def main(): """main entry point for module execution """ argument_spec = dict( netconf_port=dict(type='int', default=830, aliases=['listens_on']), netconf_vrf=dict(aliases=['vrf'], default='default'), state=dict(default='present', choices=['present', 'absent']), ) argument_spec.update(iosxr_argument_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) warnings = list() result = {'changed': False, 'warnings': warnings} want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have)) result['commands'] = commands if commands: commit = not module.check_mode diff = load_config(module, commands, commit=commit) if diff: result['diff'] = dict(prepared=diff) result['changed'] = True module.exit_json(**result)
def map_obj_to_commands(self): commands = list() for w in self._want: name = w['name'] state = w['state'] obj_in_have = search_obj_in_list(name, self._have) if state == 'absent' and obj_in_have: commands.append('no username ' + name) elif state == 'present' and not obj_in_have: user_cmd = 'username ' + name commands.append(user_cmd) if w['configured_password']: commands.append(user_cmd + ' secret ' + w['configured_password']) if w['group']: commands.append(user_cmd + ' group ' + w['group']) elif w['groups']: for group in w['groups']: commands.append(user_cmd + ' group ' + group) elif state == 'present' and obj_in_have: user_cmd = 'username ' + name if self._module.params['update_password'] == 'always' and w['configured_password']: commands.append(user_cmd + ' secret ' + w['configured_password']) if w['group'] and w['group'] != obj_in_have['group']: commands.append(user_cmd + ' group ' + w['group']) elif w['groups']: for group in w['groups']: commands.append(user_cmd + ' group ' + group) if self._module.params['purge']: want_users = [x['name'] for x in self._want] have_users = [x['name'] for x in self._have] for item in set(have_users).difference(set(want_users)): if item != 'admin': commands.append('no username %s' % item) if 'no username admin' in commands: self._module.fail_json(msg='cannot delete the `admin` account') self._result['commands'] = [] if commands: commit = not self._module.check_mode diff = load_config(self._module, commands, commit=commit) if diff: self._result['diff'] = dict(prepared=diff) self._result['commands'] = commands self._result['changed'] = True
def run(module, result): match = module.params['match'] replace = module.params['replace'] replace_config = replace == 'config' path = module.params['parents'] comment = module.params['comment'] admin = module.params['admin'] check_mode = module.check_mode candidate_config = get_candidate(module) running_config = get_running_config(module) sanitize_candidate_config(candidate_config.items) sanitize_running_config(running_config.items) commands = None if match != 'none' and replace != 'config': commands = candidate_config.difference(running_config, path=path, match=match, replace=replace) elif replace_config: can_config = candidate_config.difference(running_config, path=path, match=match, replace=replace) candidate = dumps(can_config, 'commands').split('\n') run_config = running_config.difference(candidate_config, path=path, match=match, replace=replace) running = dumps(run_config, 'commands').split('\n') if len(candidate) > 1 or len(running) > 1: ret = copy_file_to_node(module) if not ret: module.fail_json(msg='Copy of config file to the node failed') commands = ['load harddisk:/ansible_config.txt'] else: commands = candidate_config.items if commands: if not replace_config: commands = dumps(commands, 'commands').split('\n') if any((module.params['lines'], module.params['src'])): if module.params['before']: commands[:0] = module.params['before'] if module.params['after']: commands.extend(module.params['after']) result['commands'] = commands commit = not check_mode diff = load_config(module, commands, commit=commit, replace=replace_config, comment=comment, admin=admin) if diff: result['diff'] = dict(prepared=diff) result['changed'] = True
def map_obj_to_commands(self): commands = list() args = ('speed', 'description', 'duplex', 'mtu') for want_item in self._want: name = want_item['name'] disable = not want_item['enabled'] state = want_item['state'] obj_in_have = self.search_obj_in_list(name) interface = 'interface ' + name if state == 'absent' and obj_in_have: commands.append('no ' + interface) elif state in ('present', 'up', 'down'): if obj_in_have: for item in args: candidate = want_item.get(item) running = obj_in_have.get(item) if candidate != running: if candidate: cmd = interface + ' ' + item + ' ' + str(candidate) commands.append(cmd) if disable and obj_in_have.get('enabled', False): commands.append(interface + ' shutdown') elif not disable and not obj_in_have.get('enabled', False): commands.append('no ' + interface + ' shutdown') else: for item in args: value = want_item.get(item) if value: commands.append(interface + ' ' + item + ' ' + str(value)) if not disable: commands.append('no ' + interface + ' shutdown') self._result['commands'] = commands if commands: commit = not self._module.check_mode diff = load_config(self._module, commands, commit=commit) if diff: self._result['diff'] = dict(prepared=diff) self._result['changed'] = True
