Issue Report

I have an Ansible playbook to maintain my Ansible server. Amongst other things, this checks out the latest from https://github.com/oracle/oci-ansible-modules

This creates a problem with my local settings in inventory-script/oci_inventory.ini so it would be better to only have a template of this file in Git so that I do not get local conflicts on update:

[opc@elhansible1-ocitest0 oci-ansible-modules]$ git pull
remote: Enumerating objects: 97, done.
remote: Counting objects: 100% (97/97), done.
remote: Compressing objects: 100% (10/10), done.
remote: Total 97 (delta 86), reused 95 (delta 85), pack-reused 0
Unpacking objects: 100% (97/97), done.
From https://github.com/oracle/oci-ansible-modules
   8737ba2..489a072  master     -> origin/master
 * [new branch]      oci-v1.7.0 -> origin/oci-v1.7.0
 * [new tag]         v1.7.0     -> v1.7.0
Updating 8737ba2..489a072
error: Your local changes to the following files would be overwritten by merge:
        inventory-script/oci_inventory.ini
Please, commit your changes or stash them before you can merge.
Aborting

Issue Report

Describe the issue

If you issue the same oci_security_list command twice it fails on the second attempt if you do not specify values for both ingress_security_rules and egress_security_rules.

So you cannot create an empty security list, like you can with route tables.

Reproducible with example from documentation with the below changes:

• change the min and max values to int instead of strings which they should be
• remove the defined tag as does not exist in my env
• comment out the egress or ingress rule block

    - name: Create a security list with rules
      oci_security_list:
        name: 'ansible_sec_list'
        compartment_id: 'ocid.compartment..xxxxxEXAMPLExxxxx'
        vcn_id: 'ocid1.vcn..xxxxxEXAMPLExxxxx'
        state: 'present'
        freeform_tags:
            region: 'east'
        ingress_security_rules:
          - source: '0.0.0.0/0'
            is_stateless: False
            protocol: '6'
            tcp_options:
                destination_port_range:
                    min: 22
                    max: 22
          - source: 'oci-iad-objectstorage'
            source_type: 'SERVICE_CIDR_BLOCK'
            is_stateless: False
            protocol: '6'
          - source: '0.0.0.0/0'
            is_stateless: False
            protocol: '1'
            icmp_options:
                code: 4
                type: 3
    #    egress_security_rules:
    #        - destination: '0.0.0.0/0'
    #          protocol: 'all'

On the first run security list is created successfully. On the second run it fails.

Same issues if you leave the egress line in there but remove the definitions

Expected behavior

Should be able to create a SL with no rules (which you can) however should report OK on the second run.

Environment

• OS version: NA

• Ansible version:

  ansible 2.8.0.dev0
  config file = /home/admin/Projects/cloud-provisioning/oci_ansible/ansible.cfg
  configured module search path = ['/home/admin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.6 (default, Aug 31 2018, 01:10:26) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

• OCI Python SDK version:

  2.2.1

• OCI Ansible Modules version:

  1.6.0

Ansible playbook to reproduce the issue

see disc

Through oci_instance I can specify "boot_volume_size_in_gbs"
But for instance pool there is no such parameter in instance pool configuration.

I believe this module doesn't update user's group, and I have not tested update of other user's properties. Here is playbook that creates two users:

-name : Users playbook for creating and other modification
connection: local
hosts: localhost
tasks:
-name: Create User with ui password and group memberships (LV tenancy)
oci_user:
name: "{{item.name}}"
description: "{{item.description}}"
user_groups: "{{item.groups}}"
create_or_reset_ui_password: True
state: 'present'
loop:
-{ name: zarko1, groups: "SysAdmins.grp", description: 'local account' }
-{ name: zarko2, groups: 'labops.admins.grp', description: 'local account' }

The success result is:

changed: [localhost] => (item={u'name': u'zarko1', u'groups': u'SysAdmins.grp', u'description': u'local account'})
changed: [localhost] => (item={u'name': u'zarko2', u'groups': u'labops.admins.grp', u'description': u'local account'})

Then I swap groups between two users, like this:

-{ name: zarko1, groups: "labops.admins.grp", description: 'local account' }
-{ name: zarko2, groups: 'SysAdmins.grp', description: 'local account' }

... and run playbook again. Result reads that change is not made.

ok: [localhost] => (item={u'name': u'zarko1', u'groups': u'SysAdmins.grp', u'description': u'local account'})
ok: [localhost] => (item={u'name': u'zarko2', u'groups': u'labops.admins.grp', u'description': u'local account'})

Issue Report

• Currently we can only specify location of ansible-oci.cache and cache_max_age.
• As we query large inventories (especially via tags) it might be useful to store results separately to scale the process.
• Distinct Redis keys can store different results and also have different TTL expirations.
• Another nice thing about pushing this data into Redis is that it can be exposed via simple API call from something like Flask app.

I understand that this is not a trivial change. Ideally there would be come kind of dynamic inventory caching system which would use JSON files, Redis or other data storage systems.

Environment

• Ansible version: 2.7.2

• OCI Python SDK version: 2.1.1

• OCI Ansible Modules version: 1.3.0

oci python sdi version 2.2+

python version is 2.7.5

150.136.209.167> (0, '', 'OpenSSH_7.9p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 48: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 150.136.209.167 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 54569\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
fatal: [150.136.209.167]: FAILED! => {
    "changed": false, 
    "module_stderr": "OpenSSH_7.9p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 48: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 150.136.209.167 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 54569\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to 150.136.209.167 closed.\r\n", 
    "module_stdout": "Traceback (most recent call last):\r\n  File \"/home/ubuntu/.ansible/tmp/ansible-tmp-1564092515.5-177060094090815/AnsiballZ_oci_object.py\", line 114, in <module>\r\n    _ansiballz_main()\r\n  File \"/home/ubuntu/.ansible/tmp/ansible-tmp-1564092515.5-177060094090815/AnsiballZ_oci_object.py\", line 106, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/home/ubuntu/.ansible/tmp/ansible-tmp-1564092515.5-177060094090815/AnsiballZ_oci_object.py\", line 49, in invoke_module\r\n    imp.load_module('__main__', mod, module, MOD_DESC)\r\n  File \"/tmp/ansible_oci_object_payload_WRvONt/__main__.py\", line 491, in <module>\r\n  File \"/tmp/ansible_oci_object_payload_WRvONt/__main__.py\", line 448, in main\r\n  File \"/tmp/ansible_oci_object_payload_WRvONt/ansible_oci_object_payload.zip/ansible/module_utils/oracle/oci_utils.py\", line 264, in create_service_client\r\n  File \"/tmp/ansible_oci_object_payload_WRvONt/ansible_oci_object_payload.zip/ansible/module_utils/oracle/oci_utils.py\", line 193, in get_oci_config\r\nNameError: global name 'ConfigFileNotFound' is not defined\r\n", 
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", 
    "rc": 1
}

Issue Report

After creating instance-pool I'm getting strange behaviour when trying to create new VM via oci_instance. Somehow instead new VM creation it will get VM from pool list. Some partial match happens ?

TASK [Launch an instance test-demo-001 in KIHQ:US-ASHBURN-AD-1] ************************************************************************
ok: [localhost] => {
  "added_instances": [
    {
      "agent_config": {
        "is_monitoring_disabled": false
      },
      "availability_domain": "KIHQ:US-ASHBURN-AD-1",
      "compartment_id": "ocid1.compartment.oc1.xxxxxxx,
      "defined_tags": {},
      "display_name": "inst-instance-pool-20190815-1111",
      "extended_metadata": {
        "compute_management": {
          "instance_configuration": {
            "state": "SUCCEEDED"
          }
        }
      },

Expected behavior

No impact of pool config to oci_instance call should occur.

Environment

OL7

• Ansible version:

2.7.10

• OCI Python SDK version:

2.2.15

• OCI Ansible Modules version:

1.9.0

Ansible playbook to reproduce the issue

      oci_instance:
        availability_domain: "{{ oci_ad }}-{{ ADSET }}"
        region: "{{ oci_region }}"
        compartment_id: '{{ oci_compartment_id }}'
        name: '{{ instance_fqdn }}'
        force_create: no
        key_by: freeform_tags
        source_details:
          source_type: image
          image_id: '{{ oci_image_ocid }}'
        shape: '{{ oci_shape }}'
        vnic:
            subnet_id: '{{ oci_subnet_ocid }}'
        metadata:
            ssh_authorized_keys: "{{ lookup('file', my_test_key ) }}"
        freeform_tags:
          test_fqdn: "{{ freetag_project }}-{{ freetag_role }}-{{ freetag_stage }}-{{ freetag_datacenter }}-{{ NMSET }}.test.com"
          test_short: "{{ freetag_project }}-{{ freetag_role }}-{{ freetag_stage }}-{{ freetag_datacenter }}-{{ NMSET }}"
          test_project_role_stage: '{{ freetag_project }}-{{ freetag_role }}-{{ freetag_stage }}'
          test_shape: '{{ oci_shape }}'
          test_owner: '{{ VM_OWNER }}'
        preserve_boot_volume: no
      register: result

Issue Report

When following the getting started guide/screencast, I installed the OCI Python SDK (2.1.3), then the OCI Ansible module, and then tried to create and run a playbook. This was all within a virtualenv environment with python 2.7.

Expected behavior

I expected to be able to run the playbook without a problem, but it ended up failing with:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ImportError: No module named idna
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File "/Users/pritpate/.ansible/tmp/ansible-tmp-1555613734.89-48392921355029/AnsiballZ_oci_ad_facts.py", line 113, in \n _ansiballz_main()\n File "/Users/pritpate/.ansible/tmp/ansible-tmp-1555613734.89-48392921355029/AnsiballZ_oci_ad_facts.py", line

This is fixed by "pip install idna", but a new user shouldn't have to do this. The Python SDK fixed this issue in 2.1.5 - oracle/oci-python-sdk#101. The Ansible docs and screencast (and depdendency) should be upgraded to use at least 2.1.5 to prevent new users from hitting this issue.

Environment

• OS version: Mac Sierra, 10.12.6

• Ansible version:

(ansible) pritpate-mac:playbooks pritpate$ ansible --version
ansible 2.7.10
config file = None
configured module search path = [u'/Users/pritpate/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /Users/pritpate/Documents/envs/ansible/lib/python2.7/site-packages/ansible
executable location = /Users/pritpate/Documents/envs/ansible/bin/ansible
python version = 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)]

• OCI Python SDK version:

(ansible) pritpate-mac:playbooks pritpate$ python -c "import oci;print(oci.version)"
2.1.3

• OCI Ansible Modules version:

(ansible) pritpate-mac:playbooks pritpate$ python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.version)"
1.7.0

Ansible playbook to reproduce the issue

insert a sample playbook to reproduce the issue here(if relevant to the issue)

Hi ,
I am currently not able to query the Oracle Images and get the app catalog listings and app catalog subscriptions in OCI ansible modules. Siva said it will be available soon. So waiting for that.
Regards,
Shomik Basu

Question (not issue)

Is it possible to use this modules with the database instances (11.2, 12.1) as well as cdb/pdb for database user administration or this needs to be used only with Oracle Cloud Infrastructure? Was it tested?

I'm looking at this as a second option...
https://github.com/oravirt/ansible-oracle

Thanks.
-N.

Issue Report

Describe the issue

The OCI ansible modules do not respect LOG_PATH as described in the docs.

Expected behavior

When LOG_PATH is set, we expect the log file to be written to the file. Instead it gets written to the standard location /tmp/oci_ansible_module.log.

Environment

• OS version: Red Hat Enterprise Linux Server release 7.4 (Maipo)

• Ansible version:

    ansible 2.7.9
  config file = None
  configured module search path = ['/home/plakdawa/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/peo-oci-toolkit/miniconda3-4.5.12/envs/py3foroci/lib/python3.6/site-packages/ansible
  executable location = /opt/peo-oci-toolkit/miniconda3-4.5.12/envs/py3foroci/bin/ansible
  python version = 3.6.8 |Anaconda, Inc.| (default, Dec 30 2018, 01:22:34) [GCC 7.3.0]

• OCI Python SDK version:

  2.1.4

• OCI Ansible Modules version:

  1.6.0

Ansible playbook to reproduce the issue

   $ ls -l /tmp/*oci_ansible*
ls: cannot access /tmp/*oci_ansible*: No such file or directory

$ export LOG_PATH="/tmp/plakdawa_oci_ansible_module.log"

$ ansible-playbook get-availability-domains.yml
 [WARNING]: Unable to parse /etc/ansible/hosts as an inventory source

 [WARNING]: No inventory was parsed, only implicit localhost is available

 [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'


PLAY [Get availability domains] ***********************************************************************************************************************************************************************************

TASK [Get details of all the availability domains in your tenancy (default configured region)] ********************************************************************************************************************
ok: [localhost]

