From 36040eda7b22cecd3fae68a13dc080a627678f2c Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Thu, 11 Mar 2021 09:39:00 -0600 Subject: [PATCH 1/7] allow probe to use host header from http settings --- plugins/modules/azure_rm_appgateway.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/plugins/modules/azure_rm_appgateway.py b/plugins/modules/azure_rm_appgateway.py index 19ad43d93..4949df962 100644 --- a/plugins/modules/azure_rm_appgateway.py +++ b/plugins/modules/azure_rm_appgateway.py @@ -266,6 +266,9 @@ - The I(probe) retry count. - Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. - Acceptable values are from 1 second to 20. + pick_host_name_from_backend_http_settings: + description: + - Whether host header should be picked from the host name of the backend server. Default value is false. backend_http_settings_collection: description: - Backend http settings of the application gateway resource. @@ -306,7 +309,7 @@ - Host header to be sent to the backend servers. pick_host_name_from_backend_address: description: - - Whether to pick host header should be picked from the host name of the backend server. Default value is false. + - Whether host header should be picked from the host name of the backend server. Default value is false. affinity_cookie_name: description: - Cookie name to use for the affinity cookie. @@ -476,7 +479,8 @@ class Actions: path=dict(type='str'), protocol=dict(type='str', choices=['http', 'https']), timeout=dict(type='int'), - unhealthy_threshold=dict(type='int') + unhealthy_threshold=dict(type='int'), + pick_host_name_from_backend_http_settings=dict(type='bool') ) From 3d1f83a306f84628e9b136bfa675e1ecbebd7bcc Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Thu, 11 Mar 2021 10:03:09 -0600 Subject: [PATCH 2/7] correct documentation verbiage --- plugins/modules/azure_rm_appgateway.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/azure_rm_appgateway.py b/plugins/modules/azure_rm_appgateway.py index 0943e1a84..625fcbc1b 100644 --- a/plugins/modules/azure_rm_appgateway.py +++ b/plugins/modules/azure_rm_appgateway.py @@ -263,7 +263,7 @@ - Acceptable values are from 1 second to 20. pick_host_name_from_backend_http_settings: description: - - Whether host header should be picked from the host name of the backend server. Default value is false. + - Whether host header should be picked from the host name of the backend HTTP settings. Default value is false. backend_http_settings_collection: description: - Backend http settings of the application gateway resource. From e36068d318dbe8d870de01a78105ffeb0f76fb2a Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Thu, 11 Mar 2021 14:05:45 -0600 Subject: [PATCH 3/7] add test coverage --- .../azure_rm_appgateway/tasks/main.yml | 85 +++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml index ca52c7b03..f1d293ec6 100644 --- a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml +++ b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml @@ -196,6 +196,91 @@ that: - output.changed +- name: Create instance of Application Gateway with probe using hostname from backend http settings + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + disabled_ssl_protocols: + - tls_v1_0 + cipher_suites: + - tls_ecdhe_ecdsa_with_aes_256_gcm_sha384 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', 'cert1.txt') }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', 'cert2.txt') }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + pick_host_name_from_backend_http_settings: true + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is well created + assert: + that: + - output.changed + - name: Try to update instance of Application Gateway - no change azure_rm_appgateway: resource_group: "{{ resource_group }}" From 4eb6d6c756d02e63565bcfbb8b32bf3e9bbeebb5 Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Fri, 21 May 2021 22:33:55 -0500 Subject: [PATCH 4/7] correct probe idempotency, add test coverage --- plugins/modules/azure_rm_appgateway.py | 2 + .../azure_rm_appgateway/tasks/main.yml | 85 +++++++++++++++++++ 2 files changed, 87 insertions(+) diff --git a/plugins/modules/azure_rm_appgateway.py b/plugins/modules/azure_rm_appgateway.py index 6fcd30824..c345e7a8e 100644 --- a/plugins/modules/azure_rm_appgateway.py +++ b/plugins/modules/azure_rm_appgateway.py @@ -756,6 +756,8 @@ def exec_module(self, **kwargs): item = ev[i] if 'protocol' in item: item['protocol'] = _snake_to_camel(item['protocol'], True) + if 'pick_host_name_from_backend_http_settings' in item and item['pick_host_name_from_backend_http_settings'] and 'host' in item: + del item['host'] self.parameters["probes"] = ev elif key == "backend_http_settings_collection": ev = kwargs[key] diff --git a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml index 485b7c5cf..34e7078a4 100644 --- a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml +++ b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml @@ -371,6 +371,91 @@ that: - output.changed +- name: Test no update instance of Application Gateway with probe using hostname from backend http settings + azure_rm_appgateway: + resource_group: "{{ resource_group }}" + name: "appgateway-probe-{{ rpfx }}" + sku: + name: standard_small + tier: standard + capacity: 2 + ssl_policy: + policy_type: predefined + policy_name: ssl_policy20150501 + disabled_ssl_protocols: + - tls_v1_0 + cipher_suites: + - tls_ecdhe_ecdsa_with_aes_256_gcm_sha384 + authentication_certificates: + - name: cert1 + data: "{{ lookup('file', 'cert1.txt') }}" + ssl_certificates: + - name: cert2 + password: your-password + data: "{{ lookup('file', 'cert2.txt') }}" + gateway_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: app_gateway_ip_config + frontend_ip_configurations: + - subnet: + id: "{{ subnet_output.state.id }}" + name: sample_gateway_frontend_ip_config + frontend_ports: + - port: 90 + name: ag_frontend_port + - port: 80 + name: http_frontend_port + backend_address_pools: + - backend_addresses: + - ip_address: 10.0.0.4 + name: test_backend_address_pool + probes: + - name: custom_probe + protocol: http + path: /healthz + interval: 30 + timeout: 30 + unhealthy_threshold: 3 + pick_host_name_from_backend_http_settings: true + backend_http_settings_collection: + - port: 80 + protocol: http + cookie_based_affinity: enabled + probe: custom_probe + name: sample_appgateway_http_settings + http_listeners: + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: ag_frontend_port + protocol: https + ssl_certificate: cert2 + name: sample_http_listener + - frontend_ip_configuration: sample_gateway_frontend_ip_config + frontend_port: http_frontend_port + protocol: http + name: http_listener + request_routing_rules: + - rule_type: Basic + backend_address_pool: test_backend_address_pool + backend_http_settings: sample_appgateway_http_settings + http_listener: sample_http_listener + name: rule1 + - rule_type: Basic + http_listener: http_listener + redirect_configuration: redirect_site_to_https + name: http_redirect_rule + redirect_configurations: + - redirect_type: permanent + target_listener: sample_http_listener + include_path: true + include_query_string: true + name: redirect_site_to_https + register: output +- name: Assert the resource instance is not changed + assert: + that: + - not output.changed + - name: Try to update instance of Application Gateway - no change azure_rm_appgateway: resource_group: "{{ resource_group }}" From 4249bc0c83c59746401aef17ca64d27e640e4a3a Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Wed, 23 Jun 2021 16:17:46 -0500 Subject: [PATCH 5/7] corrrect usage of using backend hostname in probe --- tests/integration/targets/azure_rm_appgateway/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml index 34e7078a4..70d680480 100644 --- a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml +++ b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml @@ -339,6 +339,7 @@ cookie_based_affinity: enabled probe: custom_probe name: sample_appgateway_http_settings + pick_host_name_from_backend_address: true http_listeners: - frontend_ip_configuration: sample_gateway_frontend_ip_config frontend_port: ag_frontend_port @@ -424,6 +425,7 @@ cookie_based_affinity: enabled probe: custom_probe name: sample_appgateway_http_settings + pick_host_name_from_backend_address: true http_listeners: - frontend_ip_configuration: sample_gateway_frontend_ip_config frontend_port: ag_frontend_port From bf4c7b49aa51f2fa49d107bea7694418ec3d7096 Mon Sep 17 00:00:00 2001 From: Fred-sun Date: Thu, 24 Jun 2021 20:25:07 +0800 Subject: [PATCH 6/7] Add default value for pick_host_name_from_backend_http_settings --- plugins/modules/azure_rm_appgateway.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/modules/azure_rm_appgateway.py b/plugins/modules/azure_rm_appgateway.py index c345e7a8e..76b2ff043 100644 --- a/plugins/modules/azure_rm_appgateway.py +++ b/plugins/modules/azure_rm_appgateway.py @@ -284,6 +284,8 @@ pick_host_name_from_backend_http_settings: description: - Whether host header should be picked from the host name of the backend HTTP settings. Default value is false. + type: bool + default: False backend_http_settings_collection: description: - Backend http settings of the application gateway resource. @@ -536,7 +538,7 @@ class Actions: protocol=dict(type='str', choices=['http', 'https']), timeout=dict(type='int'), unhealthy_threshold=dict(type='int'), - pick_host_name_from_backend_http_settings=dict(type='bool') + pick_host_name_from_backend_http_settings=dict(type='bool', default=False) ) From 02af1b2317f089d15165fa15474be1dc1ec687ca Mon Sep 17 00:00:00 2001 From: Ross Bender Date: Thu, 24 Jun 2021 10:28:47 -0500 Subject: [PATCH 7/7] correct assert verbiage --- tests/integration/targets/azure_rm_appgateway/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml index 70d680480..37a602f95 100644 --- a/tests/integration/targets/azure_rm_appgateway/tasks/main.yml +++ b/tests/integration/targets/azure_rm_appgateway/tasks/main.yml @@ -539,7 +539,7 @@ include_query_string: true name: redirect_site_to_https register: output -- name: Assert the resource instance is well created +- name: Assert the resource instance is not changed assert: that: - not output.changed