mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
proxmox_kvm - new param to support unsafe updates (#7843)
* proxmox_kvm - new param to support unsafe updates * changelog fragments * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> * improved docs * updated `version_added` --------- Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
549a73bd78
commit
c7a2e28daa
2 changed files with 44 additions and 17 deletions
2
changelogs/fragments/7843-proxmox_kvm-update_unsafe.yml
Normal file
2
changelogs/fragments/7843-proxmox_kvm-update_unsafe.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- proxmox_kvm - add parameter ``update_unsafe`` to avoid limitations when updating dangerous values (https://github.com/ansible-collections/community.general/pull/7843).
|
|
@ -522,9 +522,17 @@ options:
|
||||||
- If V(true), the VM will be updated with new value.
|
- If V(true), the VM will be updated with new value.
|
||||||
- Because of the operations of the API and security reasons, I have disabled the update of the following parameters
|
- Because of the operations of the API and security reasons, I have disabled the update of the following parameters
|
||||||
O(net), O(virtio), O(ide), O(sata), O(scsi). Per example updating O(net) update the MAC address and C(virtio) create always new disk...
|
O(net), O(virtio), O(ide), O(sata), O(scsi). Per example updating O(net) update the MAC address and C(virtio) create always new disk...
|
||||||
|
This security feature can be disabled by setting the O(update_unsafe) to V(true).
|
||||||
- Update of O(pool) is disabled. It needs an additional API endpoint not covered by this module.
|
- Update of O(pool) is disabled. It needs an additional API endpoint not covered by this module.
|
||||||
type: bool
|
type: bool
|
||||||
default: false
|
default: false
|
||||||
|
update_unsafe:
|
||||||
|
description:
|
||||||
|
- If V(true), do not enforce limitations on parameters O(net), O(virtio), O(ide), O(sata), O(scsi), O(efidisk0), and O(tpmstate0).
|
||||||
|
Use this option with caution because an improper configuration might result in a permanent loss of data (e.g. disk recreated).
|
||||||
|
type: bool
|
||||||
|
default: false
|
||||||
|
version_added: 8.4.0
|
||||||
vcpus:
|
vcpus:
|
||||||
description:
|
description:
|
||||||
- Sets number of hotplugged vcpus.
|
- Sets number of hotplugged vcpus.
|
||||||
|
@ -846,6 +854,20 @@ EXAMPLES = '''
|
||||||
memory: 16384
|
memory: 16384
|
||||||
update: true
|
update: true
|
||||||
|
|
||||||
|
- name: Update VM configuration (incl. unsafe options)
|
||||||
|
community.general.proxmox_kvm:
|
||||||
|
api_user: root@pam
|
||||||
|
api_password: secret
|
||||||
|
api_host: helldorado
|
||||||
|
name: spynal
|
||||||
|
node: sabrewulf
|
||||||
|
cores: 8
|
||||||
|
memory: 16384
|
||||||
|
net:
|
||||||
|
net0: virtio,bridge=vmbr1
|
||||||
|
update: true
|
||||||
|
update_unsafe: true
|
||||||
|
|
||||||
- name: Delete QEMU parameters
|
- name: Delete QEMU parameters
|
||||||
community.general.proxmox_kvm:
|
community.general.proxmox_kvm:
|
||||||
api_user: root@pam
|
api_user: root@pam
|
||||||
|
@ -981,7 +1003,7 @@ class ProxmoxKvmAnsible(ProxmoxAnsible):
|
||||||
time.sleep(1)
|
time.sleep(1)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def create_vm(self, vmid, newid, node, name, memory, cpu, cores, sockets, update, **kwargs):
