass + time.sleep(10) + class ArgumentSpec(object): def __init__(self): @@ -282,7 +338,7 @@ class ArgumentSpec(object): choices=[ 'afm', 'am', 'sam', 'asm', 'avr', 'fps', 'gtm', 'lc', 'ltm', 'pem', 'swg', 'ilx', - 'apm' + 'apm', 'vcmp' ] ), level=dict( diff --git a/test/units/modules/network/f5/test_bigip_provision.py b/test/units/modules/network/f5/test_bigip_provision.py index 113d8fe8f8..1415b557eb 100644 --- a/test/units/modules/network/f5/test_bigip_provision.py +++ b/test/units/modules/network/f5/test_bigip_provision.py @@ -38,11 +38,13 @@ try: from library.bigip_provision import Parameters from library.bigip_provision import ModuleManager from library.bigip_provision import ArgumentSpec + from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError except ImportError: try: from ansible.modules.network.f5.bigip_provision import Parameters from ansible.modules.network.f5.bigip_provision import ModuleManager from ansible.modules.network.f5.bigip_provision import ArgumentSpec + from ansible.module_utils.f5_utils import iControlUnexpectedHTTPError except ImportError: raise SkipTest("F5 Ansible modules require the f5-sdk Python library")