Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Route53 module fails with KeyError: DelegationSet #423

Closed
fridlik opened this issue Feb 18, 2021 · 7 comments · Fixed by #424
Closed

Route53 module fails with KeyError: DelegationSet #423

fridlik opened this issue Feb 18, 2021 · 7 comments · Fixed by #424
Labels
bug This issue/PR relates to a bug has_pr module module plugins plugin (any type) python3 traceback

Comments

@fridlik
Copy link

fridlik commented Feb 18, 2021

SUMMARY

The module route53 fails when retrieving the DNS record. The affected version is the latest release (1.4.0), it works with community.aws==1.3.0. The dependent library amazon.aws is on 1.4.0 version (amazon.aws==1.4.0 and community.aws==1.3.0 works).

Stacktrace:

Traceback (most recent call last):
  File "/Users/fridlik/.ansible/tmp/ansible-tmp-1613640465.943372-47971-73430938989509/AnsiballZ_route53.py", line 102, in <module>
    _ansiballz_main()
  File "/Users/fridlik/.ansible/tmp/ansible-tmp-1613640465.943372-47971-73430938989509/AnsiballZ_route53.py", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/Users/fridlik/.ansible/tmp/ansible-tmp-1613640465.943372-47971-73430938989509/AnsiballZ_route53.py", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.community.aws.plugins.modules.route53', init_globals=None, run_name='__main__', alter_sys=True)
  File "/usr/local/Cellar/[email protected]/3.8.3_2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/runpy.py", line 207, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/local/Cellar/[email protected]/3.8.3_2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/runpy.py", line 97, in _run_module_code
    _run_code(code, mod_globals, init_globals,
  File "/usr/local/Cellar/[email protected]/3.8.3_2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/var/folders/pv/fxkb6lw57j370jf14h7_mbc80000gn/T/ansible_community.aws.route53_payload_gtsqbgw6/ansible_community.aws.route53_payload.zip/ansible_collections/community/aws/plugins/modules/route53.py", line 626, in <module>
  File "/var/folders/pv/fxkb6lw57j370jf14h7_mbc80000gn/T/ansible_community.aws.route53_payload_gtsqbgw6/ansible_community.aws.route53_payload.zip/ansible_collections/community/aws/plugins/modules/route53.py", line 568, in main
KeyError: 'DelegationSet'
ISSUE TYPE
  • Bug Report
COMPONENT NAME

route53

ANSIBLE VERSION
ansible 2.10.3
  python version = 3.8.3 (default, Jul  8 2020, 14:27:55) [Clang 11.0.3 (clang-1103.0.32.62)]
CONFIGURATION

OS / ENVIRONMENT

running host: MacOS BigSur 11.2.1

STEPS TO REPRODUCE

Run the ansible configuration below:

  - name: Retrieve DNS record to delete
    community.aws.route53:
      state: get
      zone: example.net
      record: "mydns.example.net"
      type: A
      private_zone: true
    register: rec
EXPECTED RESULTS
ACTUAL RESULTS

@ansibullbot
Copy link

Files identified in the description:

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

@ansibullbot
Copy link

@ansibullbot ansibullbot added bug This issue/PR relates to a bug module module needs_triage plugins plugin (any type) python3 traceback labels Feb 18, 2021
@tremble
Copy link
Contributor

tremble commented Feb 18, 2021

Hi @fridlik,

The route53 module was just rewritten to use the boto3 library instead of the the old boto (v2) library. Unfortunately it looks like our integration tests didn't catch this.

There is also a route53_info module. Would you be able to see if you can "get" what you needed with that module?

While it's not been deprecated in the route53 module yet, "get" modes on modules is discouraged, so if possible we should be deprecating the "get" mode anyway. This is a bug that should be fixed, but it would be helpful to know if you can do what you need with route53_info in preparation for deprecating the "get" mode.

CC: @pjrm

@fridlik
Copy link
Author

fridlik commented Feb 18, 2021

@tremble Thank you for your response, I'll try to use route53_info module. I just need to retrieve the A record with the provided name and delete the record if it exists.

I tried to debug the module and discovered one weird behavior: the problem is on this line: https://github.com/ansible-collections/community.aws/blob/main/plugins/modules/route53.py#L568, when I tried to print out the response from the rotue53.get_hosted_zone using module.fail_json(), I've got the following output:

