search

ansible-collections / amazon.aws

Ansible Collection for Amazon AWS
GNU General Public License v3.0
304 stars 334 forks source link

elb_application_lb does not modify attributes on creation #1510

Closed vbauchart closed 1 year ago

vbauchart commented 1 year ago

Summary

On creation of Application Load Balancer with elb_application_lb, it does not set attributes. I have to run the same module a second time to get attributes set.

Example of attribute : idle_timeout

Issue Type

Bug Report

Component Name

elb_application_lb

Ansible Version

$ ansible --version
ansible [core 2.14.5]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] (/usr/bin/python)
  jinja version = 3.1.2
  libyaml = True

Collection Versions

$ ansible-galaxy collection list

# /usr/local/lib/python3.9/dist-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    5.4.0
ansible.netcommon             4.1.0
ansible.posix                 1.5.2
ansible.utils                 2.9.0
ansible.windows               1.13.0
arista.eos                    6.0.1
awx.awx                       21.14.0
azure.azcollection            1.15.0
check_point.mgmt              4.0.0
chocolatey.chocolatey         1.4.0
cisco.aci                     2.6.0
cisco.asa                     4.0.0
cisco.dnac                    6.7.1
cisco.intersight              1.0.27
cisco.ios                     4.5.0
cisco.iosxr                   4.1.0
cisco.ise                     2.5.12
cisco.meraki                  2.15.1
cisco.mso                     2.4.0
cisco.nso                     1.0.3
cisco.nxos                    4.3.0
cisco.ucs                     1.8.0
cloud.common                  2.1.3
cloudscale_ch.cloud           2.2.4
community.aws                 5.4.0
community.azure               2.0.0
community.ciscosmb            1.0.5
community.crypto              2.12.0
community.digitalocean        1.23.0
community.dns                 2.5.3
community.docker              3.4.3
community.fortios             1.0.0
community.general             6.6.0
community.google              1.0.0
community.grafana             1.5.4
community.hashi_vault         4.2.0
community.hrobot              1.8.0
community.libvirt             1.2.0
community.mongodb             1.5.2
community.mysql               3.6.0
community.network             5.0.0
community.okd                 2.3.0
community.postgresql          2.3.2
community.proxysql            1.5.1
community.rabbitmq            1.2.3
community.routeros            2.8.0
community.sap                 1.0.0
community.sap_libs            1.4.1
community.skydive             1.0.0
community.sops                1.6.1
community.vmware              3.5.0
community.windows             1.12.0
community.zabbix              1.9.3
containers.podman             1.10.1
cyberark.conjur               1.2.0
cyberark.pas                  1.0.17
dellemc.enterprise_sonic      2.0.0
dellemc.openmanage            6.3.0
dellemc.os10                  1.1.1
dellemc.os6                   1.0.7
dellemc.os9                   1.0.4
dellemc.powerflex             1.6.0
dellemc.unity                 1.6.0
f5networks.f5_modules         1.23.0
fortinet.fortimanager         2.1.7
fortinet.fortios              2.2.3
frr.frr                       2.0.2
gluster.gluster               1.0.2
google.cloud                  1.1.3
grafana.grafana               1.1.1
hetzner.hcloud                1.11.0
hpe.nimble                    1.1.4
ibm.qradar                    2.1.0
ibm.spectrum_virtualize       1.11.0
infinidat.infinibox           1.3.12
infoblox.nios_modules         1.4.1
inspur.ispim                  1.3.0
inspur.sm                     2.3.0
junipernetworks.junos         4.1.0
kubernetes.core               2.4.0
lowlydba.sqlserver            1.3.1
mellanox.onyx                 1.0.0
microsoft.ad                  1.0.0
netapp.aws                    21.7.0
netapp.azure                  21.10.0
netapp.cloudmanager           21.22.0
netapp.elementsw              21.7.0
netapp.ontap                  22.5.0
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0
netapp_eseries.santricity     1.4.0
netbox.netbox                 3.12.0
ngine_io.cloudstack           2.3.0
ngine_io.exoscale             1.0.0
ngine_io.vultr                1.1.3
openstack.cloud               1.10.0
openvswitch.openvswitch       2.1.0
ovirt.ovirt                   2.4.1
purestorage.flasharray        1.17.2
purestorage.flashblade        1.11.0
purestorage.fusion            1.4.2
sensu.sensu_go                1.13.2
splunk.es                     2.1.0
t_systems_mms.icinga_director 1.32.2
theforeman.foreman            3.10.0
vmware.vmware_rest            2.3.1
vultr.cloud                   1.7.0
vyos.vyos                     4.0.2
wti.remote                    1.0.4

