New module for azure virtual network gateway

[Madhura-CSI]

SUMMARY

New module for azure virtual network gateway

ISSUE TYPE

• New Module Pull Request

COMPONENT NAME

azure_rm_virtualnetworkgateway

ANSIBLE VERSION

ansible 2.6.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/centos-dev/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

ADDITIONAL INFORMATION

Currently we don't have any existing module to create/update/delete virtual network gateway(VPN gateway) in azure cloud. Hence, I would like to contribute this module to community.
Sample module call is as follows:

    - name: Create virtual network gateway without bgp settings
      azure_rm_virtualnetworkgateway:
        resource_group: testrg
        name: testvpngw
        ip_configurations:
          - name: testipconfig
            private_ip_allocation_method: Dynamic
            public_ip_address_name: testipaddr
        virtual_network: testvnet
        tags:
          common: "xyz"
      register: vgw_without_bgp

By default module waits for VPN gateway to be created.(using poller)

[Madhura-CSI]

WIP

[ansibot]

The test ansible-test sanity --test pylint [explain] failed with 1 error:

lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:335:20: undefined-variable Undefined variable 'fh'

The test ansible-test sanity --test validate-modules [explain] failed with 9 errors:

lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E322 "active_active" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E322 "gateway_default_site" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E322 "vpn_client_configuration" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E325 argument_spec for "active_active" defines type="bool" but documentation does not
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E325 argument_spec for "enable_bgp" defines type="bool" but documentation does not
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E326 Value for "choices" from the argument_spec ([]) for "gateway_type" does not match the documentation (['Vpn', 'ExpressRoute'])
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E326 Value for "choices" from the argument_spec ([]) for "sku" does not match the documentation (['VpnGw1', 'VpnGw2', 'VpnGw3'])
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:0:0: E326 Value for "choices" from the argument_spec ([]) for "vpn_type" does not match the documentation (['RouteBased', 'PolicyBased'])
lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:167:21: E313 RETURN is not valid YAML

The test ansible-test sanity --test yamllint [explain] failed with 1 error:

lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py:167:21: error RETURN: syntax error: expected ',' or '}', but got '<scalar>'

click here for bot help

[Fred-sun]

@Madhura-CSI Thanks for the contribution, Could you help confirm the PR ready for review or not？ if yes, I will push to review! Thanks!

[ansibot]

cc @haroldwongms @nitzmahone @trstringer @xscript @yuwzho @zikalino
click here for bot help

[Fred-sun]

@Madhura-CSI Thanks for the contribution. Could you help finished this PR change? when you finished, I will push to review. Thanks!

[Fred-sun]

@Madhura-CSI Thanks for your contribution, Are you still here？Could you help finish the PR changed? if you finished, I will push to review? Thanks!

[Madhura-CSI]

Yes @Fred-sun , I am working on this PR. Will need few more days to finish the stuff. I will update here once this is ready for review.

[Fred-sun]

@Madhura-CSI Thanks for your update， When you finished changed, I will test,. Thanks!

[Fred-sun]

kindly ping

[Fred-sun]

kindly ping

[zikalino]

@Madhura-CSI I would like to add a few things and also integration tests and merge this pr.
would it be ok for you to add me to your fork?
I would also do the same with local network gateway.

[Madhura-CSI]

Sure @zikalino . Please go ahead and make the necessary changes as per your requirement.

[zikalino]

@Madhura-CSI great! :-) could you add me as a collaborator to your fork?

[Madhura-CSI]

@zikalino One problem I see here is: I think we need to add write access at repository/org level and not at the pull-request level. Can't really do that as of now. Do you see any probable alternative to this? I would be glad to assist.

[zikalino]

@Madhura-CSI ok then. no problem. I will just fork your fork and create PR on the top of your branch.
a bit more complex, but should work.

[Madhura-CSI]

@zikalino sure, thanks!

[zikalino]

@Madhura-CSI i have just started working on this pr, and I have a quick question.
why is GatewaySubned hardcoded here. shouldnt' we refer any subnet?
any special reason?

[Madhura-CSI]

@zikalino, 'GatewaySubnet' < this name is mandatory for the subnet where we deploy the virtual network gateway virtual machines. AFAIK, we cannot change this name. If we ever do that, network gateway creation will fail at the end. Please confirm this behavior.

[zikalino]

@Madhura-CSI thanks! I will create PR to your fork soon :-)

[Fred-sun]

@Madhura-CSI Are you still here? Could you give a feedback for zikalino's comments? Thanks!

[Madhura-CSI]

@Fred-sun replied to the code review comment above. Please check.

[Fred-sun]

@Madhura-CSI Thanks for your update.
@zikalino Once you create PR , please paste link at here! Thanks!

[zikalino]

@Madhura-CSI I have created a pr to your fork some time ago. could you take a look and merge it?

[Madhura-CSI]

sure @zikalino . I will update this in a day or two and will let you know.

[zikalino]

@Madhura-CSI could you try to merge changes today? the freeze is coming :-)
otherwise I may try to merge in a separate pr

[ansibot]

@Madhura-CSI this PR contains the following merge commits:

• 3ec43c2

Please rebase your branch to remove these commits.

click here for bot help

[ansibot]

@Madhura-CSI This PR contains @ mentions in at least one commit message. Those mentions can cause cascading notifications through GitHub and need to be removed. Please squash or amend your commits to remove the mentions.

click here for bot help

[Madhura-CSI]

@zikalino , sorry for the delay. I have now merged your branch with this one. Please review and proceed with upstream merge if everything looks good to you.
Thanks!

[ansibot]

@brusMX @caohai @devigned @gustavomcarmo @haroldwongms @iphilpot @julienstroheker @lmazuel @obsoleted @sozercan @techknowlogick @trstringer @tstringer @xscript @yaweiw @yuwzho

As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add shipit if you would like to see it merged.

click here for bot help

[mmyyrroonn]

@Madhura-CSI Hello. Thanks for this great PR. Recently, we met a small issue, I just wonder, could you share your design purpose for the subnet option?

ansible/lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py

Lines 75 to 78 in a3c3fd9

	subnet:
	description:
	- ID of the gateway subnet for VPN.
	default: GatewaySubnet

Based on the current implementation, it seems that this option is not used in the code now. I checked the sdk, the param of the same name is constructed by the information in the virtual network.

ansible/lib/ansible/modules/cloud/azure/azure_rm_virtualnetworkgateway.py

Lines 313 to 317 in a3c3fd9

	subnet = self.network_models.SubResource(
	id='/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.Network/virtualNetworks/{2}/subnets/GatewaySubnet'.format(
	self.virtual_network['subscription_id'],
	self.virtual_network['resource_group'],
	self.virtual_network['name']))

I think there should be some original reason for you to create this option. we can discuss about it and continue improving this module after our discussion.