{
  "changed": false,
  "invocation":
  {
    "module_args":
    {
      "alias": null,
      "alias_evaluate_target_health": false,
      "alias_hosted_zone_id": null,
      "aws_access_key": null,
      "aws_ca_bundle": null,
      "aws_config": null,
      "aws_secret_key": null,
      "debug_botocore_endpoint_logs": false,
      "ec2_url": null,
      "failover": null,
      "health_check": null,
      "hosted_zone_id": null,
      "identifier": null,
      "overwrite": null,
      "private_zone": true,
      "profile": null,
      "record": "template.myzone.net",
      "region": null,
      "retry_interval": 500,
      "security_token": null,
      "state": "get",
      "ttl": 3600,
      "type": "A",
      "validate_certs": true,
      "value": null,
      "vpc_id": null,
      "wait": false,
      "wait_timeout": 300,
      "weight": null,
      "zone": "myzone.net"
    }
  },
  "msg":
  {
    "HostedZone":
    {
      "CallerReference": "ecb67c92-298e-4418-89f7-f438148ffa4f",
      "Config":
      {
        "Comment": "",
        "PrivateZone": true
      },
      "Id": "/hostedzone/Z00000000",
      "Name": "myzone.net.",
      "ResourceRecordSetCount": 186
    },
    "ResponseMetadata":
    {
      "HTTPHeaders":
      {
        "content-length": "659",
        "content-type": "text/xml",
        "date": "Thu, 18 Feb 2021 10:05:25 GMT",
        "x-amzn-requestid": "343e2e14-e16a-4748-8772-068b6ee52f30"
      },
      "HTTPStatusCode": 200,
      "RequestId": "343e2e14-e16a-4748-8772-068b6ee52f30",
      "RetryAttempts": 0
    },
    "VPCs": [
    {
      "VPCId": "vpc-00001",
      "VPCRegion": "af-south-1"
    },
    {
      "VPCId": "vpc-00002",
      "VPCRegion": "eu-west-1"
    },
    {
      "VPCId": "vpc-00003",
      "VPCRegion": "us-east-1"
    }]
  }
}

It's weird, that the output does not contain DelegationSet key, as it should contain it based on the boto3 documentation (my boto3 version is 1.14.43, but it fails also when running in docker - latest python3 official image with boto3-1.17.10 and botocore-1.20.10 versions)

@tremble
Copy link
Contributor

tremble commented Feb 18, 2021

If you don't need to store the existing record then it should be possible to skip the 'fetch' state and just set the record state to 'absent' The "changed" state returned would then tell you if it did anything or not.

  - name: Detele DNS record
    community.aws.route53:
      state: absent
      zone: example.net
      record: "mydns.example.net"
      type: A
      private_zone: true
    register: deletion
  - name: Say hello if deleted
    debug:
      msg: hello
    when:
    - deletion is changed

@fridlik
Copy link
Author

fridlik commented Feb 18, 2021

tbh I had this solution in some previous version of my code, but I changed it, but don't remember why :)

edit: here is the reason:

fatal: [localhost]: FAILED! => {"changed": false, "msg": "state is absent but all of the following are missing: value"}

so I solved it using these commands:

  - name: Retrieve DNS record to delete
    community.aws.route53_info:
      state: get
      zone: example.net
      record: "{{ project_name }}.example.net"
      type: A
      private_zone: true
    register: rec

  - name: Debug DNS record to delete
    debug:
      msg: "{{ rec }}"

  - name: Remove DNS record
    community.aws.route53:
      state: absent
      zone: "{{ rec.set.zone }}"
      record: "{{ rec.set.record }}"
      ttl: "{{ rec.set.ttl }}"
      type: "{{ rec.set.type }}"
      value: "{{ rec.set.value }}"
      private_zone: true
    when: rec.set

@pjrm
Copy link
Contributor

pjrm commented Feb 18, 2021

Hi @tremble,

Thank you for referring me here.

From what I have read and seen, the DelegationSet only exists when we are querying external DNS zones, and the internal ones only give us the VPCs.

I have made a PR that should fix this (#424).

@tremble tremble linked a pull request Feb 27, 2021 that will close this issue
tremble added a commit that referenced this issue Mar 11, 2021
* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>
danquixote pushed a commit to danquixote/community.aws that referenced this issue May 16, 2021
…ble-collections#424)

* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this issue Jul 19, 2021
…ble-collections#424)

* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this issue Jul 19, 2021
…ble-collections#424)

* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>
danielcotton pushed a commit to danielcotton/community.aws that referenced this issue Nov 23, 2021
…ble-collections#424)

* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this issue May 25, 2022
…_route_table

Promote ec2 vpc route table

SUMMARY
Migrate ec2_vpc_route_table* modules and tests
ISSUE TYPE

Feature Pull Request

COMPONENT NAME
ec2_vpc_route_table, ec2_vpc_route_table_info
Depends-On: ansible/ansible-zuul-jobs/pull/1014

Reviewed-by: Mark Chappell <None>
Reviewed-by: None <None>
abikouo pushed a commit to abikouo/community.aws that referenced this issue Oct 24, 2023
…ble-collections#424)

* Fix state=get on route53 module

This bug was introduced when refactoring from boto to boto3 library. This happens because the method "get_hosted_zone" only returns the DelegationSet when the DNS zone is external. Therefore this breaks when trying to get internal records.

The solution is to search for getting DNS records of type ''NS'' with the same name as the hosted zone.

* Update changelogs/fragments/406-route53-state-get.yml

Co-authored-by: Mark Chappell <[email protected]>

This commit was initially merged in https://github.com/ansible-collections/community.aws
See: ansible-collections@331ada1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue/PR relates to a bug has_pr module module plugins plugin (any type) python3 traceback
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants