elb_application_lb #33021

bobobox · 2017-11-17T17:19:27Z

ISSUE TYPE

Bug Report

COMPONENT NAME

elb_application_lb

ANSIBLE VERSION

ansible 2.4.0.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/Users/rpm/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/rpm/sandbox/venv-ansible-2.4.0/lib/python2.7/site-packages/ansible
  executable location = /Users/rpm/sandbox/venv-ansible-2.4.0/bin/ansible
  python version = 2.7.13 (default, Dec 18 2016, 07:03:39) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.42.1)]

CONFIGURATION

OS / ENVIRONMENT

SUMMARY

If an Application Load Balancer is created/maintained via Ansible, and the 'SslPolicy' on a listener is not specified (documentation says 'The default is the current predefined security policy.', indicating it can be omitted to use the default), the listener is created successfully along with the ALB, but on subsequent runs the task fails with a KeyError.

STEPS TO REPRODUCE

Create ALB using a play like the one shown below, then re-run the same play.

Example play:

- name: Maintain ALB
  elb_application_lb:
    name: some-alb
    state: present
    scheme: internet-facing
    region: us-east-1
    subnets: 
      - some-subnet-1
      - some-subnet-2
    security_groups: some-security-group
    listeners:
      - Protocol: HTTPS
        Port: 443
        DefaultActions:
          - Type: forward
            TargetGroupName: some-https-group
        Certificates:
          - CertificateArn: some-cert-arn

EXPECTED RESULTS

Play succeeds on first as well as subsequent runs.

ACTUAL RESULTS

Play fails after first run, due to KeyError when comparing SslPolicy.

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'SslPolicy'
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Traceback (most recent call last):
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 1016, in <module>
    main()
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 1011, in main
    create_or_update_elb(connection, connection_ec2, module)
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 906, in create_or_update_elb
    listener_changed = create_or_update_elb_listeners(connection, module, elb)
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 713, in create_or_update_elb_listeners
    listeners_to_add, listeners_to_modify, listeners_to_delete = compare_listeners(connection, module, current_listeners, deepcopy(listeners), purge_listeners)
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 636, in compare_listeners
    modified_listener = compare_listener(current_listener, new_listener)
  File \"/var/folders/yy/wlg7s3c143qbvq9vsjjs_1w80000gn/T/ansible_DO7FDQ/ansible_module_elb_application_lb.py\", line 538, in compare_listener
    if current_listener['SslPolicy'] != new_listener['SslPolicy']:
KeyError: 'SslPolicy'
", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}

The text was updated successfully, but these errors were encountered:

ansibot · 2017-11-17T17:22:16Z

Files identified in the description:

lib/ansible/modules/cloud/amazon/elb_application_lb.py

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibot · 2017-11-17T17:22:16Z

cc @willthames @wimnat
click here for bot help

wimnat · 2017-12-11T11:55:35Z

Will fix in upcoming PR with rewrite for NLB support

bmess · 2017-12-13T21:27:00Z

@wimnat is there an existing issue tracking the rewrite? I can't find it within the tracker

s-hertel · 2017-12-18T17:56:24Z

@bmess The rewrite is #33769, the addition of NLB is #33808.

wimnat · 2018-05-16T09:51:11Z

@bobobox this seems resolved now with latest version of the module. Can you confirm?

ivanbaldo · 2018-07-09T21:52:01Z

Now the SslPolicy parameter is required, but the docs doesn't say that it is required.
Shouldn't be optional?
I couldn't test if this works now, since it is failing at first use for me.
I will file a separate bug report.

ivanbaldo · 2018-07-09T22:12:47Z

Ok, now tested and it works (with required SslPolicy), reports as unchanged.
The remaining question is thus: should the SslPolicy parameter be required or optional?
If it really should be required, then the docs need to be updated.
If it really should be optional, then the code must allow it to be optional.
Thanks!!!

dumblerod · 2018-09-23T03:46:55Z

My vote would be that it matches AWS' requirement. Thanks!

ansibot · 2020-01-31T23:10:50Z

cc @jillr @tremble
click here for bot help

ansibot · 2020-08-16T22:28:41Z

Thank you very much for your interest in Ansible. Ansible has migrated much of the content into separate repositories to allow for more rapid, independent development. We are closing this issue/PR because this content has been moved to one or more collection repositories.

lib/ansible/modules/cloud/amazon/elb_application_lb.py -> https://galaxy.ansible.com/community/aws

For further information, please see:
https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md

ansibot added affects_2.4 This issue/PR affects Ansible v2.4 aws bug_report cloud module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. support:community This issue/PR relates to code supported by the Ansible community. labels Nov 17, 2017

s-hertel removed the needs_triage Needs a first human triage before being processed. label Nov 17, 2017

ansibot added bug This issue/PR relates to a bug. and removed bug_report labels Mar 1, 2018

ansibot added the traceback This issue/PR includes a traceback. label May 24, 2018

ansibot added support:core This issue/PR relates to code supported by the Ansible Engineering Team. and removed support:community This issue/PR relates to code supported by the Ansible community. labels Sep 19, 2018

ansibot removed the needs_maintainer Ansibot is unable to identify maintainers for this PR. (Check `author` in docs or BOTMETA.yml) label Nov 10, 2018

ansibot added collection Related to Ansible Collections work collection:community.aws needs_collection_redirect https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md labels Apr 29, 2020

ansibot added the bot_closed label Aug 16, 2020

ansibot closed this as completed Aug 16, 2020

ansible locked and limited conversation to collaborators Sep 13, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

elb_application_lb #33021

elb_application_lb #33021

bobobox commented Nov 17, 2017 •

edited

ansibot commented Nov 17, 2017

ansibot commented Nov 17, 2017

wimnat commented Dec 11, 2017

bmess commented Dec 13, 2017

s-hertel commented Dec 18, 2017

wimnat commented May 16, 2018

ivanbaldo commented Jul 9, 2018

ivanbaldo commented Jul 9, 2018

dumblerod commented Sep 23, 2018

ansibot commented Jan 31, 2020

ansibot commented Aug 16, 2020

elb_application_lb #33021

elb_application_lb #33021

Comments

bobobox commented Nov 17, 2017 • edited

ISSUE TYPE

COMPONENT NAME

ANSIBLE VERSION

CONFIGURATION

OS / ENVIRONMENT

SUMMARY

STEPS TO REPRODUCE

EXPECTED RESULTS

ACTUAL RESULTS

ansibot commented Nov 17, 2017

ansibot commented Nov 17, 2017

wimnat commented Dec 11, 2017

bmess commented Dec 13, 2017

s-hertel commented Dec 18, 2017

wimnat commented May 16, 2018

ivanbaldo commented Jul 9, 2018

ivanbaldo commented Jul 9, 2018

dumblerod commented Sep 23, 2018

ansibot commented Jan 31, 2020

ansibot commented Aug 16, 2020

bobobox commented Nov 17, 2017 •

edited