1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

If not specified, do not modify subnet/route_tables for ec2 VPCs

Also fixes a bug whereby any changes to the route_tables were not
properly reflected by setting changed=True.

Fixes #8666
This commit is contained in:
James Cammarata 2014-08-20 15:29:17 -05:00
parent 32a5c2bf48
commit 311ec543af

View file

@ -46,7 +46,7 @@ options:
choices: [ "yes", "no" ] choices: [ "yes", "no" ]
subnets: subnets:
description: description:
- 'A dictionary array of subnets to add of the form: { cidr: ..., az: ... , resource_tags: ... }. Where az is the desired availability zone of the subnet, but it is not required. Tags (i.e.: resource_tags) is also optional and use dictionary form: { "Environment":"Dev", "Tier":"Web", ...}. All VPC subnets not in this list will be removed.' - 'A dictionary array of subnets to add of the form: { cidr: ..., az: ... , resource_tags: ... }. Where az is the desired availability zone of the subnet, but it is not required. Tags (i.e.: resource_tags) is also optional and use dictionary form: { "Environment":"Dev", "Tier":"Web", ...}. All VPC subnets not in this list will be removed. As of 1.8, if the subnets parameter is not specified, no existing subnets will be modified.'
required: false required: false
default: null default: null
aliases: [] aliases: []
@ -72,7 +72,7 @@ options:
aliases: [] aliases: []
route_tables: route_tables:
description: description:
- 'A dictionary array of route tables to add of the form: { subnets: [172.22.2.0/24, 172.22.3.0/24,], routes: [{ dest: 0.0.0.0/0, gw: igw},] }. Where the subnets list is those subnets the route table should be associated with, and the routes list is a list of routes to be in the table. The special keyword for the gw of igw specifies that you should the route should go through the internet gateway attached to the VPC. gw also accepts instance-ids in addition igw. This module is currently unable to affect the "main" route table due to some limitations in boto, so you must explicitly define the associated subnets or they will be attached to the main table implicitly.' - 'A dictionary array of route tables to add of the form: { subnets: [172.22.2.0/24, 172.22.3.0/24,], routes: [{ dest: 0.0.0.0/0, gw: igw},] }. Where the subnets list is those subnets the route table should be associated with, and the routes list is a list of routes to be in the table. The special keyword for the gw of igw specifies that you should the route should go through the internet gateway attached to the VPC. gw also accepts instance-ids in addition igw. This module is currently unable to affect the "main" route table due to some limitations in boto, so you must explicitly define the associated subnets or they will be attached to the main table implicitly. As of 1.8, if the route_tables parameter is not specified, no existing routes will be modified.'
required: false required: false
default: null default: null
aliases: [] aliases: []
@ -275,11 +275,6 @@ def create_vpc(module, vpc_conn):
wait_timeout = int(module.params.get('wait_timeout')) wait_timeout = int(module.params.get('wait_timeout'))
changed = False changed = False
if subnets is None:
subnets = []
if route_tables is None:
route_tables = []
# Check for existing VPC by cidr_block + tags or id # Check for existing VPC by cidr_block + tags or id
previous_vpc = find_vpc(module, vpc_conn, id, cidr_block) previous_vpc = find_vpc(module, vpc_conn, id, cidr_block)
@ -340,7 +335,8 @@ def create_vpc(module, vpc_conn):
# Process all subnet properties # Process all subnet properties
if subnets and not isinstance(subnets, list): if subnets is not None:
if not isinstance(subnets, list):
module.fail_json(msg='subnets needs to be a list of cidr blocks') module.fail_json(msg='subnets needs to be a list of cidr blocks')
current_subnets = vpc_conn.get_all_subnets(filters={ 'vpc_id': vpc.id }) current_subnets = vpc_conn.get_all_subnets(filters={ 'vpc_id': vpc.id })
@ -417,7 +413,8 @@ def create_vpc(module, vpc_conn):
# think of without using painful aws ids. Hopefully boto will add # think of without using painful aws ids. Hopefully boto will add
# the replace-route-table API to make this smoother and # the replace-route-table API to make this smoother and
# allow control of the 'main' routing table. # allow control of the 'main' routing table.
if route_tables and not isinstance(route_tables, list): if route_tables is not None:
if not isinstance(route_tables, list):
module.fail_json(msg='route tables need to be a list of dictionaries') module.fail_json(msg='route tables need to be a list of dictionaries')
# Work through each route table and update/create to match dictionary array # Work through each route table and update/create to match dictionary array
@ -465,13 +462,13 @@ def create_vpc(module, vpc_conn):
vpc_conn.associate_route_table(new_rt.id, rsn.id) vpc_conn.associate_route_table(new_rt.id, rsn.id)
all_route_tables.append(new_rt) all_route_tables.append(new_rt)
changed = True
except EC2ResponseError, e: except EC2ResponseError, e:
module.fail_json( module.fail_json(
msg='Unable to create and associate route table {0}, error: ' \ msg='Unable to create and associate route table {0}, error: ' \
'{1}'.format(rt, e) '{1}'.format(rt, e)
) )
# Now that we are good to go on our new route tables, delete the # Now that we are good to go on our new route tables, delete the
# old ones except the 'main' route table as boto can't set the main # old ones except the 'main' route table as boto can't set the main
# table yet. # table yet.
@ -481,15 +478,18 @@ def create_vpc(module, vpc_conn):
for newrt in all_route_tables: for newrt in all_route_tables:
if newrt.id == rt.id: if newrt.id == rt.id:
delete_rt = False delete_rt = False
break
if delete_rt: if delete_rt:
rta = rt.associations rta = rt.associations
is_main = False is_main = False
for a in rta: for a in rta:
if a.main: if a.main:
is_main = True is_main = True
break
try: try:
if not is_main: if not is_main:
vpc_conn.delete_route_table(rt.id) vpc_conn.delete_route_table(rt.id)
changed = True
except EC2ResponseError, e: except EC2ResponseError, e:
module.fail_json(msg='Unable to delete old route table {0}, error: {1}'.format(rt.id, e)) module.fail_json(msg='Unable to delete old route table {0}, error: {1}'.format(rt.id, e))