def map_obj_to_xml_rpc(self): self._system_meta.update([ ('vrfs', {'xpath': 'ip-domain/vrfs', 'tag': True, 'operation': 'edit'}), ('vrf', {'xpath': 'ip-domain/vrfs/vrf', 'tag': True, 'operation': 'edit'}), ('a:vrf', {'xpath': 'ip-domain/vrfs/vrf/vrf-name', 'operation': 'edit'}), ('a:domain_name', {'xpath': 'ip-domain/vrfs/vrf/name', 'operation': 'edit', 'attrib': "operation"}), ]) self._system_domain_meta.update([ ('vrfs', {'xpath': 'ip-domain/vrfs', 'tag': True, 'operation': 'edit'}), ('vrf', {'xpath': 'ip-domain/vrfs/vrf', 'tag': True, 'operation': 'edit'}), ('a:vrf', {'xpath': 'ip-domain/vrfs/vrf/vrf-name', 'operation': 'edit'}), ('lists', {'xpath': 'ip-domain/vrfs/vrf/lists', 'tag': True, 'operation': 'edit'}), ('list', {'xpath': 'ip-domain/vrfs/vrf/lists/list', 'tag': True, 'operation': 'edit', 'attrib': "operation"}), ('a:order', {'xpath': 'ip-domain/vrfs/vrf/lists/list/order', 'operation': 'edit'}), ('a:domain_search', {'xpath': 'ip-domain/vrfs/vrf/lists/list/list-name', 'operation': 'edit'}), ]) self._system_server_meta.update([ ('vrfs', {'xpath': 'ip-domain/vrfs', 'tag': True, 'operation': 'edit'}), ('vrf', {'xpath': 'ip-domain/vrfs/vrf', 'tag': True, 'operation': 'edit'}), ('a:vrf', {'xpath': 'ip-domain/vrfs/vrf/vrf-name', 'operation': 'edit'}), ('servers', {'xpath': 'ip-domain/vrfs/vrf/servers', 'tag': True, 'operation': 'edit'}), ('server', {'xpath': 'ip-domain/vrfs/vrf/servers/server', 'tag': True, 'operation': 'edit', 'attrib': "operation"}), ('a:order', {'xpath': 'ip-domain/vrfs/vrf/servers/server/order', 'operation': 'edit'}), ('a:name_servers', {'xpath': 'ip-domain/vrfs/vrf/servers/server/server-address', 'operation': 'edit'}), ]) self._hostname_meta.update([ ('a:hostname', {'xpath': 'host-names/host-name', 'operation': 'edit', 'attrib': "operation"}), ]) self._lookup_source_meta.update([ ('vrfs', {'xpath': 'ip-domain/vrfs', 'tag': True, 'operation': 'edit'}), ('vrf', {'xpath': 'ip-domain/vrfs/vrf', 'tag': True, 'operation': 'edit'}), ('a:vrf', {'xpath': 'ip-domain/vrfs/vrf/vrf-name', 'operation': 'edit'}), ('a:lookup_source', {'xpath': 'ip-domain/vrfs/vrf/source-interface', 'operation': 'edit', 'attrib': "operation"}), ]) self._lookup_meta.update([ ('vrfs', {'xpath': 'ip-domain/vrfs', 'tag': True, 'operation': 'edit'}), ('vrf', {'xpath': 'ip-domain/vrfs/vrf', 'tag': True, 'operation': 'edit'}), ('a:vrf', {'xpath': 'ip-domain/vrfs/vrf/vrf-name', 'operation': 'edit'}), ('lookup', {'xpath': 'ip-domain/vrfs/vrf/lookup', 'tag': True, 'operation': 'edit', 'attrib': "operation"}), ]) state = self._module.params['state'] _get_filter = build_xml('ip-domain', opcode="filter") running = get_config(self._module, source='running', config_filter=_get_filter) _get_filter = build_xml('host-names', opcode="filter") hostname_runn = get_config(self._module, source='running', config_filter=_get_filter) hostname_ele = etree_find(hostname_runn, 'host-name') hostname = hostname_ele.text if hostname_ele is not None else None vrf_ele = etree_findall(running, 'vrf') vrf_map = {} for vrf in vrf_ele: name_server_list = list() domain_list = list() vrf_name_ele = etree_find(vrf, 'vrf-name') vrf_name = vrf_name_ele.text if vrf_name_ele is not None else None domain_name_ele = etree_find(vrf, 'name') domain_name = domain_name_ele.text if domain_name_ele is not None else None domain_ele = etree_findall(vrf, 'list-name') for domain in domain_ele: domain_list.append(domain.text) server_ele = etree_findall(vrf, 'server-address') for server in server_ele: name_server_list.append(server.text) lookup_source_ele = etree_find(vrf, 'source-interface') lookup_source = lookup_source_ele.text if lookup_source_ele is not None else None lookup_enabled = False if etree_find(vrf, 'lookup') is not None else True vrf_map[vrf_name] = {'domain_name': domain_name, 'domain_search': domain_list, 'name_servers': name_server_list, 'lookup_source': lookup_source, 'lookup_enabled': lookup_enabled} opcode = None hostname_param = {} lookup_param = {} system_param = {} sys_server_params = list() sys_domain_params = list() add_domain_params = list() del_domain_params = list() add_server_params = list() del_server_params = list() lookup_source_params = {} try: sys_node = vrf_map[self._want['vrf']] except KeyError: sys_node = {'domain_name': None, 'domain_search': [], 'name_servers': [], 'lookup_source': None, 'lookup_enabled': True} if state == 'absent': opcode = "delete" def needs_update(x): return self._want[x] is not None and self._want[x] == sys_node[x] if needs_update('domain_name'): system_param = {'vrf': self._want['vrf'], 'domain_name': self._want['domain_name']} if needs_update('hostname'): hostname_param = {'hostname': hostname} if not self._want['lookup_enabled'] and not sys_node['lookup_enabled']: lookup_param['vrf'] = self._want['vrf'] if needs_update('lookup_source'): lookup_source_params['vrf'] = self._want['vrf'] lookup_source_params['lookup_source'] = self._want['lookup_source'] if self._want['domain_search']: domain_param = {} domain_param['domain_name'] = self._want['domain_name'] domain_param['vrf'] = self._want['vrf'] domain_param['order'] = '0' for domain in self._want['domain_search']: if domain in sys_node['domain_search']: domain_param['domain_search'] = domain sys_domain_params.append(domain_param.copy()) if self._want['name_servers']: server_param = {} server_param['vrf'] = self._want['vrf'] server_param['order'] = '0' for server in self._want['name_servers']: if server in sys_node['name_servers']: server_param['name_servers'] = server sys_server_params.append(server_param.copy()) elif state == 'present': opcode = "merge" def needs_update(x): return self._want[x] is not None and (sys_node[x] is None or (sys_node[x] is not None and self._want[x] != sys_node[x])) if needs_update('domain_name'): system_param = {'vrf': self._want['vrf'], 'domain_name': self._want['domain_name']} if self._want['hostname'] is not None and self._want['hostname'] != hostname: hostname_param = {'hostname': self._want['hostname']} if not self._want['lookup_enabled'] and sys_node['lookup_enabled']: lookup_param['vrf'] = self._want['vrf'] if needs_update('lookup_source'): lookup_source_params['vrf'] = self._want['vrf'] lookup_source_params['lookup_source'] = self._want['lookup_source'] if self._want['domain_search']: domain_adds, domain_removes = diff_list(self._want['domain_search'], sys_node['domain_search']) domain_param = {} domain_param['domain_name'] = self._want['domain_name'] domain_param['vrf'] = self._want['vrf'] domain_param['order'] = '0' for domain in domain_adds: if domain not in sys_node['domain_search']: domain_param['domain_search'] = domain