def main():
argument_spec = aci_argument_spec()
argument_spec.update(
lldp_policy=dict(type='str', aliases=['name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
receive_state=dict(type='bool'),
transmit_state=dict(type='bool'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['lldp_policy']],
['state', 'present', ['lldp_policy']],
],
)
aci = ACIModule(module)
lldp_policy = module.params.get('lldp_policy')
description = module.params.get('description')
receive_state = aci.boolean(module.params.get('receive_state'), 'enabled', 'disabled')
transmit_state = aci.boolean(module.params.get('transmit_state'), 'enabled', 'disabled')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='lldpIfPol',
aci_rn='infra/lldpIfP-{0}'.format(lldp_policy),
module_object=lldp_policy,
target_filter={'name': lldp_policy},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='lldpIfPol',
class_config=dict(
name=lldp_policy,
descr=description,
adminRxSt=receive_state,
adminTxSt=transmit_state,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='lldpIfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
mcp=dict(type='str',
aliases=['mcp_interface',
'name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
admin_state=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['mcp']],
['state', 'present', ['mcp']],
],
)
aci = ACIModule(module)
mcp = module.params.get('mcp')
description = module.params.get('description')
admin_state = aci.boolean(module.params.get('admin_state'), 'enabled',
'disabled')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='mcpIfPol',
aci_rn='infra/mcpIfP-{0}'.format(mcp),
module_object=mcp,
target_filter={'name': mcp},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='mcpIfPol',
class_config=dict(
name=mcp,
descr=description,
adminSt=admin_state,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='mcpIfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
dns_profile=dict(type='str', aliases=['profile_name'], required=True),
domain=dict(type='str', aliases=['name', 'domain_name']),
default=dict(type='bool'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['domain']],
['state', 'present', ['domain']],
],
)
aci = ACIModule(module)
dns_profile = module.params.get('dns_profile')
domain = module.params.get('domain')
default = aci.boolean(module.params.get('default'))
state = module.params.get('state')
aci.construct_url(
root_class=dict(
aci_class='dnsProfile',
aci_rn='fabric/dnsp-{0}'.format(dns_profile),
module_object=dns_profile,
target_filter={'name': dns_profile},
),
subclass_1=dict(
aci_class='dnsDomain',
aci_rn='dom-{0}'.format(domain),
module_object=domain,
target_filter={'name': domain}
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='dnsDomain',
class_config=dict(
name=domain,
isDefault=default
),
)
aci.get_diff(aci_class='dnsDomain')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
cdp_policy=dict(type="str", required=False, aliases=["cdp_interface", "name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
admin_state=dict(type="bool"),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["cdp_policy"]],
["state", "present", ["cdp_policy"]],
],
)
aci = ACIModule(module)
cdp_policy = module.params.get("cdp_policy")
description = module.params.get("description")
admin_state = aci.boolean(module.params.get("admin_state"), "enabled", "disabled")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="cdpIfPol",
aci_rn="infra/cdpIfP-{0}".format(cdp_policy),
module_object=cdp_policy,
target_filter={"name": cdp_policy},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cdpIfPol",
class_config=dict(
name=cdp_policy,
descr=description,
adminSt=admin_state,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="cdpIfPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
src_group=dict(type='str',
aliases=['name'
]), # Not required for querying all objects
admin_state=dict(type='bool'),
description=dict(type='str', aliases=['descr']),
dst_group=dict(type='str'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['src_group', 'tenant']],
['state', 'present', ['src_group', 'tenant']],
],
)
aci = ACIModule(module)
admin_state = aci.boolean(module.params.get('admin_state'), 'enabled',
'disabled')
description = module.params.get('description')
dst_group = module.params.get('dst_group')
src_group = module.params.get('src_group')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='spanSrcGrp',
aci_rn='srcgrp-{0}'.format(src_group),
module_object=src_group,
target_filter={'name': src_group},
),
child_classes=['spanSpanLbl'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='spanSrcGrp',
class_config=dict(
adminSt=admin_state,
descr=description,
name=src_group,
nameAlias=name_alias,
),
child_configs=[{
'spanSpanLbl': {
'attributes': {
'name': dst_group
}
}
}],
)
aci.get_diff(aci_class='spanSrcGrp')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
aaa_password=dict(type="str", no_log=True),
aaa_password_lifetime=dict(type="int", no_log=False),
aaa_password_update_required=dict(type="bool", no_log=False),
aaa_user=dict(type="str",
aliases=["name"
]), # Not required for querying all objects
clear_password_history=dict(type="bool", no_log=False),
description=dict(type="str", aliases=["descr"]),
email=dict(type="str"),
enabled=dict(type="bool"),
expiration=dict(type="str"),
expires=dict(type="bool"),
first_name=dict(type="str"),
last_name=dict(type="str"),
phone=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["aaa_user"]],
["state", "present", ["aaa_user"]],
["expires", True, ["expiration"]],
],
)
aci = ACIModule(module)
if not HAS_DATEUTIL:
module.fail_json(msg="dateutil required for this module")
aaa_password = module.params.get("aaa_password")
aaa_password_lifetime = module.params.get("aaa_password_lifetime")
aaa_password_update_required = aci.boolean(
module.params.get("aaa_password_update_required"))
aaa_user = module.params.get("aaa_user")
clear_password_history = aci.boolean(
module.params.get("clear_password_history"), "yes", "no")
description = module.params.get("description")
email = module.params.get("email")
enabled = aci.boolean(module.params.get("enabled"), "active", "inactive")
expires = aci.boolean(module.params.get("expires"))
first_name = module.params.get("first_name")
last_name = module.params.get("last_name")
phone = module.params.get("phone")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
expiration = module.params.get("expiration")