|
def create_vm(self, vmid, newid, node, name, memory, cpu, cores, sockets, update, update_unsafe, **kwargs):
|
||||||
# Available only in PVE 4
|
# Available only in PVE 4
|
||||||
only_v4 = ['force', 'protection', 'skiplock']
|
only_v4 = ['force', 'protection', 'skiplock']
|
||||||
only_v6 = ['ciuser', 'cipassword', 'sshkeys', 'ipconfig', 'tags']
|
only_v6 = ['ciuser', 'cipassword', 'sshkeys', 'ipconfig', 'tags']
|
||||||
|
@ -1018,9 +1040,10 @@ class ProxmoxKvmAnsible(ProxmoxAnsible):
|
||||||
urlencoded_ssh_keys = quote(kwargs['sshkeys'], safe='')
|
urlencoded_ssh_keys = quote(kwargs['sshkeys'], safe='')
|
||||||
kwargs['sshkeys'] = str(urlencoded_ssh_keys)
|
kwargs['sshkeys'] = str(urlencoded_ssh_keys)
|
||||||
|
|
||||||
# If update, don't update disk (virtio, efidisk0, tpmstate0, ide, sata, scsi) and network interface
|
# If update, don't update disk (virtio, efidisk0, tpmstate0, ide, sata, scsi) and network interface, unless update_unsafe=True
|
||||||
# pool parameter not supported by qemu/<vmid>/config endpoint on "update" (PVE 6.2) - only with "create"
|
# pool parameter not supported by qemu/<vmid>/config endpoint on "update" (PVE 6.2) - only with "create"
|
||||||
if update:
|
if update:
|
||||||
|
if update_unsafe is False:
|
||||||
if 'virtio' in kwargs:
|
if 'virtio' in kwargs:
|
||||||
del kwargs['virtio']
|
del kwargs['virtio']
|
||||||
if 'sata' in kwargs:
|
if 'sata' in kwargs:
|
||||||
|
@ -1286,6 +1309,7 @@ def main():
|
||||||
version=dict(type='str', choices=['2.0', '1.2'], default='2.0')
|
version=dict(type='str', choices=['2.0', '1.2'], default='2.0')
|
||||||
)),
|
)),
|
||||||
update=dict(type='bool', default=False),
|
update=dict(type='bool', default=False),
|
||||||
|
update_unsafe=dict(type='bool', default=False),
|
||||||
vcpus=dict(type='int'),
|
vcpus=dict(type='int'),
|
||||||
vga=dict(choices=['std', 'cirrus', 'vmware', 'qxl', 'serial0', 'serial1', 'serial2', 'serial3', 'qxl2', 'qxl3', 'qxl4']),
|
vga=dict(choices=['std', 'cirrus', 'vmware', 'qxl', 'serial0', 'serial1', 'serial2', 'serial3', 'qxl2', 'qxl3', 'qxl4']),
|
||||||
virtio=dict(type='dict'),
|
virtio=dict(type='dict'),
|
||||||
|
@ -1320,6 +1344,7 @@ def main():
|
||||||
sockets = module.params['sockets']
|
sockets = module.params['sockets']
|
||||||
state = module.params['state']
|
state = module.params['state']
|
||||||
update = bool(module.params['update'])
|
update = bool(module.params['update'])
|
||||||
|
update_unsafe = bool(module.params['update_unsafe'])
|
||||||
vmid = module.params['vmid']
|
vmid = module.params['vmid']
|
||||||
validate_certs = module.params['validate_certs']
|
validate_certs = module.params['validate_certs']
|
||||||
|
|
||||||
|
@ -1429,7 +1454,7 @@ def main():
|
||||||
module.fail_json(msg="node '%s' does not exist in cluster" % node)
|
module.fail_json(msg="node '%s' does not exist in cluster" % node)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
proxmox.create_vm(vmid, newid, node, name, memory, cpu, cores, sockets, update,
|
proxmox.create_vm(vmid, newid, node, name, memory, cpu, cores, sockets, update, update_unsafe,
|
||||||
archive=module.params['archive'],
|
archive=module.params['archive'],
|
||||||
acpi=module.params['acpi'],
|
acpi=module.params['acpi'],
|
||||||
agent=module.params['agent'],
|
agent=module.params['agent'],
|
||||||
|
|
Loading…
Reference in a new issue