AWS SDK versions

$ pip show boto boto3 botocore
WARNING: Package(s) not found: boto
Name: boto3
Version: 1.26.124
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/local/lib/python3.9/dist-packages
Requires: botocore, jmespath, s3transfer
Required-by: aws-sam-cli, aws-sam-translator, serverlessrepo
---
Name: botocore
Version: 1.29.124
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/local/lib/python3.9/dist-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: boto3, s3transfer

Configuration

$ ansible-config dump --only-changed
CONFIG_FILE() = None

OS / Environment

RHEL 7

Steps to Reproduce

---
- hosts: localhost
  tasks:
    - amazon.aws.elb_application_lb:
        name: myalb
        security_groups:
          - sg-0e52fd4c1fbfff66f
        subnets:
          - subnet-af8243cb
          - subnet-dffffaaf
        scheme: internal
        idle_timeout: 120

Expected Results

I expected that idle_timeout is set to 120 but it still set to default value 60

 "idle_timeout_timeout_seconds": "120",

Full:

[...]
TASK [amazon.aws.elb_application_lb] *****************************************************************************************************************************************************************************
task path: /test.yml:5
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912 `" && echo ansible-tmp-1683125471.952906-552-23560833760912="` echo /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912 `" ) && sleep 0'
Using module file /usr/local/lib/python3.9/dist-packages/ansible_collections/amazon/aws/plugins/modules/elb_application_lb.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-5116wxppa0t/tmpou0kgexj TO /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912/AnsiballZ_elb_application_lb.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912/ /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912/AnsiballZ_elb_application_lb.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912/AnsiballZ_elb_application_lb.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1683125471.952906-552-23560833760912/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
    "access_logs_s3_bucket": "",
    "access_logs_s3_enabled": "false",
    "access_logs_s3_prefix": "",
    "availability_zones": [
        {
            "load_balancer_addresses": [],
            "subnet_id": "subnet-af8243cb",
            "zone_name": "eu-west-1a"
        },
        {
            "load_balancer_addresses": [],
            "subnet_id": "subnet-d914faaf",
            "zone_name": "eu-west-1b"
        }
    ],
    "canonical_hosted_zone_id": "Z32O12XQLNTSW2",
    "changed": true,
    "created_time": "2023-05-03T14:48:48.320000+00:00",
    "deletion_protection_enabled": "false",
    "dns_name": "internal-myalb-594562057.eu-west-1.elb.amazonaws.com",
    "idle_timeout_timeout_seconds": "120",
    "invocation": {
        "module_args": {
            "access_key": null,
            "access_logs_enabled": null,
            "access_logs_s3_bucket": null,
            "access_logs_s3_prefix": null,
            "aws_ca_bundle": null,
            "aws_config": null,
            "debug_botocore_endpoint_logs": false,
            "deletion_protection": null,
            "endpoint_url": null,
            "http2": null,
            "http_desync_mitigation_mode": null,
            "http_drop_invalid_header_fields": null,
            "http_x_amzn_tls_version_and_cipher_suite": null,
            "http_xff_client_port": null,
            "idle_timeout": 120,
            "ip_address_type": null,
            "listeners": null,
            "name": "myalb",
            "profile": null,
            "purge_listeners": true,
            "purge_rules": true,
            "purge_tags": true,
            "region": null,
            "scheme": "internal",
            "secret_key": null,
            "security_groups": [
                "sg-0e52fd4c1fb8f066f"
            ],
            "session_token": null,
            "state": "present",
            "subnets": [
                "subnet-af8243cb",
                "subnet-d914faaf"
            ],
            "tags": null,
            "validate_certs": true,
            "waf_fail_open": null,
            "wait": false,
            "wait_timeout": null
        }
    },
    "ip_address_type": "ipv4",
    "listeners": [],
    "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-1:277969949725:loadbalancer/app/myalb/bd804726f6827fea",
    "load_balancer_name": "myalb",
    "load_balancing_cross_zone_enabled": "true",
    "routing_http2_enabled": "true",
    "routing_http_desync_mitigation_mode": "defensive",
    "routing_http_drop_invalid_header_fields_enabled": "false",
    "routing_http_preserve_host_header_enabled": "false",
    "routing_http_x_amzn_tls_version_and_cipher_suite_enabled": "false",
    "routing_http_xff_client_port_enabled": "false",
    "routing_http_xff_header_processing_mode": "append",
    "scheme": "internal",
    "security_groups": [
        "sg-0e52fd4c1fb8f066f"
    ],
    "state": {
        "code": "active"
    },
    "tags": {},
    "type": "application",
    "vpc_id": "vpc-63091d06",
    "waf_fail_open_enabled": "false"
}

Actual Results

When I run this playbook when ALB does not exists (creation)

    "idle_timeout_timeout_seconds": "60",
[...]
TASK [amazon.aws.elb_application_lb] *****************************************************************************************************************************************************************************
task path: /test.yml:5
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656 `" && echo ansible-tmp-1683125326.792243-484-245035774975656="` echo /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656 `" ) && sleep 0'
Using module file /usr/local/lib/python3.9/dist-packages/ansible_collections/amazon/aws/plugins/modules/elb_application_lb.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-4431qcb255m/tmpq7pzc4mc TO /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656/AnsiballZ_elb_application_lb.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656/ /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656/AnsiballZ_elb_application_lb.py&& sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656/AnsiballZ_elb_application_lb.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1683125326.792243-484-245035774975656/ > /dev/null 2>&1 && sleep 0'
changed: [localhost] => {
    "access_logs_s3_bucket": "",
    "access_logs_s3_enabled": "false",
    "access_logs_s3_prefix": "",
    "availability_zones": [
        {
            "load_balancer_addresses": [],
            "subnet_id": "subnet-af8243cb",
            "zone_name": "eu-west-1a"
        },
        {
            "load_balancer_addresses": [],
            "subnet_id": "subnet-d914faaf",
            "zone_name": "eu-west-1b"
        }
    ],
    "canonical_hosted_zone_id": "Z32O12XQLNTSW2",
    "changed": true,
    "created_time": "2023-05-03T14:48:48.320000+00:00",
    "deletion_protection_enabled": "false",
    "dns_name": "internal-myalb-594562057.eu-west-1.elb.amazonaws.com",
    "idle_timeout_timeout_seconds": "60",
    "invocation": {
        "module_args": {
            "access_key": null,
            "access_logs_enabled": null,
            "access_logs_s3_bucket": null,
            "access_logs_s3_prefix": null,
            "aws_ca_bundle": null,
            "aws_config": null,
            "debug_botocore_endpoint_logs": false,
            "deletion_protection": null,
            "endpoint_url": null,
            "http2": null,
            "http_desync_mitigation_mode": null,
            "http_drop_invalid_header_fields": null,
            "http_x_amzn_tls_version_and_cipher_suite": null,
            "http_xff_client_port": null,
            "idle_timeout": 120,
            "ip_address_type": null,
            "listeners": null,
            "name": "myalb",
            "profile": null,
            "purge_listeners": true,
            "purge_rules": true,
            "purge_tags": true,
            "region": null,
            "scheme": "internal",
            "secret_key": null,
            "security_groups": [
                "sg-0e52fd4c1fb8f066f"
            ],
            "session_token": null,
            "state": "present",
            "subnets": [
                "subnet-af8243cb",
                "subnet-d914faaf"
            ],
            "tags": null,
            "validate_certs": true,
            "waf_fail_open": null,
            "wait": false,
            "wait_timeout": null
        }
    },
    "ip_address_type": "ipv4",
    "listeners": [],
    "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-1:277969949725:loadbalancer/app/myalb/bd804726f6827fea",
    "load_balancer_name": "myalb",
    "load_balancing_cross_zone_enabled": "true",
    "routing_http2_enabled": "true",
    "routing_http_desync_mitigation_mode": "defensive",
    "routing_http_drop_invalid_header_fields_enabled": "false",
    "routing_http_preserve_host_header_enabled": "false",
    "routing_http_x_amzn_tls_version_and_cipher_suite_enabled": "false",
    "routing_http_xff_client_port_enabled": "false",
    "routing_http_xff_header_processing_mode": "append",
    "scheme": "internal",
    "security_groups": [
        "sg-0e52fd4c1fb8f066f"
    ],
    "state": {
        "code": "provisioning"
    },
    "tags": {},
    "type": "application",
    "vpc_id": "vpc-63091d06",
    "waf_fail_open_enabled": "false"
}

Code of Conduct

hakbailey commented 1 year ago

I've verified this behavior and submitted a fix in PR #1563.