TASK [debug] ******************************************************************************************************************************************************************************************************
ok: [localhost] => {
    "msg": "availability-domains = {'availability_domains': [{'name': 'LDKe:PHX-AD-1', 'id': 'ocid1.availabilitydomain.oc1..aaaaaaaaupx7ga46w4xbb3fnkoh7rtyumacyb3ek6bw7bt3qff3mgt3mbrlq', 'compartment_id': 'ocid1.tenancy.oc1..aaaaaaaavbuj6cjizbiv4zjm763rbrtd3dfhpjqhmwk4zn7w5lgz7z7cmnka'}, {'name': 'LDKe:PHX-AD-2', 'id': 'ocid1.availabilitydomain.oc1..aaaaaaaac7uydq54rcymamzauv5pd23qk2g2vqlrfu5jd3y6i6qxpvvzkf7a', 'compartment_id': 'ocid1.tenancy.oc1..aaaaaaaavbuj6cjizbiv4zjm763rbrtd3dfhpjqhmwk4zn7w5lgz7z7cmnka'}, {'name': 'LDKe:PHX-AD-3', 'id': 'ocid1.availabilitydomain.oc1..aaaaaaaakemzo4ywaynz573sk4jpvwuqi7vmcuxajxfv4jjj2pthez3j2hbq', 'compartment_id': 'ocid1.tenancy.oc1..aaaaaaaavbuj6cjizbiv4zjm763rbrtd3dfhpjqhmwk4zn7w5lgz7z7cmnka'}], 'failed': False, 'changed': False}"
}

PLAY RECAP ********************************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=0    unreachable=0    failed=0   


$ ls -l /tmp/*oci_ansible*
-rw-rw-r-- 1 plakdawa plakdawa 126 Apr 18 13:32 /tmp/oci_ansible_module.log

The command "ansible-playbook -vvv <some-file.yml>" finish with the error:

The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible_VKF3k9/ansible_module_oci_image_facts.py", line 129, in
from ansible.module_utils.oracle import oci_utils
File "/tmp/ansible_VKF3k9/ansible_modlib.zip/ansible/module_utils/oracle/oci_utils.py", line 14, in
ImportError: No module named oci

fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/tmp/ansible_VKF3k9/ansible_module_oci_image_facts.py", line 129, in \n from ansible.module_utils.oracle import oci_utils\n File "/tmp/ansible_VKF3k9/ansible_modlib.zip/ansible/module_utils/oracle/oci_utils.py", line 14, in \nImportError: No module named oci\n",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 1
}

It's expected to complete with no errors.

[1] oci and oci-ansible-modules are installed in its own virtual environment, named "oci"

(oci) [zdudic@ca-ansible oci] pip show oci
Name: oci
Version: 2.1.1
Summary: Oracle Cloud Infrastructure Python SDK
Home-page: https://oracle-cloud-infrastructure-python-sdk.readthedocs.io/en/latest/index.html
Author: Oracle
Author-email: [email protected]
License: Universal Permissive License 1.0 or Apache License 2.0
Location: /python-virtualenv/oci/lib/python2.7/site-packages
Requires: cryptography, pyOpenSSL, configparser, pytz, python-dateutil, certifi
Required-by: oci-cli

[2] ansible version is :

(oci) [zdudic@ca-ansible oci] ansible --version
ansible 2.6.5
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/zdudic/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /python-virtualenv/oci/lib/python2.7/site-packages/ansible
executable location = /python-virtualenv/oci/bin/ansible
python version = 2.7.5 (default, Jul 3 2018, 06:28:28) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

[3] "ansible python module location" from [2] should be okay, since modules are present in directory /python-virtualenv/oci/lib/python2.7/site-packages/ansible/modules/cloud/oracle

[4] OS is Oracle Linux Server release 7.5

[5] OCI Python SDK version:

(oci) [zdudic@ca-ansible oci] python -c "import oci;print(oci.__version__)"
       2.1.1

[6] OCI Ansible Modules version:

(oci) [zdudic@ca-ansible oci] python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.version)"
1.3.0

[7] Ansible playbook to reproduce the issue, here is simple playbook to list a tenancy.

• name : Tenancy playbook
  connection: local
  hosts: localhost
  tasks:
  • name: List details about LV tenancy
    oci_tenancy_facts:
    id: "ocid1.tenancy.oc1..aaaa...dygfq"
    register: result
  • name: Dump result
    debug:
    msg: '{{result}}'

Issue Report

When trying to install the module I'm getting the following:

bash-4.2# pwd
/opt/oci-ansible-modules

bash-4.2# ./install.py
Documentation fragments directory /usr/lib/python2.7/site-packages/ansible/utils/module_docs_fragments does not exist

Able to continue by creating the directory

bash-4.2# mkdir /usr/lib/python2.7/site-packages/ansible/utils/module_docs_fragments

Expected behavior

bash-4.2# ./install.py
Copying documentation fragments from /opt/oci-ansible-modules/module_docs_fragments to /usr/lib/python2.7/site-packages/ansible/utils/module_docs_fragments
Copying oracle utility files from /opt/oci-ansible-modules/module_utils/oracle to /usr/lib/python2.7/site-packages/ansible/module_utils/oracle
Overwriting /usr/lib/python2.7/site-packages/ansible/module_utils/oracle/oci_utils.py
Overwriting /usr/lib/python2.7/site-packages/ansible/module_utils/oracle/__init__.py
Copying OCI Ansible modules from /opt/oci-ansible-modules/library to /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle
Overwriting /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle/oci_vcn.py
Overwriting /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle/__init__.py
OCI Ansible modules installed successfully.

Environment

Docker container image: oraclelinux:7-slim

• OS version:

bash-4.2# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.6 (Maipo)

bash-4.2# cat /etc/oracle-release
Oracle Linux Server release 7.6

• Ansible version:

bash-4.2# ansible --version
ansible 2.8.0
  config file = None
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr  9 2019, 16:02:27) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36.0.1)]

• OCI Python SDK version:

bash-4.2# python -c "import oci;print(oci.__version__)"
2.1.7

• OCI Ansible Modules version:

bash-4.2# python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.__version__)"
1.6.0-dev

Ansible playbook to reproduce the issue

N/A - this is installation

Issue Report

Describe the issue

Currently this module only allows for creating/updating/importing a custom image. It would be very helpful to be able to export a custom image to object storage .

