def main():
argument_spec = aci_argument_spec()
argument_spec.update(
pool_type=dict(type='str',
required=True,
aliases=['type'],
choices=['vlan', 'vxlan', 'vsan']),
allocation_mode=dict(type='str',
aliases=['mode'],
choices=['dynamic', 'inherit', 'static']),
description=dict(type='str', aliases=['descr']),
pool=dict(type='str',
aliases=['pool_name'
]), # Not required for querying all objects
pool_allocation_mode=dict(type='str',
aliases=['pool_mode'],
choices=['dynamic', 'static']),
range_end=dict(type='int',
aliases=['end'
]), # Not required for querying all objects
range_name=dict(type='str',
aliases=["name", "range"
]), # Not required for querying all objects
range_start=dict(type='int',
aliases=["start"
]), # Not required for querying all objects
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
'state', 'absent',
['pool', 'range_end', 'range_name', 'range_start']
],
[
'state', 'present',
['pool', 'range_end', 'range_name', 'range_start']
],
],
)
allocation_mode = module.params.get('allocation_mode')
description = module.params.get('description')
pool = module.params.get('pool')
pool_allocation_mode = module.params.get('pool_allocation_mode')
pool_type = module.params.get('pool_type')
range_end = module.params.get('range_end')
range_name = module.params.get('range_name')
range_start = module.params.get('range_start')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
if range_end is not None:
encap_end = '{0}-{1}'.format(pool_type, range_end)
else:
encap_end = None
if range_start is not None:
encap_start = '{0}-{1}'.format(pool_type, range_start)
else:
encap_start = None
ACI_RANGE_MAPPING = dict(
vlan=dict(
aci_class='fvnsEncapBlk',
aci_mo='from-[{0}]-to-[{1}]'.format(encap_start, encap_end),
),
vxlan=dict(
aci_class='fvnsEncapBlk',
aci_mo='from-[{0}]-to-[{1}]'.format(encap_start, encap_end),
),
vsan=dict(
aci_class='fvnsVsanEncapBlk',
aci_mo='vsanfrom-[{0}]-to-[{1}]'.format(encap_start, encap_end),
),
)
# Collect proper class and mo information based on pool_type
aci_range_class = ACI_RANGE_MAPPING[pool_type]["aci_class"]
aci_range_mo = ACI_RANGE_MAPPING[pool_type]["aci_mo"]
aci_pool_class = ACI_POOL_MAPPING[pool_type]["aci_class"]
aci_pool_mo = ACI_POOL_MAPPING[pool_type]["aci_mo"]
pool_name = pool
# Validate range_end and range_start are valid for its respective encap type
for encap_id in range_end, range_start:
if encap_id is not None:
if pool_type == 'vlan':
if not 1 <= encap_id <= 4094:
module.fail_json(
msg=
'vlan pools must have "range_start" and "range_end" values between 1 and 4094'
)
elif pool_type == 'vxlan':
if not 5000 <= encap_id <= 16777215:
module.fail_json(
msg=
'vxlan pools must have "range_start" and "range_end" values between 5000 and 16777215'
)
elif pool_type == 'vsan':
if not 1 <= encap_id <= 4093:
module.fail_json(
msg=
'vsan pools must have "range_start" and "range_end" values between 1 and 4093'
)
if range_end is not None and range_start is not None:
# Validate range_start is less than range_end
if range_start > range_end:
module.fail_json(
msg=
'The "range_start" must be less than or equal to the "range_end"'
)
elif range_end is None and range_start is None:
if range_name is None:
# Reset range managed object to None for aci util to properly handle query
aci_range_mo = None
# Vxlan does not support setting the allocation mode
if pool_type == 'vxlan' and allocation_mode is not None:
module.fail_json(
msg=
'vxlan pools do not support setting the "allocation_mode"; please omit this parameter for vxlan pools'
)
# ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static)
if pool_type != 'vxlan' and pool is not None:
if pool_allocation_mode is not None:
pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode)
else:
module.fail_json(
msg=
'ACI requires the "pool_allocation_mode" for "pool_type" of "vlan" and "vsan" when the "pool" is provided'
)
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class=aci_pool_class,
aci_rn='{0}{1}'.format(aci_pool_mo, pool_name),
module_object=pool,
target_filter={'name': pool},
),
subclass_1=dict(
aci_class=aci_range_class,
aci_rn='{0}'.format(aci_range_mo),
module_object=aci_range_mo,
target_filter={
'from': encap_start,
'to': encap_end,
'name': range_name
},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class=aci_range_class,
class_config={
"allocMode": allocation_mode,
"descr": description,
"from": encap_start,
"name": range_name,
"to": encap_end,
"nameAlias": name_alias,
},
)
aci.get_diff(aci_class=aci_range_class)
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
l3out=dict(type='str',
aliases=['l3out_name'
]), # Not required for querying all objects
extepg=dict(type='str',
aliases=['extepg_name',
'name']), # Not required for querying all objects
network=dict(type='str', aliases=['address', 'ip']),
description=dict(type='str', aliases=['descr']),
subnet_name=dict(type='str', aliases=['name']),
scope=dict(type='list',
elements='str',
choices=[
'export-rtctrl', 'import-security', 'shared-rtctrl',
'shared-security'
]),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'present', ['network']],
['state', 'absent', ['network']],
],
)
aci = ACIModule(module)
tenant = module.params.get('tenant')
l3out = module.params.get('l3out')
extepg = module.params.get('extepg')
network = module.params.get('network')
description = module.params.get('description')
subnet_name = module.params.get('subnet_name')
scope = ','.join(sorted(module.params.get('scope')))
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='l3extOut',
aci_rn='out-{0}'.format(l3out),
module_object=l3out,
target_filter={'name': l3out},
),
subclass_2=dict(
aci_class='l3extInstP',
aci_rn='instP-{0}'.format(extepg),
module_object=extepg,
target_filter={'name': extepg},
),
subclass_3=dict(
aci_class='l3extSubnet',
aci_rn='extsubnet-[{0}]'.format(network),
module_object=network,
target_filter={'name': network},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l3extSubnet',
class_config=dict(
ip=network,
descr=description,
name=subnet_name,
scope=scope,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l3extSubnet')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
# NOTE: Since this module needs to include both infra:AccBndlGrp (for PC and VPC) and infra:AccPortGrp (for leaf access port policy group):
# NOTE: I'll allow the user to make the choice here (link(PC), node(VPC), leaf(leaf-access port policy group))
lag_type=dict(type="str", required=True, aliases=["lag_type_name"], choices=["leaf", "link", "node"]),
policy_group=dict(type="str", aliases=["name", "policy_group_name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
link_level_policy=dict(type="str", aliases=["link_level_policy_name"]),
cdp_policy=dict(type="str", aliases=["cdp_policy_name"]),
mcp_policy=dict(type="str", aliases=["mcp_policy_name"]),
lldp_policy=dict(type="str", aliases=["lldp_policy_name"]),
stp_interface_policy=dict(type="str", aliases=["stp_interface_policy_name"]),
egress_data_plane_policing_policy=dict(type="str", aliases=["egress_data_plane_policing_policy_name"]),
ingress_data_plane_policing_policy=dict(type="str", aliases=["ingress_data_plane_policing_policy_name"]),
priority_flow_control_policy=dict(type="str", aliases=["priority_flow_control_policy_name"]),
fibre_channel_interface_policy=dict(type="str", aliases=["fibre_channel_interface_policy_name"]),
slow_drain_policy=dict(type="str", aliases=["slow_drain_policy_name"]),
port_channel_policy=dict(type="str", aliases=["port_channel_policy_name"]),
monitoring_policy=dict(type="str", aliases=["monitoring_policy_name"]),
storm_control_interface_policy=dict(type="str", aliases=["storm_control_interface_policy_name"]),
l2_interface_policy=dict(type="str", aliases=["l2_interface_policy_name"]),
port_security_policy=dict(type="str", aliases=["port_security_policy_name"]),
aep=dict(type="str", aliases=["aep_name"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["policy_group"]],
["state", "present", ["policy_group"]],
],
)
policy_group = module.params.get("policy_group")
description = module.params.get("description")
lag_type = module.params.get("lag_type")
link_level_policy = module.params.get("link_level_policy")
cdp_policy = module.params.get("cdp_policy")
mcp_policy = module.params.get("mcp_policy")
lldp_policy = module.params.get("lldp_policy")
stp_interface_policy = module.params.get("stp_interface_policy")
egress_data_plane_policing_policy = module.params.get("egress_data_plane_policing_policy")
ingress_data_plane_policing_policy = module.params.get("ingress_data_plane_policing_policy")
priority_flow_control_policy = module.params.get("priority_flow_control_policy")
fibre_channel_interface_policy = module.params.get("fibre_channel_interface_policy")
slow_drain_policy = module.params.get("slow_drain_policy")
port_channel_policy = module.params.get("port_channel_policy")
monitoring_policy = module.params.get("monitoring_policy")
storm_control_interface_policy = module.params.get("storm_control_interface_policy")
l2_interface_policy = module.params.get("l2_interface_policy")
port_security_policy = module.params.get("port_security_policy")
aep = module.params.get("aep")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
if lag_type == "leaf" and port_channel_policy is not None:
aci.fail_json(
"port_channel_policy is not a valid parameter for leaf\
(leaf access port policy group), if used\
assign null to it (port_channel_policy: null)."
)
if lag_type == "leaf":
aci_class_name = "infraAccPortGrp"
dn_name = "accportgrp"
class_config_dict = dict(
name=policy_group,
descr=description,
nameAlias=name_alias,
)
# Reset for target_filter
lag_type = None
elif lag_type in ("link", "node"):
aci_class_name = "infraAccBndlGrp"
dn_name = "accbundle"
class_config_dict = dict(
name=policy_group,
descr=description,
lagT=lag_type,
nameAlias=name_alias,
)
child_configs = [
dict(
infraRsCdpIfPol=dict(
attributes=dict(
tnCdpIfPolName=cdp_policy,
),
),
),
dict(
infraRsFcIfPol=dict(
attributes=dict(
tnFcIfPolName=fibre_channel_interface_policy,
),
),
),
dict(
infraRsHIfPol=dict(
attributes=dict(
tnFabricHIfPolName=link_level_policy,
),
),
),
dict(
infraRsL2IfPol=dict(
attributes=dict(
tnL2IfPolName=l2_interface_policy,
),
),
),
dict(
infraRsL2PortSecurityPol=dict(
attributes=dict(
tnL2PortSecurityPolName=port_security_policy,
),
),
),
dict(
infraRsLacpPol=dict(
attributes=dict(
tnLacpLagPolName=port_channel_policy,
),
),
),
dict(
infraRsLldpIfPol=dict(
attributes=dict(
tnLldpIfPolName=lldp_policy,
),
),
),
dict(
infraRsMcpIfPol=dict(
attributes=dict(
tnMcpIfPolName=mcp_policy,
),
),
),
dict(
infraRsMonIfInfraPol=dict(
attributes=dict(
tnMonInfraPolName=monitoring_policy,
),
),
),
dict(
infraRsQosEgressDppIfPol=dict(
attributes=dict(
tnQosDppPolName=egress_data_plane_policing_policy,
),
),
),
dict(
infraRsQosIngressDppIfPol=dict(
attributes=dict(
tnQosDppPolName=ingress_data_plane_policing_policy,
),
),
),
dict(
infraRsQosPfcIfPol=dict(
attributes=dict(
tnQosPfcIfPolName=priority_flow_control_policy,
),
),
),
dict(
infraRsQosSdIfPol=dict(
attributes=dict(
tnQosSdIfPolName=slow_drain_policy,
),
),
),
dict(
infraRsStormctrlIfPol=dict(
attributes=dict(
tnStormctrlIfPolName=storm_control_interface_policy,
),
),
),
dict(
infraRsStpIfPol=dict(
attributes=dict(
tnStpIfPolName=stp_interface_policy,
),
),
),
]
# Add infraRsattEntP binding only when aep was defined
if aep is not None:
child_configs.append(
dict(
infraRsAttEntP=dict(
attributes=dict(
tDn="uni/infra/attentp-{0}".format(aep),
),
),
)
)
aci.construct_url(
root_class=dict(
aci_class=aci_class_name,
aci_rn="infra/funcprof/{0}-{1}".format(dn_name, policy_group),
module_object=policy_group,
target_filter={"name": policy_group, "lagT": lag_type},
),
child_classes=[
"infraRsAttEntP",
"infraRsCdpIfPol",
"infraRsFcIfPol",
"infraRsHIfPol",
"infraRsL2IfPol",
"infraRsL2PortSecurityPol",
"infraRsLacpPol",
"infraRsLldpIfPol",
"infraRsMcpIfPol",
"infraRsMonIfInfraPol",
"infraRsQosEgressDppIfPol",
"infraRsQosIngressDppIfPol",
"infraRsQosPfcIfPol",
"infraRsQosSdIfPol",
"infraRsStormctrlIfPol",
"infraRsStpIfPol",
],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class=aci_class_name,
class_config=class_config_dict,
child_configs=child_configs,
)
aci.get_diff(aci_class=aci_class_name)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str', aliases=['syslog_group', 'syslog_group_name']),
format=dict(type='str', choices=['aci', 'nxos']),
admin_state=dict(type='str', choices=['enabled', 'disabled']),
console_logging=dict(type='str', choices=['enabled', 'disabled']),
console_log_severity=dict(type='str',
choices=[
'alerts', 'critical', 'debugging',
'emergencies', 'error', 'information',
'notifications', 'warnings'
]),
local_file_logging=dict(type='str', choices=['enabled', 'disabled']),
local_file_log_severity=dict(type='str',
choices=[
'alerts', 'critical', 'debugging',
'emergencies', 'error', 'information',
'notifications', 'warnings'
]),
include_ms=dict(type='bool'),
include_time_zone=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['name']],
['state', 'present', ['name']],
])
aci = ACIModule(module)
name = module.params.get('name')
format = module.params.get('format')
admin_state = module.params.get('admin_state')
console_logging = module.params.get('console_logging')
console_log_severity = module.params.get('console_log_severity')
local_file_logging = module.params.get('local_file_logging')
local_file_log_severity = module.params.get('local_file_log_severity')
include_ms = aci.boolean(module.params.get('include_ms'))
include_time_zone = aci.boolean(module.params.get('include_time_zone'))
state = module.params.get('state')
aci.construct_url(
root_class=dict(
aci_class='syslogGroup',
aci_rn='fabric/slgroup-{0}'.format(name),
module_object=name,
target_filter={'name': name},
),
child_classes=[
'syslogRemoteDest', 'syslogProf', 'syslogFile', 'syslogConsole'
],
)
aci.get_existing()
if state == 'present':
class_config = dict(
name=name,
format=format,
includeMilliSeconds=include_ms,
)
if include_time_zone is not None:
class_config['includeTimeZone'] = include_time_zone
aci.payload(
aci_class='syslogGroup',
class_config=class_config,
child_configs=[
dict(syslogProf=dict(attributes=dict(adminState=admin_state,
name='syslog'), ), ),
dict(syslogFile=dict(attributes=dict(
adminState=local_file_logging,
format=format,
severity=local_file_log_severity), ), ),
dict(syslogConsole=dict(attributes=dict(
adminState=console_logging,
format=format,
severity=console_log_severity), ), ),
],
)
aci.get_diff(aci_class='syslogGroup')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
allow_useg=dict(type='str', choices=['encap', 'useg']),
ap=dict(type='str',
aliases=['app_profile', 'app_profile_name'
]), # Not required for querying all objects
deploy_immediacy=dict(type='str', choices=['immediate', 'lazy']),
domain=dict(type='str',
aliases=['domain_name', 'domain_profile'
]), # Not required for querying all objects
domain_type=dict(type='str',
choices=['l2dom', 'phys', 'vmm'],
aliases=['type'
]), # Not required for querying all objects
encap=dict(type='int'),
encap_mode=dict(type='str', choices=['auto', 'vlan', 'vxlan']),
switching_mode=dict(type='str',
default='native',
choices=['AVE', 'native']),
epg=dict(type='str',
aliases=['name', 'epg_name'
]), # Not required for querying all objects
netflow=dict(type='bool'),
primary_encap=dict(type='int'),
resolution_immediacy=dict(
type='str', choices=['immediate', 'lazy', 'pre-provision']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
vm_provider=dict(type='str',
choices=[
'cloudfoundry', 'kubernetes', 'microsoft',
'openshift', 'openstack', 'redhat', 'vmware'
]),
promiscuous=dict(type='str',
default='reject',
choices=['accept', 'reject']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['domain_type', 'vmm', ['vm_provider']],
[
'state', 'absent',
['ap', 'domain', 'domain_type', 'epg', 'tenant']
],
[
'state', 'present',
['ap', 'domain', 'domain_type', 'epg', 'tenant']
],
],
)
aci = ACIModule(module)
allow_useg = module.params.get('allow_useg')
ap = module.params.get('ap')
deploy_immediacy = module.params.get('deploy_immediacy')
domain = module.params.get('domain')
domain_type = module.params.get('domain_type')
vm_provider = module.params.get('vm_provider')
promiscuous = module.params.get('promiscuous')
encap = module.params.get('encap')
if encap is not None:
if encap in range(1, 4097):
encap = 'vlan-{0}'.format(encap)
else:
module.fail_json(msg='Valid VLAN assignments are from 1 to 4096')
encap_mode = module.params.get('encap_mode')
switching_mode = module.params.get('switching_mode')
epg = module.params.get('epg')
netflow = aci.boolean(module.params.get('netflow'), 'enabled', 'disabled')
primary_encap = module.params.get('primary_encap')
if primary_encap is not None:
if primary_encap in range(1, 4097):
primary_encap = 'vlan-{0}'.format(primary_encap)
else:
module.fail_json(msg='Valid VLAN assignments are from 1 to 4096')
resolution_immediacy = module.params.get('resolution_immediacy')
state = module.params.get('state')
tenant = module.params.get('tenant')
if domain_type in ['l2dom', 'phys'] and vm_provider is not None:
module.fail_json(msg="Domain type '%s' cannot have a 'vm_provider'" %
domain_type)
child_classes = None
child_configs = None
# Compile the full domain for URL building
if domain_type == 'vmm':
epg_domain = 'uni/vmmp-{0}/dom-{1}'.format(
VM_PROVIDER_MAPPING[vm_provider], domain)
child_configs = [
dict(vmmSecP=dict(attributes=dict(allowPromiscuous=promiscuous)))
]
child_classes = ['vmmSecP']
elif domain_type == 'l2dom':
epg_domain = 'uni/l2dom-{0}'.format(domain)
elif domain_type == 'phys':
epg_domain = 'uni/phys-{0}'.format(domain)
else:
epg_domain = None
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvAp',
aci_rn='ap-{0}'.format(ap),
module_object=ap,
target_filter={'name': ap},
),
subclass_2=dict(
aci_class='fvAEPg',
aci_rn='epg-{0}'.format(epg),
module_object=epg,
target_filter={'name': epg},
),
subclass_3=dict(
aci_class='fvRsDomAtt',
aci_rn='rsdomAtt-[{0}]'.format(epg_domain),
module_object=epg_domain,
target_filter={'tDn': epg_domain},
),
child_classes=child_classes,
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvRsDomAtt',
class_config=dict(
classPref=allow_useg,
encap=encap,
encapMode=encap_mode,
switchingMode=switching_mode,
instrImedcy=deploy_immediacy,
netflowPref=netflow,
primaryEncap=primary_encap,
resImedcy=resolution_immediacy,
),
child_configs=child_configs,
)
aci.get_diff(aci_class='fvRsDomAtt')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str"), # Not required for querying all objects
version=dict(type="str"),
ignoreCompat=dict(type="bool"),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name", "version"]],
],
)
state = module.params.get("state")
name = module.params.get("name")
version = module.params.get("version")
name_alias = module.params.get("name_alias")
if module.params.get("ignoreCompat"):
ignore = "yes"
else:
ignore = "no"
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="firmwareFwP",
aci_rn="fabric/fwpol-{0}".format(name),
target_filter={"name": name},
module_object=name,
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="firmwareFwP",
class_config=dict(
name=name,
version=version,
ignoreCompat=ignore,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="firmwareFwP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
epg=dict(type="str",
aliases=["epg_name",
"name"]), # Not required for querying all objects
bd=dict(type="str", aliases=["bd_name", "bridge_domain"]),
ap=dict(type="str",
aliases=["app_profile", "app_profile_name"
]), # Not required for querying all objects
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
priority=dict(type="str",
choices=["level1", "level2", "level3", "unspecified"]),
intra_epg_isolation=dict(choices=["enforced", "unenforced"]),
fwd_control=dict(type="str", choices=["none", "proxy-arp"]),
preferred_group=dict(type="bool"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
monitoring_policy=dict(type="str"),
custom_qos_policy=dict(type="str"),
useg=dict(type="str", choices=['yes', 'no']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["ap", "epg", "tenant"]],
["state", "present", ["ap", "epg", "tenant"]],
],
)
aci = ACIModule(module)
epg = module.params.get("epg")
bd = module.params.get("bd")
description = module.params.get("description")
priority = module.params.get("priority")
intra_epg_isolation = module.params.get("intra_epg_isolation")
fwd_control = module.params.get("fwd_control")
preferred_group = aci.boolean(module.params.get("preferred_group"),
"include", "exclude")
state = module.params.get("state")
tenant = module.params.get("tenant")
ap = module.params.get("ap")
name_alias = module.params.get("name_alias")
monitoring_policy = module.params.get("monitoring_policy")
custom_qos_policy = module.params.get("custom_qos_policy")
useg = module.params.get("useg")
child_configs = [
dict(fvRsBd=dict(attributes=dict(tnFvBDName=bd))),
dict(fvRsAEPgMonPol=dict(attributes=dict(
tnMonEPGPolName=monitoring_policy)))
]
if custom_qos_policy is not None:
child_configs.append(
dict(fvRsCustQosPol=dict(attributes=dict(
tnQosCustomPolName=custom_qos_policy))))
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
subclass_2=dict(
aci_class="fvAEPg",
aci_rn="epg-{0}".format(epg),
module_object=epg,
target_filter={"name": epg},
),
child_classes=["fvRsBd", "fvRsAEPgMonPol", "fvRsCustQosPol"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvAEPg",
class_config=dict(
name=epg,
descr=description,
prio=priority,
pcEnfPref=intra_epg_isolation,
fwdCtrl=fwd_control,
prefGrMemb=preferred_group,
nameAlias=name_alias,
isAttrBasedEPg=useg,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="fvAEPg")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
arp_flooding=dict(type='bool'),
bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects
bd_type=dict(type='str', choices=['ethernet', 'fc']),
description=dict(type='str'),
enable_multicast=dict(type='bool'),
enable_routing=dict(type='bool'),
endpoint_clear=dict(type='bool'),
endpoint_move_detect=dict(type='str', choices=['default', 'garp']),
endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']),
endpoint_retention_policy=dict(type='str'),
igmp_snoop_policy=dict(type='str'),
ip_learning=dict(type='bool'),
ipv6_nd_policy=dict(type='str'),
l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']),
l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']),
limit_ip_learn=dict(type='bool'),
mac_address=dict(type='str', aliases=['mac']),
multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
vrf=dict(type='str', aliases=['vrf_name']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['bd', 'tenant']],
['state', 'present', ['bd', 'tenant']],
],
)
aci = ACIModule(module)
arp_flooding = aci.boolean(module.params.get('arp_flooding'))
bd = module.params.get('bd')
bd_type = module.params.get('bd_type')
if bd_type == 'ethernet':
# ethernet type is represented as regular, but that is not clear to the users
bd_type = 'regular'
description = module.params.get('description')
enable_multicast = aci.boolean(module.params.get('enable_multicast'))
enable_routing = aci.boolean(module.params.get('enable_routing'))
endpoint_clear = aci.boolean(module.params.get('endpoint_clear'))
endpoint_move_detect = module.params.get('endpoint_move_detect')
if endpoint_move_detect == 'default':
# the ACI default setting is an empty string, but that is not a good input value
endpoint_move_detect = ''
endpoint_retention_action = module.params.get('endpoint_retention_action')
endpoint_retention_policy = module.params.get('endpoint_retention_policy')
igmp_snoop_policy = module.params.get('igmp_snoop_policy')
ip_learning = aci.boolean(module.params.get('ip_learning'))
ipv6_nd_policy = module.params.get('ipv6_nd_policy')
l2_unknown_unicast = module.params.get('l2_unknown_unicast')
l3_unknown_multicast = module.params.get('l3_unknown_multicast')
limit_ip_learn = aci.boolean(module.params.get('limit_ip_learn'))
mac_address = module.params.get('mac_address')
multi_dest = module.params.get('multi_dest')
state = module.params.get('state')
tenant = module.params.get('tenant')
vrf = module.params.get('vrf')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvBD',
aci_rn='BD-{0}'.format(bd),
module_object=bd,
target_filter={'name': bd},
),
child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvBD',
class_config=dict(
arpFlood=arp_flooding,
descr=description,
epClear=endpoint_clear,
epMoveDetectMode=endpoint_move_detect,
ipLearning=ip_learning,
limitIpLearnToSubnets=limit_ip_learn,
mac=mac_address,
mcastAllow=enable_multicast,
multiDstPktAct=multi_dest,
name=bd,
type=bd_type,
unicastRoute=enable_routing,
unkMacUcastAct=l2_unknown_unicast,
unkMcastAct=l3_unknown_multicast,
nameAlias=name_alias,
),
child_configs=[
{'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}},
{'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}},
{'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}},
{'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}},
],
)
aci.get_diff(aci_class='fvBD')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
domain_type=dict(type='str', required=True, choices=['fc', 'l2dom', 'l3dom', 'phys', 'vmm']),
pool_type=dict(type='str', required=True, choices=['vlan', 'vsan', 'vxlan']),
domain=dict(type='str', aliases=['domain_name', 'domain_profile']), # Not required for querying all objects
pool=dict(type='str', aliases=['pool_name']), # Not required for querying all objects
pool_allocation_mode=dict(type='str', aliases=['allocation_mode', 'mode'], choices=['dynamic', 'static']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
vm_provider=dict(type='str', choices=['cloudfoundry', 'kubernetes', 'microsoft', 'openshift', 'openstack', 'redhat', 'vmware']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['domain_type', 'vmm', ['vm_provider']],
['state', 'absent', ['domain', 'domain_type', 'pool', 'pool_type']],
['state', 'present', ['domain', 'domain_type', 'pool', 'pool_type']],
],
)
domain = module.params.get('domain')
domain_type = module.params.get('domain_type')
pool = module.params.get('pool')
pool_allocation_mode = module.params.get('pool_allocation_mode')
pool_type = module.params.get('pool_type')
vm_provider = module.params.get('vm_provider')
state = module.params.get('state')
# Report when vm_provider is set when type is not virtual
if domain_type != 'vmm' and vm_provider is not None:
module.fail_json(msg="Domain type '{0}' cannot have a 'vm_provider'".format(domain_type))
# ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static)
pool_name = pool
if pool_type != 'vxlan' and pool is not None:
if pool_allocation_mode is not None:
pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode)
else:
module.fail_json(msg="ACI requires the 'pool_allocation_mode' for 'pool_type' of 'vlan' and 'vsan' when 'pool' is provided")
# Vxlan pools do not support allocation modes
if pool_type == 'vxlan' and pool_allocation_mode is not None:
module.fail_json(msg='vxlan pools do not support setting the allocation_mode; please remove this parameter from the task')
# Compile the full domain for URL building
if domain_type == 'fc':
domain_class = 'fcDomP'
domain_mo = 'uni/fc-{0}'.format(domain)
domain_rn = 'fc-{0}'.format(domain)
elif domain_type == 'l2ext':
domain_class = 'l2extDomP'
domain_mo = 'uni/l2dom-{0}'.format(domain)
domain_rn = 'l2dom-{0}'.format(domain)
elif domain_type == 'l3ext':
domain_class = 'l3extDomP'
domain_mo = 'uni/l3dom-{0}'.format(domain)
domain_rn = 'l3dom-{0}'.format(domain)
elif domain_type == 'phys':
domain_class = 'physDomP'
domain_mo = 'uni/phys-{0}'.format(domain)
domain_rn = 'phys-{0}'.format(domain)
elif domain_type == 'vmm':
domain_class = 'vmmDomP'
domain_mo = 'uni/vmmp-{0}/dom-{1}'.format(VM_PROVIDER_MAPPING[vm_provider], domain)
domain_rn = 'vmmp-{0}/dom-{1}'.format(VM_PROVIDER_MAPPING[vm_provider], domain)
# Ensure that querying all objects works when only domain_type is provided
if domain is None:
domain_mo = None
pool_mo = POOL_MAPPING[pool_type]['aci_mo'].format(pool_name)
child_class = POOL_MAPPING[pool_type]['child_class']
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class=domain_class,
aci_rn=domain_rn,
module_object=domain_mo,
target_filter={'name': domain},
),
child_classes=[child_class],
)
aci.get_existing()
if state == 'present':
# Filter out module params with null values
aci.payload(
aci_class=domain_class,
class_config=dict(name=domain),
child_configs=[
{child_class: {'attributes': {'tDn': pool_mo}}},
]
)
# Generate config diff which will be used as POST request body
aci.get_diff(aci_class=domain_class)
# Submit changes if module not in check_mode and the proposed is different than existing
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
# NOTE: Since this module needs to include both infra:AccBndlGrp (for PC and VPC) and infra:AccPortGrp (for leaf access port policy group):
# NOTE: I'll allow the user to make the choice here (link(PC), node(VPC), leaf(leaf-access port policy group))
lag_type=dict(type='str', required=True, aliases=['lag_type_name'], choices=['leaf', 'link', 'node']),
policy_group=dict(type='str', aliases=['name', 'policy_group_name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
link_level_policy=dict(type='str', aliases=['link_level_policy_name']),
cdp_policy=dict(type='str', aliases=['cdp_policy_name']),
mcp_policy=dict(type='str', aliases=['mcp_policy_name']),
lldp_policy=dict(type='str', aliases=['lldp_policy_name']),
stp_interface_policy=dict(type='str', aliases=['stp_interface_policy_name']),
egress_data_plane_policing_policy=dict(type='str', aliases=['egress_data_plane_policing_policy_name']),
ingress_data_plane_policing_policy=dict(type='str', aliases=['ingress_data_plane_policing_policy_name']),
priority_flow_control_policy=dict(type='str', aliases=['priority_flow_control_policy_name']),
fibre_channel_interface_policy=dict(type='str', aliases=['fibre_channel_interface_policy_name']),
slow_drain_policy=dict(type='str', aliases=['slow_drain_policy_name']),
port_channel_policy=dict(type='str', aliases=['port_channel_policy_name']),
monitoring_policy=dict(type='str', aliases=['monitoring_policy_name']),
storm_control_interface_policy=dict(type='str', aliases=['storm_control_interface_policy_name']),
l2_interface_policy=dict(type='str', aliases=['l2_interface_policy_name']),
port_security_policy=dict(type='str', aliases=['port_security_policy_name']),
aep=dict(type='str', aliases=['aep_name']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['policy_group']],
['state', 'present', ['policy_group']],
],
)
policy_group = module.params.get('policy_group')
description = module.params.get('description')
lag_type = module.params.get('lag_type')
link_level_policy = module.params.get('link_level_policy')
cdp_policy = module.params.get('cdp_policy')
mcp_policy = module.params.get('mcp_policy')
lldp_policy = module.params.get('lldp_policy')
stp_interface_policy = module.params.get('stp_interface_policy')
egress_data_plane_policing_policy = module.params.get('egress_data_plane_policing_policy')
ingress_data_plane_policing_policy = module.params.get('ingress_data_plane_policing_policy')
priority_flow_control_policy = module.params.get('priority_flow_control_policy')
fibre_channel_interface_policy = module.params.get('fibre_channel_interface_policy')
slow_drain_policy = module.params.get('slow_drain_policy')
port_channel_policy = module.params.get('port_channel_policy')
monitoring_policy = module.params.get('monitoring_policy')
storm_control_interface_policy = module.params.get('storm_control_interface_policy')
l2_interface_policy = module.params.get('l2_interface_policy')
port_security_policy = module.params.get('port_security_policy')
aep = module.params.get('aep')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
if lag_type == 'leaf':
aci_class_name = 'infraAccPortGrp'
dn_name = 'accportgrp'
class_config_dict = dict(
name=policy_group,
descr=description,
nameAlias=name_alias,
)
# Reset for target_filter
lag_type = None
elif lag_type in ('link', 'node'):
aci_class_name = 'infraAccBndlGrp'
dn_name = 'accbundle'
class_config_dict = dict(
name=policy_group,
descr=description,
lagT=lag_type,
nameAlias=name_alias,
)
child_configs = [
dict(
infraRsCdpIfPol=dict(
attributes=dict(
tnCdpIfPolName=cdp_policy,
),
),
),
dict(
infraRsFcIfPol=dict(
attributes=dict(
tnFcIfPolName=fibre_channel_interface_policy,
),
),
),
dict(
infraRsHIfPol=dict(
attributes=dict(
tnFabricHIfPolName=link_level_policy,
),
),
),
dict(
infraRsL2IfPol=dict(
attributes=dict(
tnL2IfPolName=l2_interface_policy,
),
),
),
dict(
infraRsL2PortSecurityPol=dict(
attributes=dict(
tnL2PortSecurityPolName=port_security_policy,
),
),
),
dict(
infraRsLacpPol=dict(
attributes=dict(
tnLacpLagPolName=port_channel_policy,
),
),
),
dict(
infraRsLldpIfPol=dict(
attributes=dict(
tnLldpIfPolName=lldp_policy,
),
),
),
dict(
infraRsMcpIfPol=dict(
attributes=dict(
tnMcpIfPolName=mcp_policy,
),
),
),
dict(
infraRsMonIfInfraPol=dict(
attributes=dict(
tnMonInfraPolName=monitoring_policy,
),
),
),
dict(
infraRsQosEgressDppIfPol=dict(
attributes=dict(
tnQosDppPolName=egress_data_plane_policing_policy,
),
),
),
dict(
infraRsQosIngressDppIfPol=dict(
attributes=dict(
tnQosDppPolName=ingress_data_plane_policing_policy,
),
),
),
dict(
infraRsQosPfcIfPol=dict(
attributes=dict(
tnQosPfcIfPolName=priority_flow_control_policy,
),
),
),
dict(
infraRsQosSdIfPol=dict(
attributes=dict(
tnQosSdIfPolName=slow_drain_policy,
),
),
),
dict(
infraRsStormctrlIfPol=dict(
attributes=dict(
tnStormctrlIfPolName=storm_control_interface_policy,
),
),
),
dict(
infraRsStpIfPol=dict(
attributes=dict(
tnStpIfPolName=stp_interface_policy,
),
),
),
]
# Add infraRsattEntP binding only when aep was defined
if aep is not None:
child_configs.append(dict(
infraRsAttEntP=dict(
attributes=dict(
tDn='uni/infra/attentp-{0}'.format(aep),
),
),
))
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class=aci_class_name,
aci_rn='infra/funcprof/{0}-{1}'.format(dn_name, policy_group),
module_object=policy_group,
target_filter={'name': policy_group, 'lagT': lag_type},
),
child_classes=[
'infraRsAttEntP',
'infraRsCdpIfPol',
'infraRsFcIfPol',
'infraRsHIfPol',
'infraRsL2IfPol',
'infraRsL2PortSecurityPol',
'infraRsLacpPol',
'infraRsLldpIfPol',
'infraRsMcpIfPol',
'infraRsMonIfInfraPol',
'infraRsQosEgressDppIfPol',
'infraRsQosIngressDppIfPol',
'infraRsQosPfcIfPol',
'infraRsQosSdIfPol',
'infraRsStormctrlIfPol',
'infraRsStpIfPol',
],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class=aci_class_name,
class_config=class_config_dict,
child_configs=child_configs,
)
aci.get_diff(aci_class=aci_class_name)
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type="str", aliases=["tenant_name"]),
ap=dict(type="str", aliases=["app_profile", "app_profile_name"]),
esg=dict(type="str", aliases=["esg_name"]),
name=dict(type="str", aliases=["match_key"]), # ESG Tag Selector key name
operator=dict(type="str", choices=["contains", "equals", "regex"], aliases=["value_operator"]), # ESG Tag Selector operator type
match_value=dict(type="str"), # ESG Tag Selector match value
description=dict(type="str", aliases=["tag_selector_description"]),
state=dict(
type="str",
default="present",
choices=["absent", "present", "query"],
),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant", "ap", "esg", "name", "match_value"]],
["state", "present", ["tenant", "ap", "esg", "name", "match_value"]],
],
)
aci = ACIModule(module)
tenant = module.params.get("tenant")
ap = module.params.get("ap")
esg = module.params.get("esg")
name = module.params.get("name")
operator = module.params.get("operator")
match_value = module.params.get("match_value")
description = module.params.get("description")
state = module.params.get("state")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
subclass_2=dict(
aci_class="fvESg",
aci_rn="esg-{0}".format(esg),
module_object=esg,
target_filter={"name": esg},
),
subclass_3=dict(
aci_class="fvTagSelector",
aci_rn="tagselectorkey-[{0}]-value-[{1}]".format(name, match_value),
module_object=name,
target_filter={"matchKey": name, "matchValue": match_value},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvTagSelector",
class_config=dict(
matchKey=name,
matchValue=match_value,
valueOperator=operator,
descr=description,
),
)
aci.get_diff(aci_class="fvTagSelector")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
pool_type=dict(type='str',
required=True,
aliases=['type'],
choices=['vlan', 'vsan', 'vxlan']),
description=dict(type='str', aliases=['descr']),
pool=dict(type='str',
aliases=['name', 'pool_name'
]), # Not required for querying all objects
pool_allocation_mode=dict(type='str',
aliases=['allocation_mode', 'mode'],
choices=['dynamic', 'static']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['pool']],
['state', 'present', ['pool']],
],
)
description = module.params.get('description')
pool = module.params.get('pool')
pool_type = module.params.get('pool_type')
pool_allocation_mode = module.params.get('pool_allocation_mode')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci_class = ACI_POOL_MAPPING[pool_type]['aci_class']
aci_mo = ACI_POOL_MAPPING[pool_type]['aci_mo']
pool_name = pool
# ACI Pool URL requires the pool_allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static)
if pool_type != 'vxlan' and pool is not None:
if pool_allocation_mode is not None:
pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode)
else:
module.fail_json(
msg=
"ACI requires parameter 'pool_allocation_mode' for 'pool_type' of 'vlan' and 'vsan' when parameter 'pool' is provided"
)
# Vxlan pools do not support pool allocation modes
if pool_type == 'vxlan' and pool_allocation_mode is not None:
module.fail_json(
msg=
"vxlan pools do not support setting the 'pool_allocation_mode'; please remove this parameter from the task"
)
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class=aci_class,
aci_rn='{0}{1}'.format(aci_mo, pool_name),
module_object=pool,
target_filter={'name': pool},
), )
aci.get_existing()
if state == 'present':
# Filter out module parameters with null values
aci.payload(aci_class=aci_class,
class_config=dict(
allocMode=pool_allocation_mode,
descr=description,
name=pool,
nameAlias=name_alias,
))
# Generate config diff which will be used as POST request body
aci.get_diff(aci_class=aci_class)
# Submit changes if module not in check_mode and the proposed is different than existing
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str',
aliases=['maintenance_policy'
]), # Not required for querying all objects
runmode=dict(type='str',
default='pauseOnlyOnFailures',
choices=['pauseOnlyOnFailures', 'pauseNever']),
graceful=dict(type='bool'),
scheduler=dict(type='str'),
ignoreCompat=dict(type='bool'),
adminst=dict(type='str',
default='untriggered',
choices=['triggered', 'untriggered']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['name']],
['state', 'present', ['name', 'scheduler']],
],
)
aci = ACIModule(module)
state = module.params.get('state')
name = module.params.get('name')
runmode = module.params.get('runmode')
scheduler = module.params.get('scheduler')
adminst = module.params.get('adminst')
graceful = aci.boolean(module.params.get('graceful'))
ignoreCompat = aci.boolean(module.params.get('ignoreCompat'))
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='maintMaintP',
aci_rn='fabric/maintpol-{0}'.format(name),
target_filter={'name': name},
module_object=name,
),
child_classes=['maintRsPolScheduler'])
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='maintMaintP',
class_config=dict(
name=name,
runMode=runmode,
graceful=graceful,
adminSt=adminst,
ignoreCompat=ignoreCompat,
nameAlias=name_alias,
),
child_configs=[
dict(maintRsPolScheduler=dict(attributes=dict(
tnTrigSchedPName=scheduler, ), ), ),
],
)
aci.get_diff(aci_class='maintMaintP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
port_security=dict(
type='str',
aliases=['name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
max_end_points=dict(type='int'),
port_security_timeout=dict(type='int'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['port_security']],
['state', 'present', ['port_security']],
],
)
port_security = module.params.get('port_security')
description = module.params.get('description')
max_end_points = module.params.get('max_end_points')
port_security_timeout = module.params.get('port_security_timeout')
name_alias = module.params.get('name_alias')
if max_end_points is not None and max_end_points not in range(12001):
module.fail_json(
msg='The "max_end_points" must be between 0 and 12000')
if port_security_timeout is not None and port_security_timeout not in range(
60, 3601):
module.fail_json(
msg='The "port_security_timeout" must be between 60 and 3600')
state = module.params.get('state')
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class='l2PortSecurityPol',
aci_rn='infra/portsecurityP-{0}'.format(port_security),
module_object=port_security,
target_filter={'name': port_security},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l2PortSecurityPol',
class_config=dict(
name=port_security,
descr=description,
maximum=max_end_points,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l2PortSecurityPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
arp_flag=dict(type='str', choices=VALID_ARP_FLAGS),
description=dict(type='str', aliases=['descr']),
dst_port=dict(type='str'),
dst_port_end=dict(type='str'),
dst_port_start=dict(type='str'),
entry=dict(type='str', aliases=['entry_name', 'filter_entry', 'name']), # Not required for querying all objects
ether_type=dict(choices=VALID_ETHER_TYPES, type='str'),
filter=dict(type='str', aliases=['filter_name']), # Not required for querying all objects
icmp_msg_type=dict(type='str', choices=VALID_ICMP_TYPES),
icmp6_msg_type=dict(type='str', choices=VALID_ICMP6_TYPES),
ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type='str'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
stateful=dict(type='bool'),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['entry', 'filter', 'tenant']],
['state', 'present', ['entry', 'filter', 'tenant']],
],
)
aci = ACIModule(module)
arp_flag = module.params.get('arp_flag')
if arp_flag is not None:
arp_flag = ARP_FLAG_MAPPING.get(arp_flag)
description = module.params.get('description')
dst_port = module.params.get('dst_port')
if FILTER_PORT_MAPPING.get(dst_port) is not None:
dst_port = FILTER_PORT_MAPPING.get(dst_port)
dst_end = module.params.get('dst_port_end')
if FILTER_PORT_MAPPING.get(dst_end) is not None:
dst_end = FILTER_PORT_MAPPING.get(dst_end)
dst_start = module.params.get('dst_port_start')
if FILTER_PORT_MAPPING.get(dst_start) is not None:
dst_start = FILTER_PORT_MAPPING.get(dst_start)
entry = module.params.get('entry')
ether_type = module.params.get('ether_type')
filter_name = module.params.get('filter')
icmp_msg_type = module.params.get('icmp_msg_type')
if icmp_msg_type is not None:
icmp_msg_type = ICMP_MAPPING.get(icmp_msg_type)
icmp6_msg_type = module.params.get('icmp6_msg_type')
if icmp6_msg_type is not None:
icmp6_msg_type = ICMP6_MAPPING.get(icmp6_msg_type)
ip_protocol = module.params.get('ip_protocol')
state = module.params.get('state')
stateful = aci.boolean(module.params.get('stateful'))
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
# validate that dst_port is not passed with dst_start or dst_end
if dst_port is not None and (dst_end is not None or dst_start is not None):
module.fail_json(msg="Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'")
elif dst_port is not None:
dst_end = dst_port
dst_start = dst_port
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzFilter',
aci_rn='flt-{0}'.format(filter_name),
module_object=filter_name,
target_filter={'name': filter_name},
),
subclass_2=dict(
aci_class='vzEntry',
aci_rn='e-{0}'.format(entry),
module_object=entry,
target_filter={'name': entry},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzEntry',
class_config=dict(
arpOpc=arp_flag,
descr=description,
dFromPort=dst_start,
dToPort=dst_end,
etherT=ether_type,
icmpv4T=icmp_msg_type,
icmpv6T=icmp6_msg_type,
name=entry,
prot=ip_protocol,
stateful=stateful,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzEntry')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
contract_type=dict(type="str",
required=True,
choices=["consumer", "provider"]),
ap=dict(type="str",
aliases=["app_profile", "app_profile_name"
]), # Not required for querying all objects
epg=dict(type="str",
aliases=["epg_name"
]), # Not required for querying all objects
contract=dict(type="str",
aliases=["contract_name"
]), # Not required for querying all objects
priority=dict(type="str",
choices=[
"level1", "level2", "level3", "level4", "level5",
"level6", "unspecified"
]),
provider_match=dict(
type="str", choices=["all", "at_least_one", "at_most_one",
"none"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
contract_label=dict(type="str"),
subject_label=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["ap", "contract", "epg", "tenant"]],
["state", "present", ["ap", "contract", "epg", "tenant"]],
],
)
ap = module.params.get("ap")
contract = module.params.get("contract")
contract_type = module.params.get("contract_type")
epg = module.params.get("epg")
priority = module.params.get("priority")
provider_match = module.params.get("provider_match")
if provider_match is not None:
provider_match = PROVIDER_MATCH_MAPPING[provider_match]
state = module.params.get("state")
tenant = module.params.get("tenant")
contract_label = module.params.get("contract_label")
subject_label = module.params.get("subject_label")
aci_class = ACI_CLASS_MAPPING[contract_type]["class"]
aci_rn = ACI_CLASS_MAPPING[contract_type]["rn"]
contract_label_class = CONTRACT_LABEL_MAPPING[contract_type]
subject_label_class = SUBJ_LABEL_MAPPING[contract_type]
if contract_type == "consumer" and provider_match is not None:
module.fail_json(
msg=
"the 'provider_match' is only configurable for Provided Contracts")
child_classes = [subject_label_class, contract_label_class]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
subclass_2=dict(
aci_class="fvAEPg",
aci_rn="epg-{0}".format(epg),
module_object=epg,
target_filter={"name": epg},
),
subclass_3=dict(
aci_class=aci_class,
aci_rn="{0}{1}".format(aci_rn, contract),
module_object=contract,
target_filter={"tnVzBrCPName": contract},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
child_configs = []
if contract_label:
child_configs.append({
contract_label_class: {
"attributes": {
"name": contract_label
}
}
})
if subject_label:
child_configs.append(
{subject_label_class: {
"attributes": {
"name": subject_label
}
}})
aci.payload(
aci_class=aci_class,
class_config=dict(
matchT=provider_match,
prio=priority,
tnVzBrCPName=contract,
),
child_configs=child_configs,
)
aci.get_diff(aci_class=aci_class)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
domain_type=dict(type="str",
required=True,
choices=["fc", "l2dom", "l3dom", "phys", "vmm"],
aliases=["type"]),
domain=dict(type="str",
aliases=["domain_name", "domain_profile",
"name"]), # Not required for querying all objects
dscp=dict(
type="str",
choices=[
"AF11",
"AF12",
"AF13",
"AF21",
"AF22",
"AF23",
"AF31",
"AF32",
"AF33",
"AF41",
"AF42",
"AF43",
"CS0",
"CS1",
"CS2",
"CS3",
"CS4",
"CS5",
"CS6",
"CS7",
"EF",
"VA",
"unspecified",
],
aliases=["target"],
),
encap_mode=dict(type="str", choices=["unknown", "vlan", "vxlan"]),
add_infra_pg=dict(type="bool", aliases=["infra_pg"]),
tag_collection=dict(type="bool"),
multicast_address=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
vm_provider=dict(type="str",
choices=[
"cloudfoundry", "kubernetes", "microsoft",
"openshift", "openstack", "redhat", "vmware"
]),
vswitch=dict(type="str", choices=["avs", "default", "dvs", "unknown"]),
name_alias=dict(type="str"),
access_mode=dict(type="str", choices=["read-write", "read-only"]),
enable_vm_folder=dict(type="bool"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["domain_type", "vmm", ["vm_provider"]],
["state", "absent", ["domain", "domain_type"]],
["state", "present", ["domain", "domain_type"]],
],
)
dscp = module.params.get("dscp")
domain = module.params.get("domain")
domain_type = module.params.get("domain_type")
encap_mode = module.params.get("encap_mode")
add_infra_pg = BOOL_TO_ACI_MAPPING[module.params.get("add_infra_pg")]
tag_collection = BOOL_TO_ACI_MAPPING[module.params.get("tag_collection")]
multicast_address = module.params.get("multicast_address")
vm_provider = module.params.get("vm_provider")
vswitch = module.params.get("vswitch")
if vswitch is not None:
vswitch = VSWITCH_MAPPING.get(vswitch)
access_mode = module.params.get("access_mode")
enable_vm_folder = BOOL_TO_ACI_MAPPING[module.params.get(
"enable_vm_folder")]
state = module.params.get("state")
name_alias = module.params.get("name_alias")
if domain_type != "vmm":
if vm_provider is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'vm_provider'".
format(domain_type))
if encap_mode is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'encap_mode'".
format(domain_type))
if multicast_address is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'multicast_address'"
.format(domain_type))
if vswitch is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'vswitch'".format(
domain_type))
if access_mode is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'access_mode'".
format(domain_type))
if enable_vm_folder is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'enable_vm_folder'"
.format(domain_type))
if dscp is not None and domain_type not in ["l2dom", "l3dom"]:
module.fail_json(
msg="DSCP values can only be assigned to 'l2ext and 'l3ext' domains"
)
# Compile the full domain for URL building
if domain_type == "fc":
domain_class = "fcDomP"
domain_mo = "uni/fc-{0}".format(domain)
domain_rn = "fc-{0}".format(domain)
elif domain_type == "l2dom":
domain_class = "l2extDomP"
domain_mo = "uni/l2dom-{0}".format(domain)
domain_rn = "l2dom-{0}".format(domain)
elif domain_type == "l3dom":
domain_class = "l3extDomP"
domain_mo = "uni/l3dom-{0}".format(domain)
domain_rn = "l3dom-{0}".format(domain)
elif domain_type == "phys":
domain_class = "physDomP"
domain_mo = "uni/phys-{0}".format(domain)
domain_rn = "phys-{0}".format(domain)
elif domain_type == "vmm":
domain_class = "vmmDomP"
domain_mo = "uni/vmmp-{0}/dom-{1}".format(
VM_PROVIDER_MAPPING.get(vm_provider), domain)
domain_rn = "vmmp-{0}/dom-{1}".format(
VM_PROVIDER_MAPPING.get(vm_provider), domain)
# Ensure that querying all objects works when only domain_type is provided
if domain is None:
domain_mo = None
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class=domain_class,
aci_rn=domain_rn,
module_object=domain_mo,
target_filter={"name": domain},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class=domain_class,
class_config=dict(
encapMode=encap_mode,
mcastAddr=multicast_address,
configInfraPg=add_infra_pg,
enableTag=tag_collection,
mode=vswitch,
name=domain,
targetDscp=dscp,
nameAlias=name_alias,
accessMode=access_mode,
enableVmFolder=enable_vm_folder,
),
)
aci.get_diff(aci_class=domain_class)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
aep=dict(type='str', aliases=['name', 'aep_name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
infra_vlan=dict(type='bool', aliases=['infrastructure_vlan']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['aep']],
['state', 'present', ['aep']],
],
)
aep = module.params.get('aep')
description = module.params.get('description')
infra_vlan = module.params.get('infra_vlan')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
if infra_vlan:
child_configs = [dict(infraProvAcc=dict(attributes=dict(name='provacc')))]
elif infra_vlan is False:
child_configs = [dict(infraProvAcc=dict(attributes=dict(name='provacc', status='deleted')))]
else:
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='infraAttEntityP',
aci_rn='infra/attentp-{0}'.format(aep),
module_object=aep,
target_filter={'name': aep},
),
child_classes=['infraProvAcc']
)
aci.get_existing()
try:
if len(aci.existing[0]['infraAttEntityP']) == 1 and infra_vlan is False:
child_configs = []
except Exception:
pass
if state == 'present':
aci.payload(
aci_class='infraAttEntityP',
class_config=dict(
name=aep,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class='infraAttEntityP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
rtp=dict(type="str",
aliases=["name", "rtp_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
tag=dict(type="int"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["rtp", "tenant"]],
["state", "present", ["rtp", "tenant"]],
],
)
rtp = module.params.get("rtp")
description = module.params.get("description")
tag = module.params.get("tag")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l3extRouteTagPol",
aci_rn="rttag-{0}".format(rtp),
module_object=rtp,
target_filter={"name": rtp},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="l3extRouteTagPol",
class_config=dict(
name=rtp,
descr=description,
tag=tag,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="l3extRouteTagPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
epr_policy=dict(type='str',
aliases=['epr_name', 'name'
]), # Not required for querying all objects
bounce_age=dict(type='int'),
bounce_trigger=dict(type='str', choices=['coop', 'flood']),
hold_interval=dict(type='int'),
local_ep_interval=dict(type='int'),
remote_ep_interval=dict(type='int'),
description=dict(type='str', aliases=['descr']),
move_frequency=dict(type='int'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['epr_policy', 'tenant']],
['state', 'present', ['epr_policy', 'tenant']],
],
)
epr_policy = module.params.get('epr_policy')
bounce_age = module.params.get('bounce_age')
if bounce_age is not None and bounce_age != 0 and bounce_age not in range(
150, 65536):
module.fail_json(
msg="The bounce_age must be a value of 0 or between 150 and 65535")
if bounce_age == 0:
bounce_age = 'infinite'
bounce_trigger = module.params.get('bounce_trigger')
if bounce_trigger is not None:
bounce_trigger = BOUNCE_TRIG_MAPPING[bounce_trigger]
description = module.params.get('description')
hold_interval = module.params.get('hold_interval')
if hold_interval is not None and hold_interval not in range(5, 65536):
module.fail_json(
msg="The hold_interval must be a value between 5 and 65535")
local_ep_interval = module.params.get('local_ep_interval')
if local_ep_interval is not None and local_ep_interval != 0 and local_ep_interval not in range(
120, 65536):
module.fail_json(
msg=
"The local_ep_interval must be a value of 0 or between 120 and 65535"
)
if local_ep_interval == 0:
local_ep_interval = "infinite"
move_frequency = module.params.get('move_frequency')
if move_frequency is not None and move_frequency not in range(65536):
module.fail_json(
msg="The move_frequency must be a value between 0 and 65535")
if move_frequency == 0:
move_frequency = "none"
remote_ep_interval = module.params.get('remote_ep_interval')
if remote_ep_interval is not None and remote_ep_interval not in range(
120, 65536):
module.fail_json(
msg=
"The remote_ep_interval must be a value of 0 or between 120 and 65535"
)
if remote_ep_interval == 0:
remote_ep_interval = "infinite"
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvEpRetPol',
aci_rn='epRPol-{0}'.format(epr_policy),
module_object=epr_policy,
target_filter={'name': epr_policy},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvEpRetPol',
class_config=dict(
name=epr_policy,
descr=description,
bounceAgeIntvl=bounce_age,
bounceTrig=bounce_trigger,
holdIntvl=hold_interval,
localEpAgeIntvl=local_ep_interval,
remoteEpAgeIntvl=remote_ep_interval,
moveFreq=move_frequency,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='fvEpRetPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
client_group=dict(
type='str', aliases=['client_group_name', 'client_group_profile']),
mgmt_epg=dict(type='str',
aliases=['management_epg_name', 'management_epg']),
policy=dict(type='str', aliases=['snmp_policy', 'snmp_policy_name']),
description=dict(type='str'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']))
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['policy', 'client_group']],
['state', 'present', ['policy', 'client_group']],
])
aci = ACIModule(module)
client_group = module.params.get('client_group')
policy = module.params.get('policy')
mgmt_epg = module.params.get('mgmt_epg')
description = module.params.get('description')
state = module.params.get('state')
aci.construct_url(root_class=dict(
aci_class='snmpPol',
aci_rn='fabric/snmppol-{0}'.format(policy),
module_object=policy,
target_filter={'name': policy},
),
subclass_1=dict(
aci_class='snmpClientGrpP',
aci_rn='clgrp-{0}'.format(client_group),
module_object=client_group,
target_filter={'name': client_group},
),
child_classes=['snmpRsEpg'])
aci.get_existing()
if state == 'present':
if mgmt_epg:
tdn = 'uni/tn-mgmt/mgmtp-default/{0}'.format(mgmt_epg)
else:
tdn = None
aci.payload(
aci_class='snmpClientGrpP',
class_config=dict(name=client_group, descr=description),
child_configs=[
dict(snmpRsEpg=dict(attributes=dict(tDn=tdn), ), ),
],
)
aci.get_diff(aci_class='snmpClientGrpP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
contract=dict(type='str', aliases=['contract_name', 'name']), # Not required for querying all objects
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
scope=dict(type='str', choices=['application-profile', 'context', 'global', 'tenant']),
priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), # No default provided on purpose
dscp=dict(type='str',
choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43',
'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified'],
aliases=['target']), # No default provided on purpose
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['contract', 'tenant']],
['state', 'present', ['contract', 'tenant']],
],
)
contract = module.params.get('contract')
description = module.params.get('description')
scope = module.params.get('scope')
priority = module.params.get('priority')
dscp = module.params.get('dscp')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzBrCP',
aci_rn='brc-{0}'.format(contract),
module_object=contract,
target_filter={'name': contract},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzBrCP',
class_config=dict(
name=contract,
descr=description,
scope=scope,
prio=priority,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzBrCP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
node_profile=dict(type='str', aliases=['name', 'node_profile_name']),
tenant=dict(type='str', aliases=['tenant_name']),
l3out=dict(type='str', aliases=['l3out_name']),
description=dict(type='str', aliases=['descr']),
dscp=dict(type='str',
choices=[
'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31',
'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1',
'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA',
'unspecified'
],
aliases=['target_dscp']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['tenant', 'l3out', 'node_profile']],
['state', 'present', ['tenant', 'l3out', 'node_profile']],
],
)
node_profile = module.params.get('node_profile')
tenant = module.params.get('tenant')
l3out = module.params.get('l3out')
description = module.params.get('description')
dscp = module.params.get('dscp')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='l3extOut',
aci_rn='out-{0}'.format(l3out),
module_object=l3out,
target_filter={'name': l3out},
),
subclass_2=dict(
aci_class='l3extLNodeP',
aci_rn='lnodep-{0}'.format(node_profile),
module_object=node_profile,
target_filter={'name': node_profile},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l3extLNodeP',
class_config=dict(
descr=description,
name=node_profile,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l3extLNodeP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update({
'access_key_id': dict(type='str'),
'account_id': dict(type='str'),
'is_account_in_org': dict(type='bool'),
'is_trusted': dict(type='bool'),
'secret_access_key': dict(type='str'),
'tenant': dict(type='str'),
'state': dict(type='str', default='present', choices=['absent', 'present', 'query']),
})
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['tenant']],
['state', 'present', ['tenant']],
],
)
aci = ACIModule(module)
access_key_id = module.params.get('access_key_id')
account_id = module.params.get('account_id')
annotation = module.params.get('annotation')
is_account_in_org = aci.boolean(module.params.get('is_account_in_org'))
is_trusted = aci.boolean(module.params.get('is_trusted'))
secret_access_key = module.params.get('secret_access_key')
tenant = module.params.get('tenant')
state = module.params.get('state')
child_configs = []
aci.construct_url(
root_class={
'aci_class': 'fvTenant',
'aci_rn': 'tn-{0}'.format(tenant),
'target_filter': 'eq(fvTenant.name, "{0}")'.format(tenant),
'module_object': tenant
},
subclass_1={
'aci_class': 'cloudAwsProvider',
'aci_rn': 'awsprovider'.format(),
'target_filter': {'account_id': account_id},
'module_object': account_id
},
child_classes=[],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='cloudAwsProvider',
class_config={
'accessKeyId': access_key_id,
'accountId': account_id,
'annotation': annotation,
'isAccountInOrg': is_account_in_org,
'isTrusted': is_trusted,
'secretAccessKey': secret_access_key,
},
child_configs=child_configs
)
aci.get_diff(aci_class='cloudAwsProvider')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
l2_policy=dict(type='str',
aliases=['name'
]), # Not required for querying all policies
description=dict(type='str', aliases=['descr']),
vlan_scope=dict(type='str',
choices=['global', 'portlocal'
]), # No default provided on purpose
qinq=dict(type='str', choices=['core', 'disabled', 'edge']),
vepa=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['l2_policy']],
['state', 'present', ['l2_policy']],
],
)
aci = ACIModule(module)
l2_policy = module.params.get('l2_policy')
vlan_scope = module.params.get('vlan_scope')
qinq = module.params.get('qinq')
if qinq is not None:
qinq = QINQ_MAPPING.get(qinq)
vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled')
description = module.params.get('description')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='l2IfPol',
aci_rn='infra/l2IfP-{0}'.format(l2_policy),
module_object=l2_policy,
target_filter={'name': l2_policy},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l2IfPol',
class_config=dict(
name=l2_policy,
descr=description,
vlanScope=vlan_scope,
qinq=qinq,
vepa=vepa,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l2IfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
ospf=dict(type='str',
aliases=['ospf_interface',
'name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
network_type=dict(type='str', choices=['bcast', 'p2p']),
cost=dict(type='int'),
controls=dict(
type='list',
choices=['advert-subnet', 'bfd', 'mtu-ignore', 'passive']),
dead_interval=dict(type='int'),
hello_interval=dict(type='int'),
prefix_suppression=dict(type='bool'),
priority=dict(type='int'),
retransmit_interval=dict(type='int'),
transmit_delay=dict(type='int'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['ospf', 'tenant']],
['state', 'present', ['ospf', 'tenant']],
],
)
aci = ACIModule(module)
tenant = module.params.get('tenant')
ospf = module.params.get('ospf')
description = module.params.get('description')
name_alias = module.params.get('name_alias')
if module.params.get('controls') is None:
controls = None
else:
controls = ','.join(module.params.get('controls'))
cost = module.params.get('cost')
if cost is not None and cost not in range(1, 451):
module.fail_json(
msg="Parameter 'cost' is only valid in range between 1 and 450.")
dead_interval = module.params.get('dead_interval')
if dead_interval is not None and dead_interval not in range(1, 65536):
module.fail_json(
msg=
"Parameter 'dead_interval' is only valid in range between 1 and 65536."
)
hello_interval = module.params.get('hello_interval')
if hello_interval is not None and hello_interval not in range(1, 65536):
module.fail_json(
msg=
"Parameter 'hello_interval' is only valid in range between 1 and 65536."
)
network_type = module.params.get('network_type')
prefix_suppression = aci.boolean(module.params.get('prefix_suppression'),
'enabled', 'disabled')
priority = module.params.get('priority')
if priority is not None and priority not in range(0, 256):
module.fail_json(
msg="Parameter 'priority' is only valid in range between 1 and 255."
)
retransmit_interval = module.params.get('retransmit_interval')
if retransmit_interval is not None and retransmit_interval not in range(
1, 65536):
module.fail_json(
msg=
"Parameter 'retransmit_interval' is only valid in range between 1 and 65536."
)
transmit_delay = module.params.get('transmit_delay')
if transmit_delay is not None and transmit_delay not in range(1, 451):
module.fail_json(
msg=
"Parameter 'transmit_delay' is only valid in range between 1 and 450."
)
state = module.params.get('state')
aci.construct_url(root_class=dict(
aci_class='ospfIfPol',
aci_rn='tn-{0}/ospfIfPol-{1}'.format(tenant, ospf),
module_object=ospf,
target_filter={'name': ospf},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='ospfIfPol',
class_config=dict(
name=ospf,
descr=description,
cost=cost,
ctrl=controls,
deadIntvl=dead_interval,
helloIntvl=hello_interval,
nwT=network_type,
pfxSuppress=prefix_suppression,
prio=priority,
rexmitIntvl=retransmit_interval,
xmitDelay=transmit_delay,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='ospfIfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
taboo_contract=dict(
type='str',
aliases=['name']), # Not required for querying all contracts
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all contracts
scope=dict(
type='str',
choices=['application-profile', 'context', 'global', 'tenant']),
description=dict(type='str', aliases=['descr']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['tenant', 'taboo_contract']],
['state', 'present', ['tenant', 'taboo_contract']],
],
)
taboo_contract = module.params.get('taboo_contract')
description = module.params.get('description')
scope = module.params.get('scope')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzTaboo',
aci_rn='taboo-{0}'.format(taboo_contract),
module_object=taboo_contract,
target_filter={'name': taboo_contract},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzTaboo',
class_config=dict(
name=taboo_contract,
descr=description,
scope=scope,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzTaboo')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
ap=dict(type='str',
aliases=['app_profile', 'app_profile_name'
]), # Not required for querying all objects
epg=dict(type='str',
aliases=['epg_name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
encap_id=dict(type='int', aliases=['vlan', 'vlan_id']),
primary_encap_id=dict(type='int',
aliases=['primary_vlan', 'primary_vlan_id']),
deploy_immediacy=dict(type='str', choices=['immediate', 'lazy']),
interface_mode=dict(type='str',
choices=[
'802.1p', 'access', 'native', 'regular',
'tagged', 'trunk', 'untagged'
],
aliases=['interface_mode_name', 'mode']),
interface_type=dict(
type='str',
default='switch_port',
choices=['fex', 'port_channel', 'switch_port', 'vpc']),
pod_id=dict(type='int',
aliases=['pod', 'pod_number'
]), # Not required for querying all objects
leafs=dict(type='list',
aliases=['leaves', 'nodes', 'paths', 'switches'
]), # Not required for querying all objects
interface=dict(type='str'), # Not required for querying all objects
extpaths=dict(type='int'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['interface_type', 'fex', ['extpaths']],
[
'state', 'absent',
['ap', 'epg', 'interface', 'leafs', 'pod_id', 'tenant']
],
[
'state', 'present',
[
'ap', 'encap_id', 'epg', 'interface', 'leafs', 'pod_id',
'tenant'
]
],
],
)
tenant = module.params.get('tenant')
ap = module.params.get('ap')
epg = module.params.get('epg')
description = module.params.get('description')
encap_id = module.params.get('encap_id')
primary_encap_id = module.params.get('primary_encap_id')
deploy_immediacy = module.params.get('deploy_immediacy')
interface_mode = module.params.get('interface_mode')
interface_type = module.params.get('interface_type')
pod_id = module.params.get('pod_id')
leafs = module.params.get('leafs')
if leafs is not None:
# Process leafs, and support dash-delimited leafs
leafs = []
for leaf in module.params.get('leafs'):
# Users are likely to use integers for leaf IDs, which would raise an exception when using the join method
leafs.extend(str(leaf).split('-'))
if len(leafs) == 1:
if interface_type == 'vpc':
module.fail_json(
msg='A interface_type of "vpc" requires 2 leafs')
leafs = leafs[0]
elif len(leafs) == 2:
if interface_type != 'vpc':
module.fail_json(
msg=
'The interface_types "switch_port", "port_channel", and "fex" \
do not support using multiple leafs for a single binding')
leafs = "-".join(leafs)
else:
module.fail_json(
msg='The "leafs" parameter must not have more than 2 entries')
interface = module.params.get('interface')
extpaths = module.params.get('extpaths')
state = module.params.get('state')
if encap_id is not None:
if encap_id not in range(1, 4097):
module.fail_json(msg='Valid VLAN assigments are from 1 to 4096')
encap_id = 'vlan-{0}'.format(encap_id)
if primary_encap_id is not None:
if primary_encap_id not in range(1, 4097):
module.fail_json(msg='Valid VLAN assigments are from 1 to 4096')
primary_encap_id = 'vlan-{0}'.format(primary_encap_id)
static_path = INTERFACE_TYPE_MAPPING[interface_type].format(
pod_id=pod_id, leafs=leafs, extpaths=extpaths, interface=interface)
path_target_filter = {}
if pod_id is not None and leafs is not None and interface is not None and (
interface_type != 'fex' or extpaths is not None):
path_target_filter = {'tDn': static_path}
if interface_mode is not None:
interface_mode = INTERFACE_MODE_MAPPING[interface_mode]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvAp',
aci_rn='ap-{0}'.format(ap),
module_object=ap,
target_filter={'name': ap},
),
subclass_2=dict(
aci_class='fvAEPg',
aci_rn='epg-{0}'.format(epg),
module_object=epg,
target_filter={'name': epg},
),
subclass_3=dict(
aci_class='fvRsPathAtt',
aci_rn='rspathAtt-[{0}]'.format(static_path),
module_object=static_path,
target_filter=path_target_filter,
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvRsPathAtt',
class_config=dict(
descr=description,
encap=encap_id,
primaryEncap=primary_encap_id,
instrImedcy=deploy_immediacy,
mode=interface_mode,
tDn=static_path,
),
)
aci.get_diff(aci_class='fvRsPathAtt')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
group=dict(type='str'), # Not required for querying all objects
node=dict(type='str'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['node', 'group']],
['state', 'present', ['node', 'group']],
],
)
state = module.params.get('state')
group = module.params.get('group')
node = module.params.get('node')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='maintMaintGrp',
aci_rn='fabric/maintgrp-{0}'.format(group),
target_filter={'name': group},
module_object=group,
),
subclass_1=dict(
aci_class='fabricNodeBlk',
aci_rn='nodeblk-blk{0}-{0}'.format(node),
target_filter={'name': 'blk{0}-{0}'.format(node)},
module_object=node,
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fabricNodeBlk',
class_config=dict(
from_=node,
to_=node,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='fabricNodeBlk')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str'),
controller_hostname=dict(type='str'),
dvs_version=dict(
type='str',
choices=['unmanaged', '5.1', '5.5', '6.0', '6.5', '6.6', '7.0']),
stats_collection=dict(type='str',
default='disabled',
choices=['enabled', 'disabled']),
domain=dict(type='str', aliases=['domain_name', 'domain_profile']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
credentials=dict(type='str'),
inband_management_epg=dict(type='str'),
name_alias=dict(type='str'),
datacenter=dict(type='str'),
vm_provider=dict(type='str', choices=list(VM_PROVIDER_MAPPING.keys())),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['domain', 'vm_provider', 'name']],
['state', 'present', ['domain', 'vm_provider', 'name']],
],
)
name = module.params.get('name')
controller_hostname = module.params.get('controller_hostname')
dvs_version = module.params.get('dvs_version')
stats_collection = module.params.get('stats_collection')
domain = module.params.get('domain')
state = module.params.get('state')
credentials = module.params.get('credentials')
inband_management_epg = module.params.get('inband_management_epg')
name_alias = module.params.get('name_alias')
datacenter = module.params.get('datacenter')
vm_provider = module.params.get('vm_provider')
controller_class = 'vmmCtrlrP'
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='vmmProvP',
aci_rn='vmmp-{0}'.format(VM_PROVIDER_MAPPING.get(vm_provider)),
module_object=vm_provider,
target_filter={'name': vm_provider},
),
subclass_1=dict(
aci_class='vmmDomP',
aci_rn='dom-{0}'.format(domain),
module_object=domain,
target_filter={'name': domain},
),
subclass_2=dict(
aci_class='vmmCtrlrP',
aci_rn='ctrlr-{0}'.format(name),
module_object=name,
target_filter={'name': 'name'},
),
child_classes=['vmmRsMgmtEPg', 'vmmRsAcc'],
)
aci.get_existing()
if state == 'present':
children = list()
if inband_management_epg is not None:
children.append(
dict(vmmRsMgmtEPg=dict(attributes=dict(
tDn='uni/tn-mgmt/mgmtp-default/inb-{0}'.format(
inband_management_epg)))))
if credentials is not None:
children.append(
dict(vmmRsAcc=dict(attributes=dict(
tDn='uni/vmmp-{0}/dom-{1}/usracc-{2}'.format(
VM_PROVIDER_MAPPING.get(vm_provider), domain,
credentials)))))
aci.payload(aci_class=controller_class,
class_config=dict(name=name,
hostOrIp=controller_hostname,
dvsVersion=dvs_version,
statsMode=stats_collection,
rootContName=datacenter,
nameAlias=name_alias,
scope=VM_SCOPE_MAPPING.get(vm_provider)),
child_configs=children)
aci.get_diff(aci_class=controller_class)
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
