From a9fa481eb7e166524cf9043f20f1b5596265cd56 Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev Date: Mon, 25 Nov 2024 22:14:46 +0300 Subject: [PATCH 1/6] Add 'ingress' option to docker_network module --- plugins/modules/docker_network.py | 14 +++++ .../docker_network/tasks/tests/overlay.yml | 52 +++++++++++++++++++ 2 files changed, 66 insertions(+) diff --git a/plugins/modules/docker_network.py b/plugins/modules/docker_network.py index 00b79cd2d..31717cca9 100644 --- a/plugins/modules/docker_network.py +++ b/plugins/modules/docker_network.py @@ -96,6 +96,11 @@ - Enable IPv6 networking. type: bool + ingress: + description: + - Enable swarm routing-mesh. + type: bool + ipam_driver: description: - Specify an IPAM driver. @@ -309,6 +314,7 @@ def __init__(self, client): self.labels = None self.debug = None self.enable_ipv6 = None + self.ingress = None self.scope = None self.attachable = None @@ -493,6 +499,11 @@ def has_different_config(self, net): parameter=self.parameters.enable_ipv6, active=net.get('EnableIPv6', False)) + if self.parameters.ingress is not None and self.parameters.ingress != net.get('Ingress', False): + differences.add('ingress', + parameter=self.parameters.ingress, + active=net.get('Ingress', False)) + if self.parameters.internal is not None and self.parameters.internal != net.get('Internal', False): differences.add('internal', parameter=self.parameters.internal, @@ -537,6 +548,8 @@ def create_network(self): data['ConfigFrom'] = {'Network': self.parameters.config_from} if self.parameters.enable_ipv6: data['EnableIPv6'] = True + if self.parameters.ingress: + data['Ingress'] = True if self.parameters.internal: data['Internal'] = True if self.parameters.scope is not None: @@ -679,6 +692,7 @@ def main(): aux_addresses=dict(type='dict'), )), enable_ipv6=dict(type='bool'), + ingress=dict(type='bool'), internal=dict(type='bool'), labels=dict(type='dict', default={}), debug=dict(type='bool', default=False), diff --git a/tests/integration/targets/docker_network/tasks/tests/overlay.yml b/tests/integration/targets/docker_network/tasks/tests/overlay.yml index 59d79cc08..abb713f1a 100644 --- a/tests/integration/targets/docker_network/tasks/tests/overlay.yml +++ b/tests/integration/targets/docker_network/tasks/tests/overlay.yml @@ -60,3 +60,55 @@ docker_swarm: state: absent force: true + +#################################################################### +## ingress ######################################################### +#################################################################### + +- block: + # Overlay networks require swarm initialization before they'll work + - name: swarm + docker_swarm: + state: present + advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}" + + - name: ingress + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: true + register: ingress_1 + + - name: ingress (idempotency) + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: true + register: ingress_2 + + - name: ingress (change) + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: false + register: ingress_3 + + - name: cleanup network + docker_network: + name: "{{ nname_1 }}" + state: absent + force: true + + - assert: + that: + - ingress_1 is changed + - ingress_2 is not changed + - ingress_3 is changed + + always: + - name: cleanup swarm + docker_swarm: + state: absent + force: true + + From a95263198286ee13d5a4e86f57e85b8e69a0544c Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev Date: Mon, 25 Nov 2024 23:45:19 +0300 Subject: [PATCH 2/6] Move 'ingress' test to 'overlay' block to avoid put the Daemon into Swarm mode multiple times in the same test. --- .../docker_network/tasks/tests/overlay.yml | 28 ++----------------- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/tests/integration/targets/docker_network/tasks/tests/overlay.yml b/tests/integration/targets/docker_network/tasks/tests/overlay.yml index abb713f1a..b8249ba0a 100644 --- a/tests/integration/targets/docker_network/tasks/tests/overlay.yml +++ b/tests/integration/targets/docker_network/tasks/tests/overlay.yml @@ -49,29 +49,6 @@ state: absent force: true - - assert: - that: - - overlay_1 is changed - - overlay_2 is not changed - - overlay_3 is changed - - always: - - name: cleanup swarm - docker_swarm: - state: absent - force: true - -#################################################################### -## ingress ######################################################### -#################################################################### - -- block: - # Overlay networks require swarm initialization before they'll work - - name: swarm - docker_swarm: - state: present - advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}" - - name: ingress docker_network: name: "{{ nname_1 }}" @@ -101,6 +78,9 @@ - assert: that: + - overlay_1 is changed + - overlay_2 is not changed + - overlay_3 is changed - ingress_1 is changed - ingress_2 is not changed - ingress_3 is changed @@ -110,5 +90,3 @@ docker_swarm: state: absent force: true - - From d88fe4d34fca37b3d639b99d8201ffee2d48d434 Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev <158342012+MaxVorobyev@users.noreply.github.com> Date: Mon, 25 Nov 2024 23:49:52 +0300 Subject: [PATCH 3/6] Update plugins/modules/docker_network.py Co-authored-by: Felix Fontein --- plugins/modules/docker_network.