wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add enable_ip_forwarding option to azure_rm_networkinterface; Fixes #43276 (#43335)

Browse source 
* Merge again trickily similar Accelerated networking and IP forwarding

* Add type to enable_ip_forwarding documentation

* Fix merge error

* auth to auto

* azure_rm_networkinterface: remove auth_source from tests

* azure_rm_networkinterface: remove spurious auth_source from test

* azure_rm_networkinterface: Revert formatting on test

* azure_rm_networkinterface: Correct indentation
This commit is contained in:
Jasper Aorangi 2018-08-11 09:14:48 +12:00 committed by Matt Davis
parent 5981a7489b
commit 42257706b6
2 changed files with 92 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
lib/ansible/modules/cloud/azure/azure_rm_networkinterface.py
View file

@ -185,6 +185,14 @@ options:
- When a default security group is created for a Linux host a rule will be added allowing inbound TCP - When a default security group is created for a Linux host a rule will be added allowing inbound TCP
connections to the default SSH port 22, and for a Windows host rules will be added allowing inbound connections to the default SSH port 22, and for a Windows host rules will be added allowing inbound
access to RDP ports 3389 and 5986. Override the default ports by providing a list of open ports. access to RDP ports 3389 and 5986. Override the default ports by providing a list of open ports.
enable_ip_forwarding:
description:
- Whether to enable IP forwarding
aliases:
- ip_forwarding
type: bool
default: False
version_added: 2.7
extends_documentation_fragment: extends_documentation_fragment:
- azure - azure
- azure_tags - azure_tags
@ -271,6 +279,18 @@ EXAMPLES = '''
subnet_name: subnet001 subnet_name: subnet001
enable_accelerated_networking: True enable_accelerated_networking: True
- name: Create a network interface with IP forwarding
azure_rm_networkinterface:
name: nic001
resource_group: Testing
virtual_network: vnet001
subnet_name: subnet001
ip_forwarding: True
ip_configurations:
- name: ipconfig1
public_ip_address_name: publicip001
primary: True
- name: Delete network interface - name: Delete network interface
azure_rm_networkinterface: azure_rm_networkinterface:
resource_group: Testing resource_group: Testing
@ -415,6 +435,7 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
ip_configurations=dict(type='list', default=None, elements='dict', options=ip_configuration_spec), ip_configurations=dict(type='list', default=None, elements='dict', options=ip_configuration_spec),
os_type=dict(type='str', choices=['Windows', 'Linux'], default='Linux'), os_type=dict(type='str', choices=['Windows', 'Linux'], default='Linux'),
open_ports=dict(type='list'), open_ports=dict(type='list'),
enable_ip_forwarding=dict(type='bool', aliases=['ip_forwarding'], default=False),
) )
required_if = [ required_if = [
@ -438,6 +459,7 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
self.tags = None self.tags = None
self.os_type = None self.os_type = None
self.open_ports = None self.open_ports = None
self.enable_ip_forwarding = None
self.ip_configurations = None self.ip_configurations = None
self.results = dict( self.results = dict(
@ -512,6 +534,12 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
results.get('enable_accelerated_networking'))) results.get('enable_accelerated_networking')))
changed = True changed = True
if self.enable_ip_forwarding != bool(results.get('enable_ip_forwarding')):
self.log("CHANGED: IP forwarding set to {0} (previously {1})".format(
self.enable_ip_forwarding,
results.get('enable_ip_forwarding')))
changed = True
if not changed: if not changed:
nsg = self.get_security_group(self.security_group['resource_group'], self.security_group['name']) nsg = self.get_security_group(self.security_group['resource_group'], self.security_group['name'])
if nsg and results.get('network_security_group') and results['network_security_group'].get('id') != nsg.id: if nsg and results.get('network_security_group') and results['network_security_group'].get('id') != nsg.id:
@ -591,6 +619,7 @@ class AzureRMNetworkInterface(AzureRMModuleBase):
tags=self.tags, tags=self.tags,
ip_configurations=nic_ip_configurations, ip_configurations=nic_ip_configurations,
enable_accelerated_networking=self.enable_accelerated_networking, enable_accelerated_networking=self.enable_accelerated_networking,
enable_ip_forwarding=self.enable_ip_forwarding,
network_security_group=nsg network_security_group=nsg
) )
self.results['state'] = self.create_or_update_nic(nic) self.results['state'] = self.create_or_update_nic(nic)

67
test/integration/targets/azure_rm_networkinterface/tasks/main.yml
View file

@ -143,7 +143,7 @@
primary: True primary: True
public_ip_allocation_method: Static public_ip_allocation_method: Static
- name: ipconfig1 - name: ipconfig1
public_ip_name: testnic003 public_ip_name: "tn{{ rpfx }}3"
register: output register: output
check_mode: yes check_mode: yes
@ -168,7 +168,7 @@
primary: True primary: True
public_ip_allocation_method: Static public_ip_allocation_method: Static
- name: ipconfig1 - name: ipconfig1
public_ip_name: testnic003 public_ip_name: "tn{{ rpfx }}3"
load_balancer_backend_address_pools: load_balancer_backend_address_pools:
- "{{ lb.state.backend_address_pools[0].id }}" - "{{ lb.state.backend_address_pools[0].id }}"
- name: backendaddrpool1 - name: backendaddrpool1
@ -197,7 +197,7 @@
primary: True primary: True
public_ip_allocation_method: Static public_ip_allocation_method: Static
- name: ipconfig1 - name: ipconfig1
public_ip_name: testnic003 public_ip_name: "tn{{ rpfx }}3"
load_balancer_backend_address_pools: load_balancer_backend_address_pools:
- "{{ lb.state.backend_address_pools[0].id }}" - "{{ lb.state.backend_address_pools[0].id }}"
- name: backendaddrpool1 - name: backendaddrpool1
@ -219,7 +219,7 @@
subnet: "tn{{ rpfx }}" subnet: "tn{{ rpfx }}"
ip_configurations: ip_configurations:
- name: ipconfig1 - name: ipconfig1
public_ip_name: testnic003 public_ip_name: "tn{{ rpfx }}3"
load_balancer_backend_address_pools: load_balancer_backend_address_pools:
- "{{ lb.state.backend_address_pools[0].id }}" - "{{ lb.state.backend_address_pools[0].id }}"
- name: backendaddrpool1 - name: backendaddrpool1
@ -292,12 +292,71 @@
- assert: - assert:
that: that:
- not output.state.enable_accelerated_networking - not output.state.enable_accelerated_networking
- output.changed
- name: Delete AN NIC - name: Delete AN NIC
azure_rm_networkinterface: azure_rm_networkinterface:
resource_group: "{{ resource_group }}" resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}an" name: "tn{{ rpfx }}an"
state: absent state: absent
register: output
- assert:
that:
- output.changed
- name: NIC with IP forwarding networking enabled
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}ipf"
virtual_network: "{{ vn.state.id }}"
subnet: "tn{{ rpfx }}"
enable_ip_forwarding: True
register: output
- assert:
that:
- output.state.enable_ip_forwarding
- output.changed
- name: NIC with IP forwarding enabled (check idempotent)
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}ipf"
virtual_network: "{{ vn.state.id }}"
subnet: "tn{{ rpfx }}"
enable_ip_forwarding: True
register: output
- assert:
that:
- output.state.enable_ip_forwarding
- not output.changed
- name: Disable (previously enabled) IP forwarding
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}ipf"
virtual_network: "{{ vn.state.id }}"
subnet: "tn{{ rpfx }}"
enable_ip_forwarding: False
register: output
- assert:
that:
- not output.state.enable_ip_forwarding
- output.changed
- name: Delete IP forwarding NIC
azure_rm_networkinterface:
resource_group: "{{ resource_group }}"
name: "tn{{ rpfx }}ipf"
state: absent
register: output
- assert:
that:
- output.changed
- name: Delete the NIC (check mode) - name: Delete the NIC (check mode)
azure_rm_networkinterface: azure_rm_networkinterface: