def main(): argument_spec = aci_argument_spec() argument_spec.update( lldp_policy=dict(type='str', aliases=['name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), receive_state=dict(type='bool'), transmit_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['lldp_policy']], ['state', 'present', ['lldp_policy']], ], ) aci = ACIModule(module) lldp_policy = module.params.get('lldp_policy') description = module.params.get('description') receive_state = aci.boolean(module.params.get('receive_state'), 'enabled', 'disabled') transmit_state = aci.boolean(module.params.get('transmit_state'), 'enabled', 'disabled') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='lldpIfPol', aci_rn='infra/lldpIfP-{0}'.format(lldp_policy), module_object=lldp_policy, target_filter={'name': lldp_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lldpIfPol', class_config=dict( name=lldp_policy, descr=description, adminRxSt=receive_state, adminTxSt=transmit_state, nameAlias=name_alias, ), ) aci.get_diff(aci_class='lldpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( mcp=dict(type='str', aliases=['mcp_interface', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), admin_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['mcp']], ['state', 'present', ['mcp']], ], ) aci = ACIModule(module) mcp = module.params.get('mcp') description = module.params.get('description') admin_state = aci.boolean(module.params.get('admin_state'), 'enabled', 'disabled') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='mcpIfPol', aci_rn='infra/mcpIfP-{0}'.format(mcp), module_object=mcp, target_filter={'name': mcp}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='mcpIfPol', class_config=dict( name=mcp, descr=description, adminSt=admin_state, nameAlias=name_alias, ), ) aci.get_diff(aci_class='mcpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( dns_profile=dict(type='str', aliases=['profile_name'], required=True), domain=dict(type='str', aliases=['name', 'domain_name']), default=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['domain']], ['state', 'present', ['domain']], ], ) aci = ACIModule(module) dns_profile = module.params.get('dns_profile') domain = module.params.get('domain') default = aci.boolean(module.params.get('default')) state = module.params.get('state') aci.construct_url( root_class=dict( aci_class='dnsProfile', aci_rn='fabric/dnsp-{0}'.format(dns_profile), module_object=dns_profile, target_filter={'name': dns_profile}, ), subclass_1=dict( aci_class='dnsDomain', aci_rn='dom-{0}'.format(domain), module_object=domain, target_filter={'name': domain} ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='dnsDomain', class_config=dict( name=domain, isDefault=default ), ) aci.get_diff(aci_class='dnsDomain') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( cdp_policy=dict(type="str", required=False, aliases=["cdp_interface", "name"]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), admin_state=dict(type="bool"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["cdp_policy"]], ["state", "present", ["cdp_policy"]], ], ) aci = ACIModule(module) cdp_policy = module.params.get("cdp_policy") description = module.params.get("description") admin_state = aci.boolean(module.params.get("admin_state"), "enabled", "disabled") state = module.params.get("state") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="cdpIfPol", aci_rn="infra/cdpIfP-{0}".format(cdp_policy), module_object=cdp_policy, target_filter={"name": cdp_policy}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="cdpIfPol", class_config=dict( name=cdp_policy, descr=description, adminSt=admin_state, nameAlias=name_alias, ), ) aci.get_diff(aci_class="cdpIfPol") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects src_group=dict(type='str', aliases=['name' ]), # Not required for querying all objects admin_state=dict(type='bool'), description=dict(type='str', aliases=['descr']), dst_group=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['src_group', 'tenant']], ['state', 'present', ['src_group', 'tenant']], ], ) aci = ACIModule(module) admin_state = aci.boolean(module.params.get('admin_state'), 'enabled', 'disabled') description = module.params.get('description') dst_group = module.params.get('dst_group') src_group = module.params.get('src_group') state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='spanSrcGrp', aci_rn='srcgrp-{0}'.format(src_group), module_object=src_group, target_filter={'name': src_group}, ), child_classes=['spanSpanLbl'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='spanSrcGrp', class_config=dict( adminSt=admin_state, descr=description, name=src_group, nameAlias=name_alias, ), child_configs=[{ 'spanSpanLbl': { 'attributes': { 'name': dst_group } } }], ) aci.get_diff(aci_class='spanSrcGrp') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( aaa_password=dict(type="str", no_log=True), aaa_password_lifetime=dict(type="int", no_log=False), aaa_password_update_required=dict(type="bool", no_log=False), aaa_user=dict(type="str", aliases=["name" ]), # Not required for querying all objects clear_password_history=dict(type="bool", no_log=False), description=dict(type="str", aliases=["descr"]), email=dict(type="str"), enabled=dict(type="bool"), expiration=dict(type="str"), expires=dict(type="bool"), first_name=dict(type="str"), last_name=dict(type="str"), phone=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["aaa_user"]], ["state", "present", ["aaa_user"]], ["expires", True, ["expiration"]], ], ) aci = ACIModule(module) if not HAS_DATEUTIL: module.fail_json(msg="dateutil required for this module") aaa_password = module.params.get("aaa_password") aaa_password_lifetime = module.params.get("aaa_password_lifetime") aaa_password_update_required = aci.boolean( module.params.get("aaa_password_update_required")) aaa_user = module.params.get("aaa_user") clear_password_history = aci.boolean( module.params.get("clear_password_history"), "yes", "no") description = module.params.get("description") email = module.params.get("email") enabled = aci.boolean(module.params.get("enabled"), "active", "inactive") expires = aci.boolean(module.params.get("expires")) first_name = module.params.get("first_name") last_name = module.params.get("last_name") phone = module.params.get("phone") state = module.params.get("state") name_alias = module.params.get("name_alias") expiration = module.params.get("expiration") if expiration is not None and expiration != "never": try: expiration = aci.iso8601_format( dateutil.parser.parse(expiration).replace(tzinfo=tzutc())) except Exception as e: module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params.get("expiration"), e)) aci.construct_url(root_class=dict( aci_class="aaaUser", aci_rn="userext/user-{0}".format(aaa_user), module_object=aaa_user, target_filter={"name": aaa_user}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="aaaUser", class_config=dict( accountStatus=enabled, clearPwdHistory=clear_password_history, descr=description, email=email, expiration=expiration, expires=expires, firstName=first_name, lastName=last_name, name=aaa_user, phone=phone, pwd=aaa_password, pwdLifeTime=aaa_password_lifetime, pwdUpdateRequired=aaa_password_update_required, nameAlias=name_alias, ), ) aci.get_diff(aci_class="aaaUser") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects l3out=dict(type='str', aliases=['l3out_name']), # Not required for querying all objects extepg=dict(type='str', aliases=['extepg_name', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), preferred_group=dict(type='bool'), dscp=dict(type='str', choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified'], aliases=['target']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'present', ['extepg', 'l3out', 'tenant']], ['state', 'absent', ['extepg', 'l3out', 'tenant']], ], ) aci = ACIModule(module) tenant = module.params.get('tenant') l3out = module.params.get('l3out') extepg = module.params.get('extepg') description = module.params.get('description') preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude') dscp = module.params.get('dscp') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l3extOut', aci_rn='out-{0}'.format(l3out), module_object=l3out, target_filter={'name': l3out}, ), subclass_2=dict( aci_class='l3extInstP', aci_rn='instP-{0}'.format(extepg), module_object=extepg, target_filter={'name': extepg}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l3extInstP', class_config=dict( name=extepg, descr=description, prefGrMemb=preferred_group, targetDscp=dscp, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l3extInstP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( name=dict(type="str", aliases=["maintenance_policy" ]), # Not required for querying all objects runmode=dict(type="str", default="pauseOnlyOnFailures", choices=["pauseOnlyOnFailures", "pauseNever"]), graceful=dict(type="bool"), scheduler=dict(type="str"), ignoreCompat=dict(type="bool"), adminst=dict(type="str", default="untriggered", choices=["triggered", "untriggered"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["name"]], ["state", "present", ["name", "scheduler"]], ], ) aci = ACIModule(module) state = module.params.get("state") name = module.params.get("name") runmode = module.params.get("runmode") scheduler = module.params.get("scheduler") adminst = module.params.get("adminst") graceful = aci.boolean(module.params.get("graceful")) ignoreCompat = aci.boolean(module.params.get("ignoreCompat")) name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="maintMaintP", aci_rn="fabric/maintpol-{0}".format(name), target_filter={"name": name}, module_object=name, ), child_classes=["maintRsPolScheduler"], ) aci.get_existing() if state == "present": aci.payload( aci_class="maintMaintP", class_config=dict( name=name, runMode=runmode, graceful=graceful, adminSt=adminst, ignoreCompat=ignoreCompat, nameAlias=name_alias, ), child_configs=[ dict(maintRsPolScheduler=dict(attributes=dict( tnTrigSchedPName=scheduler, ), ), ), ], ) aci.get_diff(aci_class="maintMaintP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( l2out=dict(type="str"), description=dict(type="str"), extepg=dict(type="str", aliases=["external_epg", "extepg_name", "name"]), preferred_group=dict(type="bool"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), tenant=dict(type="str"), qos_class=dict(type="str", choices=[ "level1", "level2", "level3", "level4", "level5", "level6", "Unspecified" ]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["l2out", "tenant", "extepg"]], ["state", "present", ["l2out", "tenant", "extepg"]], ], ) aci = ACIModule(module) l2out = module.params.get("l2out") description = module.params.get("description") preferred_group = aci.boolean(module.params.get("preferred_group"), "include", "exclude") state = module.params.get("state") tenant = module.params.get("tenant") extepg = module.params.get("extepg") qos_class = module.params.get("qos_class") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="l2extOut", aci_rn="l2out-{0}".format(l2out), module_object=l2out, target_filter={"name": l2out}, ), subclass_2=dict( aci_class="l2extInstP", aci_rn="instP-{0}".format(extepg), module_object=extepg, target_filter={"name": extepg}, ), ) aci.get_existing() if state == "present": config = dict(name=extepg, descr=description, dn="uni/tn-{0}/l2out-{1}/instP-{2}".format( tenant, l2out, extepg), prefGrMemb=preferred_group) if qos_class: config.update(prio=qos_class) aci.payload( class_config=config, aci_class="l2extInstP", ) aci.get_diff(aci_class="l2extInstP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( arp_flooding=dict(type="bool"), bd=dict(type="str", aliases=["bd_name", "name"]), # Not required for querying all objects bd_type=dict(type="str", choices=["ethernet", "fc"]), description=dict(type="str"), enable_multicast=dict(type="bool"), enable_routing=dict(type="bool"), endpoint_clear=dict(type="bool"), endpoint_move_detect=dict(type="str", choices=["default", "garp"]), endpoint_retention_action=dict(type="str", choices=["inherit", "resolve"]), endpoint_retention_policy=dict(type="str"), igmp_snoop_policy=dict(type="str"), ip_learning=dict(type="bool"), ipv6_nd_policy=dict(type="str"), l2_unknown_unicast=dict(type="str", choices=["proxy", "flood"]), l3_unknown_multicast=dict(type="str", choices=["flood", "opt-flood"]), ipv6_l3_unknown_multicast=dict(type="str", choices=["flood", "opt-flood"]), limit_ip_learn=dict(type="bool"), mac_address=dict(type="str", aliases=["mac"]), multi_dest=dict(type="str", choices=["bd-flood", "drop", "encap-flood"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects vrf=dict(type="str", aliases=["vrf_name"]), route_profile=dict(type="str"), route_profile_l3out=dict(type="str"), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["bd", "tenant"]], ["state", "present", ["bd", "tenant"]], ], ) aci = ACIModule(module) arp_flooding = aci.boolean(module.params.get("arp_flooding")) bd = module.params.get("bd") bd_type = module.params.get("bd_type") if bd_type == "ethernet": # ethernet type is represented as regular, but that is not clear to the users bd_type = "regular" description = module.params.get("description") enable_multicast = aci.boolean(module.params.get("enable_multicast")) enable_routing = aci.boolean(module.params.get("enable_routing")) endpoint_clear = aci.boolean(module.params.get("endpoint_clear")) endpoint_move_detect = module.params.get("endpoint_move_detect") if endpoint_move_detect == "default": # the ACI default setting is an empty string, but that is not a good input value endpoint_move_detect = "" endpoint_retention_action = module.params.get("endpoint_retention_action") endpoint_retention_policy = module.params.get("endpoint_retention_policy") igmp_snoop_policy = module.params.get("igmp_snoop_policy") ip_learning = aci.boolean(module.params.get("ip_learning")) ipv6_nd_policy = module.params.get("ipv6_nd_policy") l2_unknown_unicast = module.params.get("l2_unknown_unicast") l3_unknown_multicast = module.params.get("l3_unknown_multicast") ipv6_l3_unknown_multicast = module.params.get("ipv6_l3_unknown_multicast") limit_ip_learn = aci.boolean(module.params.get("limit_ip_learn")) mac_address = module.params.get("mac_address") multi_dest = module.params.get("multi_dest") state = module.params.get("state") tenant = module.params.get("tenant") vrf = module.params.get("vrf") route_profile = module.params.get("route_profile") route_profile_l3out = module.params.get("route_profile_l3out") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvBD", aci_rn="BD-{0}".format(bd), module_object=bd, target_filter={"name": bd}, ), child_classes=[ "fvRsCtx", "fvRsIgmpsn", "fvRsBDToNdP", "fvRsBdToEpRet", "fvRsBDToProfile" ], ) aci.get_existing() if state == "present": class_config = dict( arpFlood=arp_flooding, descr=description, epClear=endpoint_clear, epMoveDetectMode=endpoint_move_detect, ipLearning=ip_learning, limitIpLearnToSubnets=limit_ip_learn, mac=mac_address, mcastAllow=enable_multicast, multiDstPktAct=multi_dest, name=bd, type=bd_type, unicastRoute=enable_routing, unkMacUcastAct=l2_unknown_unicast, unkMcastAct=l3_unknown_multicast, nameAlias=name_alias, ) if ipv6_l3_unknown_multicast is not None: class_config["v6unkMcastAct"] = ipv6_l3_unknown_multicast aci.payload( aci_class="fvBD", class_config=class_config, child_configs=[ { "fvRsCtx": { "attributes": { "tnFvCtxName": vrf } } }, { "fvRsIgmpsn": { "attributes": { "tnIgmpSnoopPolName": igmp_snoop_policy } } }, { "fvRsBDToNdP": { "attributes": { "tnNdIfPolName": ipv6_nd_policy } } }, { "fvRsBdToEpRet": { "attributes": { "resolveAct": endpoint_retention_action, "tnFvEpRetPolName": endpoint_retention_policy } } }, { "fvRsBDToProfile": { "attributes": { "tnL3extOutName": route_profile_l3out, "tnRtctrlProfileName": route_profile } } }, ], ) aci.get_diff(aci_class="fvBD") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flooding=dict(type='bool'), bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects bd_type=dict(type='str', choices=['ethernet', 'fc']), description=dict(type='str'), enable_multicast=dict(type='bool'), enable_routing=dict(type='bool'), endpoint_clear=dict(type='bool'), endpoint_move_detect=dict(type='str', choices=['default', 'garp']), endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']), endpoint_retention_policy=dict(type='str'), igmp_snoop_policy=dict(type='str'), ip_learning=dict(type='bool'), ipv6_nd_policy=dict(type='str'), l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']), l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']), limit_ip_learn=dict(type='bool'), mac_address=dict(type='str', aliases=['mac']), multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects vrf=dict(type='str', aliases=['vrf_name']), route_profile=dict(type='str'), route_profile_l3out=dict(type='str'), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['bd', 'tenant']], ['state', 'present', ['bd', 'tenant']], ], ) aci = ACIModule(module) arp_flooding = aci.boolean(module.params.get('arp_flooding')) bd = module.params.get('bd') bd_type = module.params.get('bd_type') if bd_type == 'ethernet': # ethernet type is represented as regular, but that is not clear to the users bd_type = 'regular' description = module.params.get('description') enable_multicast = aci.boolean(module.params.get('enable_multicast')) enable_routing = aci.boolean(module.params.get('enable_routing')) endpoint_clear = aci.boolean(module.params.get('endpoint_clear')) endpoint_move_detect = module.params.get('endpoint_move_detect') if endpoint_move_detect == 'default': # the ACI default setting is an empty string, but that is not a good input value endpoint_move_detect = '' endpoint_retention_action = module.params.get('endpoint_retention_action') endpoint_retention_policy = module.params.get('endpoint_retention_policy') igmp_snoop_policy = module.params.get('igmp_snoop_policy') ip_learning = aci.boolean(module.params.get('ip_learning')) ipv6_nd_policy = module.params.get('ipv6_nd_policy') l2_unknown_unicast = module.params.get('l2_unknown_unicast') l3_unknown_multicast = module.params.get('l3_unknown_multicast') limit_ip_learn = aci.boolean(module.params.get('limit_ip_learn')) mac_address = module.params.get('mac_address') multi_dest = module.params.get('multi_dest') state = module.params.get('state') tenant = module.params.get('tenant') vrf = module.params.get('vrf') route_profile = module.params.get('route_profile') route_profile_l3out = module.params.get('route_profile_l3out') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), module_object=bd, target_filter={'name': bd}, ), child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet', 'fvRsBDToProfile'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvBD', class_config=dict( arpFlood=arp_flooding, descr=description, epClear=endpoint_clear, epMoveDetectMode=endpoint_move_detect, ipLearning=ip_learning, limitIpLearnToSubnets=limit_ip_learn, mac=mac_address, mcastAllow=enable_multicast, multiDstPktAct=multi_dest, name=bd, type=bd_type, unicastRoute=enable_routing, unkMacUcastAct=l2_unknown_unicast, unkMcastAct=l3_unknown_multicast, nameAlias=name_alias, ), child_configs=[ {'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}}, {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}}, {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}}, {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}}, {'fvRsBDToProfile': {'attributes': {'tnL3extOutName': route_profile_l3out, 'tnRtctrlProfileName': route_profile}}}, ], ) aci.get_diff(aci_class='fvBD') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( description=dict(type='str', aliases=['descr']), export_policy=dict( type='str', aliases=['name']), # Not required for querying all objects format=dict(type='str', choices=['json', 'xml']), include_secure=dict(type='bool'), max_count=dict(type='int'), snapshot=dict(type='str'), state=dict(type='str', choices=['absent', 'present', 'query'], default='present'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ ['state', 'absent', ['export_policy', 'snapshot']], ['state', 'present', ['export_policy']], ], ) aci = ACIModule(module) description = module.params.get('description') export_policy = module.params.get('export_policy') file_format = module.params.get('format') include_secure = aci.boolean(module.params.get('include_secure')) max_count = module.params.get('max_count') if max_count is not None: if max_count in range(1, 11): max_count = str(max_count) else: module.fail_json( msg="Parameter 'max_count' must be a number between 1 and 10") snapshot = module.params.get('snapshot') if snapshot is not None and not snapshot.startswith('run-'): snapshot = 'run-' + snapshot state = module.params.get('state') if state == 'present': aci.construct_url(root_class=dict( aci_class='configExportP', aci_rn='fabric/configexp-{0}'.format(export_policy), module_object=export_policy, target_filter={'name': export_policy}, ), ) aci.get_existing() aci.payload( aci_class='configExportP', class_config=dict( adminSt='triggered', descr=description, format=file_format, includeSecureFields=include_secure, maxSnapshotCount=max_count, name=export_policy, snapshot='yes', ), ) aci.get_diff('configExportP') # Create a new Snapshot aci.post_config() else: # Prefix the proper url to export_policy if export_policy is not None: export_policy = 'uni/fabric/configexp-{0}'.format(export_policy) aci.construct_url( root_class=dict( aci_class='configSnapshotCont', aci_rn='backupst/snapshots-[{0}]'.format(export_policy), module_object=export_policy, target_filter={'name': export_policy}, ), subclass_1=dict( aci_class='configSnapshot', aci_rn='snapshot-{0}'.format(snapshot), module_object=snapshot, target_filter={'name': snapshot}, ), ) aci.get_existing() if state == 'absent': # Build POST request to used to remove Snapshot aci.payload( aci_class='configSnapshot', class_config=dict( name=snapshot, retire="yes", ), ) if aci.existing: aci.get_diff('configSnapshot') # Mark Snapshot for Deletion aci.post_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( name=dict(type='str', aliases=['maintenance_policy' ]), # Not required for querying all objects runmode=dict(type='str', default='pauseOnlyOnFailures', choices=['pauseOnlyOnFailures', 'pauseNever']), graceful=dict(type='bool'), scheduler=dict(type='str'), ignoreCompat=dict(type='bool'), adminst=dict(type='str', default='untriggered', choices=['triggered', 'untriggered']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['name']], ['state', 'present', ['name', 'scheduler']], ], ) aci = ACIModule(module) state = module.params.get('state') name = module.params.get('name') runmode = module.params.get('runmode') scheduler = module.params.get('scheduler') adminst = module.params.get('adminst') graceful = aci.boolean(module.params.get('graceful')) ignoreCompat = aci.boolean(module.params.get('ignoreCompat')) name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='maintMaintP', aci_rn='fabric/maintpol-{0}'.format(name), target_filter={'name': name}, module_object=name, ), child_classes=['maintRsPolScheduler']) aci.get_existing() if state == 'present': aci.payload( aci_class='maintMaintP', class_config=dict( name=name, runMode=runmode, graceful=graceful, adminSt=adminst, ignoreCompat=ignoreCompat, nameAlias=name_alias, ), child_configs=[ dict(maintRsPolScheduler=dict(attributes=dict( tnTrigSchedPName=scheduler, ), ), ), ], ) aci.get_diff(aci_class='maintMaintP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2out=dict(type='str'), description=dict(type='str'), extepg=dict(type='str', aliases=['external_epg', 'extepg_name', 'name']), preferred_group=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str'), qos_class=dict(type='str', choices=[ 'level1', 'level2', 'level3', 'level4', 'level5', 'level6', 'Unspecified' ]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2out', 'tenant', 'extepg']], ['state', 'present', ['l2out', 'tenant', 'extepg']], ], ) aci = ACIModule(module) l2out = module.params.get('l2out') description = module.params.get('description') preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude') state = module.params.get('state') tenant = module.params.get('tenant') extepg = module.params.get('extepg') qos_class = module.params.get('qos_class') aci.construct_url(root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l2extOut', aci_rn='l2out-{0}'.format(l2out), module_object=l2out, target_filter={'name': l2out}, ), subclass_2=dict( aci_class='l2extInstP', aci_rn='instP-{0}'.format(extepg), module_object=extepg, target_filter={'name': extepg}, )) aci.get_existing() if state == 'present': config = dict(name=extepg, descr=description, dn='uni/tn-{0}/l2out-{1}/instP-{2}'.format( tenant, l2out, extepg), prefGrMemb=preferred_group) if qos_class: config.update(prio=qos_class) aci.payload( class_config=config, aci_class='l2extInstP', ) aci.get_diff(aci_class='l2extInstP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name' ]), # Not required for querying all objects subject=dict(type='str', aliases=['contract_subject', 'name', 'subject_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects priority=dict(type='str', choices=['unspecified', 'level1', 'level2', 'level3']), reverse_filter=dict(type='bool'), dscp=dict(type='str', aliases=['target'], choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ]), description=dict(type='str', aliases=['descr']), consumer_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), provider_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'subject', 'tenant']], ['state', 'present', ['contract', 'subject', 'tenant']], ], ) aci = ACIModule(module) subject = module.params.get('subject') priority = module.params.get('priority') reverse_filter = aci.boolean(module.params.get('reverse_filter')) contract = module.params.get('contract') dscp = module.params.get('dscp') description = module.params.get('description') consumer_match = module.params.get('consumer_match') if consumer_match is not None: consumer_match = MATCH_MAPPING.get(consumer_match) provider_match = module.params.get('provider_match') if provider_match is not None: provider_match = MATCH_MAPPING.get(provider_match) state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), subclass_2=dict( aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), module_object=subject, target_filter={'name': subject}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzSubj', class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzSubj') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update({ "access_key_id": dict(type="str"), "account_id": dict(type="str"), "is_account_in_org": dict(type="bool"), "is_trusted": dict(type="bool"), "secret_access_key": dict(type="str", no_log=True), "tenant": dict(type="str"), "state": dict(type="str", default="present", choices=["absent", "present", "query"]), }) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["tenant"]], ["state", "present", ["tenant"]], ], ) aci = ACIModule(module) access_key_id = module.params.get("access_key_id") account_id = module.params.get("account_id") annotation = module.params.get("annotation") is_account_in_org = aci.boolean(module.params.get("is_account_in_org")) is_trusted = aci.boolean(module.params.get("is_trusted")) secret_access_key = module.params.get("secret_access_key") tenant = module.params.get("tenant") state = module.params.get("state") child_configs = [] aci.construct_url( root_class={ "aci_class": "fvTenant", "aci_rn": "tn-{0}".format(tenant), "target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant), "module_object": tenant, }, subclass_1={ "aci_class": "cloudAwsProvider", "aci_rn": "awsprovider".format(), "target_filter": { "account_id": account_id }, "module_object": account_id, }, child_classes=[], ) aci.get_existing() if state == "present": aci.payload( aci_class="cloudAwsProvider", class_config={ "accessKeyId": access_key_id, "accountId": account_id, "annotation": annotation, "isAccountInOrg": is_account_in_org, "isTrusted": is_trusted, "secretAccessKey": secret_access_key, }, child_configs=child_configs, ) aci.get_diff(aci_class="cloudAwsProvider") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( contract=dict(type="str", aliases=["contract_name"]), # Not required for querying all objects subject=dict(type="str", aliases=["contract_subject", "name", "subject_name"]), # Not required for querying all objects tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects priority=dict(type="str", choices=["unspecified", "level1", "level2", "level3"]), reverse_filter=dict(type="bool"), dscp=dict( type="str", aliases=["target"], choices=[ "AF11", "AF12", "AF13", "AF21", "AF22", "AF23", "AF31", "AF32", "AF33", "AF41", "AF42", "AF43", "CS0", "CS1", "CS2", "CS3", "CS4", "CS5", "CS6", "CS7", "EF", "VA", "unspecified", ], ), description=dict(type="str", aliases=["descr"]), consumer_match=dict(type="str", choices=["all", "at_least_one", "at_most_one", "none"]), provider_match=dict(type="str", choices=["all", "at_least_one", "at_most_one", "none"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["contract", "subject", "tenant"]], ["state", "present", ["contract", "subject", "tenant"]], ], ) aci = ACIModule(module) subject = module.params.get("subject") priority = module.params.get("priority") reverse_filter = aci.boolean(module.params.get("reverse_filter")) contract = module.params.get("contract") dscp = module.params.get("dscp") description = module.params.get("description") consumer_match = module.params.get("consumer_match") if consumer_match is not None: consumer_match = MATCH_MAPPING.get(consumer_match) provider_match = module.params.get("provider_match") if provider_match is not None: provider_match = MATCH_MAPPING.get(provider_match) state = module.params.get("state") tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="vzBrCP", aci_rn="brc-{0}".format(contract), module_object=contract, target_filter={"name": contract}, ), subclass_2=dict( aci_class="vzSubj", aci_rn="subj-{0}".format(subject), module_object=subject, target_filter={"name": subject}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="vzSubj", class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class="vzSubj") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( compare_export_policy=dict(type='str'), compare_snapshot=dict(type='str'), description=dict(type='str', aliases=['descr']), export_policy=dict(type='str'), fail_on_decrypt=dict(type='bool'), import_mode=dict(type='str', choices=['atomic', 'best-effort']), import_policy=dict(type='str'), import_type=dict(type='str', choices=['merge', 'replace']), snapshot=dict(type='str', required=True), state=dict(type='str', default='rollback', choices=['preview', 'rollback']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ [ 'state', 'preview', ['compare_export_policy', 'compare_snapshot'] ], ['state', 'rollback', ['import_policy']], ], ) aci = ACIModule(module) description = module.params.get('description') export_policy = module.params.get('export_policy') fail_on_decrypt = aci.boolean(module.params.get('fail_on_decrypt')) import_mode = module.params.get('import_mode') import_policy = module.params.get('import_policy') import_type = module.params.get('import_type') snapshot = module.params.get('snapshot') state = module.params.get('state') if state == 'rollback': if snapshot.startswith('run-'): snapshot = snapshot.replace('run-', '', 1) if not snapshot.endswith('.tar.gz'): snapshot += '.tar.gz' filename = 'ce2_{0}-{1}'.format(export_policy, snapshot) aci.construct_url(root_class=dict( aci_class='configImportP', aci_rn='fabric/configimp-{0}'.format(import_policy), module_object=import_policy, target_filter={'name': import_policy}, ), ) aci.get_existing() aci.payload( aci_class='configImportP', class_config=dict( adminSt='triggered', descr=description, failOnDecryptErrors=fail_on_decrypt, fileName=filename, importMode=import_mode, importType=import_type, name=import_policy, snapshot='yes', ), ) aci.get_diff(aci_class='configImportP') aci.post_config() elif state == 'preview': aci.url = '%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml' % module.params aci.filter_string = ( '?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&' 's2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s' ) % module.params # Generate rollback comparison get_preview(aci) aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( name=dict(type="str", aliases=["syslog_group", "syslog_group_name"]), format=dict(type="str", choices=["aci", "nxos"]), admin_state=dict(type="str", choices=["enabled", "disabled"]), console_logging=dict(type="str", choices=["enabled", "disabled"]), console_log_severity=dict(type="str", choices=["alerts", "critical", "debugging", "emergencies", "error", "information", "notifications", "warnings"]), local_file_logging=dict(type="str", choices=["enabled", "disabled"]), local_file_log_severity=dict( type="str", choices=["alerts", "critical", "debugging", "emergencies", "error", "information", "notifications", "warnings"] ), include_ms=dict(type="bool"), include_time_zone=dict(type="bool"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["name"]], ["state", "present", ["name"]], ], ) aci = ACIModule(module) name = module.params.get("name") format = module.params.get("format") admin_state = module.params.get("admin_state") console_logging = module.params.get("console_logging") console_log_severity = module.params.get("console_log_severity") local_file_logging = module.params.get("local_file_logging") local_file_log_severity = module.params.get("local_file_log_severity") include_ms = aci.boolean(module.params.get("include_ms")) include_time_zone = aci.boolean(module.params.get("include_time_zone")) state = module.params.get("state") aci.construct_url( root_class=dict( aci_class="syslogGroup", aci_rn="fabric/slgroup-{0}".format(name), module_object=name, target_filter={"name": name}, ), child_classes=["syslogRemoteDest", "syslogProf", "syslogFile", "syslogConsole"], ) aci.get_existing() if state == "present": class_config = dict( name=name, format=format, includeMilliSeconds=include_ms, ) if include_time_zone is not None: class_config["includeTimeZone"] = include_time_zone aci.payload( aci_class="syslogGroup", class_config=class_config, child_configs=[ dict( syslogProf=dict( attributes=dict(adminState=admin_state, name="syslog"), ), ), dict( syslogFile=dict( attributes=dict(adminState=local_file_logging, format=format, severity=local_file_log_severity), ), ), dict( syslogConsole=dict( attributes=dict(adminState=console_logging, format=format, severity=console_log_severity), ), ), ], ) aci.get_diff(aci_class="syslogGroup") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( bd=dict(type='str', aliases=['bd_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), enable_vip=dict(type='bool'), gateway=dict(type='str', aliases=['gateway_ip']), # Not required for querying all objects mask=dict(type='int', aliases=['subnet_mask']), # Not required for querying all objects subnet_name=dict(type='str', aliases=['name']), nd_prefix_policy=dict(type='str'), preferred=dict(type='bool'), route_profile=dict(type='str'), route_profile_l3_out=dict(type='str'), scope=dict(type='list', choices=['private', 'public', 'shared']), subnet_control=dict(type='str', choices=['nd_ra', 'no_gw', 'querier_ip', 'unspecified']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_together=[['gateway', 'mask']], required_if=[ ['state', 'present', ['bd', 'gateway', 'mask', 'tenant']], ['state', 'absent', ['bd', 'gateway', 'mask', 'tenant']], ], ) aci = ACIModule(module) description = module.params.get('description') enable_vip = aci.boolean(module.params.get('enable_vip')) tenant = module.params.get('tenant') bd = module.params.get('bd') gateway = module.params.get('gateway') mask = module.params.get('mask') if mask is not None and mask not in range(0, 129): # TODO: split checks between IPv4 and IPv6 Addresses module.fail_json(msg='Valid Subnet Masks are 0 to 32 for IPv4 Addresses and 0 to 128 for IPv6 addresses') if gateway is not None: gateway = '{0}/{1}'.format(gateway, str(mask)) subnet_name = module.params.get('subnet_name') nd_prefix_policy = module.params.get('nd_prefix_policy') preferred = aci.boolean(module.params.get('preferred')) route_profile = module.params.get('route_profile') route_profile_l3_out = module.params.get('route_profile_l3_out') scope = module.params.get('scope') if scope is not None: if 'private' in scope and 'public' in scope: module.fail_json(msg="Parameter 'scope' cannot be both 'private' and 'public', got: %s" % scope) else: scope = ','.join(sorted(scope)) state = module.params.get('state') subnet_control = module.params.get('subnet_control') if subnet_control: subnet_control = SUBNET_CONTROL_MAPPING[subnet_control] name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), module_object=bd, target_filter={'name': bd}, ), subclass_2=dict( aci_class='fvSubnet', aci_rn='subnet-[{0}]'.format(gateway), module_object=gateway, target_filter={'ip': gateway}, ), child_classes=['fvRsBDSubnetToProfile', 'fvRsNdPfxPol'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvSubnet', class_config=dict( ctrl=subnet_control, descr=description, ip=gateway, name=subnet_name, preferred=preferred, scope=scope, virtual=enable_vip, nameAlias=name_alias, ), child_configs=[ {'fvRsBDSubnetToProfile': {'attributes': {'tnL3extOutName': route_profile_l3_out, 'tnRtctrlProfileName': route_profile}}}, {'fvRsNdPfxPol': {'attributes': {'tnNdPfxPolName': nd_prefix_policy}}}, ], ) aci.get_diff(aci_class='fvSubnet') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( allow_useg=dict(type="str", choices=["encap", "useg"]), ap=dict(type="str", aliases=["app_profile", "app_profile_name" ]), # Not required for querying all objects deploy_immediacy=dict(type="str", choices=["immediate", "lazy"]), domain=dict(type="str", aliases=["domain_name", "domain_profile" ]), # Not required for querying all objects domain_type=dict(type="str", choices=["l2dom", "phys", "vmm"], aliases=["type" ]), # Not required for querying all objects encap=dict(type="int"), encap_mode=dict(type="str", choices=["auto", "vlan", "vxlan"]), switching_mode=dict(type="str", default="native", choices=["AVE", "native"]), epg=dict(type="str", aliases=["name", "epg_name" ]), # Not required for querying all objects enhanced_lag_policy=dict(type="str", aliases=["lag_policy"]), netflow=dict(type="bool"), primary_encap=dict(type="int"), resolution_immediacy=dict( type="str", choices=["immediate", "lazy", "pre-provision"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects vm_provider=dict(type="str", choices=[ "cloudfoundry", "kubernetes", "microsoft", "openshift", "openstack", "redhat", "vmware" ]), promiscuous=dict(type="str", default="reject", choices=["accept", "reject"]), custom_epg_name=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["domain_type", "vmm", ["vm_provider"]], [ "state", "absent", ["ap", "domain", "domain_type", "epg", "tenant"] ], [ "state", "present", ["ap", "domain", "domain_type", "epg", "tenant"] ], ], ) aci = ACIModule(module) allow_useg = module.params.get("allow_useg") ap = module.params.get("ap") deploy_immediacy = module.params.get("deploy_immediacy") domain = module.params.get("domain") domain_type = module.params.get("domain_type") vm_provider = module.params.get("vm_provider") promiscuous = module.params.get("promiscuous") custom_epg_name = module.params.get("custom_epg_name") encap = module.params.get("encap") if encap is not None: if encap in range(1, 4097): encap = "vlan-{0}".format(encap) else: module.fail_json(msg="Valid VLAN assignments are from 1 to 4096") encap_mode = module.params.get("encap_mode") switching_mode = module.params.get("switching_mode") epg = module.params.get("epg") enhanced_lag_policy = module.params.get("enhanced_lag_policy") netflow = aci.boolean(module.params.get("netflow"), "enabled", "disabled") primary_encap = module.params.get("primary_encap") if primary_encap is not None: if primary_encap in range(1, 4097): primary_encap = "vlan-{0}".format(primary_encap) else: module.fail_json(msg="Valid VLAN assignments are from 1 to 4096") resolution_immediacy = module.params.get("resolution_immediacy") state = module.params.get("state") tenant = module.params.get("tenant") if domain_type in ["l2dom", "phys"] and vm_provider is not None: module.fail_json(msg="Domain type '%s' cannot have a 'vm_provider'" % domain_type) child_classes = None child_configs = None # Compile the full domain for URL building if domain_type == "vmm": epg_domain = "uni/vmmp-{0}/dom-{1}".format( VM_PROVIDER_MAPPING[vm_provider], domain) child_configs = [ dict(vmmSecP=dict(attributes=dict(allowPromiscuous=promiscuous))) ] child_classes = ["vmmSecP"] if enhanced_lag_policy is not None: lag_policy = epg_domain + "/vswitchpolcont/enlacplagp-{0}".format( enhanced_lag_policy) child_configs.append( dict(fvAEPgLagPolAtt=dict( attributes=dict(annotation=""), children=[ dict(fvRsVmmVSwitchEnhancedLagPol=dict( attributes=dict(annotation="", tDn=lag_policy))) ]))) child_classes.append("fvAEPgLagPolAtt") elif domain_type == "l2dom": epg_domain = "uni/l2dom-{0}".format(domain) elif domain_type == "phys": epg_domain = "uni/phys-{0}".format(domain) else: epg_domain = None aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvAp", aci_rn="ap-{0}".format(ap), module_object=ap, target_filter={"name": ap}, ), subclass_2=dict( aci_class="fvAEPg", aci_rn="epg-{0}".format(epg), module_object=epg, target_filter={"name": epg}, ), subclass_3=dict( aci_class="fvRsDomAtt", aci_rn="rsdomAtt-[{0}]".format(epg_domain), module_object=epg_domain, target_filter={"tDn": epg_domain}, ), child_classes=child_classes, ) aci.get_existing() if state == "present": aci.payload( aci_class="fvRsDomAtt", class_config=dict( classPref=allow_useg, encap=encap, encapMode=encap_mode, switchingMode=switching_mode, instrImedcy=deploy_immediacy, netflowPref=netflow, primaryEncap=primary_encap, resImedcy=resolution_immediacy, customEpgName=custom_epg_name, ), child_configs=child_configs, ) aci.get_diff(aci_class="fvRsDomAtt") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( link_level_policy=dict(type="str", aliases=["name"]), description=dict(type="str", aliases=["descr"]), auto_negotiation=dict(type="bool", default="true"), speed=dict(type="str", default="inherit", choices=[ "100M", "1G", "10G", "25G", "40G", "50G", "100G", "200G", "400G", "inherit" ]), link_debounce_interval=dict(type="int", default="100"), forwarding_error_correction=dict(type="str", default="inherit", choices=[ "inherit", "kp-fec", "cl91-rs-fec", "cl74-fc-fec", "disable-fec", "ieee-rs-fec", "cons16-rs-fec" ]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["link_level_policy"]], ["state", "present", ["link_level_policy"]], ], ) aci = ACIModule(module) link_level_policy = module.params["link_level_policy"] description = module.params["description"] auto_negotiation = aci.boolean(module.params["auto_negotiation"], "on", "off") speed = module.params["speed"] link_debounce_interval = module.params["link_debounce_interval"] if link_debounce_interval is not None and link_debounce_interval not in range( 0, 5001): module.fail_json( msg= 'The "link_debounce_interval" must be a value between 0 and 5000') forwarding_error_correction = module.params["forwarding_error_correction"] state = module.params["state"] aci.construct_url(root_class=dict( aci_class="fabricHIfPol", aci_rn="infra/hintfpol-{0}".format(link_level_policy), module_object=link_level_policy, target_filter={"name": link_level_policy}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="fabricHIfPol", class_config=dict( name=link_level_policy, descr=description, autoNeg=auto_negotiation, speed=speed, linkDebounce=link_debounce_interval, fecMode=forwarding_error_correction, ), ) aci.get_diff(aci_class="fabricHIfPol") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( allow_useg=dict(type='str', choices=['encap', 'useg']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name' ]), # Not required for querying all objects deploy_immediacy=dict(type='str', choices=['immediate', 'lazy']), domain=dict(type='str', aliases=['domain_name', 'domain_profile' ]), # Not required for querying all objects domain_type=dict(type='str', choices=['l2dom', 'phys', 'vmm'], aliases=['type' ]), # Not required for querying all objects encap=dict(type='int'), encap_mode=dict(type='str', choices=['auto', 'vlan', 'vxlan']), switching_mode=dict(type='str', default='native', choices=['AVE', 'native']), epg=dict(type='str', aliases=['name', 'epg_name' ]), # Not required for querying all objects netflow=dict(type='bool'), primary_encap=dict(type='int'), resolution_immediacy=dict( type='str', choices=['immediate', 'lazy', 'pre-provision']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects vm_provider=dict(type='str', choices=[ 'cloudfoundry', 'kubernetes', 'microsoft', 'openshift', 'openstack', 'redhat', 'vmware' ]), promiscuous=dict(type='str', default='reject', choices=['accept', 'reject']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['domain_type', 'vmm', ['vm_provider']], [ 'state', 'absent', ['ap', 'domain', 'domain_type', 'epg', 'tenant'] ], [ 'state', 'present', ['ap', 'domain', 'domain_type', 'epg', 'tenant'] ], ], ) aci = ACIModule(module) allow_useg = module.params.get('allow_useg') ap = module.params.get('ap') deploy_immediacy = module.params.get('deploy_immediacy') domain = module.params.get('domain') domain_type = module.params.get('domain_type') vm_provider = module.params.get('vm_provider') promiscuous = module.params.get('promiscuous') encap = module.params.get('encap') if encap is not None: if encap in range(1, 4097): encap = 'vlan-{0}'.format(encap) else: module.fail_json(msg='Valid VLAN assignments are from 1 to 4096') encap_mode = module.params.get('encap_mode') switching_mode = module.params.get('switching_mode') epg = module.params.get('epg') netflow = aci.boolean(module.params.get('netflow'), 'enabled', 'disabled') primary_encap = module.params.get('primary_encap') if primary_encap is not None: if primary_encap in range(1, 4097): primary_encap = 'vlan-{0}'.format(primary_encap) else: module.fail_json(msg='Valid VLAN assignments are from 1 to 4096') resolution_immediacy = module.params.get('resolution_immediacy') state = module.params.get('state') tenant = module.params.get('tenant') if domain_type in ['l2dom', 'phys'] and vm_provider is not None: module.fail_json(msg="Domain type '%s' cannot have a 'vm_provider'" % domain_type) # Compile the full domain for URL building if domain_type == 'vmm': epg_domain = 'uni/vmmp-{0}/dom-{1}'.format( VM_PROVIDER_MAPPING[vm_provider], domain) elif domain_type == 'l2dom': epg_domain = 'uni/l2dom-{0}'.format(domain) elif domain_type == 'phys': epg_domain = 'uni/phys-{0}'.format(domain) else: epg_domain = None child_configs = [ dict(vmmSecP=dict(attributes=dict(allowPromiscuous=promiscuous, ), ), ) ] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), module_object=ap, target_filter={'name': ap}, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), module_object=epg, target_filter={'name': epg}, ), subclass_3=dict( aci_class='fvRsDomAtt', aci_rn='rsdomAtt-[{0}]'.format(epg_domain), module_object=epg_domain, target_filter={'tDn': epg_domain}, ), child_classes=['vmmSecP'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvRsDomAtt', class_config=dict( classPref=allow_useg, encap=encap, encapMode=encap_mode, switchingMode=switching_mode, instrImedcy=deploy_immediacy, netflowPref=netflow, primaryEncap=primary_encap, resImedcy=resolution_immediacy, ), child_configs=child_configs, ) aci.get_diff(aci_class='fvRsDomAtt') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( epg=dict(type='str', aliases=['epg_name', 'name']), # Not required for querying all objects bd=dict(type='str', aliases=['bd_name', 'bridge_domain']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), intra_epg_isolation=dict(choices=['enforced', 'unenforced']), fwd_control=dict(type='str', choices=['none', 'proxy-arp']), preferred_group=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), monitoring_policy=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['ap', 'epg', 'tenant']], ['state', 'present', ['ap', 'epg', 'tenant']], ], ) aci = ACIModule(module) epg = module.params.get('epg') bd = module.params.get('bd') description = module.params.get('description') priority = module.params.get('priority') intra_epg_isolation = module.params.get('intra_epg_isolation') fwd_control = module.params.get('fwd_control') preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude') state = module.params.get('state') tenant = module.params.get('tenant') ap = module.params.get('ap') name_alias = module.params.get('name_alias') monitoring_policy = module.params.get('monitoring_policy') child_configs = [ dict(fvRsBd=dict(attributes=dict(tnFvBDName=bd))), dict(fvRsAEPgMonPol=dict(attributes=dict( tnMonEPGPolName=monitoring_policy))) ] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), module_object=ap, target_filter={'name': ap}, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), module_object=epg, target_filter={'name': epg}, ), child_classes=['fvRsBd', 'fvRsAEPgMonPol'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvAEPg', class_config=dict( name=epg, descr=description, prio=priority, pcEnfPref=intra_epg_isolation, fwdCtrl=fwd_control, prefGrMemb=preferred_group, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class='fvAEPg') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flag=dict(type='str', choices=VALID_ARP_FLAGS), description=dict(type='str', aliases=['descr']), dst_port=dict(type='str'), dst_port_end=dict(type='str'), dst_port_start=dict(type='str'), entry=dict(type='str', aliases=['entry_name', 'filter_entry', 'name']), # Not required for querying all objects ether_type=dict(choices=VALID_ETHER_TYPES, type='str'), filter=dict(type='str', aliases=['filter_name']), # Not required for querying all objects icmp_msg_type=dict(type='str', choices=VALID_ICMP_TYPES), icmp6_msg_type=dict(type='str', choices=VALID_ICMP6_TYPES), ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), stateful=dict(type='bool'), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['entry', 'filter', 'tenant']], ['state', 'present', ['entry', 'filter', 'tenant']], ], ) aci = ACIModule(module) arp_flag = module.params.get('arp_flag') if arp_flag is not None: arp_flag = ARP_FLAG_MAPPING.get(arp_flag) description = module.params.get('description') dst_port = module.params.get('dst_port') if FILTER_PORT_MAPPING.get(dst_port) is not None: dst_port = FILTER_PORT_MAPPING.get(dst_port) dst_end = module.params.get('dst_port_end') if FILTER_PORT_MAPPING.get(dst_end) is not None: dst_end = FILTER_PORT_MAPPING.get(dst_end) dst_start = module.params.get('dst_port_start') if FILTER_PORT_MAPPING.get(dst_start) is not None: dst_start = FILTER_PORT_MAPPING.get(dst_start) entry = module.params.get('entry') ether_type = module.params.get('ether_type') filter_name = module.params.get('filter') icmp_msg_type = module.params.get('icmp_msg_type') if icmp_msg_type is not None: icmp_msg_type = ICMP_MAPPING.get(icmp_msg_type) icmp6_msg_type = module.params.get('icmp6_msg_type') if icmp6_msg_type is not None: icmp6_msg_type = ICMP6_MAPPING.get(icmp6_msg_type) ip_protocol = module.params.get('ip_protocol') state = module.params.get('state') stateful = aci.boolean(module.params.get('stateful')) tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') # validate that dst_port is not passed with dst_start or dst_end if dst_port is not None and (dst_end is not None or dst_start is not None): module.fail_json(msg="Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'") elif dst_port is not None: dst_end = dst_port dst_start = dst_port aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzFilter', aci_rn='flt-{0}'.format(filter_name), module_object=filter_name, target_filter={'name': filter_name}, ), subclass_2=dict( aci_class='vzEntry', aci_rn='e-{0}'.format(entry), module_object=entry, target_filter={'name': entry}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzEntry', class_config=dict( arpOpc=arp_flag, descr=description, dFromPort=dst_start, dToPort=dst_end, etherT=ether_type, icmpv4T=icmp_msg_type, icmpv6T=icmp6_msg_type, name=entry, prot=ip_protocol, stateful=stateful, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzEntry') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects src_group=dict(type="str", aliases=["name" ]), # Not required for querying all objects admin_state=dict(type="bool"), description=dict(type="str", aliases=["descr"]), dst_group=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["src_group", "tenant"]], ["state", "present", ["src_group", "tenant"]], ], ) aci = ACIModule(module) admin_state = aci.boolean(module.params.get("admin_state"), "enabled", "disabled") description = module.params.get("description") dst_group = module.params.get("dst_group") src_group = module.params.get("src_group") state = module.params.get("state") tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="spanSrcGrp", aci_rn="srcgrp-{0}".format(src_group), module_object=src_group, target_filter={"name": src_group}, ), child_classes=["spanSpanLbl"], ) aci.get_existing() if state == "present": aci.payload( aci_class="spanSrcGrp", class_config=dict( adminSt=admin_state, descr=description, name=src_group, nameAlias=name_alias, ), child_configs=[{ "spanSpanLbl": { "attributes": { "name": dst_group } } }], ) aci.get_diff(aci_class="spanSrcGrp") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2_policy=dict(type='str', aliases=['name' ]), # Not required for querying all policies description=dict(type='str', aliases=['descr']), vlan_scope=dict(type='str', choices=['global', 'portlocal' ]), # No default provided on purpose qinq=dict(type='str', choices=['core', 'disabled', 'edge']), vepa=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2_policy']], ['state', 'present', ['l2_policy']], ], ) aci = ACIModule(module) l2_policy = module.params.get('l2_policy') vlan_scope = module.params.get('vlan_scope') qinq = module.params.get('qinq') if qinq is not None: qinq = QINQ_MAPPING.get(qinq) vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled') description = module.params.get('description') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='l2IfPol', aci_rn='infra/l2IfP-{0}'.format(l2_policy), module_object=l2_policy, target_filter={'name': l2_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2IfPol', class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l2IfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( description=dict(type="str", aliases=["descr"]), export_policy=dict(type="str", aliases=["name"]), # Not required for querying all objects format=dict(type="str", choices=["json", "xml"]), include_secure=dict(type="bool"), max_count=dict(type="int"), snapshot=dict(type="str"), state=dict(type="str", choices=["absent", "present", "query"], default="present"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ ["state", "absent", ["export_policy", "snapshot"]], ["state", "present", ["export_policy"]], ], ) aci = ACIModule(module) description = module.params.get("description") export_policy = module.params.get("export_policy") file_format = module.params.get("format") include_secure = aci.boolean(module.params.get("include_secure")) max_count = module.params.get("max_count") if max_count is not None: if max_count in range(1, 11): max_count = str(max_count) else: module.fail_json(msg="Parameter 'max_count' must be a number between 1 and 10") snapshot = module.params.get("snapshot") if snapshot is not None and not snapshot.startswith("run-"): snapshot = "run-" + snapshot state = module.params.get("state") if state == "present": aci.construct_url( root_class=dict( aci_class="configExportP", aci_rn="fabric/configexp-{0}".format(export_policy), module_object=export_policy, target_filter={"name": export_policy}, ), ) aci.get_existing() aci.payload( aci_class="configExportP", class_config=dict( adminSt="triggered", descr=description, format=file_format, includeSecureFields=include_secure, maxSnapshotCount=max_count, name=export_policy, snapshot="yes", ), ) aci.get_diff("configExportP") # Create a new Snapshot aci.post_config() else: # Prefix the proper url to export_policy if export_policy is not None: export_policy = "uni/fabric/configexp-{0}".format(export_policy) aci.construct_url( root_class=dict( aci_class="configSnapshotCont", aci_rn="backupst/snapshots-[{0}]".format(export_policy), module_object=export_policy, target_filter={"name": export_policy}, ), subclass_1=dict( aci_class="configSnapshot", aci_rn="snapshot-{0}".format(snapshot), module_object=snapshot, target_filter={"name": snapshot}, ), ) aci.get_existing() if state == "absent": # Build POST request to used to remove Snapshot aci.payload( aci_class="configSnapshot", class_config=dict( name=snapshot, retire="yes", ), ) if aci.existing: aci.get_diff("configSnapshot") # Mark Snapshot for Deletion aci.post_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( arp_flag=dict(type="str", choices=VALID_ARP_FLAGS), description=dict(type="str", aliases=["descr"]), dst_port=dict(type="str"), dst_port_end=dict(type="str"), dst_port_start=dict(type="str"), entry=dict(type="str", aliases=["entry_name", "filter_entry", "name"]), # Not required for querying all objects ether_type=dict(choices=VALID_ETHER_TYPES, type="str"), filter=dict(type="str", aliases=["filter_name" ]), # Not required for querying all objects icmp_msg_type=dict(type="str", choices=VALID_ICMP_TYPES), icmp6_msg_type=dict(type="str", choices=VALID_ICMP6_TYPES), ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), stateful=dict(type="bool"), tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["entry", "filter", "tenant"]], ["state", "present", ["entry", "filter", "tenant"]], ], ) aci = ACIModule(module) arp_flag = module.params.get("arp_flag") if arp_flag is not None: arp_flag = ARP_FLAG_MAPPING.get(arp_flag) description = module.params.get("description") dst_port = module.params.get("dst_port") if FILTER_PORT_MAPPING.get(dst_port) is not None: dst_port = FILTER_PORT_MAPPING.get(dst_port) dst_end = module.params.get("dst_port_end") if FILTER_PORT_MAPPING.get(dst_end) is not None: dst_end = FILTER_PORT_MAPPING.get(dst_end) dst_start = module.params.get("dst_port_start") if FILTER_PORT_MAPPING.get(dst_start) is not None: dst_start = FILTER_PORT_MAPPING.get(dst_start) entry = module.params.get("entry") ether_type = module.params.get("ether_type") filter_name = module.params.get("filter") icmp_msg_type = module.params.get("icmp_msg_type") if icmp_msg_type is not None: icmp_msg_type = ICMP_MAPPING.get(icmp_msg_type) icmp6_msg_type = module.params.get("icmp6_msg_type") if icmp6_msg_type is not None: icmp6_msg_type = ICMP6_MAPPING.get(icmp6_msg_type) ip_protocol = module.params.get("ip_protocol") state = module.params.get("state") stateful = aci.boolean(module.params.get("stateful")) tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") # validate that dst_port is not passed with dst_start or dst_end if dst_port is not None and (dst_end is not None or dst_start is not None): module.fail_json( msg= "Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'" ) elif dst_port is not None: dst_end = dst_port dst_start = dst_port aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="vzFilter", aci_rn="flt-{0}".format(filter_name), module_object=filter_name, target_filter={"name": filter_name}, ), subclass_2=dict( aci_class="vzEntry", aci_rn="e-{0}".format(entry), module_object=entry, target_filter={"name": entry}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="vzEntry", class_config=dict( arpOpc=arp_flag, descr=description, dFromPort=dst_start, dToPort=dst_end, etherT=ether_type, icmpv4T=icmp_msg_type, icmpv6T=icmp6_msg_type, name=entry, prot=ip_protocol, stateful=stateful, nameAlias=name_alias, ), ) aci.get_diff(aci_class="vzEntry") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects ospf=dict(type="str", aliases=["ospf_interface", "name"]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), network_type=dict(type="str", choices=["bcast", "p2p"]), cost=dict(type="int"), controls=dict( type="list", elements="str", choices=["advert-subnet", "bfd", "mtu-ignore", "passive"]), dead_interval=dict(type="int"), hello_interval=dict(type="int"), prefix_suppression=dict(type="bool"), priority=dict(type="int"), retransmit_interval=dict(type="int"), transmit_delay=dict(type="int"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["ospf", "tenant"]], ["state", "present", ["ospf", "tenant"]], ], ) aci = ACIModule(module) tenant = module.params.get("tenant") ospf = module.params.get("ospf") description = module.params.get("description") name_alias = module.params.get("name_alias") if module.params.get("controls") is None: controls = None else: controls = ",".join(module.params.get("controls")) cost = module.params.get("cost") if cost is not None and cost not in range(1, 451): module.fail_json( msg="Parameter 'cost' is only valid in range between 1 and 450.") dead_interval = module.params.get("dead_interval") if dead_interval is not None and dead_interval not in range(1, 65536): module.fail_json( msg= "Parameter 'dead_interval' is only valid in range between 1 and 65536." ) hello_interval = module.params.get("hello_interval") if hello_interval is not None and hello_interval not in range(1, 65536): module.fail_json( msg= "Parameter 'hello_interval' is only valid in range between 1 and 65536." ) network_type = module.params.get("network_type") prefix_suppression = aci.boolean(module.params.get("prefix_suppression"), "enabled", "disabled") priority = module.params.get("priority") if priority is not None and priority not in range(0, 256): module.fail_json( msg="Parameter 'priority' is only valid in range between 1 and 255." ) retransmit_interval = module.params.get("retransmit_interval") if retransmit_interval is not None and retransmit_interval not in range( 1, 65536): module.fail_json( msg= "Parameter 'retransmit_interval' is only valid in range between 1 and 65536." ) transmit_delay = module.params.get("transmit_delay") if transmit_delay is not None and transmit_delay not in range(1, 451): module.fail_json( msg= "Parameter 'transmit_delay' is only valid in range between 1 and 450." ) state = module.params.get("state") aci.construct_url(root_class=dict( aci_class="ospfIfPol", aci_rn="tn-{0}/ospfIfPol-{1}".format(tenant, ospf), module_object=ospf, target_filter={"name": ospf}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="ospfIfPol", class_config=dict( name=ospf, descr=description, cost=cost, ctrl=controls, deadIntvl=dead_interval, helloIntvl=hello_interval, nwT=network_type, pfxSuppress=prefix_suppression, prio=priority, rexmitIntvl=retransmit_interval, xmitDelay=transmit_delay, nameAlias=name_alias, ), ) aci.get_diff(aci_class="ospfIfPol") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()