-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add port_security_enabled argument to os_port module #47715
Add port_security_enabled argument to os_port module #47715
Conversation
Hi @MaxBab, thank you for submitting this pull-request! |
Build succeeded (third-party-check pipeline).
|
shipit |
@@ -291,6 +302,7 @@ def main(): | |||
device_owner=dict(default=None), | |||
device_id=dict(default=None), | |||
state=dict(default='present', choices=['absent', 'present']), | |||
port_security_enabled=dict(default=None, type='bool') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the default for this should be True, shouldn't it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is true.
When not providing any value regarding this argument, OpenStack automatically set it as True.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @jamescassell ,
Is it acceptable for you that the argument default is None?
I think if the argument is not used, we should rely on the neutron default behavior.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm fine with shipping as is, but i'm not the best person to say.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be set on OpenStack network level also. So my thought would be that the default should be None, in which case the port will inherit the setting from the network. This is similar to how OpenStackSDK itself, and "openstack port-create" CLI, behave. I guess that setting the default to True would override that always, and enable it even if it the user did not specify it and the network default was set to "False". Also, in case of port update we presumably want to leave this parameter as-is unless it is explicitly specified.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it should be None, to allow taking a really default from the system, and not override it
Hello @emonty , Could you take a look at the patch, please? Thank you. |
Port security could be set during creation of the port on the network. Add port_security_enabled boolean during port creation.
20e84fd
to
8e37ad7
Compare
Build succeeded (third-party-check pipeline).
|
Hello @mnaser @gundalow @odyssey4me @abadger , I rebased the patch according to the latest changes. Thank you. |
shipit |
Hello @odyssey4me , Thanks. |
This is a really useful change, could it please be reviewed @gundalow? |
@@ -291,6 +302,7 @@ def main(): | |||
device_owner=dict(default=None), | |||
device_id=dict(default=None), | |||
state=dict(default='present', choices=['absent', 'present']), | |||
port_security_enabled=dict(default=None, type='bool') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it should be None, to allow taking a really default from the system, and not override it
Add the port security feature to the os_port module and openstack_tasks network section. The port security feature patch currently in review upstream. ansible/ansible#47715 Change-Id: I93237fe4a141fe95431ffb230566ec0aca746c23
This is a really useful change for operating cloud operations, could it please be reviewed @gundalow, |
shipit |
!needs_revision |
Hello @cloudnull @dagnello @emonty @evrardjp @juliakreger @mnaser @odyssey4me @rcarrillocruz @Shrews, Could you help me to promote this patch, please? The change is used by me, and I would like it to be an official part of the module. Thank you. |
SUMMARY
Port security could be set during creation of the port on the network.
Add port_security_enabled boolean during port creation.
Fixes: #24694
ISSUE TYPE
COMPONENT NAME
os_port
ANSIBLE VERSION
ansible 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/stack/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /tmp/ansible_venv/lib/python2.7/site-packages/ansible
executable location = /tmp/ansible_venv/bin/ansible
python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
ADDITIONAL INFORMATION
Depends-On: https://review.openstack.org/#/c/613759