add_domain_params.append(domain_param.copy()) for domain in domain_removes: if domain in sys_node['domain_search']: domain_param['domain_search'] = domain del_domain_params.append(domain_param.copy()) if self._want['name_servers']: server_adds, server_removes = diff_list(self._want['name_servers'], sys_node['name_servers']) server_param = {} server_param['vrf'] = self._want['vrf'] server_param['order'] = '0' for domain in server_adds: if domain not in sys_node['name_servers']: server_param['name_servers'] = domain add_server_params.append(server_param.copy()) for domain in server_removes: if domain in sys_node['name_servers']: server_param['name_servers'] = domain del_server_params.append(server_param.copy()) self._result['xml'] = [] _edit_filter_list = list() if opcode: if hostname_param: _edit_filter_list.append(build_xml('host-names', xmap=self._hostname_meta, params=hostname_param, opcode=opcode)) if system_param: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_meta, params=system_param, opcode=opcode)) if lookup_source_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._lookup_source_meta, params=lookup_source_params, opcode=opcode)) if lookup_param: _edit_filter_list.append(build_xml('ip-domain', xmap=self._lookup_meta, params=lookup_param, opcode=opcode)) if opcode == 'delete': if sys_domain_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_domain_meta, params=sys_domain_params, opcode=opcode)) if sys_server_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_server_meta, params=sys_server_params, opcode=opcode)) if self._want['vrf'] != 'default': self._result['warnings'] = ["name-servers delete operation with non-default vrf is a success, " "but with rpc-error. Recommended to use 'ignore_errors' option with the task as a workaround"] elif opcode == 'merge': if add_domain_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_domain_meta, params=add_domain_params, opcode=opcode)) if del_domain_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_domain_meta, params=del_domain_params, opcode="delete")) if add_server_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_server_meta, params=add_server_params, opcode=opcode)) if del_server_params: _edit_filter_list.append(build_xml('ip-domain', xmap=self._system_server_meta, params=del_server_params, opcode="delete")) diff = None if _edit_filter_list: commit = not self._module.check_mode diff = load_config(self._module, _edit_filter_list, commit=commit, running=running, nc_get_filter=_get_filter) if diff: if self._module._diff: self._result['diff'] = dict(prepared=diff) self._result['xml'] = _edit_filter_list self._result['changed'] = True
def map_obj_to_commands(self): commands = list() state = self._module.params['state'] def needs_update(x): return self._want.get(x) and (self._want.get(x) != self._have.get(x)) if state == 'absent': if self._have['hostname'] != 'ios': commands.append('no hostname') if self._have['domain_name']: commands.append('no domain name') if self._have['lookup_source']: commands.append('no domain lookup source-interface {0!s}'.format(self._have['lookup_source'])) if not self._have['lookup_enabled']: commands.append('no domain lookup disable') for item in self._have['name_servers']: commands.append('no domain name-server {0!s}'.format(item)) for item in self._have['domain_search']: commands.append('no domain list {0!s}'.format(item)) elif state == 'present': if needs_update('hostname'): commands.append('hostname {0!s}'.format(self._want['hostname'])) if needs_update('domain_name'): commands.append('domain name {0!s}'.format(self._want['domain_name'])) if needs_update('lookup_source'): commands.append('domain lookup source-interface {0!s}'.format(self._want['lookup_source'])) cmd = None if not self._want['lookup_enabled'] and self._have['lookup_enabled']: cmd = 'domain lookup disable' elif self._want['lookup_enabled'] and not self._have['lookup_enabled']: cmd = 'no domain lookup disable' if cmd is not None: commands.append(cmd) if self._want['name_servers'] is not None: adds, removes = diff_list(self._want['name_servers'], self._have['name_servers']) for item in adds: commands.append('domain name-server {0!s}'.format(item)) for item in removes: commands.append('no domain name-server {0!s}'.format(item)) if self._want['domain_search'] is not None: adds, removes = diff_list(self._want['domain_search'], self._have['domain_search']) for item in adds: commands.append('domain list {0!s}'.format(item)) for item in removes: commands.append('no domain list {0!s}'.format(item)) self._result['commands'] = [] if commands: commit = not self._module.check_mode diff = load_config(self._module, commands, commit=commit) if diff: self._result['diff'] = dict(prepared=diff) self._result['commands'] = commands self._result['changed'] = True
def map_obj_to_xml_rpc(self): self._locald_meta.update([ ('aaa_locald', {'xpath': 'aaa/usernames', 'tag': True, 'ns': True}), ('username', {'xpath': 'aaa/usernames/username', 'tag': True, 'attrib': "operation"}), ('a:name', {'xpath': 'aaa/usernames/username/name'}), ('a:configured_password', {'xpath': 'aaa/usernames/username/secret', 'operation': 'edit'}), ]) self._locald_group_meta.update([ ('aaa_locald', {'xpath': 'aaa/usernames', 'tag': True, 'ns': True}), ('username', {'xpath': 'aaa/usernames/username', 'tag': True, 'attrib': "operation"}), ('a:name', {'xpath': 'aaa/usernames/username/name'}), ('usergroups', {'xpath': 'aaa/usernames/username/usergroup-under-usernames', 'tag': True, 'operation': 'edit'}), ('usergroup', {'xpath': 'aaa/usernames/username/usergroup-under-usernames/usergroup-under-username', 'tag': True, 'operation': 'edit'}), ('a:group', {'xpath': 'aaa/usernames/username/usergroup-under-usernames/usergroup-under-username/name', 'operation': 'edit'}), ]) state = self._module.params['state'] _get_filter = build_xml('aaa', opcode="filter") running = get_config(self._module, source='running', config_filter=_get_filter) elements = etree_findall(running, 'username') users = list() for element in elements: name_list = etree_findall(element, 'name') users.append(name_list[0].text) list_size = len(name_list) if list_size == 1: self._have.append({'name': name_list[0].text, 'group': None, 'groups': None}) elif list_size == 2: self._have.append({'name': name_list[0].text, 'group': name_list[1].text, 'groups': None}) elif list_size > 2: name_iter = iter(name_list) next(name_iter) tmp_list = list() for name in name_iter: tmp_list.append(name.text) self._have.append({'name': name_list[0].text, 'group': None, 'groups': tmp_list}) locald_params = list() locald_group_params = list() opcode = None if state == 'absent': opcode = "delete" for want_item in self._want: if want_item['name'] in users: want_item['configured_password'] = None locald_params.append(want_item) elif state == 'present': opcode = "merge" for want_item in self._want: if want_item['name'] not in users: want_item['configured_password'] = self.generate_md5_hash(want_item['configured_password']) locald_params.append(want_item) if want_item['group'] is not None: locald_group_params.append(want_item) if want_item['groups'] is not None: for group in want_item['groups']: want_item['group'] = group locald_group_params.append(want_item.copy()) else: if self._module.params['update_password'] == 'always' and want_item['configured_password'] is not None: want_item['configured_password'] = self.generate_md5_hash(want_item['configured_password']) locald_params.append(want_item) else: want_item['configured_password'] = None obj_in_have = search_obj_in_list(want_item['name'], self._have) if want_item['group'] is not None and want_item['group'] != obj_in_have['group']: locald_group_params.append(want_item) elif want_item['groups'] is not None: for group in want_item['groups']: want_item['group'] = group locald_group_params.append(want_item.copy()) purge_params = list() if self._module.params['purge']: want_users = [x['name'] for x in self._want] have_users = [x['name'] for x in self._have] for item in set(have_users).difference(set(want_users)): if item != 'admin': purge_params.append({'name': item}) self._result['xml'] = [] _edit_filter_list = list() if opcode is not None: if locald_params: _edit_filter_list.append(build_xml('aaa', xmap=self._locald_meta, params=locald_params, opcode=opcode)) if locald_group_params: _edit_filter_list.append(build_xml('aaa', xmap=self._locald_group_meta, params=locald_group_params, opcode=opcode)) if purge_params: _edit_filter_list.append(build_xml('aaa', xmap=self._locald_meta, params=purge_params, opcode="delete")) diff = None if _edit_filter_list: commit = not self._module.check_mode diff = load_config(self._module, _edit_filter_list, commit=commit, running=running, nc_get_filter=_get_filter) if diff: if self._module._diff: self._result['diff'] = dict(prepared=diff) self._result['xml'] = _edit_filter_list self._result['changed'] = True
def map_obj_to_xml_rpc(self): self._locald_meta.update([ ('aaa_locald', { 'xpath': 'aaa/usernames', 'tag': True, 'ns': True }), ('username', { 'xpath': 'aaa/usernames/username', 'tag': True, 'attrib': "operation" }), ('a:name', { 'xpath': 'aaa/usernames/username/name' }), ('a:configured_password', { 'xpath': 'aaa/usernames/username/secret', 'operation': 'edit' }), ]) self._locald_group_meta.update([ ('aaa_locald', { 'xpath': 'aaa/usernames', 'tag': True, 'ns': True }), ('username', { 'xpath': 'aaa/usernames/username', 'tag': True, 'attrib': "operation" }), ('a:name', { 'xpath': 'aaa/usernames/username/name' }), ('usergroups', { 'xpath': 'aaa/usernames/username/usergroup-under-usernames', 'tag': True, 'operation': 'edit' }), ('usergroup', { 'xpath': 'aaa/usernames/username/usergroup-under-usernames/usergroup-under-username', 'tag': True, 'operation': 'edit' }), ('a:group', { 'xpath': 'aaa/usernames/username/usergroup-under-usernames/usergroup-under-username/name', 'operation': 'edit' }), ]) state = self._module.params['state'] _get_filter = build_xml('aaa', opcode="filter") running = get_config(self._module, source='running', config_filter=_get_filter) elements = etree_findall(running, 'username') users = list() for element in elements: name_list = etree_findall(element, 'name') users.append(name_list[0].text) list_size = len(name_list) if list_size == 1: self._have.append({ 'name': name_list[0].text, 'group': None, 'groups': None }) elif list_size == 2: self._have.append({ 'name': name_list[0].text, 'group': name_list[1].text, 'groups': None }) elif list_size > 2: name_iter = iter(name_list) next(name_iter) tmp_list = list() for name in name_iter: tmp_list.append(name.text) self._have.append({ 'name': name_list[0].text, 'group': None, 'groups': tmp_list }) locald_params = list() locald_group_params = list() opcode = None if state == 'absent': opcode = "delete" for want_item in self._want: if want_item['name'] in users: want_item['configured_password'] = None locald_params.append(want_item) elif state == 'present': opcode = "merge" for want_item in self._want: if want_item['name'] not in users: want_item['configured_password'] = self.generate_md5_hash( want_item['configured_password']) locald_params.append(want_item) if want_item['group'] is not None: locald_group_params.append(want_item) if want_item['groups'] is not None: for group in want_item['groups']: want_item['group'] = group locald_group_params.append(want_item.copy()) else: if self._module.params[ 'update_password'] == 'always' and want_item[ 'configured_password'] is not None: want_item[ 'configured_password'] = self.generate_md5_hash( want_item['configured_password']) locald_params.append(want_item) else: want_item['configured_password'] = None obj_in_have = search_obj_in_list(want_item['name'], self._have) if want_item['group'] is not None and want_item[ 'group'] != obj_in_have['group']: locald_group_params.append(want_item) elif want_item['groups'] is not None: for group in want_item['groups']: want_item['group'] = group locald_group_params.append(want_item.copy()) purge_params = list() if self._module.params['purge']: want_users = [x['name'] for x in self._want] have_users = [x['name'] for x in self._have] for item in set(have_users).difference(set(want_users)): if item != 'admin': purge_params.append({'name': item}) self._result['xml'] = [] _edit_filter_list = list() if opcode is not None: if locald_params: _edit_filter_list.append( build_xml('aaa', xmap=self._locald_meta, params=locald_params, opcode=opcode)) if locald_group_params: _edit_filter_list.append( build_xml('aaa', xmap=self._locald_group_meta, params=locald_group_params, opcode=opcode)) if purge_params: _edit_filter_list.append( build_xml('aaa', xmap=self._locald_meta, params=purge_params, opcode="delete")) diff = None if _edit_filter_list: commit = not self._module.check_mode diff = load_config(self._module, _edit_filter_list, commit=commit, running=running, nc_get_filter=_get_filter) if diff: if self._module._diff: self._result['diff'] = dict(prepared=diff) self._result['xml'] = _edit_filter_list self._result['changed'] = True
def main(): """ main entry point for module execution """ element_spec = dict( name=dict(), configured_password=dict(no_log=True), update_password=dict(default='always', choices=['on_create', 'always']), public_key=dict(), public_key_contents=dict(), group=dict(aliases=['role']), groups=dict(type='list', elements='dict'), state=dict(default='present', choices=['present', 'absent']) ) aggregate_spec = deepcopy(element_spec) aggregate_spec['name'] = dict(required=True) # remove default in aggregate spec, to handle common arguments remove_default_spec(aggregate_spec) argument_spec = dict( aggregate=dict(type='list', elements='dict', options=aggregate_spec, aliases=['users', 'collection']), purge=dict(type='bool', default=False) ) argument_spec.update(element_spec) argument_spec.update(iosxr_argument_spec) mutually_exclusive = [('name', 'aggregate'), ('public_key', 'public_key_contents'), ('group', 'groups')] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, supports_check_mode=True) if (module.params['public_key_contents'] or module.params['public_key']): if not HAS_B64: module.fail_json( msg='library base64 is required but does not appear to be ' 'installed. It can be installed using `pip install base64`' ) if not HAS_PARAMIKO: module.fail_json( msg='library paramiko is required but does not appear to be ' 'installed. It can be installed using `pip install paramiko`' ) warnings = list() if module.params['password'] and not module.params['configured_password']: warnings.append( 'The "password" argument is used to authenticate the current connection. ' + 'To set a user password use "configured_password" instead.' ) result = {'changed': False} want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands((want, have), module) if module.params['purge']: want_users = [x['name'] for x in want] have_users = [x['name'] for x in have] for item in set(have_users).difference(want_users): if item != 'admin': commands.append('no username %s' % item) result['commands'] = commands result['warnings'] = warnings if 'no username admin' in commands: module.fail_json(msg='cannot delete the `admin` account') if commands: commit = not module.check_mode diff = load_config(module, commands, commit=commit) if diff: result['diff'] = dict(prepared=diff) result['changed'] = True if module.params['state'] == 'present' and (module.params['public_key_contents'] or module.params['public_key']): if not module.check_mode: key = convert_key_to_base64(module) copykeys = copy_key_to_node(module, key) if copykeys is False: warnings.append('Please set up your provider before running this playbook') if module.params['aggregate']: for user in module.params['aggregate']: cmdtodo = "admin crypto key import authentication rsa username %s harddisk:/publickey_aggregate.b64" % (user) addremove = addremovekey(module, cmdtodo) if addremove is False: warnings.append('Please set up your provider before running this playbook') else: cmdtodo = "admin crypto key import authentication rsa username %s harddisk:/publickey_%s.b64" % (module.params['name'], module.params['name']) addremove = addremovekey(module, cmdtodo) if addremove is False: warnings.append('Please set up your provider before running this playbook') elif module.params['state'] == 'absent': if not module.check_mode: if module.params['aggregate']: for user in module.params['aggregate']: cmdtodo = "admin crypto key zeroize authentication rsa username %s" % (user) addremove = addremovekey(module, cmdtodo) if addremove is False: warnings.append('Please set up your provider before running this playbook') else: cmdtodo = "admin crypto key zeroize authentication rsa username %s" % (module.params['name']) addremove = addremovekey(module, cmdtodo) if addremove is False: warnings.append('Please set up your provider before running this playbook') elif module.params['purge'] is True: if not module.check_mode: cmdtodo = "admin crypto key zeroize authentication rsa all" addremove = addremovekey(module, cmdtodo) if addremove is False: warnings.append('Please set up your provider before running this playbook') module.exit_json(**result)
def run(module, result): match = module.params['match'] replace = module.params['replace'] replace_config = replace == 'config' path = module.params['parents'] comment = module.params['comment'] admin = module.params['admin'] check_mode = module.check_mode candidate_config = get_candidate(module) running_config = get_running_config(module) commands = None if match != 'none' and replace != 'config': commands = candidate_config.difference(running_config, path=path, match=match, replace=replace) elif replace_config: can_config = candidate_config.difference(running_config, path=path, match=match, replace=replace) candidate = dumps(can_config, 'commands').split('\n') run_config = running_config.difference(candidate_config, path=path, match=match, replace=replace) running = dumps(run_config, 'commands').split('\n') if len(candidate) > 1 or len(running) > 1: ret = copy_file_to_node(module) if not ret: module.fail_json(msg='Copy of config file to the node failed') commands = ['load harddisk:/ansible_config.txt'] else: commands = candidate_config.items if commands: if not replace_config: commands = dumps(commands, 'commands').split('\n') if any((module.params['lines'], module.params['src'])): if module.params['before']: commands[:0] = module.params['before'] if module.params['after']: commands.extend(module.params['after']) result['commands'] = commands commit = not check_mode diff = load_config(module, commands, commit=commit, replace=replace_config, comment=comment, admin=admin) if diff: result['diff'] = dict(prepared=diff) result['changed'] = True
def run(module, result): match = module.params['match'] replace = module.params['replace'] replace_config = replace == 'config' path = module.params['parents'] comment = module.params['comment'] admin = module.params['admin'] exclusive = module.params['exclusive'] check_mode = module.check_mode label = module.params['label'] candidate_config = get_candidate(module) running_config = get_running_config(module) commands = None replace_file_path = None connection = get_connection(module) try: response = connection.get_diff(candidate=candidate_config, running=running_config, diff_match=match, path=path, diff_replace=replace) except ConnectionError as exc: module.fail_json(msg=to_text(exc, errors='surrogate_then_replace')) config_diff = response.get('config_diff') if replace_config: running_base_diff_resp = connection.get_diff(candidate=running_config, running=candidate_config, diff_match=match, path=path, diff_replace=replace) if config_diff or running_base_diff_resp['config_diff']: ret = copy_file_to_node(module) if not ret: module.fail_json(msg='Copy of config file to the node failed') commands = ['load harddisk:/ansible_config.txt'] replace_file_path = 'harddisk:/ansible_config.txt' if config_diff or commands: if not replace_config: commands = config_diff.split('\n') if any((module.params['lines'], module.params['src'])): if module.params['before']: commands[:0] = module.params['before'] if module.params['after']: commands.extend(module.params['after']) result['commands'] = commands commit = not check_mode diff = load_config(module, commands, commit=commit, replace=replace_file_path, comment=comment, admin=admin, exclusive=exclusive, label=label) if diff: result['diff'] = dict(prepared=diff) result['changed'] = True
def map_obj_to_xml_rpc(self): self._log_file_meta.update([ ('files', { 'xpath': 'syslog/files', 'tag': True, 'operation': 'edit' }), ('file', { 'xpath': 'syslog/files/file', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:name', { 'xpath': 'syslog/files/file/file-name', 'operation': 'edit' }), ('file-attrib', { 'xpath': 'syslog/files/file/file-log-attributes', 'tag': True, 'operation': 'edit' }), ('a:size', { 'xpath': 'syslog/files/file/file-log-attributes/max-file-size', 'operation': 'edit' }), ('a:level', { 'xpath': 'syslog/files/file/file-log-attributes/severity', 'operation': 'edit' }), ]) self._log_host_meta.update([ ('host-server', { 'xpath': 'syslog/host-server', 'tag': True, 'operation': 'edit' }), ('vrfs', { 'xpath': 'syslog/host-server/vrfs', 'tag': True, 'operation': 'edit' }), ('vrf', { 'xpath': 'syslog/host-server/vrfs/vrf', 'tag': True, 'operation': 'edit' }), ('a:vrf', { 'xpath': 'syslog/host-server/vrfs/vrf/vrf-name', 'operation': 'edit' }), ('ipv4s', { 'xpath': 'syslog/host-server/vrfs/vrf/ipv4s', 'tag': True, 'operation': 'edit' }), ('ipv4', { 'xpath': 'syslog/host-server/vrfs/vrf/ipv4s/ipv4', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:name', { 'xpath': 'syslog/host-server/vrfs/vrf/ipv4s/ipv4/address', 'operation': 'edit' }), ('ipv4-sev', { 'xpath': 'syslog/host-server/vrfs/vrf/ipv4s/ipv4/ipv4-severity-port', 'tag': True, 'operation': 'edit' }), ('a:level', { 'xpath': 'syslog/host-server/vrfs/vrf/ipv4s/ipv4/ipv4-severity-port/severity', 'operation': 'edit' }), ]) self._log_console_meta.update([ ('a:enable-console', { 'xpath': 'syslog/enable-console-logging', 'operation': 'edit', 'attrib': "operation" }), ('console', { 'xpath': 'syslog/console-logging', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:console-level', { 'xpath': 'syslog/console-logging/logging-level', 'operation': 'edit' }), ]) self._log_monitor_meta.update([ ('monitor', { 'xpath': 'syslog/monitor-logging', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:monitor-level', { 'xpath': 'syslog/monitor-logging/logging-level', 'operation': 'edit' }), ]) self._log_buffered_size_meta.update([ ('buffered', { 'xpath': 'syslog/buffered-logging', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:size', { 'xpath': 'syslog/buffered-logging/buffer-size', 'operation': 'edit' }), ]) self._log_buffered_level_meta.update([ ('buffered', { 'xpath': 'syslog/buffered-logging', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:level', { 'xpath': 'syslog/buffered-logging/logging-level', 'operation': 'edit' }), ]) self._log_facility_meta.update([ ('facility', { 'xpath': 'syslog/logging-facilities', 'tag': True, 'operation': 'edit', 'attrib': "operation" }), ('a:facility', { 'xpath': 'syslog/logging-facilities/facility-level', 'operation': 'edit' }), ]) self._log_prefix_meta.update([ ('a:hostnameprefix', { 'xpath': 'syslog/host-name-prefix', 'operation': 'edit', 'attrib': "operation" }), ]) state = self._module.params['state'] _get_filter = build_xml('syslog', opcode="filter") running = get_config(self._module, source='running', config_filter=_get_filter) file_ele = etree_findall(running, 'file') file_list = list() if len(file_ele): for file in file_ele: file_name = etree_find(file, 'file-name') file_list.append( file_name.text if file_name is not None else None) vrf_ele = etree_findall(running, 'vrf') host_list = list() for vrf in vrf_ele: host_ele = etree_findall(vrf, 'ipv4') for host in host_ele: host_name = etree_find(host, 'address') host_list.append( host_name.text if host_name is not None else None) console_ele = etree_find(running, 'console-logging') console_level = etree_find( console_ele, 'logging-level') if console_ele is not None else None have_console = console_level.text if console_level is not None else None monitor_ele = etree_find(running, 'monitor-logging') monitor_level = etree_find( monitor_ele, 'logging-level') if monitor_ele is not None else None have_monitor = monitor_level.text if monitor_level is not None else None buffered_ele = etree_find(running, 'buffered-logging') buffered_size = etree_find( buffered_ele, 'buffer-size') if buffered_ele is not None else None have_buffered = buffered_size.text if buffered_size is not None else None facility_ele = etree_find(running, 'logging-facilities') facility_level = etree_find( facility_ele, 'facility-level') if facility_ele is not None else None have_facility = facility_level.text if facility_level is not None else None prefix_ele = etree_find(running, 'host-name-prefix') have_prefix = prefix_ele.text if prefix_ele is not None else None console_enable_ele = etree_find(running, 'enable-console-logging') have_console_enable = console_enable_ele.text if console_enable_ele is not None else None file_params = list() host_params = list() console_params = dict() monitor_params = dict() buffered_params = dict() facility_params = dict() prefix_params = dict() opcode = None if state == 'absent': opcode = "delete" for item in self._want: if item['dest'] == 'file' and item['name'] in file_list: item['level'] = severity_level[item['level']] file_params.append(item) elif item['dest'] == 'host' and item['name'] in host_list: item['level'] = severity_level[item['level']] host_params.append(item) elif item[ 'dest'] == 'console' and have_console and have_console_enable: console_params.update({'console-level': item['level']}) elif item['dest'] == 'monitor' and have_monitor: monitor_params.update({'monitor-level': item['level']}) elif item['dest'] == 'buffered' and have_buffered: buffered_params['size'] = str( item['size']) if item['size'] else None buffered_params[ 'level'] = item['level'] if item['level'] else None elif item['dest'] is None and item['hostnameprefix'] is None and \ item['facility'] is not None and have_facility: facility_params.update({'facility': item['facility']}) elif item['dest'] is None and item[ 'hostnameprefix'] is not None and have_prefix: prefix_params.update( {'hostnameprefix': item['hostnameprefix']}) elif state == 'present': opcode = 'merge' for item in self._want: if item['dest'] == 'file': item['level'] = severity_level[item['level']] file_params.append(item) elif item['dest'] == 'host': item['level'] = severity_level[item['level']] host_params.append(item) elif item['dest'] == 'console': console_params.update({'console-level': item['level']}) elif item['dest'] == 'monitor': monitor_params.update({'monitor-level': item['level']}) elif item['dest'] == 'buffered': buffered_params['size'] = str( item['size']) if item['size'] else None buffered_params[ 'level'] = item['level'] if item['level'] else None elif item['dest'] is None and item['hostnameprefix'] is None and \ item['facility'] is not None: facility_params.update({'facility': item['facility']}) elif item['dest'] is None and item[ 'hostnameprefix'] is not None: prefix_params.update( {'hostnameprefix': item['hostnameprefix']}) self._result['xml'] = [] _edit_filter_list = list() if opcode: if len(file_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_file_meta, params=file_params, opcode=opcode)) if len(host_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_host_meta, params=host_params, opcode=opcode)) if len(console_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_console_meta, params=console_params, opcode=opcode)) if len(monitor_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_monitor_meta, params=monitor_params, opcode=opcode)) if len(buffered_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_buffered_size_meta, params=buffered_params, opcode=opcode)) _edit_filter_list.append( build_xml('syslog', xmap=self._log_buffered_level_meta, params=buffered_params, opcode=opcode)) if len(facility_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_facility_meta, params=facility_params, opcode=opcode)) if len(prefix_params): _edit_filter_list.append( build_xml('syslog', xmap=self._log_prefix_meta, params=prefix_params, opcode=opcode)) diff = None if len(_edit_filter_list): commit = not self._module.check_mode diff = load_config(self._module, _edit_filter_list, commit=commit, running=running, nc_get_filter=_get_filter) if diff: if self._module._diff: self._result['diff'] = dict(prepared=diff) self._result['xml'] = _edit_filter_list self._result['changed'] = True
def map_obj_to_commands(self): commands = list() for want_item in self._want: dest = want_item['dest'] name = want_item['name'] size = want_item['size'] facility = want_item['facility'] level = want_item['level'] vrf = want_item['vrf'] hostnameprefix = want_item['hostnameprefix'] state = want_item['state'] del want_item['state'] have_size = None have_console_level = None have_monitor_level = None have_prefix = None have_facility = None for item in self._have: if item['dest'] == 'buffered': have_size = item['size'] if item['dest'] == 'console': have_console_level = item['level'] if item['dest'] == 'monitor': have_monitor_level = item['level'] if item['dest'] is None and item['hostnameprefix'] is not None: have_prefix = item['hostnameprefix'] if item['dest'] is None and item[ 'hostnameprefix'] is None and item[ 'facility'] is not None: have_facility = item['facility'] if state == 'absent': if dest == 'host' and name in self._host_list: commands.append('no logging {0} vrf {1}'.format(name, vrf)) elif dest == 'file' and name in self._file_list: commands.append('no logging file {0}'.format(name)) elif dest == 'console' and have_console_level is not None: commands.append('no logging {0}'.format(dest)) elif dest == 'monitor' and have_monitor_level: commands.append('no logging {0}'.format(dest)) elif dest == 'buffered' and have_size: commands.append('no logging {0}'.format(dest)) if dest is None and hostnameprefix is not None and have_prefix == hostnameprefix: commands.append( 'no logging hostnameprefix {0}'.format(hostnameprefix)) if dest is None and facility is not None and have_facility == facility: commands.append('no logging facility {0}'.format(facility)) if state == 'present': if dest == 'host' and name not in self._host_list: if level == 'errors' or level == 'informational': level = severity_transpose[level] commands.append('logging {0} vrf {1} severity {2}'.format( name, vrf, level)) elif dest == 'file' and name not in self._file_list: if level == 'errors' or level == 'informational': level = severity_transpose[level] commands.append( 'logging file {0} maxfilesize {1} severity {2}'.format( name, size, level)) elif dest == 'buffered' and (have_size is None or (have_size is not None and size != have_size)): commands.append('logging buffered {0}'.format(size)) elif dest == 'console' and (have_console_level is None or (have_console_level is not None and have_console_level != level)): commands.append('logging console {0}'.format(level)) elif dest == 'monitor' and (have_monitor_level is None or (have_monitor_level is not None and have_monitor_level != level)): commands.append('logging monitor {0}'.format(level)) if dest is None and hostnameprefix is not None and ( have_prefix is None or (have_prefix is not None and hostnameprefix != have_prefix)): commands.append( 'logging hostnameprefix {0}'.format(hostnameprefix)) if dest is None and hostnameprefix is None and facility != have_facility: commands.append('logging facility {0}'.format(facility)) self._result['commands'] = commands if commands: commit = not self._module.check_mode diff = load_config(self._module, commands, commit=commit) if diff: self._result['diff'] = dict(prepared=diff) self._result['changed'] = True
def map_obj_to_xml_rpc(self): self._intf_meta.update([ ('interface-configuration', {'xpath': 'interface-configurations/interface-configuration', 'tag': True, 'attrib': 'operation'}), ('a:active', {'xpath': 'interface-configurations/interface-configuration/active', 'operation': 'edit'}), ('a:name', {'xpath': 'interface-configurations/interface-configuration/interface-name'}), ('a:description', {'xpath': 'interface-configurations/interface-configuration/description', 'operation': 'edit'}), ('mtus', {'xpath': 'interface-configurations/interface-configuration/mtus', 'tag': True, 'operation': 'edit'}), ('mtu', {'xpath': 'interface-configurations/interface-configuration/mtus/mtu', 'tag': True, 'operation': 'edit'}), ('a:owner', {'xpath': 'interface-configurations/interface-configuration/mtus/mtu/owner', 'operation': 'edit'}), ('a:mtu', {'xpath': 'interface-configurations/interface-configuration/mtus/mtu/mtu', 'operation': 'edit'}), ('CEthernet', {'xpath': 'interface-configurations/interface-configuration/ethernet', 'tag': True, 'operation': 'edit', 'ns': True}), ('a:speed', {'xpath': 'interface-configurations/interface-configuration/ethernet/speed', 'operation': 'edit'}), ('a:duplex', {'xpath': 'interface-configurations/interface-configuration/ethernet/duplex', 'operation': 'edit'}), ]) self._shut_meta.update([ ('interface-configuration', {'xpath': 'interface-configurations/interface-configuration', 'tag': True}), ('a:active', {'xpath': 'interface-configurations/interface-configuration/active', 'operation': 'edit'}), ('a:name', {'xpath': 'interface-configurations/interface-configuration/interface-name'}), ('shutdown', {'xpath': 'interface-configurations/interface-configuration/shutdown', 'tag': True, 'operation': 'edit', 'attrib': 'operation'}), ]) state = self._module.params['state'] _get_filter = build_xml('interface-configurations', xmap=self._intf_meta, params=self._want, opcode="filter") running = get_config(self._module, source='running', config_filter=_get_filter) intfcfg_nodes = etree_findall(running, 'interface-configuration') intf_list = set() shut_list = set() for item in intfcfg_nodes: intf_name = etree_find(item, 'interface-name').text if intf_name is not None: intf_list.add(intf_name) if etree_find(item, 'shutdown') is not None: shut_list.add(intf_name) intf_params = list() shut_params = list() noshut_params = list() for index, item in enumerate(self._want): if item['name'] in intf_list: intf_params.append(item) if not item['enabled']: shut_params.append(item) if item['name'] in shut_list and item['enabled']: noshut_params.append(item) opcode = None if state == 'absent': if intf_params: opcode = "delete" elif state in ('present', 'up', 'down'): intf_params = self._want opcode = 'merge' self._result['xml'] = [] _edit_filter_list = list() if opcode: _edit_filter_list.append(build_xml('interface-configurations', xmap=self._intf_meta, params=intf_params, opcode=opcode)) if opcode == 'merge': if len(shut_params): _edit_filter_list.append(build_xml('interface-configurations', xmap=self._shut_meta, params=shut_params, opcode='merge')) if len(noshut_params): _edit_filter_list.append(build_xml('interface-configurations', xmap=self._shut_meta, params=noshut_params, opcode='delete')) diff = None if len(_edit_filter_list): commit = not self._module.check_mode diff = load_config(self._module, _edit_filter_list, commit=commit, running=running, nc_get_filter=_get_filter) if diff: if self._module._diff: self._result['diff'] = dict(prepared=diff) self._result['xml'] = _edit_filter_list self._result['changed'] = True