Expected behavior

Be able to specify a custom image ID, bucket and object name and trigger the export of the custom image

Environment

• OS version: Ubuntu 18.04 LTS

• Ansible version:

ansible 2.5.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/sdstewar/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15+ (default, Nov 27 2018, 23:36:35) [GCC 7.3.0]

• OCI Python SDK version: 2.2.19
• OCI Ansible Modules version: 1.10.0

Ansible playbook to reproduce the issue

N/A

Issue Report

running simple oci_instance terminate and it keeps erroring

Describe the issue
running simple oci_instance terminate and it keeps erroring with below :

TASK [Terminate/delete an instance] ***********************************************************************************************
task path: /part1/work/cloud/ansible/ebs/ansible_cloudvm_layout/test_del_4.yml:13
Saturday 16 February 2019 22:46:15 -0800 (0:00:00.070) 0:00:00.070 *****
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: sanswamy
<127.0.0.1> EXEC /bin/sh -c 'echo ~sanswamy && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823" && echo ansible-tmp-1550385975.94-217515337741823="echo /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823" ) && sleep 0'
Using module file /usr/lib/python2.7/site-packages/ansible/modules/cloud/oracle/oci_instance.py
<127.0.0.1> PUT /home/sanswamy/.ansible/tmp/ansible-local-9350OltLNM/tmplDnBj9 TO /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/ /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python2 /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 113, in
_ansiballz_main()
File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 48, in invoke_module
imp.load_module('main', mod, module, MOD_DESC)
File "/tmp/ansible_oci_instance_payload_ycCtKj/main.py", line 2026, in
File "/tmp/ansible_oci_instance_payload_ycCtKj/main.py", line 1966, in main
TypeError: 'unicode' object is not callable

fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 113, in \n _ansiballz_main()\n File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 105, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/home/sanswamy/.ansible/tmp/ansible-tmp-1550385975.94-217515337741823/AnsiballZ_oci_instance.py", line 48, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File "/tmp/ansible_oci_instance_payload_ycCtKj/main.py", line 2026, in \n File "/tmp/ansible_oci_instance_payload_ycCtKj/main.py", line 1966, in main\nTypeError: 'unicode' object is not callable\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
to retry, use: --limit @/part1/work/cloud/ansible/ebs/ansible_cloudvm_layout/test_del_4.retry

PLAY RECAP ************************************************************************************************************************
localhost : ok=0 changed=0 unreachable=0

A clear and concise description of what the issue is.

Expected behavior

A clear and concise description of what you expected to happen.

Environment

• OS version:
  OL7

• Ansible version:
  2.7
  insert output of ansible --version here
  ansible 2.7.0
  config file = /part1/work/cloud/ansible/ebs/ansible_cloudvm_layout/ansible.cfg
  configured module search path = [u'/home/sanswamy/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Jul 3 2018, 06:28:28) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

• OCI Python SDK version:

  insert output of python -c "import oci;print(oci.__version__)" here
  2.0.6

• OCI Ansible Modules version:

  insert output of python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.__version__)" here
  1.2.0

Ansible playbook to reproduce the issue

insert a sample playbook to reproduce the issue here(if relevant to the issue)

tasks:

• name: Terminate/delete an instance
  oci_instance:
  id: ocid1.instance.oc1.phx.abyhqljrsoqeisk4gsnqrjmskhzxs7hef3wz7smtuc5obmstndyixzbuawga
  state: "absent"
  register: result
• debug:
  msg: "{{result}}"

A clear and concise description of what the issue is.
This is enhancement request for the NAT gateway. The OCI NAT gateway was released in last month, please add the NAT gateway support in the ansible.

Ansible version:

ansible 2.6.4

OCI Python SDK version:

2.0.3

OCI Ansible Modules version:
1.1.0

Enhancement Report

Describe the issue
I can't specify boot disk size for an image in "source_details" parameter

Issue Report

It would be nice to use dynamic inventory to filter by tags (just like we can by compartment)

oci_inventory.py --tags web ...

This way we can use hosts: web setting in playbook to run on instances tagged web.

Also set the tags filter in other places like oci_inventory.ini. I know that tags currently get returned and are stored in ansible-oci.cache

• Ansible version:
  2.7.2

• OCI Python SDK version:
  2.1.1

• OCI Ansible Modules version:
  1.3.0

Issue Report

Describe the issue
After 1.1.0 release, the tables(Parameters, Return Values) in each module documentation are rendered without border on https://oracle-cloud-infrastructure-ansible-modules.readthedocs.io/en/latest/modules/list_of_cloud_modules.html.

The OCI Service Gateway public documentation mentions using service cidr label and the all service cidr label like "all-iad-services-in-oracle-services-networ" which is a service cidr label that represents all cidrs for the supported services. The OCI Ansible oci_service_gateway module should allow specify these region specific all service cidr labels, such as "all-iad-services-in-oracle-services-network" or "all-phx-services-in-oracle-services-network", so that no need to enumerate a list of OCIDs for all available services when creating a service gateway for all services of the region.
please see "About Service CIDR Labels" section in
https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/servicegateway.htm

The OCI console, on creating a service gateway, allows to select "All <region> Services in Oracle Service Network" without the need to list each service's ocid.

Issue Report

A clear and concise description of what the issue is.
The oci_swift_password is reporting the password as null during the creation, and if it oci_swift_password can be rename to auth token as its been renamed to auth token.
ansible playbook output
"swift_password": {
"description": "swift password",
"expires_on": null,
"id": "ocid1.credential.oc1.XXXXXXXXXXXXXXXX",
"inactive_status": null,
"lifecycle_state": "ACTIVE",
"password": null,
"time_created": "2018-11-05T11:43:27.935000+00:00",
"user_id": "ocid1.user.oc1..XXXXXXXXXXXXXXXXXXX"
}

A clear and concise description of what you expected to happen.
It should display the token/password one time during the creation.

• Ansible version:

  ansible 2.6.4

• OCI Python SDK version:

  2.0.3

• OCI Ansible Modules version:
  1.1.0

Ansible playbook to reproduce the issue

• name : Create swift auth token
  connection: local
  hosts: localhost
  tasks:

  • name: Create a new swift password
    oci_swift_password:
    user_id: "ocid1.user.oc1..XXXXXXXXXXXX"
    description: "swift password"
    register: result

  • name: Dump result
    debug:
    msg: '{{result}}'

Issue Report

Have multi part objects - already available inside bucket on tenancy .
From UI console , i am able to delete 1 or multiple objects by selecting them .

with same credentials - when i use ansible module "oci_object" to delete the objects - it does NOT delete it .
play book run does not error and reports output in below format - which is different from what is documented .
Playbook code

oci_object:
  namespace: "{{tenancy_name}}"
  bucket: "{{bucket_name}}"
  object: "file_chunk/2948297777/PTESTI/backuppiece/2019-02-28/0gtr1dbh_1_1/KTVs8w9V0wwD/0000000020"
  state: 'absent'

Sample Output :

ok: [localhost] => (item={u'md5': u'0SR73+P0EtsnlW4uEtzN6A==', u'name': u'file_chunk/2948297777/PTESTI/backuppiece/2019-02-28/0gtr1dbh_1_1/KTVs8w9V0wwD/0000000020', u'time_created': u'2019-03-01T00:24:25.225000+00:00', u'size': 104857600})

Please advise .

Describe the issue

• Info same as above

Expected behavior

• objects should get deleted with the ansible module , when mentioned as "absent" .

Environment
NA

• OS version:
  NA

• Ansible version:

  insert output of ansible --version here

ansible 2.7.8
config file = /part1/work/cloud/ansible/ansible.cfg
configured module search path = [u'/home/sanswamy/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Jul 3 2018, 06:28:28) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

• OCI Python SDK version:

  insert output of python -c "import oci;print(oci.__version__)" here
  2.2.2

• OCI Ansible Modules version:

  insert output of python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.__version__)" here
  1.6.0
  Ansible playbook to reproduce the issue

  oci_object:
  namespace: "{{tenancy_name}}"
  bucket: "{{bucket_name}}"
  object: "file_chunk/2948297777/PTESTI/backuppiece/2019-02-28/0gtr1dbh_1_1/KTVs8w9V0wwD/0000000020"
  state: 'absent'

Issue Report

I am trying to get the display name of the volumes attached to the instance. It is not providing the excat display_name rather than providing as "display_name": "volumeattachment20181220230832",

A clear and concise description of what the issue is.

I trying to detach the specific display named volumes from the instance trying to get the names from oci_volume_attachment_facts.

A clear and concise description of what you expected to happen.

Oracle Linux 7

• OS version:

• Ansible version:

  ansible 2.7.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/opc/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Nov 1 2018, 03:12:47) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36.0.1)]

• OCI Python SDK version:

2.1.3

• OCI Ansible Modules version:

1.5.0

Ansible playbook to reproduce the issue

   - name: Get volume attachment information for a specified compartment & instance
  oci_volume_attachment_facts:
    config_file_location: ''
    config_profile_name: ''
    compartment_id: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
    instance_id: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
  register: result
- name: Dump result
  debug:
    msg: '{{result}}'

Issue Report

Having tenancy with multiple region .
while using "oci_ad_facts" to query domain - it always reports domain info of "Home" region .
tried specifying region explicitly as below
region: "us-phoenix-1"
still it fetches domain of "ashburn" home region .

Describe the issue
as above .

Expected behavior
When region is specified , module should ONLY report domain info fo that region alone .

Environment

• OS version:

• Ansible version:
  2.7.0
  insert output of ansible --version here

• OCI Python SDK version:
  2.2.1

• OCI Ansible Modules version:
  1.6.0

Ansible playbook to reproduce the issue

• name: Get Domain of Instance
  oci_ad_facts:
  config_file_location: "config_file_with_phoenic_regn_in_it"
  compartment_id: "ocid_for_compartment"
  region: "us-phoenix-1"
  register: result

  insert a sample playbook to reproduce the issue here(if relevant to the issue)

Issue Report

It would be good if we could use Instance Principals to authenticate the API calls.

I am running Ansible in an instance in OCI itself, and I would like to avoid having to provide my personal credentials (or create a user) on that instance.

Expected behavior

Some way for the OCI API calls to use Instance Pricipal.

Environment

NA

• Ansible version:

NA

• OCI Python SDK version:

2.2.14

• OCI Ansible Modules version:

1.9.0

Ansible playbook to reproduce the issue

NA

Issue Report

We are receiving an error when running a playbook that adds a route table entry. Usually the route table module is idempotent and sees that we are requesting the same entry that already exists. However, sometimes we run into this where the route table entry has the same destination and network_entity_id as we are passing in the playbook, yet it gives an error.

Expected behavior

As usual, the route table module should be idempotent and see that the route is already present and skip the update.

Environment

• OS version: OEL 7.5

• Ansible version:

ansible 2.7.9
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/jmullis/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 17:41:36) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

• OCI Python SDK version:

2.2.7

• OCI Ansible Modules version:

1.8.0

Ansible playbook to reproduce the issue

Since this is public, I've redacted the CIDR and real OCIDs.

- hosts: localhost
  connection: local
  gather_facts: no

  environment:
    OCI_IDENTITY_DO_NOT_REDIRECT_TO_HOME_REGION: "1"
    OCI_ANSIBLE_AUTH_TYPE: "instance_principal"
    OCI_TENANCY: "{{ tenancy_ocid }}"
    OCI_REGION: "{{ region }}"

  tasks:

    - name: Update VCN Route Table
      oci_route_table:
        rt_id: "ocid1.routetable.oc1.iad.foo"
        route_rules:
          - destination: "10.10.10.0/23"
            network_entity_id: "ocid1.localpeeringgateway.oc1.iad.foo"
        purge_route_rules: 'no'
        state: 'present'

Snippet from output of: oci network route-table get --rt-id ocid1.routetable.oc1.iad.foo

      {
        "cidr-block": null,
        "destination": "10.10.10.0/23",
        "destination-type": "CIDR_BLOCK",
        "network-entity-id": "ocid1.localpeeringgateway.oc1.iad.foo"
      }

FULL ERROR MESSAGE:

{
    "_ansible_parsed": true,
    "changed": false,
    "_ansible_no_log": false,
    "_ansible_item_result": true,
    "item": "my-route-table1",
    "_ansible_item_label": "my-route-table1",
    "invocation": {
        "module_args": {
            "auth_type": "api_key",
            "config_profile_name": null,
            "config_file_location": null,
            "display_name": null,
            "compartment_id": null,
            "route_rules": [
                {
                    "destination": "10.10.10.0/23",
                    "network_entity_id": "ocid1.localpeeringgateway.oc1.iad.foo"
                }
            ],
            "defined_tags": null,
            "freeform_tags": null,
            "state": "present",
            "key_by": null,
            "vcn_id": null,
            "force_create": false,
            "delete_route_rules": false,
            "tenancy": null,
            "api_user_key_file": null,
            "wait": true,
            "api_user_key_pass_phrase": null,
            "api_user": null,
            "rt_id": "ocid1.routetable.oc1.iad.foo",
            "region": null,
            "wait_until": null,
            "purge_route_rules": false,
            "wait_timeout": 1200,
            "api_user_fingerprint": null
        }
    },
    "_ansible_ignore_errors": null,
    "msg": "{'status': 400, 'message': u'The requested destination 10.10.10.0/23 is invalid: Cannot add multiple rules with the same destination.', 'code': u'InvalidParameter', 'opc-request-id': '666BE51B3F174DA58F02761AADD46AC0/C2775B58E94DEEFCBAAF26FC14E3249D/936398617F1246E093BCD0737CD6E749'}"
}

Hi,

I am trying to use ansible for oci. However I am getting error as "oci python sdk required for this module". I have installed obi-ansible-modules and oci-python-sdk.

Here is the code:-

• name: Create or Update bucket
  oci_bucket:
  namespace_name: ' '
  compartment_id: ''
  name: 'Test'
  public_access_type: 'NoPublicAccess'
  state: 'present'

Thanks.

Hi there, this is not issue, more like question or request for enhancement. I've been creating playbooks to list and create instances, works great, thanks.
One thing I wasn't able to manage is to list console connection of existing instance, or to create a console connection for new instance, this will be very useful. Is there a plan to resolve this somehow?

Issue Report

When calling oci_inventory.py an error "KeyError: None" occurs and no inventory is returned.

Expected behavior

List of OCI inventory should be returned.

Environment

• OS version: Oracle Linux 7.5

• Ansible version:

ansible 2.7.6

• OCI Python SDK version:

2.1.7

• OCI Ansible Modules version:

1.5

Ansible playbook to reproduce the issue

Not relevant

• Underlying issue:
  The function build_inventory_for_instance(..) calls self.get_region_from_short_name(instance.region) where instance.region is already the "long" version (e.g. eu-frankfurt-1) and then get_region_from_short_name returns None.

• Possible fixes: Checking in get_region_from_short_name if the region input matches either keys or values from the dict, not just the values. Or figuring out why the assumption is that the region is the short version.

Edit: Spelling

Are the oci modules backward compatable ? i have developed code using 1.4.0 . Now i see 1.5.0 is available. Should i have to change my code or is it backward compatable.

Issue Report

PLAY [localhost] **********************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Get instance metadata] **********************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Get all mount targets] **********************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Get all private ips] ************************************************************************************************************************************************************************************************************
failed: [localhost] (item={u'lifecycle_state': u'ACTIVE', u'availability_domain': u'orBF:EU-FRANKFURT-1-AD-2', u'display_name': u'OAG', u'private_ip_ids': [u'ocid1.privateip.oc1.eu-frankfurt-1.abtheljtdwuxv5ollxb5vfrqfwz3h6c34a3fde32ulzh3xqsl6kos3m7szjq'], u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaaxwpjh3ahcxmkdrimeo5ehkhx4ekizxcjwxcj35spnsvrx5frzn7a', u'export_set_id': u'ocid1.exportset.oc1.eu_frankfurt_1.aaaaacvippxgefsnmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa', u'defined_tags': {}, u'freeform_tags': {u'tier': u'OAG', u'environment': u'ocitest0'}, u'time_created': u'2019-04-04T19:39:22.014000+00:00', u'subnet_id': u'ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaarprgvketeanr25qexwnhfdvfb42wsq35x6onkc7jjmdzj54rh6xa', u'lifecycle_details': u'', u'id': u'ocid1.mounttarget.oc1.eu_frankfurt_1.aaaaacvippxgefsomzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa'}) => {"changed": false, "item": {"availability_domain": "orBF:EU-FRANKFURT-1-AD-2", "compartment_id": "ocid1.compartment.oc1..aaaaaaaaxwpjh3ahcxmkdrimeo5ehkhx4ekizxcjwxcj35spnsvrx5frzn7a", "defined_tags": {}, "display_name": "OAG", "export_set_id": "ocid1.exportset.oc1.eu_frankfurt_1.aaaaacvippxgefsnmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa", "freeform_tags": {"environment": "ocitest0", "tier": "OAG"}, "id": "ocid1.mounttarget.oc1.eu_frankfurt_1.aaaaacvippxgefsomzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa", "lifecycle_details": "", "lifecycle_state": "ACTIVE", "private_ip_ids": ["ocid1.privateip.oc1.eu-frankfurt-1.abtheljtdwuxv5ollxb5vfrqfwz3h6c34a3fde32ulzh3xqsl6kos3m7szjq"], "subnet_id": "ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaarprgvketeanr25qexwnhfdvfb42wsq35x6onkc7jjmdzj54rh6xa", "time_created": "2019-04-04T19:39:22.014000+00:00"}, "msg": "Either Floating Private IP with ID ['ocid1.privateip.oc1.eu-frankfurt-1.abtheljtdwuxv5ollxb5vfrqfwz3h6c34a3fde32ulzh3xqsl6kos3m7szjq'] does not exist or you are not authorized to access it."}
failed: [localhost] (item={u'lifecycle_state': u'ACTIVE', u'availability_domain': u'orBF:EU-FRANKFURT-1-AD-2', u'display_name': u'OSB', u'private_ip_ids': [u'ocid1.privateip.oc1.eu-frankfurt-1.abtheljtrqjybcdfcy3drcssnwkbas5zmnsu4iw53g7fjy2glb3scs4g6lia'], u'compartment_id': u'ocid1.compartment.oc1..aaaaaaaaxwpjh3ahcxmkdrimeo5ehkhx4ekizxcjwxcj35spnsvrx5frzn7a', u'export_set_id': u'ocid1.exportset.oc1.eu_frankfurt_1.aaaaaa4np2snihtmmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa', u'defined_tags': {}, u'freeform_tags': {u'tier': u'OSB', u'environment': u'ocitest0'}, u'time_created': u'2019-03-28T11:06:07.340000+00:00', u'subnet_id': u'ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaarprgvketeanr25qexwnhfdvfb42wsq35x6onkc7jjmdzj54rh6xa', u'lifecycle_details': u'', u'id': u'ocid1.mounttarget.oc1.eu_frankfurt_1.aaaaaa4np2snihtnmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa'}) => {"changed": false, "item": {"availability_domain": "orBF:EU-FRANKFURT-1-AD-2", "compartment_id": "ocid1.compartment.oc1..aaaaaaaaxwpjh3ahcxmkdrimeo5ehkhx4ekizxcjwxcj35spnsvrx5frzn7a", "defined_tags": {}, "display_name": "OSB", "export_set_id": "ocid1.exportset.oc1.eu_frankfurt_1.aaaaaa4np2snihtmmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa", "freeform_tags": {"environment": "ocitest0", "tier": "OSB"}, "id": "ocid1.mounttarget.oc1.eu_frankfurt_1.aaaaaa4np2snihtnmzzgcllqojxwiotfouwwm4tbnzvwm5lsoqwtcllbmqwtgaaa", "lifecycle_details": "", "lifecycle_state": "ACTIVE", "private_ip_ids": ["ocid1.privateip.oc1.eu-frankfurt-1.abtheljtrqjybcdfcy3drcssnwkbas5zmnsu4iw53g7fjy2glb3scs4g6lia"], "subnet_id": "ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaarprgvketeanr25qexwnhfdvfb42wsq35x6onkc7jjmdzj54rh6xa", "time_created": "2019-03-28T11:06:07.340000+00:00"}, "msg": "Either Floating Private IP with ID ['ocid1.privateip.oc1.eu-frankfurt-1.abtheljtrqjybcdfcy3drcssnwkbas5zmnsu4iw53g7fjy2glb3scs4g6lia'] does not exist or you are not authorized to access it."}
        to retry, use: --limit @/home/opc/ansible/elhub-oci.retry

Expected behavior

oci_private_ips contains the ipv4 addresses needed to reach the mount targets.

Environment

• OS version:
  Oracle Linux Server release 7.6

• Ansible version:

ansible 2.7.9
config file = /home/opc/.ansible.cfg
configured module search path = [u'/home/opc/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Nov 1 2018, 03:12:47) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36.0.1)]

• OCI Python SDK version:

2.2.4

• OCI Ansible Modules version:

1.6.0

Ansible playbook to reproduce the issue

Trying to run:

---
# 
- hosts: localhost
  tasks:
  - name: Get instance metadata
    uri:
      url: http://169.254.169.254/opc/v1/instance/
      return_content: yes
    register: instance_metadata

  - name: Get all mount targets
    oci_mount_target_facts:
      compartment_id: "{{ instance_metadata.json.compartmentId }}"
      availability_domain: "{{ instance_metadata.json.availabilityDomain }}"
    register: oci_mount_targets

  - name: Get all private ips
    oci_private_ip_facts:
      private_ip_id: "{{ item.private_ip_ids }}"
    loop: "{{ oci_mount_targets.mount_targets }}"
    register: oci_private_ips

Enhancement Request

The oci-bucket module does not provide the ability to set object lifecycle policies on a bucket. Without this we have to manually add lifecycle policies after creating every bucket. The Object Storage APIs provide Get/Delete/Put ObjectLifecyclePolicy methods that Ansible should be able to use.

Hi,
Currently after provisioning windows instance the oci generates a windows passowrd which i have to change manually. I was told there are some ways using terraform this can be done. But even putting the value in the userdata section of the advanced option, i am not able to do it.
Regards,
Shomik Basu

This project is very interesting and thank you for creating it. But using the code from github makes it harder to distribute. It would be nice if it were available via https://pypi.org/. Or least installable directly from github via pip.

Running

pipenv install -e git+https://github.com/oracle/[email protected]#egg=oci-ansible-modules

Failed with

    FileNotFoundError: [Errno 2] No such file or directory: '.../.local/share/virtualenvs/.../src/oci-ansible-modules/setup.py'

because there is no setup.py

Issue Report

The OCI has release the OCI resource manager service a while ago. Please add the support in the oci-ansible module

Issue Report

When an error occurs during instance provisioning, when enable_parallel_requests is set to True and an exact_count is specified in oci_instance, the play execution hangs.

Expected behavior

A clear and concise description of what you expected to happen.

Environment

• OS version:

Linux

• Ansible version:

ansible 2.7.0.dev0
  config file = /home/siva/.ansible.cfg
  configured module search path = ['/home/siva/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /space/projects/ansible/lib/ansible
  executable location = /space/projects/ansible/bin/ansible
  python version = 3.5.5 |Anaconda, Inc.| (default, May 13 2018, 21:12:35) [GCC 7.2.0]

• OCI Python SDK version:

2.1.2

• OCI Ansible Modules version:

1.3.0

Ansible playbook to reproduce the issue

	- name: Attempt to create 3 webserver instances using exact-count and count-tag, with an error
	
	  oci_instance:
	
	    name: "{{exact_count_instance_name}}"
	
	    shape: "{{test_instance_shape}}"
	
	    compartment_id: "{{test_compartment_ocid}}"
	
	    # Use the Second AD so that this test doesn't interfere with other compute instance test runs that use the first AD
	
	    # and cause a quota-issue
	
	    availability_domain: "{{test_availability_domain_3}}"
	
	    source_details:
	
	        source_type: "image"
	
	        image_id: "{{image_ocid}}"
	
	    vnic:
	
	        subnet_id: "{{test_subnet_ocid_ad3}}"
	
	    # use an invalid tag namespace to simulate an error
	
	    defined_tags: "{ '{{ test_tag_namespace_name }}invalid':{'{{ test_tag_name }}':'{{test_instance_name}}-tag-value'} }"
	
	    exact_count: 3
	
	    count_tag: "{ '{{ test_tag_namespace_name }}':{'{{ test_tag_name }}':'{{test_instance_name}}-tag-value'} }"
	
	  register: result

Issue Report

Describe the issue

The fact scripts do not seem to return tags, making it hard to use together with dynamic inventory for infrastructure created through e.g. Terraform.

I.e. I am creating instances and volumes from Terraform, but I need to use ansible to actually mount them so I'd like to get data from facts to mount the right drive in the right place.

The defined-tags option with the json formatted defined tags is not working with oci_inventory.py.

Error:
./oci_inventory.py --list --defined-tags {"xyz-applications":{"Lob":"xyz-mgmt"}} --hostname-format private_ip

Expecting property name: line 1 column 2 (char 1)

Currently, the scripts don't work with instance credentials. It would be great if that could be fixed.

Issue Report

Add support for ObjectReadWithoutList access_type for buckets.

Expected behavior

When creating a bucket, I should be able to set the access_type to ObjectReadWithoutList per https://docs.cloud.oracle.com/iaas/Content/Object/Tasks/managingbuckets.htm?Highlight=ObjectReadWithoutList#

Environment

Docker container image: oraclelinux:7-slim

• OS version:

bash-4.2# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.6 (Maipo)

bash-4.2# cat /etc/oracle-release
Oracle Linux Server release 7.6

• Ansible version:

bash-4.2# ansible --version
ansible 2.7.8
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/etc/ansible/library']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Jun  4 2019, 10:54:24) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36.0.1)]

• OCI Python SDK version:

bash-4.2# python -c "import oci;print(oci.__version__)"
2.1.7

• OCI Ansible Modules version:

bash-4.2# python -c "from ansible.module_utils.oracle import oci_utils; print(oci_utils.__version__)"
1.9.0

Ansible playbook to reproduce the issue

- name: Create bucket
  oci_bucket:
    namespace_name: 'ansibletestspace'
    compartment_id: 'ocid1.compartment.oc1..xxxxxEXAMPLExxxxx'
    name: 'AnsibleTestBucket'
    public_access_type: 'ObjectReadWithoutList'

Issue Report

Describe the issue
Download an object from a bucket fails if file destination does not exists.
Error message: "AttributeError: 'NoneType' object has no attribute 'upper'"

Expected behavior
Download object from bucket

Module name
oci_object.py

• OCI Ansible Modules version:
  1.7.0

A clear and concise description of what the issue is.

At this point in oci_route_table module under the route rules only have the option cidr_block and does not show any option of the service in the documentation. Either the route table documentation is not updated or the module is still not have the updated to support the service gateway rules for object storage service. let me know if there is a way to add route rule using oci_route_table module. Also I am facing similar chalanges for the security list to add the security rules for the object storage service.

Ansible version:

ansible 2.6.4

OCI Python SDK version:

2.0.3

OCI Ansible Modules version:
1.1.0

Issue Report

Not able to upload 12G file (disk image) to Object storage. The playbook to list object files works well. Below inserted txt file has both playbooks.

This is error while run upload playbook:

`The full traceback is:
Traceback (most recent call last):
File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 113, in
_ansiballz_main()
File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 48, in invoke_module
imp.load_module('main', mod, module, MOD_DESC)
File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 357, in
File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 343, in main
File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 258, in put_object
MemoryError

fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 113, in \n _ansiballz_main()\n File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 105, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/tmp/ansible/tmp/ansible-tmp-1556749128.97-106775678342598/AnsiballZ_oci_object.py", line 48, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 357, in \n File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 343, in main\n File "/tmp/ansible_oci_object_payload_q5iRFa/main.py", line 258, in put_object\nMemoryError\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
`

Expected behavior

It's expected to have 12G file uploaded.

Environment

From pip list:
oci 2.1.1
oci-cli 2.4.38

• OS version:
  OL7

• Ansible version:

  ansible 2.7.10

• OCI Python SDK version:

  2.1.1

• OCI Ansible Modules version:

  1.3.0

Ansible playbook to reproduce the issue

playbooks.txt

Issue Report

Creating a VCN in upper case causes idempotence to break, running the same command twice produces two identical VCNs. Lower case names are fine.

- name: Create a VCN
    oci_vcn:
      cidr_block: '10.6.0.0/16'
      compartment_id: 'ocid1.compartment.oc1..fgfgf'
      display_name: MY_VCN
      dns_label: ansiblevcn

Expected behavior

No change on second run

Environment

• OS version: NA

• Ansible version:

  ansible 2.8.0.dev0
  config file = /home/admin/Projects/cloud-provisioning/oci_ansible/ansible.cfg
  configured module search path = ['/home/admin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.6 (default, Aug 31 2018, 01:10:26) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)]

• OCI Python SDK version:

2.2.1

• OCI Ansible Modules version:

1.6.0

Ansible playbook to reproduce the issue

see disc

Issue Report

When I follow the official installation page for the oci ansible modules, the installation script fails on my MacBook Pro. Python/pip and ansible are installed through Homebrew.

Error message: OCI Python SDK version-2.1.7 is required for using oci-ansible-modules. To install OCI Python SDK, use < pip install oci==2.1.7 >.

However oci is installed, see below.

A clear and concise description of what the issue is.

Installation script should work. I think it is caused by a "path" issue. The script uses the system wide installed python, pip & ansible, when not using virtualenv. It is not recognising the versions of python, pip and ansible installed through Homebrew.

A clear and concise description of what you expected to happen.

Environment

• OS version:
  Mac OS X 10.13.6

• Ansible version:

  2.7.10

• OCI Python SDK version:

note: when using: python -c "import oci;print(oci.__version__)" there is an error:

"Traceback (most recent call last):
File "", line 1, in
ImportError: No module named oci"

"pip list" gives oci 2.2.7

• OCI Ansible Modules version:

NA due to installation failure.

Ansible playbook to reproduce the issue

NA due to installation failure

The documentation implies searching via object_name should be an exact match. Instead objects where the name is contains a subset of the query is returned. Expected behavior would be no items are returned.

Example

  - name: Image exists
    oci_object_facts:
      namespace: "{{ aims_namespace }}"
      bucket: "{{ bucket_name }}"
      object_name: aims-ol7

ok: [localhost] => {
    "changed": false, 
    "objects": [
        {
            "md5": "bUXuJhKDedW+nFbqGG5LwQ==-16", 
            "name": "aims-ol76-190626", 
            "size": 5008404480, 
            "time_created": "2019-06-26T23:55:21.771000+00:00"
        }
   

Will network security groups be supported for things like oci_instance module?

Issue Report

If I try to install oci ansible on a clean ansible installation I get the following error:

Creating directory /usr/lib/python2.7/dist-packages/ansible/modules/cloud/oracle
Traceback (most recent call last):
File "./install.py", line 181, in
main()
File "./install.py", line 148, in main
os.mkdir(oracle_module_dir_path)
OSError: [Errno 2] No such file or directory: '/usr/lib/python2.7/dist-packages/ansible/modules/cloud/oracle'

A clear and concise description of what the issue is.

the parent directory of "oracle" is not existing. They should be created as well

A clear and concise description of what you expected to happen.

Debian Linux 9

Ansible 2.2

• OS version:

• Ansible version:

ansible 2.7.8
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/wolf/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.7.3rc1 (default, Mar 13 2019, 11:01:15) [GCC 8.3.0]

• OCI Python SDK version:

  not applicable here

• OCI Ansible Modules version:

  not applicable here

Ansible playbook to reproduce the issue

Hi, I have tried multiple python versions 2.7.5/3.5.1, etc, and still get this error using the oci_inventory.py dynamic inventory script from the oracle site after installing oci-ansible-modules and oci with pip:

./oci.py
OCI Python SDK is not installed. Try `pip install oci` to install OCI Python SDK.

Issue Report

Describe the issue

The ~/.oci/config file is present and properly configured. The env var OCI_CONFIG_PROFILE is set. However, running a simple playbook throws the following error:

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Invalid OCI configuration. Exception: {'user': 'missing', 'key_file': 'missing', 'fingerprint': 'missing', 'tenancy': 'missing'}"}

Explicitly creating the following variable and using it in the module makes everything work fine.

• config_profile_name: "{{ lookup('env', 'OCI_CONFIG_PROFILE') }}"

Expected behavior

The module should automatically look at the OCI_CONFIG_PROFILE env var.

Environment

• OS version: Oracle Linux Server release 7.4

• Ansible version:

ansible 2.7.8 config file = None configured module search path = ['/home/plakdawa/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/peo-oci-toolkit/miniconda3-4.5.12/envs/py3forocidev/lib/python3.6/site-packages/ansible executable location = /opt/peo-oci-toolkit/miniconda3-4.5.12/envs/py3forocidev/bin/ansible python version = 3.6.8 |Anaconda, Inc.| (default, Dec 30 2018, 01:22:34) [GCC 7.3.0]

• OCI Python SDK version:

  2.1.4

• OCI Ansible Modules version:

  1.5.0

Ansible playbook to reproduce the issue

---
- name: Create public IP
  hosts: localhost
  vars:
    config_profile_name: "{{ lookup('env', 'OCI_CONFIG_PROFILE') }}"
    my_label:
    sandbox_compartment_ocid: "{{ lookup('env', 'sandbox_compartment_ocid') }}"
  gather_facts: no
  tasks:
    - name: Create a public IP with lifetime as RESERVED
      oci_public_ip:
        #Comment/Uncomment the following line to reproduce/resolve the issue
        #config_profile_name: "{{ config_profile_name }}"
        compartment_id: "{{ sandbox_compartment_ocid }}"      
        display_name: "{{ my_label }}_public_ip"
        lifetime: RESERVED
      register: result
    - debug: msg="test_public_ip = {{ result }}"