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/modules/docker_network.py b/plugins/modules/docker_network.py index 31717cca9..8523d0552 100644 --- a/plugins/modules/docker_network.py +++ b/plugins/modules/docker_network.py @@ -98,7 +98,8 @@ ingress: description: - - Enable swarm routing-mesh. + - Enable Swarm routing-mesh. + version_added: 4.2.0 type: bool ipam_driver: From 5f7bac550db91ea212e82595ca6aa9b2e5f38eb9 Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev Date: Tue, 26 Nov 2024 00:31:15 +0300 Subject: [PATCH 4/6] move 'ingress' tests to separate file --- .../docker_network/tasks/tests/ingress.yml | 61 +++++++++++++++++++ .../docker_network/tasks/tests/overlay.yml | 30 --------- 2 files changed, 61 insertions(+), 30 deletions(-) create mode 100644 tests/integration/targets/docker_network/tasks/tests/ingress.yml diff --git a/tests/integration/targets/docker_network/tasks/tests/ingress.yml b/tests/integration/targets/docker_network/tasks/tests/ingress.yml new file mode 100644 index 000000000..f7558fc47 --- /dev/null +++ b/tests/integration/targets/docker_network/tasks/tests/ingress.yml @@ -0,0 +1,61 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +- name: Registering network name + set_fact: + nname_1: "{{ name_prefix ~ '-network-1' }}" +- name: Registering network name + set_fact: + dnetworks: "{{ dnetworks + [nname_1] }}" + +#################################################################### +## overlay ######################################################### +#################################################################### + +- block: + # Ingress networks require swarm initialization before they'll work + - name: swarm + docker_swarm: + state: present + advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}" + + - name: ingress + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: true + register: ingress_1 + + - name: ingress (idempotency) + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: true + register: ingress_2 + + - name: ingress (change) + docker_network: + name: "{{ nname_1 }}" + driver: overlay + ingress: false + register: ingress_3 + + - name: cleanup network + docker_network: + name: "{{ nname_1 }}" + state: absent + force: true + + - assert: + that: + - ingress_1 is changed + - ingress_2 is not changed + - ingress_3 is changed + + always: + - name: cleanup swarm + docker_swarm: + state: absent + force: true diff --git a/tests/integration/targets/docker_network/tasks/tests/overlay.yml b/tests/integration/targets/docker_network/tasks/tests/overlay.yml index b8249ba0a..59d79cc08 100644 --- a/tests/integration/targets/docker_network/tasks/tests/overlay.yml +++ b/tests/integration/targets/docker_network/tasks/tests/overlay.yml @@ -49,41 +49,11 @@ state: absent force: true - - name: ingress - docker_network: - name: "{{ nname_1 }}" - driver: overlay - ingress: true - register: ingress_1 - - - name: ingress (idempotency) - docker_network: - name: "{{ nname_1 }}" - driver: overlay - ingress: true - register: ingress_2 - - - name: ingress (change) - docker_network: - name: "{{ nname_1 }}" - driver: overlay - ingress: false - register: ingress_3 - - - name: cleanup network - docker_network: - name: "{{ nname_1 }}" - state: absent - force: true - - assert: that: - overlay_1 is changed - overlay_2 is not changed - overlay_3 is changed - - ingress_1 is changed - - ingress_2 is not changed - - ingress_3 is changed always: - name: cleanup swarm From e1f47745c12157b9793d2862c36a59cf799dc122 Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev Date: Tue, 26 Nov 2024 00:49:54 +0300 Subject: [PATCH 5/6] cleanup default swarm ingress network --- .../targets/docker_network/tasks/tests/ingress.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/integration/targets/docker_network/tasks/tests/ingress.yml b/tests/integration/targets/docker_network/tasks/tests/ingress.yml index f7558fc47..731cc532e 100644 --- a/tests/integration/targets/docker_network/tasks/tests/ingress.yml +++ b/tests/integration/targets/docker_network/tasks/tests/ingress.yml @@ -20,6 +20,12 @@ docker_swarm: state: present advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}" + + - name: cleanup default swarm ingress network + docker_network: + name: ingress + state: absent + force: true - name: ingress docker_network: From 832bcb4a02dc4d058f6e3adec902e7edb78bf148 Mon Sep 17 00:00:00 2001 From: Maksim Vorobyev Date: Tue, 26 Nov 2024 01:01:27 +0300 Subject: [PATCH 6/6] remove force mode cause "ingress-endpoint" container do not exist in clear swarm cluster --- tests/integration/targets/docker_network/tasks/tests/ingress.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/integration/targets/docker_network/tasks/tests/ingress.yml b/tests/integration/targets/docker_network/tasks/tests/ingress.yml index 731cc532e..ba1ad6c30 100644 --- a/tests/integration/targets/docker_network/tasks/tests/ingress.yml +++ b/tests/integration/targets/docker_network/tasks/tests/ingress.yml @@ -25,7 +25,6 @@ docker_network: name: ingress state: absent - force: true - name: ingress docker_network: