Ansible Tower and Akamai API

378 views
Skip to first unread message

Garry Taylor

unread,
Dec 4, 2019, 10:16:38 AM12/4/19
to Ansible Project
Hello,
We have been using Ansible Tower to purge website objects in Akamai cache (Akamai is a CDN) for several years, using an Akamai API
Akamai no longer provide the API version 2, and have forced customers to use a new API version 3.
There seems to be some compatibility issues with the Ansible yaml or the network module and Akamai new API.

This is some information from Akamai.= and I have followed all the details.
Fro mthe Red Hat OS , I cna run commands that will connect to Akamai API and purge objects gfrom their cache.
But I cannot get it to work from within Ansible Tower 

We use Ansible Tower with survey Survey options so that users can type in the website URL that needs to be purged from Akamai cached.

I have amended the yml so as to accept all the required Akamai tokens, but I get this error.

        "detail": "Authorization header missing",



The program is yaml code, called main.yml.

This is another file that sets the variables, this is called akamai.yml.

 

 But the main.yml loads an Ansible module called uri, you can see this on line 18 of main.yml.

This module called uri is a built in Ansible module, details here https://docs.ansible.com/ansible/latest/modules/uri_module.html#uri-module

 

 

So the process is a user with access to Ansible Tower launches a job (see screen shot), the job takes interactive variables, such as the URL to purge and which network, Production or Staging.

The akamai.yml captures the variables and then calls the main.yml. It is the main.yml that then users the variables and purges the object.


akamai.yml:

---



- hosts: akamai

  gather_facts: False

  connection: local

  vars:

    domain: staging

#  sudo: no

  roles:

    - { role: akamai_purge, akamai_client_secret: "{{akamai_credentials.client_secret}}", akamai_access_token: "{{akamai_credentials.access_token}}", akamai_client_token: "{{akamai_credentials.client_token}}", akamai_host: "{{akamai_credentials.host}}" }



main.yml:

---

# tasks file for akamai_purge 


- name: Install python dependency

  pip: name={{item}} state=present

  with_items:

    - httplib2 

  tags:

    - akamai_purge

    - akamai_purge_arl

    - akamai_purge_cpcode

    - akamai_status

    - akamai_purge_friendly



# Usage: ansible-playbook akamai.yml -i inventory/local --tags akamai_purge_arl -vv --extra-vars arl=http://www.example.com/graphics/picture.gif,http://www.example.com/documents/brochure.pdf

- name: Submit ARL Purge Request

  uri:

    url: "my_host_url/ccu/v3/invalidate/url/{{ queue_name | default('staging') }}" 

    method: POST

    client_secret: "{{akamai_client_secret}}"

    access_token: "{{akamai_access_token}}"

    client_token: "{{akamai_client_token}}"

    force_basic_auth: yes 

    body: "{'action':'{{ akamai_action | default('remove')}}','domain':'{{ akamaidomain | lower }}','objects':['{{arl | to_json | replace('\"','') | replace('[','') | replace(']','') | replace(',',', ') }}'],'type':'arl'}" 

    headers:

      Content-Type: "application/json"

    status_code: 201

    body_format: json

    return_content: yes

  register: purge_request_response

  when: arl is defined

  tags:

    - akamai_purge_arl


- name: Notify email on purge status

  mail: 

    host: 127.0.0.1

    port: 25

    subject: "Akamai Purge {{purge_status_response.json.purgeStatus}} for {{arl|default('')}}{{cpcode|default('')}}{{friendly|default('')}}"

    body: "Purge {{purge_status_response.json.purgeStatus}} {{arl|default('')}}{{cpcode|default('')}}{{friendly|default('')}} {{purge_status_response.json | to_nice_yaml}}"

    from: remove...@email.com

    to: "{{notifyemail}}"

    charset: utf8

  ignore_errors: true

  tags:

    - akamai_purge

    - akamai_purge_arl

    - akamai_purge_cpcode

    - akamai_purge_friendly

    - silent

    


- name: Output response variables

  debug: var={{ item }}

  with_items:

#    - queue_length_response.json

    - purge_request_response.json

    - purge_status_response.json

  when: "{{ item }} is defined"

  tags:

    - akamai_purge

    - akamai_purge_arl

    - akamai_purge_cpcode

    - akamai_purge_friendly

Stefan Hornburg (Racke)

unread,
Dec 4, 2019, 10:42:52 AM12/4/19
to ansible...@googlegroups.com
On 12/4/19 4:16 PM, Garry Taylor wrote:
> Hello,
> We have been using Ansible Tower to purge website objects in Akamai cache (Akamai is a CDN) for several years, using an
> Akamai API
> Akamai no longer provide the API version 2, and have forced customers to use a new API version 3.
> There seems to be some compatibility issues with the Ansible yaml or the network module and Akamai new API.

Garry, please contact RedHat support. This list covers Ansible, but not AWX or Tower.

Regards
Racke
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ac222374-db0d-411e-a64a-57ce4c04c529%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/ac222374-db0d-411e-a64a-57ce4c04c529%40googlegroups.com?utm_medium=email&utm_source=footer>.


--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

signature.asc
Reply all
Reply to author
Forward
Message has been deleted
0 new messages