def test_app_service_environment_v3_zone_create(self, ase_client_factory_mock, network_client_factory_mock,
resource_client_factory_mock, deployment_name_mock):
ase_name = 'mock_ase_name'
rg_name = 'mock_rg_name'
vnet_name = 'mock_vnet_name'
subnet_name = 'mock_subnet_name'
deployment_name = 'mock_deployment_name'
ase_client = mock.MagicMock()
ase_client_factory_mock.return_value = ase_client
resource_client_mock = mock.MagicMock()
resource_client_factory_mock.return_value = resource_client_mock
deployment_name_mock.return_value = deployment_name
network_client = mock.MagicMock()
network_client_factory_mock.return_value = network_client
subnet = Subnet(id=1, address_prefix='10.10.10.10/24')
hosting_delegation = Delegation(id=1, service_name='Microsoft.Web/hostingEnvironments')
subnet.delegations = [hosting_delegation]
network_client.subnets.get.return_value = subnet
create_appserviceenvironment_arm(self.mock_cmd, resource_group_name=rg_name, name=ase_name,
subnet=subnet_name, vnet_name=vnet_name, kind='ASEv3',
location='westeurope', zone_redundant=True)
# Assert begin_create_or_update is called with correct rg and deployment name
resource_client_mock.deployments.begin_create_or_update.assert_called_once()
call_args = resource_client_mock.deployments.begin_create_or_update.call_args
self.assertEqual(call_args[0][0], rg_name)
self.assertEqual(call_args[0][1], deployment_name)
def test_app_service_environment_create(self, ase_client_factory_mock,
network_client_factory_mock,
resource_client_factory_mock,
deployment_name_mock):
ase_name = 'mock_ase_name'
rg_name = 'mock_rg_name'
vnet_name = 'mock_vnet_name'
subnet_name = 'mock_subnet_name'
deployment_name = 'mock_deployment_name'
ase_client = mock.MagicMock()
ase_client_factory_mock.return_value = ase_client
resource_client_mock = mock.MagicMock()
resource_client_factory_mock.return_value = resource_client_mock
deployment_name_mock.return_value = deployment_name
network_client = mock.MagicMock()
network_client_factory_mock.return_value = network_client
subnet = Subnet(id=1, address_prefix='10.10.10.10/25')
network_client.subnets.get.return_value = subnet
# assert that ValidationError raised when called with small subnet
with self.assertRaises(ValidationError):
create_appserviceenvironment_arm(
self.mock_cmd,
resource_group_name=rg_name,
name=ase_name,
subnet=subnet_name,
vnet_name=vnet_name,
ignore_network_security_group=True,
ignore_route_table=True,
location='westeurope')
subnet = Subnet(id=1, address_prefix='10.10.10.10/24')
network_client.subnets.get.return_value = subnet
create_appserviceenvironment_arm(self.mock_cmd,
resource_group_name=rg_name,
name=ase_name,
subnet=subnet_name,
vnet_name=vnet_name,
ignore_network_security_group=True,
ignore_route_table=True,
location='westeurope')
# Assert create_or_update is called with correct rg and deployment name
resource_client_mock.deployments.create_or_update.assert_called_once()
self.assertEqual(
resource_client_mock.deployments.create_or_update.call_args[0][0],
rg_name)
self.assertEqual(
resource_client_mock.deployments.create_or_update.call_args[0][1],
deployment_name)
def create_subnet(resource_group_name, virtual_network_name, subnet_name,
address_prefix='10.0.0.0/24', network_security_group=None):
'''Create a virtual network (VNet) subnet
:param str address_prefix: address prefix in CIDR format.
:param str network_security_group: attach with existing network security group,
both name or id are accepted.
'''
ncf = _network_client_factory()
subnet = Subnet(name=subnet_name, address_prefix=address_prefix)
subnet.address_prefix = address_prefix
if network_security_group:
subnet.network_security_group = NetworkSecurityGroup(network_security_group)
return ncf.subnets.create_or_update(resource_group_name, virtual_network_name,
subnet_name, subnet)
def get(self, resource_group_name: str, virtual_network_name: str, subnet_name: str) -> NetworkSecurityGroup:
try:
with open(self.path / resource_group_name / f"subnet-{virtual_network_name}-{subnet_name}.json", "r",
encoding="utf-8") as file:
return Subnet.deserialize(json.load(file))
except FileNotFoundError:
raise ResourceNotFoundError("Subnet group not found") from None
def set_lb_frontend_ip_configuration(resource_group_name,
load_balancer_name,
item_name,
private_ip_address=None,
private_ip_address_allocation=None,
public_ip_address=None,
subnet=None,
virtual_network_name=None): # pylint: disable=unused-argument
ncf = _network_client_factory()
lb = ncf.load_balancers.get(resource_group_name, load_balancer_name)
item = _get_property(lb.frontend_ip_configurations, item_name)
if private_ip_address == '':
item.private_ip_allocation_method = private_ip_address_allocation
item.private_ip_address = None
elif private_ip_address is not None:
item.private_ip_allocation_method = private_ip_address_allocation
item.private_ip_address = private_ip_address
if subnet == '':
item.subnet = None
elif subnet is not None:
item.subnet = Subnet(subnet)
if public_ip_address == '':
item.public_ip_address = None
elif public_ip_address is not None:
item.public_ip_address = PublicIPAddress(public_ip_address)
return ncf.load_balancers.create_or_update(resource_group_name,
load_balancer_name, lb)
def create_nic_ip_config(
resource_group_name,
network_interface_name,
ip_config_name,
subnet=None,
virtual_network_name=None,
public_ip_address=None,
load_balancer_name=None, # pylint: disable=unused-argument
load_balancer_backend_address_pool_ids=None,
load_balancer_inbound_nat_rule_ids=None,
private_ip_address=None,
private_ip_address_allocation='dynamic',
private_ip_address_version='ipv4'):
ncf = _network_client_factory()
nic = ncf.network_interfaces.get(resource_group_name,
network_interface_name)
nic.ip_configurations.append(
NetworkInterfaceIPConfiguration(
name=ip_config_name,
subnet=Subnet(subnet) if subnet else None,
public_ip_address=PublicIPAddress(public_ip_address)
if public_ip_address else None,
load_balancer_backend_address_pools=
load_balancer_backend_address_pool_ids,
load_balancer_inbound_nat_rules=load_balancer_inbound_nat_rule_ids,
private_ip_address=private_ip_address,
private_ip_allocation_method=private_ip_address_allocation,
private_ip_address_version=private_ip_address_version))
return ncf.network_interfaces.create_or_update(resource_group_name,
network_interface_name, nic)
def create_virtual_network(self, network_client, parameters, network_name,
subnet_name):
""" Creates the network resources, such as Virtual network and Subnet.
Args:
network_client: A NetworkManagementClient instance.
parameters: A dict, containing all the parameters necessary to
authenticate this user with Azure.
network_name: The name to use for the Virtual Network resource.
subnet_name: The name to use for the Subnet resource.
Returns:
A Subnet instance from the Virtual Network created.
"""
group_name = parameters[self.PARAM_RESOURCE_GROUP]
region = parameters[self.PARAM_ZONE]
verbose = parameters[self.PARAM_VERBOSE]
AppScaleLogger.verbose(
"Creating/Updating the Virtual Network '{}'".format(network_name),
verbose)
address_space = AddressSpace(address_prefixes=['10.1.0.0/16'])
subnet1 = Subnet(name=subnet_name, address_prefix='10.1.0.0/24')
result = network_client.virtual_networks.create_or_update(
group_name, network_name,
VirtualNetwork(location=region,
address_space=address_space,
subnets=[subnet1]))
self.sleep_until_update_operation_done(result, network_name, verbose)
subnet = network_client.subnets.get(group_name, network_name,
subnet_name)
return subnet
def run_action(credentials, rule, entity, params):
logging.info(f'{__file__} - ${run_action.__name__} started')
subscription_id = entity['accountNumber']
server_group_name = entity['resourceGroup']['name']
sql_server_name = entity['name']
sql_server_region = entity['region']
logging.info(
f'{__file__} - subscription_id : {subscription_id} - server_group_name : {server_group_name} - sql_server : {sql_server_name}')
if not subscription_id or not credentials:
return raise_credentials_error()
try:
network_client = NetworkManagementClient(credentials,subscription_id)
sql_client = SqlManagementClient(credentials, subscription_id)
vnets = network_client.virtual_networks.list_all()
acls = []
endpoint_params = [ServiceEndpointPropertiesFormat(service='Microsoft.Sql', locations=["*"])]
subnet_path = ""
for v in vnets:
vnet_name = v.name
vnet_nsg_split = v.id.split('/')
vnet_nsg = vnet_nsg_split[4]
subnets = v.subnets
vnet_region = v.location
if sql_server_region == vnet_region:
logging.info(f'Regions match - applying ACLs to {vnet_name}')
for s in subnets:
subnet_path = s.id
subnet_name = s.name
subnet_address_prefix = s.address_prefix
service_endpoint_list = s.service_endpoints
firewall_rule_name = vnet_name + "-" + subnet_name + " auto-generated rule"
logging.info(f'Subnet path : {subnet_path} Subnet Name : {subnet_name} Subnet CIDR : {subnet_address_prefix} Endpoint list : {service_endpoint_list}')
# Create storage endpoint if doesn't exist
if not service_endpoint_list:
network_client.subnets.begin_create_or_update(resource_group_name=vnet_nsg, virtual_network_name=vnet_name, subnet_name=subnet_name,
subnet_parameters=Subnet(address_prefix=subnet_address_prefix, service_endpoints=endpoint_params))
else:
logging.info(f'Service Endpoint for subnet {subnet_name} already exists, not creating')
logging.info(*service_endpoint_list)
acls.append(VirtualNetworkRule(virtual_network_subnet_id=subnet_path))
sql_client.virtual_network_rules.begin_create_or_update(server_group_name, sql_server_name, firewall_rule_name, parameters=VirtualNetworkRule(
virtual_network_subnet_id=subnet_path, ignore_missing_vnet_service_endpoint=False))
logging.info(f'Azure SQL firewall rule {firewall_rule_name} set successfully on : {sql_server_name}')
else:
logging.info(f'Regions do not match - skipping {vnet_name}')
except (HttpResponseError, ResourceExistsError) as e:
logging.info(f'An error occured : {e}')
def associate_subnet(name: str, vnet: VirtualNetwork,
subnet: Subnet) -> Union[None, Error]:
resource_group = get_base_resource_group()
nsg = get_nsg(name)
if not nsg:
return Error(
code=ErrorCode.UNABLE_TO_FIND,
errors=["cannot associate subnet. nsg %s not found" % name],
)
if nsg.location != vnet.location:
return Error(
code=ErrorCode.UNABLE_TO_UPDATE,
errors=[
"subnet and nsg have to be in the same region.",
"nsg %s %s, subnet: %s %s" %
(nsg.name, nsg.location, subnet.name, subnet.location),
],
)
if subnet.network_security_group and subnet.network_security_group.id == nsg.id:
logging.info("Subnet %s and NSG %s already associated, not updating",
subnet.name, name)
return None
logging.info("associating subnet %s with nsg: %s %s", subnet.name,
resource_group, name)
subnet.network_security_group = nsg
network_client = get_network_client()
try:
network_client.subnets.begin_create_or_update(resource_group,
vnet.name, subnet.name,
subnet)
except (ResourceNotFoundError, CloudError) as err:
if is_concurrent_request_error(str(err)):
logging.debug(
"associate NSG with subnet had conflicts",
"with concurrent request, ignoring %s",
err,
)
return None
return Error(
code=ErrorCode.UNABLE_TO_UPDATE,
errors=[
"Unable to associate nsg %s with subnet %s due to %s" % (
name,
subnet.name,
err,
)
],
)
return None
def list(self, resource_group_name: str, virtual_network_name: str) -> List[Subnet]:
try:
files = [file for file in os.listdir(self.path / resource_group_name) if
file.startswith(f"subnet-{virtual_network_name}")]
except FileNotFoundError:
raise ResourceNotFoundError("No resource group") from None
elements = []
for file in files:
with open(self.path / resource_group_name / file, "r", encoding="utf-8") as file:
elements.append(Subnet.deserialize(json.load(file)))
return elements
def create_subnet(resource_group_name,
virtual_network_name,
subnet_name,
address_prefix='10.0.0.0/24',
network_security_group=None):
'''Create a virtual network (VNet) subnet
:param str address_prefix: address prefix in CIDR format.
:param str network_security_group: attach with existing network security group,
both name or id are accepted.
'''
ncf = _network_client_factory()
subnet = Subnet(name=subnet_name, address_prefix=address_prefix)
subnet.address_prefix = address_prefix
if network_security_group:
subnet.network_security_group = NetworkSecurityGroup(
network_security_group)
return ncf.subnets.create_or_update(resource_group_name,
virtual_network_name, subnet_name,
subnet)
def dissociate_subnet(name: str, vnet: VirtualNetwork,
subnet: Subnet) -> Union[None, Error]:
if subnet.network_security_group is None:
return None
resource_group = get_base_resource_group()
nsg = get_nsg(name)
if not nsg:
return Error(
code=ErrorCode.UNABLE_TO_FIND,
errors=["cannot update nsg rules. nsg %s not found" % name],
)
if nsg.id != subnet.network_security_group.id:
return Error(
code=ErrorCode.UNABLE_TO_UPDATE,
errors=[
"subnet is not associated with this nsg.",
"nsg %s, subnet: %s, subnet.nsg: %s" % (
nsg.id,
subnet.name,
subnet.network_security_group.id,
),
],
)
logging.info("dissociating subnet %s with nsg: %s %s", subnet.name,
resource_group, name)
subnet.network_security_group = None
network_client = get_network_client()
try:
network_client.subnets.begin_create_or_update(resource_group,
vnet.name, subnet.name,
subnet)
except (ResourceNotFoundError, CloudError) as err:
if is_concurrent_request_error(str(err)):
logging.debug(
"dissociate nsg with subnet had conflicts with ",
"concurrent request, ignoring %s",
err,
)
return None
return Error(
code=ErrorCode.UNABLE_TO_UPDATE,
errors=[
"Unable to dissociate nsg %s with subnet %s due to %s" % (
name,
subnet.name,
err,
)
],
)
return None
def create_ase_inbound_services(cmd,
resource_group_name,
name,
subnet,
vnet_name=None,
skip_dns=False):
ase_client = _get_ase_client_factory(cmd.cli_ctx)
ase = ase_client.get(resource_group_name, name)
if not ase:
raise ResourceNotFoundError(
"App Service Environment '{}' not found.".format(name))
inbound_subnet_id = _validate_subnet_id(cmd.cli_ctx, subnet, vnet_name,
resource_group_name)
inbound_vnet_id = _get_vnet_id_from_subnet(cmd.cli_ctx, inbound_subnet_id)
if ase.kind.lower() == 'asev3':
_ensure_subnet_private_endpoint_network_policy(cmd.cli_ctx,
inbound_subnet_id,
False)
network_client = _get_network_client_factory(cmd.cli_ctx)
pls_connection = PrivateLinkServiceConnection(
private_link_service_id=ase.id,
group_ids=['hostingEnvironments'],
request_message='Link from CLI',
name='{}-private-connection'.format(name))
private_endpoint = PrivateEndpoint(location=ase.location,
tags=None,
subnet=Subnet(id=inbound_subnet_id))
private_endpoint.private_link_service_connections = [pls_connection]
poller = network_client.private_endpoints.begin_create_or_update(
resource_group_name, '{}-private-endpoint'.format(name),
private_endpoint)
LongRunningOperation(cmd.cli_ctx)(poller)
ase_pe = poller.result()
nic_name = parse_resource_id(ase_pe.network_interfaces[0].id)['name']
nic = network_client.network_interfaces.get(resource_group_name,
nic_name)
inbound_ip_address = nic.ip_configurations[0].private_ip_address
elif ase.kind.lower() == 'asev2':
if ase.internal_load_balancing_mode == 0:
raise ValidationError(
'Private DNS Zone is not relevant for External ASEv2.')
ase_vip_info = ase_client.get_vip_info(resource_group_name, name)
inbound_ip_address = ase_vip_info.internal_ip_address
if not skip_dns:
_ensure_ase_private_dns_zone(cmd.cli_ctx,
resource_group_name=resource_group_name,
name=name,
inbound_vnet_id=inbound_vnet_id,
inbound_ip_address=inbound_ip_address)
def set_nic_ip_config(
resource_group_name,
network_interface_name,
ip_config_name,
subnet=None,
virtual_network_name=None,
public_ip_address=None,
load_balancer_name=None, # pylint: disable=unused-argument
load_balancer_backend_address_pool_ids=None,
load_balancer_inbound_nat_rule_ids=None,
private_ip_address=None,
private_ip_address_allocation=None, # pylint: disable=unused-argument
private_ip_address_version='ipv4'):
ncf = _network_client_factory()
nic = ncf.network_interfaces.get(resource_group_name,
network_interface_name)
ip_config = _get_property(nic.ip_configurations, ip_config_name)
if private_ip_address == '':
ip_config.private_ip_address = None
ip_config.private_ip_allocation_method = 'dynamic'
ip_config.private_ip_address_version = 'ipv4'
elif private_ip_address is not None:
ip_config.private_ip_address = private_ip_address
ip_config.private_ip_allocation_method = 'static'
if private_ip_address_version is not None:
ip_config.private_ip_address_version = private_ip_address_version
if subnet == '':
ip_config.subnet = None
elif subnet is not None:
ip_config.subnet = Subnet(subnet)
if public_ip_address == '':
ip_config.public_ip_address = None
elif public_ip_address is not None:
ip_config.public_ip_address = PublicIPAddress(public_ip_address)
if load_balancer_backend_address_pool_ids == '':
ip_config.load_balancer_backend_address_pools = None
elif load_balancer_backend_address_pool_ids is not None:
ip_config.load_balancer_backend_address_pools = load_balancer_backend_address_pool_ids
if load_balancer_inbound_nat_rule_ids == '':
ip_config.load_balancer_inbound_nat_rules = None
elif load_balancer_inbound_nat_rule_ids is not None:
ip_config.load_balancer_inbound_nat_rules = load_balancer_inbound_nat_rule_ids
return ncf.network_interfaces.create_or_update(resource_group_name,
network_interface_name, nic)
def create_vnet(credentials, subscription_id, **kwargs):
"""
Create a Batch account
:param credentials: msrestazure.azure_active_directory.AdalAuthentication
:param subscription_id: str
:param **resource_group: str
:param **virtual_network_name: str
:param **subnet_name: str
:param **region: str
"""
network_client = NetworkManagementClient(credentials, subscription_id)
resource_group_name = kwargs.get("resource_group",
DefaultSettings.resource_group)
virtual_network_name = kwargs.get("virtual_network_name",
DefaultSettings.virtual_network_name)
subnet_name = kwargs.get("subnet_name", DefaultSettings.subnet_name)
# get vnet, and subnet if they exist
virtual_network = subnet = None
try:
virtual_network = network_client.virtual_networks.get(
resource_group_name=resource_group_name,
virtual_network_name=virtual_network_name,
)
except CloudError as e:
pass
if virtual_network:
confirmation_prompt = "A virtual network with the same name ({}) was found. \n"\
"Please note that the existing address space and subnets may be changed or destroyed. \n"\
"Do you want to use this virtual network? (y/n): ".format(virtual_network_name)
deny_error = AccountSetupError(
"Virtual network already exists, not recreating.")
unrecognized_input_error = AccountSetupError("Input not recognized.")
prompt_for_confirmation(confirmation_prompt, deny_error,
unrecognized_input_error)
virtual_network = network_client.virtual_networks.create_or_update(
resource_group_name=resource_group_name,
virtual_network_name=kwargs.get("virtual_network_name",
DefaultSettings.virtual_network_name),
parameters=VirtualNetwork(location=kwargs.get("region",
DefaultSettings.region),
address_space=AddressSpace(["10.0.0.0/24"])))
virtual_network = virtual_network.result()
subnet = network_client.subnets.create_or_update(
resource_group_name=resource_group_name,
virtual_network_name=virtual_network_name,
subnet_name=subnet_name,
subnet_parameters=Subnet(address_prefix='10.0.0.0/24'))
return subnet.result().id
def get_nic_params(self, controller_ip):
location = self.configuration.get('location')
vm_name = self.vm_json.get('name')
try:
return NetworkInterface(
location=location,
ip_configurations=[
NetworkInterfaceIPConfiguration(
name='%s-%s' % (vm_name, controller_ip),
private_ip_address=controller_ip,
private_ip_allocation_method='Static',
private_ip_address_version='IPv4',
subnet=Subnet(id=self.subnet_id))
])
except Exception as e:
fail('Error while getting nic parameters %s' % str(e))
def create_lb_frontend_ip_configuration(
resource_group_name,
load_balancer_name,
item_name,
public_ip_address=None,
subnet=None,
virtual_network_name=None,
private_ip_address=None, # pylint: disable=unused-argument
private_ip_address_allocation='dynamic'):
ncf = _network_client_factory()
lb = ncf.load_balancers.get(resource_group_name, load_balancer_name)
lb.frontend_ip_configurations.append(
FrontendIPConfiguration(
name=item_name,
private_ip_address=private_ip_address,
private_ip_allocation_method=private_ip_address_allocation,
public_ip_address=PublicIPAddress(public_ip_address)
if public_ip_address else None,
subnet=Subnet(subnet) if subnet else None))
return ncf.load_balancers.create_or_update(resource_group_name,
load_balancer_name, lb)
def exec_module(self, **kwargs):
nsg = None
subnet = None
for key in self.module_arg_spec:
setattr(self, key, kwargs[key])
if self.state == 'present' and not CIDR_PATTERN.match(self.address_prefix_cidr):
self.fail("Invalid address_prefix_cidr value {0}".format(self.address_prefix_cidr))
if self.security_group_name:
nsg = self.get_security_group(self.security_group_name)
results = dict()
changed = False
try:
self.log('Fetching subnet {0}'.format(self.name))
subnet = self.network_client.subnets.get(self.resource_group,
self.virtual_network_name,
self.name)
self.check_provisioning_state(subnet, self.state)
results = subnet_to_dict(subnet)
if self.state == 'present':
if self.address_prefix_cidr:
if results['address_prefix'] != self.address_prefix_cidr:
self.log("CHANGED: subnet {0} address_prefix_cidr".format(self.name))
changed = True
results['address_prefix'] = self.address_prefix_cidr
if self.security_group_name:
if results['network_security_group'].get('id') != nsg.id:
self.log("CHANGED: subnet {0} network security group".format(self.name))
changed = True
results['network_security_group']['id'] = nsg.id
results['network_security_group']['name'] = nsg.name
elif self.state == 'absent':
changed = True
except CloudError:
# the subnet does not exist
if self.state == 'present':
changed = True
self.results['changed'] = changed
self.results['state'] = results
if not self.check_mode:
if self.state == 'present' and changed:
if not subnet:
# create new subnet
self.log('Creating subnet {0}'.format(self.name))
subnet = Subnet(
address_prefix=self.address_prefix_cidr
)
if nsg:
subnet.network_security_group = NetworkSecurityGroup(id=nsg.id,
location=nsg.location,
resource_guid=nsg.resource_guid)
else:
# update subnet
self.log('Updating subnet {0}'.format(self.name))
subnet = Subnet(
address_prefix=results['address_prefix']
)
if results['network_security_group'].get('id'):
nsg = self.get_security_group(results['network_security_group']['name'])
subnet.network_security_group = NetworkSecurityGroup(id=nsg.id,
location=nsg.location,
resource_guid=nsg.resource_guid)
self.results['state'] = self.create_or_update_subnet(subnet)
elif self.state == 'absent':
# delete subnet
self.delete_subnet()
# the delete does not actually return anything. if no exception, then we'll assume
# it worked.
self.results['state']['status'] = 'Deleted'
return self.results
def exec_module(self, **kwargs):
"""Main module execution method"""
for key in self.module_args.keys():
setattr(self, key, kwargs[key])
results = dict()
changed = False
pip = None
load_balancer_props = dict()
try:
resource_group = self.get_resource_group(self.resource_group)
except CloudError:
self.fail('resource group {} not found'.format(
self.resource_group))
if not self.location:
self.location = resource_group.location
load_balancer_props['location'] = self.location
if self.state == 'present':
# handle present status
frontend_ip_config_name = random_name('feipconfig')
frontend_ip_config_id = frontend_ip_configuration_id(
subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=frontend_ip_config_name)
if self.public_ip_address_name:
pip = self.get_public_ip_address(self.public_ip_address_name)
load_balancer_props['frontend_ip_configurations'] = [
FrontendIPConfiguration(name=frontend_ip_config_name,
public_ip_address=pip)
]
elif self.state == 'absent':
try:
self.network_client.load_balancers.delete(
resource_group_name=self.resource_group,
load_balancer_name=self.name).wait()
changed = True
except CloudError:
changed = False
self.results['changed'] = changed
return self.results
try:
# before we do anything, we need to attempt to retrieve the load balancer
# knowing whether or not it exists will tell us what to do in the future
self.log('Fetching load balancer {}'.format(self.name))
load_balancer = self.network_client.load_balancers.get(
self.resource_group, self.name)
self.log('Load balancer {} exists'.format(self.name))
self.check_provisioning_state(load_balancer, self.state)
results = load_balancer_to_dict(load_balancer)
self.log(results, pretty_print=True)
if self.state == 'present':
update_tags, results['tags'] = self.update_tags(
results['tags'])
if update_tags:
changed = True
except CloudError:
self.log('Load balancer {} does not exist'.format(self.name))
if self.state == 'present':
self.log(
'CHANGED: load balancer {} does not exist but requested status \'present\''
.format(self.name))
changed = True
backend_address_pool_name = random_name('beap')
backend_addr_pool_id = backend_address_pool_id(
subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=backend_address_pool_name)
load_balancer_props['backend_address_pools'] = [
BackendAddressPool(name=backend_address_pool_name)
]
probe_name = random_name('probe')
prb_id = probe_id(subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=probe_name)
if self.probe_protocol:
load_balancer_props['probes'] = [
Probe(name=probe_name,
protocol=self.probe_protocol,
port=self.probe_port,
interval_in_seconds=self.probe_interval,
number_of_probes=self.probe_fail_count,
request_path=self.probe_request_path)
]
load_balancing_rule_name = random_name('lbr')
if self.protocol:
load_balancer_props['load_balancing_rules'] = [
LoadBalancingRule(
name=load_balancing_rule_name,
frontend_ip_configuration=SubResource(
id=frontend_ip_config_id),
backend_address_pool=SubResource(id=backend_addr_pool_id),
probe=SubResource(id=prb_id),
protocol=self.protocol,
load_distribution=self.load_distribution,
frontend_port=self.frontend_port,
backend_port=self.backend_port,
idle_timeout_in_minutes=self.idle_timeout,
enable_floating_ip=False)
]
inbound_nat_pool_name = random_name('inp')
if frontend_ip_config_id and self.natpool_protocol:
load_balancer_props['inbound_nat_pools'] = [
InboundNatPool(
name=inbound_nat_pool_name,
frontend_ip_configuration=Subnet(id=frontend_ip_config_id),
protocol=self.natpool_protocol,
frontend_port_range_start=self.natpool_frontend_port_start,
frontend_port_range_end=self.natpool_frontend_port_end,
backend_port=self.natpool_backend_port)
]
self.results['changed'] = changed
self.results['state'] = (results if results else load_balancer_to_dict(
LoadBalancer(**load_balancer_props)))
if self.check_mode:
return self.results
try:
self.network_client.load_balancers.create_or_update(
resource_group_name=self.resource_group,
load_balancer_name=self.name,
parameters=LoadBalancer(**load_balancer_props)).wait()
except CloudError as err:
self.fail('Error creating load balancer {}'.format(err))
return self.results
def create_network_interface(network_client, region, group_name, interface_name,
network_name, subnet_name, ip_name):
result = network_client.virtual_networks.create_or_update(
group_name,
network_name,
VirtualNetwork(
location=region,
address_space=AddressSpace(
address_prefixes=[
'10.1.0.0/16',
],
),
subnets=[
Subnet(
name=subnet_name,
address_prefix='10.1.0.0/24',
),
],
),
)
print('Creating Virtual Network...')
result.wait() # async operation
subnet = network_client.subnets.get(group_name, network_name, subnet_name)
result = network_client.public_ip_addresses.create_or_update(
group_name,
ip_name,
PublicIPAddress(
location=region,
public_ip_allocation_method=IPAllocationMethod.dynamic,
idle_timeout_in_minutes=4,
),
)
print('Creating Subnet...')
result.wait() # async operation
# Creating Public IP
public_ip_address = network_client.public_ip_addresses.get(group_name, ip_name)
public_ip_id = public_ip_address.id
print('Creating Public IP...')
result.wait() # async operation
result = network_client.network_interfaces.create_or_update(
group_name,
interface_name,
NetworkInterface(
location=region,
ip_configurations=[
NetworkInterfaceIPConfiguration(
name='default',
private_ip_allocation_method=IPAllocationMethod.dynamic,
subnet=subnet,
public_ip_address=PublicIPAddress(
id=public_ip_id,
),
),
],
),
)
print('Creating Network Interface...')
result.wait() # async operation
network_interface = network_client.network_interfaces.get(
group_name,
interface_name,
)
return network_interface.id
def create_subnet_object(address_prefix,nsg):
return Subnet(address_prefix=address_prefix,network_security_group =nsg)
def exec_module(self, **kwargs):
"""Main module execution method"""
for key in list(self.module_args.keys()) + ['tags']:
setattr(self, key, kwargs[key])
if self.state == 'absent':
try:
self.network_client.load_balancers.delete(resource_group_name=self.resource_group, load_balancer_name=self.name).wait()
changed = True
except CloudError:
changed = False
self.results['changed'] = changed
return self.results
# From now on, suppose state==present
if bool(self.subnet_name) != bool(self.virtual_network_name):
self.fail('subnet_name and virtual_network_name must come together. The current values are {0} and {1}'.format(
self.subnet_name, self.virtual_network_name))
if not self.subnet_resource_group:
self.subnet_resource_group = self.resource_group
if self.protocol:
if not self.frontend_port:
self.fail('frontend_port is {0} but some of the following are missing: frontend_port, backend_port'.format(self.protocol))
if not self.backend_port:
self.backend_port = self.frontend_port
if self.nat_protocol:
if not self.nat_frontend_port:
self.fail("nat_protocol is {0} but some of the following are missing: nat_frontend_port, nat_backend_port".format(self.nat_protocol))
if not self.nat_backend_port:
self.nat_backend_port = self.nat_frontend_port
if not self.public_ip_address_name and (not self.subnet_name or not self.virtual_network_name):
self.fail('subnet_name and virtual_network_name must be given when using priviate ip frontend!')
if not self.public_ip_address_name and not self.private_ip_address and self.private_ip_allocation_method == 'Static':
self.fail('private_ip_allocation_method must be Dynamic when neither public_ip_address_name nor private_ip_address is given!')
results = dict()
changed = False
pip = None
subnet = None
load_balancer_props = dict()
try:
resource_group = self.get_resource_group(self.resource_group)
except CloudError:
self.fail('resource group {} not found'.format(self.resource_group))
if not self.location:
self.location = resource_group.location
load_balancer_props['location'] = self.location
if self.subnet_name and self.virtual_network_name:
subnet = get_subnet(self, self.subnet_resource_group, self.virtual_network_name, self.subnet_name)
# handle present status
try:
# before we do anything, we need to attempt to retrieve the load balancer and compare with current parameters
self.log('Fetching load balancer {}'.format(self.name))
load_balancer = self.network_client.load_balancers.get(self.resource_group, self.name)
self.log('Load balancer {} exists'.format(self.name))
self.check_provisioning_state(load_balancer, self.state)
results = load_balancer_to_dict(load_balancer)
self.log(results, pretty_print=True)
update_tags, load_balancer_props['tags'] = self.update_tags(results['tags'])
if update_tags:
changed = True
# check difference with current status
# check frontend ip configurations: subnet_id, name, public_ip_address, private_ip_address, private_ip_allocation_method.
if not results['frontend_ip_configurations']: # a frontend must be there
raise DiffErr('load balancer {0} frontend'.format(self.name))
if self.subnet_name and subnet.id != results['frontend_ip_configurations'][0]['subnet']['id']:
raise DiffErr('load balancer {0} subnet id'.format(self.name))
if self.frontend_ip_config_name and self.frontend_ip_config_name != results['frontend_ip_configurations'][0]['name']:
raise DiffErr('load balancer {0} probe request frontend_ip_config_name'.format(self.name))
if self.public_ip_address_name and self.public_ip_address_name != results['frontend_ip_configurations'][0]['public_ip_address']:
raise DiffErr('load balancer {0} public ip'.format(self.name))
if self.private_ip_address and self.private_ip_address != results['frontend_ip_configurations'][0]['private_ip_address']:
raise DiffErr('load balancer {0} private ip'.format(self.name))
if self.private_ip_allocation_method and self.private_ip_allocation_method != \
results['frontend_ip_configurations'][0]['private_ip_allocation_method']:
raise DiffErr('load balancer {0} probe request private_ip_allocation_method'.format(self.name))
# check probe configurations: port, protocol, interval, number of probes, request_path, name
if self.probe_protocol and not results['probes']:
raise DiffErr('load balancer {0} probe'.format(self.name))
if self.probe_port and self.probe_port != results['probes'][0]['port']:
raise DiffErr('load balancer {0} probe_port'.format(self.name))
if self.probe_protocol and self.probe_protocol != results['probes'][0]['protocol']:
raise DiffErr('load balancer {0} probe_protocol'.format(self.name))
if self.probe_interval and self.probe_interval != results['probes'][0]['interval_in_seconds']:
raise DiffErr('load balancer {0} probe_interval'.format(self.name))
if self.probe_fail_count and self.probe_fail_count != results['probes'][0]['number_of_probes']:
raise DiffErr('load balancer {0} probe_fail_count'.format(self.name))
if self.probe_protocol == 'Http' and self.probe_request_path and self.probe_request_path != results['probes'][0]['request_path']:
raise DiffErr('load balancer {0} probe_request_path'.format(self.name))
if self.probe_name and self.probe_name != results['probes'][0]['name']:
raise DiffErr('load balancer {0} probe request probe_name'.format(self.name))
# check load balancing rule configurations: protocol, distribution, frontend port, backend port, idle, name
if self.protocol:
if not results['load_balancing_rules']:
raise DiffErr('load balancer {0} load balancing rule'.format(self.name))
if self.protocol != results['load_balancing_rules'][0]['protocol']:
raise DiffErr('load balancer {0} probe request protocol'.format(self.name))
if self.load_distribution != results['load_balancing_rules'][0]['load_distribution']:
raise DiffErr('load balancer {0} probe request load_distribution'.format(self.name))
if self.frontend_port and self.frontend_port != results['load_balancing_rules'][0]['frontend_port']:
raise DiffErr('load balancer {0} probe request frontend_port'.format(self.name))
if self.backend_port != results['load_balancing_rules'][0]['backend_port']:
raise DiffErr('load balancer {0} probe request backend_port'.format(self.name))
if self.idle_timeout != results['load_balancing_rules'][0]['idle_timeout_in_minutes']:
raise DiffErr('load balancer {0} probe request idel_timeout'.format(self.name))
if self.load_balancing_rule_name != results['load_balancing_rules'][0]['name']:
raise DiffErr('load balancer {0} probe request load_balancing_rule_name'.format(self.name))
# check backend address pool configuration: name only, which will be used by NIC module
if self.backend_address_pool_name and not results['backend_address_pools']:
raise DiffErr('load balancer {0} backend address pool'.format(self.name))
if self.backend_address_pool_name and self.backend_address_pool_name != results['backend_address_pools'][0]['name']:
raise DiffErr('load balancer {0} probe request backend_address_pool_name'.format(self.name))
# check inbound nat rule:
if self.nat_protocol:
if not results['inbound_nat_rules']:
raise DiffErr('load balancer {0} inbound nat rule'.format(self.name))
if self.nat_protocol != results['inbound_nat_rules'][0]['protocol']:
raise DiffErr('load balancer {0} inbound nat_protocol'.format(self.name))
if self.nat_name != results['inbound_nat_rules'][0]['name']:
raise DiffErr('load balancer {0} inbound nat_name'.format(self.name))
if self.nat_frontend_port != results['inbound_nat_rules'][0]['frontend_port']:
raise DiffErr('load balancer {0} inbound nat_frontend_port'.format(self.name))
if self.nat_backend_port != results['inbound_nat_rules'][0]['backend_port']:
raise DiffErr('load balancer {0} inbound nat_backend_port'.format(self.name))
except (IndexError, KeyError, DiffErr) as e:
self.log('CHANGED: {0}'.format(e))
changed = True
except CloudError:
self.log('CHANGED: load balancer {} does not exist but requested status \'present\''.format(self.name))
changed = True
if not changed or self.check_mode:
self.results['changed'] = changed
self.results['state'] = results
return self.results
# From now changed==True
if self.tags:
load_balancer_props['tags'] = self.tags
frontend_ip_config_id = frontend_ip_configuration_id(
subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=self.frontend_ip_config_name
)
if self.public_ip_address_name:
pip = self.get_public_ip_address(self.public_ip_address_name)
load_balancer_props['frontend_ip_configurations'] = [
FrontendIPConfiguration(
name=self.frontend_ip_config_name,
public_ip_address=pip
)
]
elif self.private_ip_address or self.private_ip_allocation_method == 'Dynamic':
load_balancer_props['frontend_ip_configurations'] = [
FrontendIPConfiguration(
name=self.frontend_ip_config_name,
private_ip_address=self.private_ip_address,
private_ip_allocation_method=self.private_ip_allocation_method,
subnet=get_subnet(self, self.subnet_resource_group, self.virtual_network_name, self.subnet_name)
)
]
backend_addr_pool_id = backend_address_pool_id(
subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=self.backend_address_pool_name
)
load_balancer_props['backend_address_pools'] = [BackendAddressPool(name=self.backend_address_pool_name)]
prb_id = probe_id(
subscription_id=self.subscription_id,
resource_group_name=self.resource_group,
load_balancer_name=self.name,
name=self.probe_name
)
if self.probe_protocol:
load_balancer_props['probes'] = [
Probe(
name=self.probe_name,
protocol=self.probe_protocol,
port=self.probe_port,
interval_in_seconds=self.probe_interval,
number_of_probes=self.probe_fail_count,
request_path=self.probe_request_path
)
]
if self.protocol:
load_balancer_props['load_balancing_rules'] = [
LoadBalancingRule(
name=self.load_balancing_rule_name,
frontend_ip_configuration=SubResource(id=frontend_ip_config_id),
backend_address_pool=SubResource(id=backend_addr_pool_id),
probe=SubResource(id=prb_id),
protocol=self.protocol,
load_distribution=self.load_distribution,
frontend_port=self.frontend_port,
backend_port=self.backend_port,
idle_timeout_in_minutes=self.idle_timeout,
enable_floating_ip=False
)
]
if self.nat_protocol:
load_balancer_props['inbound_nat_rules'] = [
InboundNatRule(
name=self.nat_name,
frontend_ip_configuration=SubResource(id=frontend_ip_config_id),
frontend_port=self.nat_frontend_port,
backend_port=self.nat_backend_port,
protocol=self.nat_protocol,
enable_floating_ip=False
)
]
if frontend_ip_config_id and self.natpool_protocol:
load_balancer_props['inbound_nat_pools'] = [
InboundNatPool(
name=self.inbound_nat_pool_name,
frontend_ip_configuration=Subnet(id=frontend_ip_config_id),
protocol=self.natpool_protocol,
frontend_port_range_start=self.natpool_frontend_port_start,
frontend_port_range_end=self.natpool_frontend_port_end,
backend_port=self.natpool_backend_port
)
]
self.results['changed'] = changed
self.results['state'] = load_balancer_to_dict(LoadBalancer(**load_balancer_props))
try:
self.network_client.load_balancers.create_or_update(
resource_group_name=self.resource_group,
load_balancer_name=self.name,
parameters=LoadBalancer(**load_balancer_props)
).wait()
except CloudError as err:
self.fail('Error creating load balancer {}'.format(err))
return self.results
def _start_container(self, resource_handler):
log.debug('Starting Azure ACI')
location = self.res['location'].lower()
self.resource_client.resource_groups.create_or_update(
self.res['resource_group'], {'location': self.res['location']})
container_group_name = unique_vmname(self.node_def)
network_type = self.res['network_type']
network_profile = None
if 'gpu_type' in self.res:
count = self.res['gpu_count'] if 'gpu_count' in self.res else 1
gpu = GpuResource(count=count, sku=self.res['gpu_type'])
container_resource_requests = ResourceRequests(
memory_in_gb=self.res['memory'],
cpu=self.res['cpu_cores'],
gpu=gpu)
else:
container_resource_requests = ResourceRequests(
memory_in_gb=self.res['memory'], cpu=self.res['cpu_cores'])
container_resource_requirements = ResourceRequirements(
requests=container_resource_requests)
ports = []
ipports = []
for porte in self.res.get('ports', []):
port = porte
protocol = 'TCP'
if isinstance(porte, str) and '/' in porte:
(port, protocol) = port.split('/')
port = int(port)
ports.append(ContainerPort(port=port, protocol=protocol))
ipports.append(Port(protocol=protocol, port=port))
environment = []
if network_type.lower() == 'public':
pubip_var = EnvironmentVariable(name='_OCCOPUS_ALLOCATED_FQDN',
value='%s.%s.azurecontainer.io' %
(container_group_name, location))
environment.append(pubip_var)
for env in self.env:
edata = env.split('=', 1)
if len(edata) != 2: continue
env_var = EnvironmentVariable(name=edata[0], value=edata[1])
environment.append(env_var)
container = Container(
name=container_group_name,
image=self.res['image'],
resources=container_resource_requirements,
ports=ports,
command=self.command if self.command is not None else None,
environment_variables=environment)
if network_type.lower() == 'public':
group_ip_address = IpAddress(ports=ipports,
dns_name_label=container_group_name,
type='Public')
self.vnet_name = None
elif network_type.lower() == 'private':
vnet_name = unique_vmname(self.node_def) + '-vnet' if self.res.get(
'vnet_name', None) == None else self.res['vnet_name']
self.vnet_name = vnet_name
subnet_name = unique_vmname(
self.node_def) + '-subnet' if self.res.get(
'subnet_name', None) == None else self.res['subnet_name']
network_profile_name = unique_vmname(self.node_def) + '-netprofile'
if self.res.get('vnet_name', None) == None:
log.debug('Creating vnet')
async_vnet_creation = self.network_client.virtual_networks.create_or_update(
self.res['resource_group'], vnet_name, {
'location': location,
'address_space': {
'address_prefixes': ['10.0.0.0/16']
}
})
async_vnet_creation.wait()
self.created_resources['virtual_network'] = vnet_name
log.debug('Created vnet')
if self.res.get('subnet_name', None) == None:
# Create Subnet
log.debug('Creating Subnet')
aci_delegation_service_name = "Microsoft.ContainerInstance/containerGroups"
aci_delegation = Delegation(
name=aci_delegation_service_name,
service_name=aci_delegation_service_name)
subnet = Subnet(name=subnet_name,
location=location,
address_prefix='10.0.0.0/24',
delegations=[aci_delegation])
subnet_info = self.network_client.subnets.create_or_update(
self.res['resource_group'], vnet_name, subnet_name,
subnet).result()
self.created_resources['subnet'] = subnet_name
log.debug('Creatied Subnet')
else:
subnet_info = self.network_client.subnets.get(
self.res['resource_group'], vnet_name, subnet_name)
default_network_profile_name = "aci-network-profile-{}-{}".format(
vnet_name, subnet_name)
network_profile_ops = self.network_client.network_profiles
network_profile = NetworkProfile(
name=default_network_profile_name,
location=location,
container_network_interface_configurations=[
ContainerNetworkInterfaceConfiguration(
name="eth0",
ip_configurations=[
IPConfigurationProfile(name="ipconfigprofile",
subnet=subnet_info)
])
])
network_profile = network_profile_ops.create_or_update(
self.res['resource_group'], network_profile_name,
network_profile).result()
group_ip_address = IpAddress(ports=ipports, type='Private')
else:
errormsg = '[{0}] Network type "{1}" is not supported. Please use either "Public" or "Private"'.format(
resource_handler.name, network_type)
log.debug(errormsg)
raise NodeCreationError(None, errormsg)
cg_network_profile = None
if network_profile:
cg_network_profile = ContainerGroupNetworkProfile(
id=network_profile.id)
self.created_resources['network_profile'] = network_profile_name
group = ContainerGroup(location=location,
containers=[container],
os_type=self.res['os_type'],
ip_address=group_ip_address,
network_profile=cg_network_profile)
# Create the container group
self.aci_client.container_groups.create_or_update(
self.res['resource_group'], container_group_name, group)
return container_group_name
def exec_module(self, **kwargs):
nsg = None
subnet = None
for key in self.module_arg_spec:
setattr(self, key, kwargs[key])
if self.state == 'present' and not CIDR_PATTERN.match(
self.address_prefix_cidr):
self.fail("Invalid address_prefix_cidr value {0}".format(
self.address_prefix_cidr))
if self.security_group_name:
nsg = self.get_security_group(self.security_group_name)
results = dict()
changed = False
try:
self.log('Fetching subnet {0}'.format(self.name))
subnet = self.network_client.subnets.get(self.resource_group,
self.virtual_network_name,
self.name)
self.check_provisioning_state(subnet, self.state)
results = subnet_to_dict(subnet)
if self.state == 'present':
if self.address_prefix_cidr:
if results['address_prefix'] != self.address_prefix_cidr:
self.log(
"CHANGED: subnet {0} address_prefix_cidr".format(
self.name))
changed = True
results['address_prefix'] = self.address_prefix_cidr
if self.security_group_name:
if results['network_security_group'].get('id') != nsg.id:
self.log("CHANGED: subnet {0} network security group".
format(self.name))
changed = True
results['network_security_group']['id'] = nsg.id
results['network_security_group']['name'] = nsg.name
elif self.state == 'absent':
changed = True
except CloudError:
# the subnet does not exist
if self.state == 'present':
changed = True
self.results['changed'] = changed
self.results['state'] = results
if not self.check_mode:
if self.state == 'present' and changed:
if not subnet:
# create new subnet
self.log('Creating subnet {0}'.format(self.name))
subnet = Subnet(address_prefix=self.address_prefix_cidr)
if nsg:
subnet.network_security_group = NetworkSecurityGroup(
id=nsg.id,
location=nsg.location,
resource_guid=nsg.resource_guid)
else:
# update subnet
self.log('Updating subnet {0}'.format(self.name))
subnet = Subnet(address_prefix=results['address_prefix'])
if results['network_security_group'].get('id'):
nsg = self.get_security_group(
results['network_security_group']['name'])
subnet.network_security_group = NetworkSecurityGroup(
id=nsg.id,
location=nsg.location,
resource_guid=nsg.resource_guid)
self.results['state'] = self.create_or_update_subnet(subnet)
elif self.state == 'absent':
# delete subnet
self.delete_subnet()
# the delete does not actually return anything. if no exception, then we'll assume
# it worked.
self.results['state']['status'] = 'Deleted'
return self.results
credentials, subscription_id = get_credentials()
network_client = NetworkManagementClient(credentials, subscription_id)
resource_client = ResourceManagementClient(credentials, subscription_id)
storage_client = StorageManagementClient(credentials, subscription_id)
resource_group_params = {'location':LOCATION}
resource_client.resource_groups.create_or_update(GROUP_NAME, resource_group_params)
vnet_params = { 'location': LOCATION, 'address_space' : { 'address_prefixes': [VNET_AP] } }
async_vnet_creation = network_client.virtual_networks.create_or_update(GROUP_NAME, VNET_NAME, vnet_params)
async_vnet_creation.wait()
ep = ServiceEndpointPropertiesFormat(service='Microsoft.Storage')
ep_list = [ep]
subnet = Subnet(address_prefix = SB_AP, service_endpoints = ep_list)
async_vnet_subnet_creation = network_client.subnets.create_or_update(GROUP_NAME, VNET_NAME, SB_NAME, subnet)
async_vnet_subnet_creation.wait()
if async_vnet_subnet_creation.status() == 'Succeeded':
sb_result = async_vnet_subnet_creation.result()
virtual_network_resource_id = sb_result.id
vr = VirtualNetworkRule(virtual_network_resource_id=virtual_network_resource_id)
vnets = [vr]
ns = NetworkRuleSet(bypass='******', virtual_network_rules=vnets, default_action='Deny')
storage_client = StorageManagementClient(credentials, subscription_id)
sku = Sku(name=SkuName.standard_lrs)
st1 = StorageAccountCreateParameters(sku=sku, kind=Kind.storage, location=LOCATION, network_rule_set=ns)
storage_async_operation = storage_client.storage_accounts.create(GROUP_NAME, STORAGE_ACCOUNT_NAME, st1, location=LOCATION)
#stlist = storage_client.storage_accounts.list()
print("Done")
def exec_module(self, **kwargs):
for key in self.module_arg_spec.keys() + ['tags']:
setattr(self, key, kwargs[key])
results = dict()
changed = False
nic = None
subnet = None
nsg = None
pip = None
resource_group = self.get_resource_group(self.resource_group)
if not self.location:
# Set default location
self.location = resource_group.location
if not NAME_PATTERN.match(self.name):
self.fail(
"Parameter error: name must begin with a letter or number, end with a letter or number "
"and contain at least one number.")
if self.state == 'present':
if self.virtual_network_name and not self.subnet_name:
self.fail(
"Parameter error: a subnet is required when passing a virtual_network_name."
