def ntp_servers_clear(handle, ntp_servers=[]):
"""
Clears the NTP servers provided in the arguments.
Clears all the NTP servers, only if ntp is disabled.
Args:
handle (ImcHandle)
ntp_servers (list): List of NTP servers in the format
["192.168.1.1", "192.168.1.2"]
Returns:
CommNtpProvider object
"""
mo = _get_mo(handle, dn=NTP_DN)
args = {}
if ntp_servers:
args = {x: "" for x in _NTP_SERVER_LIST
if getattr(mo, x) in ntp_servers}
else:
args = {x: "" for x in _NTP_SERVER_LIST}
if mo.ntp_enable.lower() in ["yes", "true"] and \
len(args) == len(_NTP_SERVER_LIST):
raise ImcOperationError(
"Clear NTP Servers",
"Cannot clear all NTP servers when NTP is enabled")
mo.set_prop_multiple(**args)
mo.ntp_enable = mo.ntp_enable
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def ntp_setting_exists(handle, **kwargs):
"""
Check if the specified NTP settings are already applied
Args:
handle (ImcHandle)
kwargs: key-value paired arguments
Returns:
(True, CommNtpProvider) if settings match, (False, None) otherwise
"""
mo = _get_mo(handle, dn=NTP_DN)
if mo is None:
return False, None
kwargs['ntp_enable'] = "yes"
if _is_valid_arg("ntp_servers", kwargs):
args = _get_ntp_servers(kwargs['ntp_servers'])
del kwargs['ntp_servers']
kwargs.update(args)
if not mo.check_prop_match(**kwargs):
return False, mo
return True, mo
def ntp_servers_modify(handle, ntp_servers=[]):
"""
Modifies the configured NTP servers
Args:
handle (ImcHandle)
ntp_servers (list): List of dictionaries in the format
[{"id": 1, "ip": "192.168.1.1"},
{"id": 2, "ip": "192.168.1.2"}]
Upto 4 ntp servers can be specified.
Returns:
CommNtpProvider object
Example:
ntp_servers_modify(handle,
ntp_servers = [{"id": 1, "ip": "192.168.1.1"},
{"id": 2, "ip": "192.168.1.2"},
{"id": 3, "ip": ""}]
"""
# While sending the modified list of servers, it is imperative to send
# ntp_enable property in the request.
# Hence, query the MO and reassign the same value to ntp_enable
mo = _get_mo(handle, dn=NTP_DN)
mo.ntp_enable = mo.ntp_enable
_set_ntp_servers(mo, ntp_servers)
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def ssh_enable(handle, port=None, session_timeout=None, **kwargs):
"""
Enables ssh Policy and sets the given properties
Args:
handle (ImcHandle)
port (int): Port number used by SSH
session_timeout (int): No of seconds to wait before the system considers a SSH request to have timed out
kwargs: key-value paired arguments for future use
Returns:
CommSsh object
Raises:
ImcOperationError if the CommSsh Mo is not present
Example:
ssh_enable(handle, 22, 120)
"""
from imcsdk.mometa.comm.CommSsh import CommSshConsts
mo = _get_mo(handle, dn=_SSH_DN)
params = {
'admin_state': CommSshConsts.ADMIN_STATE_ENABLED,
'port': str(port) if port else None,
'session_timeout': str(session_timeout) if session_timeout else None
}
mo.set_prop_multiple(**params)
mo.set_prop_multiple(**kwargs)
handle.set_mo(mo)
return mo
def ntp_enable(handle, ntp_servers=[]):
"""
Enables NTP and configures the NTP servers provided
Args:
handle (ImcHandle)
ntp_servers (list): List of dictionaries in the format
[{"id": 1, "ip": "192.168.1.1"},
{"id": 2, "ip": "192.168.1.2"}]
Upto 4 ntp servers can be specified.
Returns:
CommNtpProvider object
Example:
ntp_enable(handle,
ntp_servers = [{"id": 1, "ip": "192.168.1.1"},
{"id": 2, "ip": "192.168.1.2"}]
"""
log.warning('IPMI Set SEL Time command will disable if NTP is enabled.')
mo = _get_mo(handle, dn=NTP_DN)
mo.ntp_enable = "yes"
_set_ntp_servers(mo, ntp_servers)
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def snmp_enable(handle,
port=None,
community=None,
com2_sec=None,
trap_community=None,
sys_contact=None,
sys_location=None,
engine_id_key=None,
**kwargs):
"""
Enables SNMP.
Args:
handle (ImcHandle)
port (int): port on which SNMP agent runs
community (string): community
com2_sec (string): "disabled", "limited", "full"
trap_community(string): community to be used when generating traps
sys_contact (string): sys_contact
sys_location (string): sys_location
engine_id_key (string): engine id key
kwargs: key-value paired arguments for future use
Returns:
CommSnmp: Managed object
Raises:
ImcOperationError: If CommSnmp Mo is not present
Example:
mo = snmp_enable(handle,
community="username",
sys_contact="user contact",
sys_location="user location")
"""
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
mo = _get_mo(handle, dn=SNMP_DN)
# always reset if any of the community, trap_community, engine_id_key
# is empty string both in CIMC and in modify request.
_reset(handle, mo, community, trap_community, engine_id_key)
params = {
'admin_state': CommSnmpConsts.ADMIN_STATE_ENABLED,
'port': str(port) if port is not None else None,
'community': community,
'com2_sec': com2_sec,
'trap_community': trap_community,
'sys_contact': sys_contact,
'sys_location': sys_location,
'engine_id_key': engine_id_key
}
mo.set_prop_multiple(**params)
mo.set_prop_multiple(**kwargs)
log.debug("Configuring SNMP.")
return _set_snmp(handle, mo)
def is_ntp_enabled(handle):
"""
Check if NTP is enabled
Args:
handle (ImcHandle)
Returns:
bool
"""
mo = _get_mo(handle, dn=NTP_DN)
return (mo.ntp_enable.lower() in ["true", "yes"])
def ldap_certificate_management_exists(handle):
"""
Checks if LDAP certificate management is enabled
Args:
handle (ImcHandle)
Returns:
bool
"""
mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt")
return mo.binding_certificate.lower() == "enabled"
def ldap_certificate_management_disable(handle):
"""
Disables ldap certificate management
Args:
handle (ImcHandle)
Returns:
LdapCACertificateManagement object
"""
mo = _get_mo(handle, dn="sys/ldap-ext/ldap-ca-cert-mgmt")
mo.binding_certificate = "disabled"
handle.set_mo(mo)
return mo
def is_ldap_enabled(handle):
"""
Checks if LDAP is enabled
Args:
handle (ImcHandle)
Returns:
bool
Examples:
is_ldap_enabled(handle)
"""
mo = _get_mo(handle, dn=LDAP_DN)
return mo.admin_state.lower() == "enabled"
def ntp_disable(handle):
"""
Disables NTP
Args:
handle (ImcHandle)
Returns:
CommNtpProvider object
"""
log.warning(
'Disabling NTP may cause Cisco IMC to lose timesync with server/s')
mo = _get_mo(handle, dn=NTP_DN)
mo.ntp_enable = "no"
handle.set_mo(mo)
return mo
def smtp_disable(handle):
"""
Disable SMTP Settings
Args:
handle (ImcHandle)
Raises:
ImcOperationError
Returns:
CommMailAlert object
"""
mo = _get_mo(handle, dn=_SMTP_DN)
mo.admin_state = 'disabled'
handle.set_mo(mo)
return mo
def ldap_disable(handle):
"""
Disables the ldap settings
Args:
handle (ImcHandle)
Returns:
AaaLdap Managed Object
Examples:
ldap_disable(handle)
"""
mo = _get_mo(handle, dn=LDAP_DN)
mo.admin_state = "disabled"
handle.set_mo(mo)
return mo
def adaptor_unit_get(handle, adaptor_slot, server_id=1, **kwargs):
"""
This method fetches the adaptorUnit Managed Object for the specified
adaptor Slot on a server.
Args:
handle (ImcHandle)
adaptor_slot (string): PCI slot number of the adaptor
server_id (int): Server Id for C3260 platforms
kwargs: key=value paired arguments
Returns:
AdaptorUnit object
Examples:
adaptor_unit_get(handle, adaptor_slot=1, server_id=1)
"""
return _get_mo(handle, dn=_get_adaptor_dn(handle, adaptor_slot, server_id))
def snmp_user_delete_all(handle):
"""
delete all snmp users.
Args:
handle (ImcHandle)
Returns:
None
Raises:
ImcOperationError: If user is not present
Example:
snmp_user_delete_all(handle)
"""
from imcsdk.mometa.comm.CommSnmpUser import CommSnmpUserConsts
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
api = 'snmp_user_delete_all'
parent_mo = _get_mo(handle, dn=SNMP_DN)
if parent_mo.admin_state != CommSnmpConsts.ADMIN_STATE_ENABLED:
raise ImcOperationError(api, 'SNMP is not enabled.')
mos = []
users = _get_snmp_users(handle)
for user in users:
if user.name == "":
continue
user.admin_action = CommSnmpUserConsts.ADMIN_ACTION_CLEAR
mos.append(user)
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via setting parameter 'config_change' to 'no-commit'
mos = snmp_multiple_config_with_configcommit_for_hp_and_above(handle, mos)
response = handle.set_mos(mos)
if response:
process_conf_mos_response(response, api)
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via doing explicit commit using newly introduced MO 'CommSnmpConfigCommit'
snmp_commit_explicitly_for_hp_and_above(handle, SNMP_DN)
def _reset(handle, local_mo, community, trap_community, engine_id_key):
'''
The following issues exist when server in a factory reset condition, and if
enabling SNMP with any of the community, trap_community, engine_id_key
property with value as empty string.
GP, GPMR1:
CIMC returns an error - "CIMC may be running any critical operation or in
error state. Retry after sometime or reboot CIMC if necessary"
GPMR2, HP:
CIMC does not return error, but SNMP remains disabled.
Bug Ids - CSCvf87365, CSCvi17984
This function sets and unsets the above properties if both new and
existing value of any of these properties is empty string.
'''
import random
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
input_params = locals()
mo = _get_mo(handle, dn=SNMP_DN)
params = {
"community": "init",
"trap_community": "init",
"engine_id_key": str(random.randint(1, 101))
}
reset = False
for prop, val in params.items():
if getattr(mo, prop) == "" and input_params[prop] == "":
log.debug("Reset %s." % prop)
setattr(mo, prop, val)
reset = True
if reset:
log.debug("Initiating reset.")
mo.admin_state = CommSnmpConsts.ADMIN_STATE_ENABLED
_set_snmp(handle, mo)
log.debug("Ending reset.")
def ldap_exists(handle, change_password=False, **kwargs):
"""
Checks if the specified LDAP settings are already applied
Args:
handle (ImcHandle)
kwargs: Key-Value paired arguments
Returns:
(True, AaaLdap) if settings match, else (False, None)
Examples:
match, mo = ldap_exists(
handle, enabled=True,
basedn='DC=LAB,DC=cisco,DC=com',
domain='LAB.cisco.com',
timeout=20, group_auth=True,
bind_dn='CN=administrator,CN=Users,DC=LAB,DC=cisco,DC=com',
password='******', ldap_servers=ldap_servers)
"""
mo = _get_mo(handle, dn=LDAP_DN)
if mo is None:
return False, None
if _is_valid_arg('ldap_servers', kwargs):
if not _check_ldap_server_match(mo, kwargs.pop('ldap_servers')):
return False, mo
if 'password' in kwargs and not change_password:
kwargs.pop('password', None)
if 'dns_search_domain' in kwargs and kwargs['dns_search_domain'] == "":
kwargs.pop('dns_search_domain', None)
if 'dns_search_forest' in kwargs and kwargs['dns_search_forest'] == "":
kwargs.pop('dns_search_forest', None)
kwargs['admin_state'] = 'enabled'
if not mo.check_prop_match(**kwargs):
return False, mo
return True, mo
def snmp_exists(handle, **kwargs):
"""
Checks if snmp is enabled or not
Args:
handle (ImcHandle)
kwargs: Key-Value paired arguments relevant to CommSnmp object
Returns:
True/false, CommSnmp MO/None
Example:
snmp_exists(handle)
"""
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
mo = _get_mo(handle, dn=SNMP_DN)
kwargs['admin_state'] = CommSnmpConsts.ADMIN_STATE_ENABLED
return mo.check_prop_match(**kwargs), mo
def ldap_certificate_delete(handle):
"""
Deletes the LDAP CA certificate
Args:
handle (ImcHandle)
user (str): Username for the remote server
pwd (str): Password for the remote server
Returns:
LdapCACertificate object
Examples:
ldap_certificate_delete(handle)
"""
mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert')
mo.admin_action = 'delete-ca-certificate'
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def ldap_certificate_binding_check(handle, user=None, pwd=None, **kwargs):
"""
Tests the LDAP CA certificate binding
Args:
handle (ImcHandle)
user (str): Username for the remote server
pwd (str): Password for the remote server
Returns:
LdapCACertificate object
Examples:
ldap_certificate_binding_check(handle, user='******', pwd='pqrs')
"""
mo = _get_mo(handle, dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert')
params = {'user': user, 'pwd': pwd, 'admin_action': 'test-ldap-binding'}
mo.set_prop_multiple(**params)
mo.set_prop_multiple(**kwargs)
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def smtp_exists(handle, **kwargs):
"""
Check whether the specified SMTP settings already exist
Args:
handle (ImcHandle)
kwargs: key-value paired arguments
Returns:
(True, CommMailAlert) if settings match, (False, None) otherwise
"""
try:
mo = _get_mo(handle, dn=_SMTP_DN)
except:
return False, None
kwargs['admin_state'] = 'enabled'
if not mo.check_prop_match(**kwargs):
return False, mo
return True, None
def ldap_certificate_export(handle,
remote_server,
remote_file,
user=None,
pwd=None,
protocol='tftp',
**kwargs):
"""
Export the LDAP CA certificate from the Cisco IMC to a remote location
Args:
handle (ImcHandle)
remote_server (str): Remote Server IP or Hostname
remote_file (str): Remote file path
user (str): Username for the remote server
pwd (str): Password for the remote server
protocol (str): Protocol for downloading the certificate
['tftp', 'ftp', 'http', 'scp', 'sftp']
kwargs: Key-Value paired arguments for future use
Returns:
ExportLdapCACertificate object
Examples:
ldap_certificate_export(handle, user='******', pwd='pqrs',
remote_server='1.1.1.1', remote_file='/tmp/cert', protocol='scp')
"""
mo = _get_mo(handle,
dn='sys/ldap-ext/ldap-ca-cert-mgmt/ldap-ca-cert-export')
params = {
'user': user,
'pwd': pwd,
'remote_server': remote_server,
'remote_file': remote_file,
'protocol': protocol
}
mo.set_prop_multiple(**params)
mo.set_prop_multiple(**kwargs)
handle.set_mo(mo)
return handle.query_dn(mo.dn)
def smtp_enable(handle, ip_address=None, port=None, min_severity_level=None,
from_address=None, **kwargs):
"""
Enables SMTP Policy and sets the given properties
Args:
handle (ImcHandle)
ip_address (str): Ip Address of the SMTP server
port (int): Port number of the SMTP server
min_severity_level (str): Minimum fault severity level
Valid values: "condition", "critical", "major", "minor", "warning"
from_address(str): Email id that will be displayed as the source in the mail alert
kwargs: key-value paired arguments for future use
Returns:
CommMailAlert object
Raises:
ImcOperationError if the severity level is not correct
Example:
smtp_enable(handle, '10.105.110.219', 25, 'minor')
"""
if min_severity_level and not _is_valid_severity_level(min_severity_level):
raise ImcOperationError(
'Configure SMTP Policy',
'Invalid severity level %s ' % min_severity_level)
mo = _get_mo(handle, dn=_SMTP_DN)
params = {
'admin_state': 'enabled',
'ip_address': ip_address,
'port': str(port) if port is not None else None,
'min_severity_level': min_severity_level,
'from_address': from_address
}
mo.set_prop_multiple(**params)
mo.set_prop_multiple(**kwargs)
handle.set_mo(mo)
return mo
def ip_blocking_exists(handle, **kwargs):
"""
Checks if IP blocking settings match according to the parameters specified.
Args:
handle (ImcHandle)
kwargs: Key-Value paired arguments relevant to IpBlocking object
Returns:
(True, IpBlocking object) if exists, else (False, None)
Examples:
ip_blocking_exists(handle, fail_count='6',
fail_window='120', penalty_time='800')
"""
mo = IpBlocking(parent_mo_or_dn=_get_mgmt_if_dn(handle))
mo = _get_mo(handle, dn=mo.dn)
if mo.check_prop_match(**kwargs):
return (True, mo)
return (False, None)
def snmp_disable(handle):
"""
Disables SNMP.
Args:
handle (ImcHandle)
Returns:
CommSnmp: Managed Object
Raises:
ValueError: If CommSnmp Mo is not present
Example:
snmp_disable(handle)
"""
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
mo = _get_mo(handle, dn=SNMP_DN)
mo.admin_state = CommSnmpConsts.ADMIN_STATE_DISABLED
handle.set_mo(mo)
return mo
def ssh_exists(handle, **kwargs):
"""
Checks if ssh is enabled or not
Args:
handle (ImcHandle)
kwargs: Key-Value paired arguments relevant to CommSsh object
Returns:
True/false, CommSsh MO/None
Example:
ssh_exists(handle)
"""
from imcsdk.mometa.comm.CommSsh import CommSshConsts
try:
mo = _get_mo(handle, dn=_SSH_DN)
except:
return False, None
kwargs['admin_state'] = CommSshConsts.ADMIN_STATE_ENABLED
return mo.check_prop_match(**kwargs), mo
def ldap_enable(handle,
basedn=None,
domain=None,
encryption=None,
timeout=None,
user_search_precedence=None,
bind_method=None,
bind_dn=None,
change_password=False,
password=None,
filter=None,
group_attribute=None,
attribute=None,
group_nested_search=None,
group_auth=None,
ldap_servers=[],
locate_directory_using_dns=None,
dns_domain_source=None,
dns_search_domain=None,
dns_search_forest=None,
**kwargs):
"""
Configures LDAP
Args:
handle (ImcHandle)
basedn (str): Represents the Base Distinguished Name. Describes where
to load users and groups from. It must be in the 'dc=domain,dc=com'
format for Active Directory servers.
domain (str): The domain that all users must be in.
encryption (str): "Disabled", "Enabled", "disabled", "enabled"
timeout (int): [0-180] The number of seconds the Cisco IMC waits until
the LDAP search operation times out.
user_search_precedence (str): ['local-user-db', 'ldap-user-db'].
Preference to search in local user db versus ldap user db
bind_method (str): ['login-credentials', 'configured-credentials',
'anonymous']
bind_dn (str): Represents the distinguished name (DN) of the user. This
field is applicable only for bind_method='configured-credentials'
change_password (bool): True if you want to change the user password.
password (str): The password of the user. This field is applicable only
for bind_method='configured-credentials'
filter (str): Represents the filter attribute in the schema on the LDAP
server.
attribute (str): Represents the role and locale information. Should
match the attribute specified on the LDAP server.
group_attribute (str): Represents the group attribute in the schema on
the LDAP server.
group_nested_search (int): Represents the depth of a nested group
search
group_auth (str): "disabled" or "enabled". Enables authentication at
the group level for LDAP users that are not found in the local user
database.
ldap_servers (list): Represents the list of preconfigured LDAP server.
List of dictionaries in the format:-
[{"id": 1, "ip": "192.168.1.1", "port": 300},
{"id": 2, "ip": "192.168.1.2", "port": 400}]
locate_directory_using_dns (str): "yes" or "no"
dns_domain_source (str): Represents the method to obtain domain name.
['extracted-domain', 'configured-domain',
'extracted-configured-domain']
dns_search_domain: Domain name to be used for DNS query. Disabled when
domain_name_source='extracted-domain'
dns_search_forest: Forest name to used for DNS query. Disabled when
domain_name_source='extracted-domain'
kwargs: Key-Value paired arguments. Reserved for future use
Returns:
AaaLdap object
Raises:
ImcOperationError when AaaLdap object doesn't exist
Examples:
ldap_configure(handle,
basedn='DC=LAB,DC=cisco,DC=com',
domain='LAB.cisco.com',
timeout=20, group_auth='enabled',
bind_dn='CN=administrator,CN=Users,DC=LAB,DC=cisco,
DC=com', password='******', ldap_servers=ldap_servers)
"""
mo = _get_mo(handle, dn=LDAP_DN)
params = {
'admin_state':
'enabled',
'basedn':
basedn,
'domain':
domain,
'encryption':
encryption,
'timeout':
str(timeout) if timeout is not None else None,
'user_search_precedence':
user_search_precedence,
'bind_method':
bind_method,
'bind_dn':
bind_dn,
'password':
password if change_password else None,
'filter':
filter,
'attribute':
attribute,
'group_attribute':
group_attribute,
'group_nested_search':
str(group_nested_search) if group_nested_search else None,
'group_auth':
group_auth,
'locate_directory_using_dns':
locate_directory_using_dns,
'dns_domain_source':
dns_domain_source,
'dns_search_domain':
None if dns_search_domain == "" else
dns_search_domain, #IMC XML API issue : CSCvg92190
'dns_search_forest':
None if dns_search_forest == "" else dns_search_forest
}
mo.set_prop_multiple(**params)
if ldap_servers:
_set_ldap_servers(mo, ldap_servers)
mo.set_prop_multiple(**kwargs)
handle.set_mo(mo)
return mo
def adaptor_set_all(handle, adaptors=None, server_id=1, **kwargs):
"""
Example:
adaptor_set_all(handle,
adaptors=[
{id: 1,
lldp: "enabled",
fip_mode: "enabled",
port_channel_enable: "enabled",
vntag_mode: "enabled",
admin_action:None}
]
)
"""
from imcsdk.mometa.adaptor.AdaptorGenProfile import AdaptorGenProfile
api = 'adaptor_set_all'
api_error_msg = VicConst.ADAPTOR_ERROR_MSG
if not adaptors:
log.debug("No adapters present for configuration")
return
# fetch adaptors from end point, adaptor_ep_dict is dict {id, adaptor_mo}
adaptor_ep_dict = _prepare_ep_adaptor_dict(handle, api_error_msg)
# validate input and checks if adaptor exists at end point
for adaptor in adaptors:
id = adaptor.get('id', None)
if id is None:
raise ImcOperationError(api_error_msg,
'Provide adapter slot to configure')
if id not in adaptor_ep_dict:
raise ImcOperationError(
api_error_msg, "Adaptor %s is not present at end point." % id)
# configure adapter
mos = []
restart_server = None
adaptor_list = []
#adaptors are the configured adaptors in intersight AdaptorConfiguration Policy
for adaptor in adaptors:
id = adaptor['id']
lldp = adaptor.pop('lldp', None)
fip_mode = adaptor.pop('fip_mode', None)
port_channel_enable = adaptor.pop('port_channel_enable', None)
log.debug("Adapter Config Policy - configured Values")
log.debug("Port Channel: %s, LLDP Mode: %s, Fip Mode: %s",
port_channel_enable, lldp, fip_mode)
# vntag_mode = adaptor.pop('vntag_mode', None)
# admin_state = adaptor.pop('admin_state', None)
mo = adaptor_ep_dict[id]
adaptor_properties = adaptor_properties_get(handle, id, server_id=1)
adaptor_list.append(adaptor_properties)
#port_channel_capable returns None for < Gen4 adapters and False for Gen4+ unsupported portchannel adapters.
#Hence a check has to be done for both None and False
#for backward compatibility in deploying Adapter Configuration Policy.
if adaptor_properties.port_channel_capable == None or adaptor_properties.port_channel_capable == "False":
log.debug(
"Port Channel is not supported for the adapter at slot: %s",
adaptor_properties.pci_slot)
port_channel_enable = None
if adaptor_properties.port_channel_capable == "True" and port_channel_enable == "disabled":
log.debug(
"Port Channel is disabled by user for adapter at slot %s. Server restart initiated",
adaptor_properties.pci_slot)
restart_server = True
mo.admin_state = AdaptorUnitConsts.ADMIN_STATE_ADAPTOR_RESET_DEFAULT
if port_channel_enable == "disabled":
AdaptorGenProfile(parent_mo_or_dn=mo,
lldp=lldp,
fip_mode=fip_mode,
port_channel_enable="disabled",
vntag_mode="disabled")
else:
#port_channel_enable value is set to enabled by default.
# Hence, its not required to send the default value.
AdaptorGenProfile(parent_mo_or_dn=mo,
lldp=lldp,
fip_mode=fip_mode,
vntag_mode="disabled")
mos.append(mo)
response = handle.set_mos(mos)
ret = []
if response:
ret.append(_process_response(response, api, api_error_msg))
ext_ethif_adaptor_mos = []
for adaptor in adaptors:
id = adaptor['id']
ext_ethifs = adaptor.pop('ext_ethifs', None)
if ext_ethifs:
mo = adaptor_ep_dict[id]
ext_ethif_mos = _ext_ethif_set_all(handle, ext_ethifs, mo)
ext_ethif_adaptor_mos.extend(ext_ethif_mos)
if len(ext_ethif_adaptor_mos) > 0:
response = handle.set_mos(ext_ethif_adaptor_mos)
if response:
error_msg = VicConst.DCE_IF_ERROR_MSG
ret.append(_process_response(response, api, error_msg))
results = {}
results["changed"] = True
results["msg"] = ""
results["msg_params"] = ret
#Power Cycle Host for the changes to take effect.
if restart_server:
log.debug("Restarting server...")
server_power_cycle(handle, timeout=180)
_wait_for_power_state(handle,
state="on",
timeout=60,
interval=5,
server_id=1)
log.debug(
"Server restarted successfully. Adaptor initialisation check in progress."
)
for adaptor in adaptor_list:
adaptor_initialization_in_progress = True
wait_count = 0
while adaptor_initialization_in_progress and wait_count < 5:
try:
adaptor = _get_mo(handle, dn=adaptor.dn)
adaptor_initialization_in_progress = False
log.debug("Adaptor at slot %s initialisation complete.",
adaptor.pci_slot)
except ImcOperationError:
log.debug(
"Adaptor at slot %s initialisation in progress. Sleep for 5s.",
adaptor.pci_slot)
wait_count += 1
time.sleep(5)
if adaptor_initialization_in_progress:
log.debug(
"Adaptor initialisation failure for adaptor at slot %s",
adaptor.pci_slot)
raise ImcOperationError(
api_error_msg,
"Adaptor %s is not initialised at end point." %
adaptor.pci_slot)
log.debug("Sleeping for 1 minute")
time.sleep(60)
log.debug("Returning results")
return results
def snmp_trap_add_all(handle, traps=None):
"""
Adds snmp trap.
Args:
handle (ImcHandle)
traps (list): list of trap dict
keys:
hostname (string): ip address
admin_state (string): enabled, disabled
version (string): "v2c", "v3"
notification_type (string): "informs", "traps"
Required only for version "v2c" and "v3"
user (string): send traps for a specific user
port (int): port
Returns:
list: List of CommSnmpTrap Managed Object
Example:
snmp_trap_add_all(handle,
traps=[{hostname: "10.10.10.10",
port: "162",
version:"v2c",
notification_type:"informs"}]
)
"""
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
from imcsdk.mometa.comm.CommSnmpTrap import CommSnmpTrap
from imcsdk.mometa.comm.CommSnmpTrap import CommSnmpTrapConsts
api = 'snmp_trap_add_all'
parent_mo = _get_mo(handle, dn=SNMP_DN)
if parent_mo.admin_state != CommSnmpConsts.ADMIN_STATE_ENABLED:
raise ImcOperationError(api, 'SNMP is not enabled.')
dn_to_trap_dict = {}
mos = []
id = 0
for trap in traps:
hostname = trap.pop('hostname', None)
_validate_api_prop('hostname', hostname, api)
version = trap.pop('version', None)
_validate_api_prop('version', version, api, True, [
CommSnmpTrapConsts.VERSION_V1, CommSnmpTrapConsts.VERSION_V2C,
CommSnmpTrapConsts.VERSION_V3
])
notification_type = trap.pop('notification_type', None)
_validate_api_prop('notification_type', notification_type, api, True, [
CommSnmpTrapConsts.NOTIFICATION_TYPE_INFORMS,
CommSnmpTrapConsts.NOTIFICATION_TYPE_TRAPS
])
admin_state = trap.pop('admin_state', 'enabled')
_validate_api_prop('admin_state', admin_state, api, True, [
CommSnmpTrapConsts.ADMIN_STATE_ENABLED,
CommSnmpTrapConsts.ADMIN_STATE_DISABLED
])
user = trap.pop('user', None)
port = trap.pop('port', None)
if version == CommSnmpTrapConsts.VERSION_V2C and user:
user = None
if version == CommSnmpTrapConsts.VERSION_V3:
notification_type = CommSnmpTrapConsts.NOTIFICATION_TYPE_TRAPS
params = {
'hostname': hostname,
'version': version,
'notification_type': notification_type,
'admin_state': admin_state,
'port': str(port) if port else None,
'user': user
}
id += 1
mo = CommSnmpTrap(parent_mo_or_dn=parent_mo, id=str(id))
mo.set_prop_multiple(**params)
mos.append(mo)
dn_to_trap_dict[mo.dn] = mo.hostname
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via setting parameter 'config_change' to 'no-commit'
mos = snmp_multiple_config_with_configcommit_for_hp_and_above(handle, mos)
response = handle.set_mos(mos)
if response:
ret = process_conf_mos_response(response, api, False,
'Create SNMP traps failed',
snmp_traps_callback, dn_to_trap_dict)
if len(ret) != 0:
error_msg = 'Create/Update SNMP traps failed:\n'
for item in ret:
obj = item["Object"]
error = item["Error"]
error = sanitize_message(error)
error_msg += "[Trap " + obj + "] " + error + "\n"
raise ImcOperationErrorDetail(api, error_msg, ret)
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via doing explicit commit using newly introduced MO 'CommSnmpConfigCommit'
snmp_commit_explicitly_for_hp_and_above(handle, SNMP_DN)
results = {}
results["changed"] = True
results["msg"] = ""
results["msg_params"] = ret
return results
def snmp_user_add_all(handle, users=None):
"""
Adds snmp user.
Args:
handle (ImcHandle)
users (list): list of user dict
keys:
name (string): snmp username
security_level (string): "authpriv", "authnopriv", "noauthnopriv"
auth (string): "MD5", "SHA"
auth_pwd (string): password
for existing user
privacy (string): "AES", "DES"
privacy_pwd (string): privacy password
for existing user
example:
[{'name': 'snmpuser',
'security_level': 'authpriv',
'auth': 'MD5',
'auth_pwd': 'password',
'privacy': 'AES',
'privacy_pwd': 'password'}
]
Returns:
list: List of CommSnmpUser Managed Object
Raises:
ImcOperationError is maximum number of users already configured
Example:
snmp_user_add_all( handle,
users = [{'name': 'snmpuser',
'security_level': 'authpriv',
'auth': 'MD5', 'auth_pwd': 'password',
'privacy': 'AES', 'privacy_pwd': 'password'])
"""
from imcsdk.mometa.comm.CommSnmpUser import CommSnmpUser
from imcsdk.mometa.comm.CommSnmpUser import CommSnmpUserConsts
from imcsdk.mometa.comm.CommSnmp import CommSnmpConsts
api = 'snmp_user_add_all'
parent_mo = _get_mo(handle, dn=SNMP_DN)
if parent_mo.admin_state != CommSnmpConsts.ADMIN_STATE_ENABLED:
raise ImcOperationError(api, 'SNMP is not enabled.')
dn_to_user_dict = {}
mos = []
id = 0
for user in users:
name = user.pop('name', None)
security_level = user.pop('security_level', None)
_validate_api_prop('name', name, api)
_validate_api_prop('security_level', security_level, api)
auth = user.pop('auth', None)
auth_pwd = user.pop('auth_pwd', None)
privacy = user.pop('privacy', None)
privacy_pwd = user.pop('privacy_pwd', None)
params = {'name': name, 'security_level': security_level}
if security_level == CommSnmpUserConsts.SECURITY_LEVEL_AUTHNOPRIV:
_validate_api_prop('auth_pwd', auth_pwd, api)
params['auth'] = auth
params['auth_pwd'] = auth_pwd
elif security_level == CommSnmpUserConsts.SECURITY_LEVEL_AUTHPRIV:
_validate_api_prop('auth', auth, api, True, ['MD5', 'SHA'])
_validate_api_prop('auth_pwd', auth_pwd, api)
_validate_api_prop('privacy', privacy, api, True, ['AES', 'DES'])
_validate_api_prop('privacy_pwd', privacy_pwd, api)
params['auth'] = auth
params['auth_pwd'] = auth_pwd
params['privacy'] = privacy
params['privacy_pwd'] = privacy_pwd
id += 1
mo = CommSnmpUser(parent_mo_or_dn=parent_mo, id=str(id))
mo.set_prop_multiple(**params)
mos.append(mo)
dn_to_user_dict[mo.dn] = mo.name
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via setting parameter 'config_change' to 'no-commit'
mos = snmp_multiple_config_with_configcommit_for_hp_and_above(handle, mos)
response = handle.set_mos(mos)
if response:
ret = process_conf_mos_response(response, api, False,
'Create SNMP users failed',
snmp_users_callback, dn_to_user_dict)
if len(ret) != 0:
error_msg = 'Create/Update SNMP users failed:\n'
for item in ret:
obj = item["Object"]
error = item["Error"]
error = sanitize_message(error)
error_msg += "[User " + obj + "] " + error + "\n"
raise ImcOperationErrorDetail(api, error_msg, ret)
# Optimize SNMP transaction performance for CIMC version HP(4.0) and above
# via doing explicit commit using newly introduced MO 'CommSnmpConfigCommit'
snmp_commit_explicitly_for_hp_and_above(handle, SNMP_DN)
results = {}
results["changed"] = True
results["msg"] = ""
results["msg_params"] = ret
return results