)
if self.subnet_name and not self.virtual_network_name:
self.fail(
"Parameter error: virtual_network_name is required when passing a subnet value."
)
if self.virtual_network_name and self.subnet_name:
subnet = self.get_subnet(self.virtual_network_name,
self.subnet_name)
if self.public_ip_address_name:
pip = self.get_public_ip_address(self.public_ip_address_name)
if self.security_group_name:
nsg = self.get_security_group(self.security_group_name)
try:
self.log('Fetching network interface {0}'.format(self.name))
nic = self.network_client.network_interfaces.get(
self.resource_group, self.name)
self.log('Network interface {0} exists'.format(self.name))
self.check_provisioning_state(nic, self.state)
results = nic_to_dict(nic)
self.log(results, pretty_print=True)
if self.state == 'present':
update_tags, results['tags'] = self.update_tags(
results['tags'])
if update_tags:
changed = True
if self.private_ip_address:
if results['ip_configuration'][
'private_ip_address'] != self.private_ip_address:
self.log(
"CHANGED: network interface {0} private ip".format(
self.name))
changed = True
results['ip_configuration'][
'private_ip_address'] = self.private_ip_address
if self.public_ip_address_name:
if results['ip_configuration']['public_ip_address'].get(
'id') != pip.id:
self.log(
"CHANGED: network interface {0} public ip".format(
self.name))
changed = True
results['ip_configuration']['public_ip_address'][
'id'] = pip.id
results['ip_configuration']['public_ip_address'][
'name'] = pip.name
if self.security_group_name:
if results['network_security_group'].get('id') != nsg.id:
self.log(
"CHANGED: network interface {0} network security group"
.format(self.name))
changed = True
results['network_security_group']['id'] = nsg.id
results['network_security_group']['name'] = nsg.name
if self.private_ip_allocation_method:
if results['ip_configuration'][
'private_ip_allocation_method'] != self.private_ip_allocation_method:
self.log(
"CHANGED: network interface {0} private ip allocation"
.format(self.name))
changed = True
results['ip_configuration'][
'private_ip_allocation_method'] = self.private_ip_allocation_method
if self.private_ip_allocation_method == 'Dynamic':
results['ip_configuration'][
'private_ip_address'] = None
if self.subnet_name:
if results['ip_configuration']['subnet'].get(
'id') != subnet.id:
changed = True
self.log(
"CHANGED: network interface {0} subnet".format(
self.name))
results['ip_configuration']['subnet']['id'] = subnet.id
results['ip_configuration']['subnet'][
'name'] = subnet.name
results['ip_configuration']['subnet'][
'virtual_network_name'] = self.virtual_network_name
elif self.state == 'absent':
self.log(
"CHANGED: network interface {0} exists but requested state is 'absent'"
.format(self.name))
changed = True
except CloudError:
self.log('Network interface {0} does not exist'.format(self.name))
if self.state == 'present':
self.log(
"CHANGED: network interface {0} does not exist but requested state is "
"'present'".format(self.name))
changed = True
self.results['changed'] = changed
self.results['state'] = results
if self.check_mode:
return self.results
if changed:
if self.state == 'present':
if not nic:
# create network interface
self.log("Creating network interface {0}.".format(
self.name))
# check required parameters
if not self.subnet_name:
self.fail(
"parameter error: subnet_name required when creating a network interface."
)
if not self.virtual_network_name:
self.fail(
"parameter error: virtual_network_name required when creating a network interface."
)
if not self.security_group_name:
# create default security group
nsg = self.create_default_securitygroup(
self.resource_group, self.location, self.name,
self.os_type, self.open_ports)
if not pip and self.public_ip:
# create a default public_ip
pip = self.create_default_pip(
self.resource_group, self.location, self.name,
self.public_ip_allocation_method)
nic = NetworkInterface(
location=self.location,
name=self.name,
tags=self.tags,
ip_configurations=[
NetworkInterfaceIPConfiguration(
name='default',
private_ip_allocation_method=self.
private_ip_allocation_method,
)
])
nic.ip_configurations[0].subnet = Subnet(id=subnet.id)
nic.network_security_group = NetworkSecurityGroup(
id=nsg.id,
name=nsg.name,
location=nsg.location,
resource_guid=nsg.resource_guid)
if self.private_ip_address:
nic.ip_configurations[
0].private_ip_address = self.private_ip_address
if pip:
nic.ip_configurations[
0].public_ip_address = PublicIPAddress(
id=pip.id,
name=pip.name,
location=pip.location,
resource_guid=pip.resource_guid)
else:
self.log("Updating network interface {0}.".format(
self.name))
nic = NetworkInterface(
location=results['location'],
name=results['name'],
tags=results['tags'],
ip_configurations=[
NetworkInterfaceIPConfiguration(
name=results['ip_configuration']['name'],
private_ip_allocation_method=results[
'ip_configuration']
['private_ip_allocation_method'],
)
],
)
subnet = self.get_subnet(
results['ip_configuration']['subnet']
['virtual_network_name'],
results['ip_configuration']['subnet']['name'])
nic.ip_configurations[0].subnet = Subnet(id=subnet.id)
if results['ip_configuration'].get('private_ip_address'):
nic.ip_configurations[0].private_ip_address = results[
'ip_configuration']['private_ip_address']
if results['ip_configuration']['public_ip_address'].get(
'id'):
pip = \
self.get_public_ip_address(results['ip_configuration']['public_ip_address']['name'])
nic.ip_configurations[
0].public_ip_address = PublicIPAddress(
id=pip.id,
name=pip.name,
location=pip.location,
resource_guid=pip.resource_guid)
if results['network_security_group'].get('id'):
nsg = self.get_security_group(
results['network_security_group']['name'])
nic.network_security_group = NetworkSecurityGroup(
id=nsg.id,
name=nsg.name,
location=nsg.location,
resource_guid=nsg.resource_guid)
# See what actually gets sent to the API
request = self.serialize_obj(nic, 'NetworkInterface')
self.log(request, pretty_print=True)
self.results['state'] = self.create_or_update_nic(nic)
elif self.state == 'absent':
self.log('Deleting network interface {0}'.format(self.name))
self.delete_nic()
return self.results