if expiration is not None and expiration != "never":
try:
expiration = aci.iso8601_format(
dateutil.parser.parse(expiration).replace(tzinfo=tzutc()))
except Exception as e:
module.fail_json(msg="Failed to parse date format '%s', %s" %
(module.params.get("expiration"), e))
aci.construct_url(root_class=dict(
aci_class="aaaUser",
aci_rn="userext/user-{0}".format(aaa_user),
module_object=aaa_user,
target_filter={"name": aaa_user},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="aaaUser",
class_config=dict(
accountStatus=enabled,
clearPwdHistory=clear_password_history,
descr=description,
email=email,
expiration=expiration,
expires=expires,
firstName=first_name,
lastName=last_name,
name=aaa_user,
phone=phone,
pwd=aaa_password,
pwdLifeTime=aaa_password_lifetime,
pwdUpdateRequired=aaa_password_update_required,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="aaaUser")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
l3out=dict(type='str', aliases=['l3out_name']), # Not required for querying all objects
extepg=dict(type='str', aliases=['extepg_name', 'name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
preferred_group=dict(type='bool'),
dscp=dict(type='str',
choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42',
'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified'],
aliases=['target']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'present', ['extepg', 'l3out', 'tenant']],
['state', 'absent', ['extepg', 'l3out', 'tenant']],
],
)
aci = ACIModule(module)
tenant = module.params.get('tenant')
l3out = module.params.get('l3out')
extepg = module.params.get('extepg')
description = module.params.get('description')
preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude')
dscp = module.params.get('dscp')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='l3extOut',
aci_rn='out-{0}'.format(l3out),
module_object=l3out,
target_filter={'name': l3out},
),
subclass_2=dict(
aci_class='l3extInstP',
aci_rn='instP-{0}'.format(extepg),
module_object=extepg,
target_filter={'name': extepg},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l3extInstP',
class_config=dict(
name=extepg,
descr=description,
prefGrMemb=preferred_group,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l3extInstP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
name=dict(type="str",
aliases=["maintenance_policy"
]), # Not required for querying all objects
runmode=dict(type="str",
default="pauseOnlyOnFailures",
choices=["pauseOnlyOnFailures", "pauseNever"]),
graceful=dict(type="bool"),
scheduler=dict(type="str"),
ignoreCompat=dict(type="bool"),
adminst=dict(type="str",
default="untriggered",
choices=["triggered", "untriggered"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name", "scheduler"]],
],
)
aci = ACIModule(module)
state = module.params.get("state")
name = module.params.get("name")
runmode = module.params.get("runmode")
scheduler = module.params.get("scheduler")
adminst = module.params.get("adminst")
graceful = aci.boolean(module.params.get("graceful"))
ignoreCompat = aci.boolean(module.params.get("ignoreCompat"))
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="maintMaintP",
aci_rn="fabric/maintpol-{0}".format(name),
target_filter={"name": name},
module_object=name,
),
child_classes=["maintRsPolScheduler"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="maintMaintP",
class_config=dict(
name=name,
runMode=runmode,
graceful=graceful,
adminSt=adminst,
ignoreCompat=ignoreCompat,
nameAlias=name_alias,
),
child_configs=[
dict(maintRsPolScheduler=dict(attributes=dict(
tnTrigSchedPName=scheduler, ), ), ),
],
)
aci.get_diff(aci_class="maintMaintP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
l2out=dict(type="str"),
description=dict(type="str"),
extepg=dict(type="str",
aliases=["external_epg", "extepg_name", "name"]),
preferred_group=dict(type="bool"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str"),
qos_class=dict(type="str",
choices=[
"level1", "level2", "level3", "level4", "level5",
"level6", "Unspecified"
]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["l2out", "tenant", "extepg"]],
["state", "present", ["l2out", "tenant", "extepg"]],
],
)
aci = ACIModule(module)
l2out = module.params.get("l2out")
description = module.params.get("description")
preferred_group = aci.boolean(module.params.get("preferred_group"),
"include", "exclude")
state = module.params.get("state")
tenant = module.params.get("tenant")
extepg = module.params.get("extepg")
qos_class = module.params.get("qos_class")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l2extOut",
aci_rn="l2out-{0}".format(l2out),
module_object=l2out,
target_filter={"name": l2out},
),
subclass_2=dict(
aci_class="l2extInstP",
aci_rn="instP-{0}".format(extepg),
module_object=extepg,
target_filter={"name": extepg},
),
)
aci.get_existing()
if state == "present":
config = dict(name=extepg,
descr=description,
dn="uni/tn-{0}/l2out-{1}/instP-{2}".format(
tenant, l2out, extepg),
prefGrMemb=preferred_group)
if qos_class:
config.update(prio=qos_class)
aci.payload(
class_config=config,
aci_class="l2extInstP",
)
aci.get_diff(aci_class="l2extInstP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
arp_flooding=dict(type="bool"),
bd=dict(type="str",
aliases=["bd_name",
"name"]), # Not required for querying all objects
bd_type=dict(type="str", choices=["ethernet", "fc"]),
description=dict(type="str"),
enable_multicast=dict(type="bool"),
enable_routing=dict(type="bool"),
endpoint_clear=dict(type="bool"),
endpoint_move_detect=dict(type="str", choices=["default", "garp"]),
endpoint_retention_action=dict(type="str",
choices=["inherit", "resolve"]),
endpoint_retention_policy=dict(type="str"),
igmp_snoop_policy=dict(type="str"),
ip_learning=dict(type="bool"),
ipv6_nd_policy=dict(type="str"),
l2_unknown_unicast=dict(type="str", choices=["proxy", "flood"]),
l3_unknown_multicast=dict(type="str", choices=["flood", "opt-flood"]),
ipv6_l3_unknown_multicast=dict(type="str",
choices=["flood", "opt-flood"]),
limit_ip_learn=dict(type="bool"),
mac_address=dict(type="str", aliases=["mac"]),
multi_dest=dict(type="str",
choices=["bd-flood", "drop", "encap-flood"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
vrf=dict(type="str", aliases=["vrf_name"]),
route_profile=dict(type="str"),
route_profile_l3out=dict(type="str"),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["bd", "tenant"]],
["state", "present", ["bd", "tenant"]],
],
)
aci = ACIModule(module)
arp_flooding = aci.boolean(module.params.get("arp_flooding"))
bd = module.params.get("bd")
bd_type = module.params.get("bd_type")
if bd_type == "ethernet":
# ethernet type is represented as regular, but that is not clear to the users
bd_type = "regular"
description = module.params.get("description")
enable_multicast = aci.boolean(module.params.get("enable_multicast"))
enable_routing = aci.boolean(module.params.get("enable_routing"))
endpoint_clear = aci.boolean(module.params.get("endpoint_clear"))
endpoint_move_detect = module.params.get("endpoint_move_detect")
if endpoint_move_detect == "default":
# the ACI default setting is an empty string, but that is not a good input value
endpoint_move_detect = ""
endpoint_retention_action = module.params.get("endpoint_retention_action")
endpoint_retention_policy = module.params.get("endpoint_retention_policy")
igmp_snoop_policy = module.params.get("igmp_snoop_policy")
ip_learning = aci.boolean(module.params.get("ip_learning"))
ipv6_nd_policy = module.params.get("ipv6_nd_policy")
l2_unknown_unicast = module.params.get("l2_unknown_unicast")
l3_unknown_multicast = module.params.get("l3_unknown_multicast")
ipv6_l3_unknown_multicast = module.params.get("ipv6_l3_unknown_multicast")
limit_ip_learn = aci.boolean(module.params.get("limit_ip_learn"))
mac_address = module.params.get("mac_address")
multi_dest = module.params.get("multi_dest")
state = module.params.get("state")
tenant = module.params.get("tenant")
vrf = module.params.get("vrf")
route_profile = module.params.get("route_profile")
route_profile_l3out = module.params.get("route_profile_l3out")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvBD",
aci_rn="BD-{0}".format(bd),
module_object=bd,
target_filter={"name": bd},
),
child_classes=[
"fvRsCtx", "fvRsIgmpsn", "fvRsBDToNdP", "fvRsBdToEpRet",
"fvRsBDToProfile"
],
)
aci.get_existing()
if state == "present":
class_config = dict(
arpFlood=arp_flooding,
descr=description,
epClear=endpoint_clear,
epMoveDetectMode=endpoint_move_detect,
ipLearning=ip_learning,
limitIpLearnToSubnets=limit_ip_learn,
mac=mac_address,
mcastAllow=enable_multicast,
multiDstPktAct=multi_dest,
name=bd,
type=bd_type,
unicastRoute=enable_routing,
unkMacUcastAct=l2_unknown_unicast,
unkMcastAct=l3_unknown_multicast,
nameAlias=name_alias,
)
if ipv6_l3_unknown_multicast is not None:
class_config["v6unkMcastAct"] = ipv6_l3_unknown_multicast
aci.payload(
aci_class="fvBD",
class_config=class_config,
child_configs=[
{
"fvRsCtx": {
"attributes": {
"tnFvCtxName": vrf
}
}
},
{
"fvRsIgmpsn": {
"attributes": {
"tnIgmpSnoopPolName": igmp_snoop_policy
}
}
},
{
"fvRsBDToNdP": {
"attributes": {
"tnNdIfPolName": ipv6_nd_policy
}
}
},
{
"fvRsBdToEpRet": {
"attributes": {
"resolveAct": endpoint_retention_action,
"tnFvEpRetPolName": endpoint_retention_policy
}
}
},
{
"fvRsBDToProfile": {
"attributes": {
"tnL3extOutName": route_profile_l3out,
"tnRtctrlProfileName": route_profile
}
}
},
],
)
aci.get_diff(aci_class="fvBD")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
arp_flooding=dict(type='bool'),
bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects
bd_type=dict(type='str', choices=['ethernet', 'fc']),
description=dict(type='str'),
enable_multicast=dict(type='bool'),
enable_routing=dict(type='bool'),
endpoint_clear=dict(type='bool'),
endpoint_move_detect=dict(type='str', choices=['default', 'garp']),
endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']),
endpoint_retention_policy=dict(type='str'),
igmp_snoop_policy=dict(type='str'),
ip_learning=dict(type='bool'),
ipv6_nd_policy=dict(type='str'),
l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']),
l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']),
limit_ip_learn=dict(type='bool'),
mac_address=dict(type='str', aliases=['mac']),
multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
vrf=dict(type='str', aliases=['vrf_name']),
route_profile=dict(type='str'),
route_profile_l3out=dict(type='str'),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['bd', 'tenant']],
['state', 'present', ['bd', 'tenant']],
],
)
aci = ACIModule(module)
arp_flooding = aci.boolean(module.params.get('arp_flooding'))
bd = module.params.get('bd')
bd_type = module.params.get('bd_type')
if bd_type == 'ethernet':
# ethernet type is represented as regular, but that is not clear to the users
bd_type = 'regular'
description = module.params.get('description')
enable_multicast = aci.boolean(module.params.get('enable_multicast'))
enable_routing = aci.boolean(module.params.get('enable_routing'))
endpoint_clear = aci.boolean(module.params.get('endpoint_clear'))
endpoint_move_detect = module.params.get('endpoint_move_detect')
if endpoint_move_detect == 'default':
# the ACI default setting is an empty string, but that is not a good input value
endpoint_move_detect = ''
endpoint_retention_action = module.params.get('endpoint_retention_action')
endpoint_retention_policy = module.params.get('endpoint_retention_policy')
igmp_snoop_policy = module.params.get('igmp_snoop_policy')
ip_learning = aci.boolean(module.params.get('ip_learning'))
ipv6_nd_policy = module.params.get('ipv6_nd_policy')
l2_unknown_unicast = module.params.get('l2_unknown_unicast')
l3_unknown_multicast = module.params.get('l3_unknown_multicast')
limit_ip_learn = aci.boolean(module.params.get('limit_ip_learn'))
mac_address = module.params.get('mac_address')
multi_dest = module.params.get('multi_dest')
state = module.params.get('state')
tenant = module.params.get('tenant')
vrf = module.params.get('vrf')
route_profile = module.params.get('route_profile')
route_profile_l3out = module.params.get('route_profile_l3out')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvBD',
aci_rn='BD-{0}'.format(bd),
module_object=bd,
target_filter={'name': bd},
),
child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet', 'fvRsBDToProfile'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvBD',
class_config=dict(
arpFlood=arp_flooding,
descr=description,
epClear=endpoint_clear,
epMoveDetectMode=endpoint_move_detect,
ipLearning=ip_learning,
limitIpLearnToSubnets=limit_ip_learn,
mac=mac_address,
mcastAllow=enable_multicast,
multiDstPktAct=multi_dest,
name=bd,
type=bd_type,
unicastRoute=enable_routing,
unkMacUcastAct=l2_unknown_unicast,
unkMcastAct=l3_unknown_multicast,
nameAlias=name_alias,
),
child_configs=[
{'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}},
{'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}},
{'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}},
{'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}},
{'fvRsBDToProfile': {'attributes': {'tnL3extOutName': route_profile_l3out, 'tnRtctrlProfileName': route_profile}}},
],
)
aci.get_diff(aci_class='fvBD')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
description=dict(type='str', aliases=['descr']),
export_policy=dict(
type='str',
aliases=['name']), # Not required for querying all objects
format=dict(type='str', choices=['json', 'xml']),
include_secure=dict(type='bool'),
max_count=dict(type='int'),
snapshot=dict(type='str'),
state=dict(type='str',
choices=['absent', 'present', 'query'],
default='present'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=False,
required_if=[
['state', 'absent', ['export_policy', 'snapshot']],
['state', 'present', ['export_policy']],
],
)
aci = ACIModule(module)
description = module.params.get('description')
export_policy = module.params.get('export_policy')
file_format = module.params.get('format')
include_secure = aci.boolean(module.params.get('include_secure'))
max_count = module.params.get('max_count')
if max_count is not None:
if max_count in range(1, 11):
max_count = str(max_count)
else:
module.fail_json(
msg="Parameter 'max_count' must be a number between 1 and 10")
snapshot = module.params.get('snapshot')
if snapshot is not None and not snapshot.startswith('run-'):
snapshot = 'run-' + snapshot
state = module.params.get('state')
if state == 'present':
aci.construct_url(root_class=dict(
aci_class='configExportP',
aci_rn='fabric/configexp-{0}'.format(export_policy),
module_object=export_policy,
target_filter={'name': export_policy},
), )
aci.get_existing()
aci.payload(
aci_class='configExportP',
class_config=dict(
adminSt='triggered',
descr=description,
format=file_format,
includeSecureFields=include_secure,
maxSnapshotCount=max_count,
name=export_policy,
snapshot='yes',
),
)
aci.get_diff('configExportP')
# Create a new Snapshot
aci.post_config()
else:
# Prefix the proper url to export_policy
if export_policy is not None:
export_policy = 'uni/fabric/configexp-{0}'.format(export_policy)
aci.construct_url(
root_class=dict(
aci_class='configSnapshotCont',
aci_rn='backupst/snapshots-[{0}]'.format(export_policy),
module_object=export_policy,
target_filter={'name': export_policy},
),
subclass_1=dict(
aci_class='configSnapshot',
aci_rn='snapshot-{0}'.format(snapshot),
module_object=snapshot,
target_filter={'name': snapshot},
),
)
aci.get_existing()
if state == 'absent':
# Build POST request to used to remove Snapshot
aci.payload(
aci_class='configSnapshot',
class_config=dict(
name=snapshot,
retire="yes",
),
)
if aci.existing:
aci.get_diff('configSnapshot')
# Mark Snapshot for Deletion
aci.post_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str',
aliases=['maintenance_policy'
]), # Not required for querying all objects
runmode=dict(type='str',
default='pauseOnlyOnFailures',
choices=['pauseOnlyOnFailures', 'pauseNever']),
graceful=dict(type='bool'),
scheduler=dict(type='str'),
ignoreCompat=dict(type='bool'),
adminst=dict(type='str',
default='untriggered',
choices=['triggered', 'untriggered']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['name']],
['state', 'present', ['name', 'scheduler']],
],
)
aci = ACIModule(module)
state = module.params.get('state')
name = module.params.get('name')
runmode = module.params.get('runmode')
scheduler = module.params.get('scheduler')
adminst = module.params.get('adminst')
graceful = aci.boolean(module.params.get('graceful'))
ignoreCompat = aci.boolean(module.params.get('ignoreCompat'))
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='maintMaintP',
aci_rn='fabric/maintpol-{0}'.format(name),
target_filter={'name': name},
module_object=name,
),
child_classes=['maintRsPolScheduler'])
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='maintMaintP',
class_config=dict(
name=name,
runMode=runmode,
graceful=graceful,
adminSt=adminst,
ignoreCompat=ignoreCompat,
nameAlias=name_alias,
),
child_configs=[
dict(maintRsPolScheduler=dict(attributes=dict(
tnTrigSchedPName=scheduler, ), ), ),
],
)
aci.get_diff(aci_class='maintMaintP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
l2out=dict(type='str'),
description=dict(type='str'),
extepg=dict(type='str',
aliases=['external_epg', 'extepg_name', 'name']),
preferred_group=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
tenant=dict(type='str'),
qos_class=dict(type='str',
choices=[
'level1', 'level2', 'level3', 'level4', 'level5',
'level6', 'Unspecified'
]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['l2out', 'tenant', 'extepg']],
['state', 'present', ['l2out', 'tenant', 'extepg']],
],
)
aci = ACIModule(module)
l2out = module.params.get('l2out')
description = module.params.get('description')
preferred_group = aci.boolean(module.params.get('preferred_group'),
'include', 'exclude')
state = module.params.get('state')
tenant = module.params.get('tenant')
extepg = module.params.get('extepg')
qos_class = module.params.get('qos_class')
aci.construct_url(root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='l2extOut',
aci_rn='l2out-{0}'.format(l2out),
module_object=l2out,
target_filter={'name': l2out},
),
subclass_2=dict(
aci_class='l2extInstP',
aci_rn='instP-{0}'.format(extepg),
module_object=extepg,
target_filter={'name': extepg},
))
aci.get_existing()
if state == 'present':
config = dict(name=extepg,
descr=description,
dn='uni/tn-{0}/l2out-{1}/instP-{2}'.format(
tenant, l2out, extepg),
prefGrMemb=preferred_group)
if qos_class:
config.update(prio=qos_class)
aci.payload(
class_config=config,
aci_class='l2extInstP',
)
aci.get_diff(aci_class='l2extInstP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
contract=dict(type='str',
aliases=['contract_name'
]), # Not required for querying all objects
subject=dict(type='str',
aliases=['contract_subject', 'name', 'subject_name'
]), # Not required for querying all objects
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
priority=dict(type='str',
choices=['unspecified', 'level1', 'level2', 'level3']),
reverse_filter=dict(type='bool'),
dscp=dict(type='str',
aliases=['target'],
choices=[
'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31',
'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1',
'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA',
'unspecified'
]),
description=dict(type='str', aliases=['descr']),
consumer_match=dict(
type='str', choices=['all', 'at_least_one', 'at_most_one',
'none']),
provider_match=dict(
type='str', choices=['all', 'at_least_one', 'at_most_one',
'none']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['contract', 'subject', 'tenant']],
['state', 'present', ['contract', 'subject', 'tenant']],
],
)
aci = ACIModule(module)
subject = module.params.get('subject')
priority = module.params.get('priority')
reverse_filter = aci.boolean(module.params.get('reverse_filter'))
contract = module.params.get('contract')
dscp = module.params.get('dscp')
description = module.params.get('description')
consumer_match = module.params.get('consumer_match')
if consumer_match is not None:
consumer_match = MATCH_MAPPING.get(consumer_match)
provider_match = module.params.get('provider_match')
if provider_match is not None:
provider_match = MATCH_MAPPING.get(provider_match)
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzBrCP',
aci_rn='brc-{0}'.format(contract),
module_object=contract,
target_filter={'name': contract},
),
subclass_2=dict(
aci_class='vzSubj',
aci_rn='subj-{0}'.format(subject),
module_object=subject,
target_filter={'name': subject},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzSubj',
class_config=dict(
name=subject,
prio=priority,
revFltPorts=reverse_filter,
targetDscp=dscp,
consMatchT=consumer_match,
provMatchT=provider_match,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzSubj')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update({
"access_key_id":
dict(type="str"),
"account_id":
dict(type="str"),
"is_account_in_org":
dict(type="bool"),
"is_trusted":
dict(type="bool"),
"secret_access_key":
dict(type="str", no_log=True),
"tenant":
dict(type="str"),
"state":
dict(type="str",
default="present",
choices=["absent", "present", "query"]),
})
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant"]],
["state", "present", ["tenant"]],
],
)
aci = ACIModule(module)
access_key_id = module.params.get("access_key_id")
account_id = module.params.get("account_id")
annotation = module.params.get("annotation")
is_account_in_org = aci.boolean(module.params.get("is_account_in_org"))
is_trusted = aci.boolean(module.params.get("is_trusted"))
secret_access_key = module.params.get("secret_access_key")
tenant = module.params.get("tenant")
state = module.params.get("state")
child_configs = []
aci.construct_url(
root_class={
"aci_class": "fvTenant",
"aci_rn": "tn-{0}".format(tenant),
"target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant),
"module_object": tenant,
},
subclass_1={
"aci_class": "cloudAwsProvider",
"aci_rn": "awsprovider".format(),
"target_filter": {
"account_id": account_id
},
"module_object": account_id,
},
child_classes=[],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cloudAwsProvider",
class_config={
"accessKeyId": access_key_id,
"accountId": account_id,
"annotation": annotation,
"isAccountInOrg": is_account_in_org,
"isTrusted": is_trusted,
"secretAccessKey": secret_access_key,
},
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudAwsProvider")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
contract=dict(type="str", aliases=["contract_name"]), # Not required for querying all objects
subject=dict(type="str", aliases=["contract_subject", "name", "subject_name"]), # Not required for querying all objects
tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects
priority=dict(type="str", choices=["unspecified", "level1", "level2", "level3"]),
reverse_filter=dict(type="bool"),
dscp=dict(
type="str",
aliases=["target"],
choices=[
"AF11",
"AF12",
"AF13",
"AF21",
"AF22",
"AF23",
"AF31",
"AF32",
"AF33",
"AF41",
"AF42",
"AF43",
"CS0",
"CS1",
"CS2",
"CS3",
"CS4",
"CS5",
"CS6",
"CS7",
"EF",
"VA",
"unspecified",
],
),
description=dict(type="str", aliases=["descr"]),
consumer_match=dict(type="str", choices=["all", "at_least_one", "at_most_one", "none"]),
provider_match=dict(type="str", choices=["all", "at_least_one", "at_most_one", "none"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["contract", "subject", "tenant"]],
["state", "present", ["contract", "subject", "tenant"]],
],
)
aci = ACIModule(module)
subject = module.params.get("subject")
priority = module.params.get("priority")
reverse_filter = aci.boolean(module.params.get("reverse_filter"))
contract = module.params.get("contract")
dscp = module.params.get("dscp")
description = module.params.get("description")
consumer_match = module.params.get("consumer_match")
if consumer_match is not None:
consumer_match = MATCH_MAPPING.get(consumer_match)
provider_match = module.params.get("provider_match")
if provider_match is not None:
provider_match = MATCH_MAPPING.get(provider_match)
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="vzBrCP",
aci_rn="brc-{0}".format(contract),
module_object=contract,
target_filter={"name": contract},
),
subclass_2=dict(
aci_class="vzSubj",
aci_rn="subj-{0}".format(subject),
module_object=subject,
target_filter={"name": subject},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="vzSubj",
class_config=dict(
name=subject,
prio=priority,
revFltPorts=reverse_filter,
targetDscp=dscp,
consMatchT=consumer_match,
provMatchT=provider_match,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="vzSubj")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
compare_export_policy=dict(type='str'),
compare_snapshot=dict(type='str'),
description=dict(type='str', aliases=['descr']),
export_policy=dict(type='str'),
fail_on_decrypt=dict(type='bool'),
import_mode=dict(type='str', choices=['atomic', 'best-effort']),
import_policy=dict(type='str'),
import_type=dict(type='str', choices=['merge', 'replace']),
snapshot=dict(type='str', required=True),
state=dict(type='str',
default='rollback',
choices=['preview', 'rollback']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=False,
required_if=[
[
'state', 'preview',
['compare_export_policy', 'compare_snapshot']
],
['state', 'rollback', ['import_policy']],
],
)
aci = ACIModule(module)
description = module.params.get('description')
export_policy = module.params.get('export_policy')
fail_on_decrypt = aci.boolean(module.params.get('fail_on_decrypt'))
import_mode = module.params.get('import_mode')
import_policy = module.params.get('import_policy')
import_type = module.params.get('import_type')
snapshot = module.params.get('snapshot')
state = module.params.get('state')
if state == 'rollback':
if snapshot.startswith('run-'):
snapshot = snapshot.replace('run-', '', 1)
if not snapshot.endswith('.tar.gz'):
snapshot += '.tar.gz'
filename = 'ce2_{0}-{1}'.format(export_policy, snapshot)
aci.construct_url(root_class=dict(
aci_class='configImportP',
aci_rn='fabric/configimp-{0}'.format(import_policy),
module_object=import_policy,
target_filter={'name': import_policy},
), )
aci.get_existing()
aci.payload(
aci_class='configImportP',
class_config=dict(
adminSt='triggered',
descr=description,
failOnDecryptErrors=fail_on_decrypt,
fileName=filename,
importMode=import_mode,
importType=import_type,
name=import_policy,
snapshot='yes',
),
)
aci.get_diff(aci_class='configImportP')
aci.post_config()
elif state == 'preview':
aci.url = '%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml' % module.params
aci.filter_string = (
'?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&'
's2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s'
) % module.params
# Generate rollback comparison
get_preview(aci)
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
name=dict(type="str", aliases=["syslog_group", "syslog_group_name"]),
format=dict(type="str", choices=["aci", "nxos"]),
admin_state=dict(type="str", choices=["enabled", "disabled"]),
console_logging=dict(type="str", choices=["enabled", "disabled"]),
console_log_severity=dict(type="str", choices=["alerts", "critical", "debugging", "emergencies", "error", "information", "notifications", "warnings"]),
local_file_logging=dict(type="str", choices=["enabled", "disabled"]),
local_file_log_severity=dict(
type="str", choices=["alerts", "critical", "debugging", "emergencies", "error", "information", "notifications", "warnings"]
),
include_ms=dict(type="bool"),
include_time_zone=dict(type="bool"),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name"]],
],
)
aci = ACIModule(module)
name = module.params.get("name")
format = module.params.get("format")
admin_state = module.params.get("admin_state")
console_logging = module.params.get("console_logging")
console_log_severity = module.params.get("console_log_severity")
local_file_logging = module.params.get("local_file_logging")
local_file_log_severity = module.params.get("local_file_log_severity")
include_ms = aci.boolean(module.params.get("include_ms"))
include_time_zone = aci.boolean(module.params.get("include_time_zone"))
state = module.params.get("state")
aci.construct_url(
root_class=dict(
aci_class="syslogGroup",
aci_rn="fabric/slgroup-{0}".format(name),
module_object=name,
target_filter={"name": name},
),
child_classes=["syslogRemoteDest", "syslogProf", "syslogFile", "syslogConsole"],
)
aci.get_existing()
if state == "present":
class_config = dict(
name=name,
format=format,
includeMilliSeconds=include_ms,
)
if include_time_zone is not None:
class_config["includeTimeZone"] = include_time_zone
aci.payload(
aci_class="syslogGroup",
class_config=class_config,
child_configs=[
dict(
syslogProf=dict(
attributes=dict(adminState=admin_state, name="syslog"),
),
),
dict(
syslogFile=dict(
attributes=dict(adminState=local_file_logging, format=format, severity=local_file_log_severity),
),
),
dict(
syslogConsole=dict(
attributes=dict(adminState=console_logging, format=format, severity=console_log_severity),
),
),
],
)
aci.get_diff(aci_class="syslogGroup")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
bd=dict(type='str', aliases=['bd_name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
enable_vip=dict(type='bool'),
gateway=dict(type='str', aliases=['gateway_ip']), # Not required for querying all objects
mask=dict(type='int', aliases=['subnet_mask']), # Not required for querying all objects
subnet_name=dict(type='str', aliases=['name']),
nd_prefix_policy=dict(type='str'),
preferred=dict(type='bool'),
route_profile=dict(type='str'),
route_profile_l3_out=dict(type='str'),
scope=dict(type='list', choices=['private', 'public', 'shared']),
subnet_control=dict(type='str', choices=['nd_ra', 'no_gw', 'querier_ip', 'unspecified']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_together=[['gateway', 'mask']],
required_if=[
['state', 'present', ['bd', 'gateway', 'mask', 'tenant']],
['state', 'absent', ['bd', 'gateway', 'mask', 'tenant']],
],
)
aci = ACIModule(module)
description = module.params.get('description')
enable_vip = aci.boolean(module.params.get('enable_vip'))
tenant = module.params.get('tenant')
bd = module.params.get('bd')
gateway = module.params.get('gateway')
mask = module.params.get('mask')
if mask is not None and mask not in range(0, 129):
# TODO: split checks between IPv4 and IPv6 Addresses
module.fail_json(msg='Valid Subnet Masks are 0 to 32 for IPv4 Addresses and 0 to 128 for IPv6 addresses')
if gateway is not None:
gateway = '{0}/{1}'.format(gateway, str(mask))
subnet_name = module.params.get('subnet_name')
nd_prefix_policy = module.params.get('nd_prefix_policy')
preferred = aci.boolean(module.params.get('preferred'))
route_profile = module.params.get('route_profile')
route_profile_l3_out = module.params.get('route_profile_l3_out')
scope = module.params.get('scope')
if scope is not None:
if 'private' in scope and 'public' in scope:
module.fail_json(msg="Parameter 'scope' cannot be both 'private' and 'public', got: %s" % scope)
else:
scope = ','.join(sorted(scope))
state = module.params.get('state')
subnet_control = module.params.get('subnet_control')
if subnet_control:
subnet_control = SUBNET_CONTROL_MAPPING[subnet_control]
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvBD',
aci_rn='BD-{0}'.format(bd),
module_object=bd,
target_filter={'name': bd},
),
subclass_2=dict(
aci_class='fvSubnet',
aci_rn='subnet-[{0}]'.format(gateway),
module_object=gateway,
target_filter={'ip': gateway},
),
child_classes=['fvRsBDSubnetToProfile', 'fvRsNdPfxPol'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvSubnet',
class_config=dict(
ctrl=subnet_control,
descr=description,
ip=gateway,
name=subnet_name,
preferred=preferred,
scope=scope,
virtual=enable_vip,
nameAlias=name_alias,
),
child_configs=[
{'fvRsBDSubnetToProfile': {'attributes': {'tnL3extOutName': route_profile_l3_out, 'tnRtctrlProfileName': route_profile}}},
{'fvRsNdPfxPol': {'attributes': {'tnNdPfxPolName': nd_prefix_policy}}},
],
)
aci.get_diff(aci_class='fvSubnet')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
allow_useg=dict(type="str", choices=["encap", "useg"]),
ap=dict(type="str",
aliases=["app_profile", "app_profile_name"
]), # Not required for querying all objects
deploy_immediacy=dict(type="str", choices=["immediate", "lazy"]),
domain=dict(type="str",
aliases=["domain_name", "domain_profile"
]), # Not required for querying all objects
domain_type=dict(type="str",
choices=["l2dom", "phys", "vmm"],
aliases=["type"
]), # Not required for querying all objects
encap=dict(type="int"),
encap_mode=dict(type="str", choices=["auto", "vlan", "vxlan"]),
switching_mode=dict(type="str",
default="native",
choices=["AVE", "native"]),
epg=dict(type="str",
aliases=["name", "epg_name"
]), # Not required for querying all objects
enhanced_lag_policy=dict(type="str", aliases=["lag_policy"]),
netflow=dict(type="bool"),
primary_encap=dict(type="int"),
resolution_immediacy=dict(
type="str", choices=["immediate", "lazy", "pre-provision"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
vm_provider=dict(type="str",
choices=[
"cloudfoundry", "kubernetes", "microsoft",
"openshift", "openstack", "redhat", "vmware"
]),
promiscuous=dict(type="str",
default="reject",
choices=["accept", "reject"]),
custom_epg_name=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["domain_type", "vmm", ["vm_provider"]],
[
"state", "absent",
["ap", "domain", "domain_type", "epg", "tenant"]
],
[
"state", "present",
["ap", "domain", "domain_type", "epg", "tenant"]
],
],
)
aci = ACIModule(module)
allow_useg = module.params.get("allow_useg")
ap = module.params.get("ap")
deploy_immediacy = module.params.get("deploy_immediacy")
domain = module.params.get("domain")
domain_type = module.params.get("domain_type")
vm_provider = module.params.get("vm_provider")
promiscuous = module.params.get("promiscuous")
custom_epg_name = module.params.get("custom_epg_name")
encap = module.params.get("encap")
if encap is not None:
if encap in range(1, 4097):
encap = "vlan-{0}".format(encap)
else:
module.fail_json(msg="Valid VLAN assignments are from 1 to 4096")
encap_mode = module.params.get("encap_mode")
switching_mode = module.params.get("switching_mode")
epg = module.params.get("epg")
enhanced_lag_policy = module.params.get("enhanced_lag_policy")
netflow = aci.boolean(module.params.get("netflow"), "enabled", "disabled")
primary_encap = module.params.get("primary_encap")
if primary_encap is not None:
if primary_encap in range(1, 4097):
primary_encap = "vlan-{0}".format(primary_encap)
else:
module.fail_json(msg="Valid VLAN assignments are from 1 to 4096")
resolution_immediacy = module.params.get("resolution_immediacy")
state = module.params.get("state")
tenant = module.params.get("tenant")
if domain_type in ["l2dom", "phys"] and vm_provider is not None:
module.fail_json(msg="Domain type '%s' cannot have a 'vm_provider'" %
domain_type)
child_classes = None
child_configs = None
# Compile the full domain for URL building
if domain_type == "vmm":
epg_domain = "uni/vmmp-{0}/dom-{1}".format(
VM_PROVIDER_MAPPING[vm_provider], domain)
child_configs = [
dict(vmmSecP=dict(attributes=dict(allowPromiscuous=promiscuous)))
]
child_classes = ["vmmSecP"]
if enhanced_lag_policy is not None:
lag_policy = epg_domain + "/vswitchpolcont/enlacplagp-{0}".format(
enhanced_lag_policy)
child_configs.append(
dict(fvAEPgLagPolAtt=dict(
attributes=dict(annotation=""),
children=[
dict(fvRsVmmVSwitchEnhancedLagPol=dict(
attributes=dict(annotation="", tDn=lag_policy)))
])))
child_classes.append("fvAEPgLagPolAtt")
elif domain_type == "l2dom":
epg_domain = "uni/l2dom-{0}".format(domain)
elif domain_type == "phys":
epg_domain = "uni/phys-{0}".format(domain)
else:
epg_domain = None
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
subclass_2=dict(
aci_class="fvAEPg",
aci_rn="epg-{0}".format(epg),
module_object=epg,
target_filter={"name": epg},
),
subclass_3=dict(
aci_class="fvRsDomAtt",
aci_rn="rsdomAtt-[{0}]".format(epg_domain),
module_object=epg_domain,
target_filter={"tDn": epg_domain},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvRsDomAtt",
class_config=dict(
classPref=allow_useg,
encap=encap,
encapMode=encap_mode,
switchingMode=switching_mode,
instrImedcy=deploy_immediacy,
netflowPref=netflow,
primaryEncap=primary_encap,
resImedcy=resolution_immediacy,
customEpgName=custom_epg_name,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="fvRsDomAtt")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
link_level_policy=dict(type="str", aliases=["name"]),
description=dict(type="str", aliases=["descr"]),
auto_negotiation=dict(type="bool", default="true"),
speed=dict(type="str",
default="inherit",
choices=[
"100M", "1G", "10G", "25G", "40G", "50G", "100G",
"200G", "400G", "inherit"
]),
link_debounce_interval=dict(type="int", default="100"),
forwarding_error_correction=dict(type="str",
default="inherit",
choices=[
"inherit", "kp-fec",
"cl91-rs-fec", "cl74-fc-fec",
"disable-fec", "ieee-rs-fec",
"cons16-rs-fec"
]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["link_level_policy"]],
["state", "present", ["link_level_policy"]],
],
)
aci = ACIModule(module)
link_level_policy = module.params["link_level_policy"]
description = module.params["description"]
auto_negotiation = aci.boolean(module.params["auto_negotiation"], "on",
"off")
speed = module.params["speed"]
link_debounce_interval = module.params["link_debounce_interval"]
if link_debounce_interval is not None and link_debounce_interval not in range(
0, 5001):
module.fail_json(
msg=
'The "link_debounce_interval" must be a value between 0 and 5000')
forwarding_error_correction = module.params["forwarding_error_correction"]
state = module.params["state"]
aci.construct_url(root_class=dict(
aci_class="fabricHIfPol",
aci_rn="infra/hintfpol-{0}".format(link_level_policy),
module_object=link_level_policy,
target_filter={"name": link_level_policy},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fabricHIfPol",
class_config=dict(
name=link_level_policy,
descr=description,
autoNeg=auto_negotiation,
speed=speed,
linkDebounce=link_debounce_interval,
fecMode=forwarding_error_correction,
),
)
aci.get_diff(aci_class="fabricHIfPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
allow_useg=dict(type='str', choices=['encap', 'useg']),
ap=dict(type='str',
aliases=['app_profile', 'app_profile_name'
]), # Not required for querying all objects
deploy_immediacy=dict(type='str', choices=['immediate', 'lazy']),
domain=dict(type='str',
aliases=['domain_name', 'domain_profile'
]), # Not required for querying all objects
domain_type=dict(type='str',
choices=['l2dom', 'phys', 'vmm'],
aliases=['type'
]), # Not required for querying all objects
encap=dict(type='int'),
encap_mode=dict(type='str', choices=['auto', 'vlan', 'vxlan']),
switching_mode=dict(type='str',
default='native',
choices=['AVE', 'native']),
epg=dict(type='str',
aliases=['name', 'epg_name'
]), # Not required for querying all objects
netflow=dict(type='bool'),
primary_encap=dict(type='int'),
resolution_immediacy=dict(
type='str', choices=['immediate', 'lazy', 'pre-provision']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
vm_provider=dict(type='str',
choices=[
'cloudfoundry', 'kubernetes', 'microsoft',
'openshift', 'openstack', 'redhat', 'vmware'
]),
promiscuous=dict(type='str',
default='reject',
choices=['accept', 'reject']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['domain_type', 'vmm', ['vm_provider']],
[
'state', 'absent',
['ap', 'domain', 'domain_type', 'epg', 'tenant']
],
[
'state', 'present',
['ap', 'domain', 'domain_type', 'epg', 'tenant']
],
],
)
aci = ACIModule(module)
allow_useg = module.params.get('allow_useg')
ap = module.params.get('ap')
deploy_immediacy = module.params.get('deploy_immediacy')
domain = module.params.get('domain')
domain_type = module.params.get('domain_type')
vm_provider = module.params.get('vm_provider')
promiscuous = module.params.get('promiscuous')
encap = module.params.get('encap')
if encap is not None:
if encap in range(1, 4097):
encap = 'vlan-{0}'.format(encap)
else:
module.fail_json(msg='Valid VLAN assignments are from 1 to 4096')
encap_mode = module.params.get('encap_mode')
switching_mode = module.params.get('switching_mode')
epg = module.params.get('epg')
netflow = aci.boolean(module.params.get('netflow'), 'enabled', 'disabled')
primary_encap = module.params.get('primary_encap')
if primary_encap is not None:
if primary_encap in range(1, 4097):
primary_encap = 'vlan-{0}'.format(primary_encap)
else:
module.fail_json(msg='Valid VLAN assignments are from 1 to 4096')
resolution_immediacy = module.params.get('resolution_immediacy')
state = module.params.get('state')
tenant = module.params.get('tenant')
if domain_type in ['l2dom', 'phys'] and vm_provider is not None:
module.fail_json(msg="Domain type '%s' cannot have a 'vm_provider'" %
domain_type)
# Compile the full domain for URL building
if domain_type == 'vmm':
epg_domain = 'uni/vmmp-{0}/dom-{1}'.format(
VM_PROVIDER_MAPPING[vm_provider], domain)
elif domain_type == 'l2dom':
epg_domain = 'uni/l2dom-{0}'.format(domain)
elif domain_type == 'phys':
epg_domain = 'uni/phys-{0}'.format(domain)
else:
epg_domain = None
child_configs = [
dict(vmmSecP=dict(attributes=dict(allowPromiscuous=promiscuous, ), ), )
]
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvAp',
aci_rn='ap-{0}'.format(ap),
module_object=ap,
target_filter={'name': ap},
),
subclass_2=dict(
aci_class='fvAEPg',
aci_rn='epg-{0}'.format(epg),
module_object=epg,
target_filter={'name': epg},
),
subclass_3=dict(
aci_class='fvRsDomAtt',
aci_rn='rsdomAtt-[{0}]'.format(epg_domain),
module_object=epg_domain,
target_filter={'tDn': epg_domain},
),
child_classes=['vmmSecP'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvRsDomAtt',
class_config=dict(
classPref=allow_useg,
encap=encap,
encapMode=encap_mode,
switchingMode=switching_mode,
instrImedcy=deploy_immediacy,
netflowPref=netflow,
primaryEncap=primary_encap,
resImedcy=resolution_immediacy,
),
child_configs=child_configs,
)
aci.get_diff(aci_class='fvRsDomAtt')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
epg=dict(type='str',
aliases=['epg_name',
'name']), # Not required for querying all objects
bd=dict(type='str', aliases=['bd_name', 'bridge_domain']),
ap=dict(type='str',
aliases=['app_profile', 'app_profile_name'
]), # Not required for querying all objects
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
priority=dict(type='str',
choices=['level1', 'level2', 'level3', 'unspecified']),
intra_epg_isolation=dict(choices=['enforced', 'unenforced']),
fwd_control=dict(type='str', choices=['none', 'proxy-arp']),
preferred_group=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
monitoring_policy=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['ap', 'epg', 'tenant']],
['state', 'present', ['ap', 'epg', 'tenant']],
],
)
aci = ACIModule(module)
epg = module.params.get('epg')
bd = module.params.get('bd')
description = module.params.get('description')
priority = module.params.get('priority')
intra_epg_isolation = module.params.get('intra_epg_isolation')
fwd_control = module.params.get('fwd_control')
preferred_group = aci.boolean(module.params.get('preferred_group'),
'include', 'exclude')
state = module.params.get('state')
tenant = module.params.get('tenant')
ap = module.params.get('ap')
name_alias = module.params.get('name_alias')
monitoring_policy = module.params.get('monitoring_policy')
child_configs = [
dict(fvRsBd=dict(attributes=dict(tnFvBDName=bd))),
dict(fvRsAEPgMonPol=dict(attributes=dict(
tnMonEPGPolName=monitoring_policy)))
]
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvAp',
aci_rn='ap-{0}'.format(ap),
module_object=ap,
target_filter={'name': ap},
),
subclass_2=dict(
aci_class='fvAEPg',
aci_rn='epg-{0}'.format(epg),
module_object=epg,
target_filter={'name': epg},
),
child_classes=['fvRsBd', 'fvRsAEPgMonPol'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvAEPg',
class_config=dict(
name=epg,
descr=description,
prio=priority,
pcEnfPref=intra_epg_isolation,
fwdCtrl=fwd_control,
prefGrMemb=preferred_group,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class='fvAEPg')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
arp_flag=dict(type='str', choices=VALID_ARP_FLAGS),
description=dict(type='str', aliases=['descr']),
dst_port=dict(type='str'),
dst_port_end=dict(type='str'),
dst_port_start=dict(type='str'),
entry=dict(type='str', aliases=['entry_name', 'filter_entry', 'name']), # Not required for querying all objects
ether_type=dict(choices=VALID_ETHER_TYPES, type='str'),
filter=dict(type='str', aliases=['filter_name']), # Not required for querying all objects
icmp_msg_type=dict(type='str', choices=VALID_ICMP_TYPES),
icmp6_msg_type=dict(type='str', choices=VALID_ICMP6_TYPES),
ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type='str'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
stateful=dict(type='bool'),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['entry', 'filter', 'tenant']],
['state', 'present', ['entry', 'filter', 'tenant']],
],
)
aci = ACIModule(module)
arp_flag = module.params.get('arp_flag')
if arp_flag is not None:
arp_flag = ARP_FLAG_MAPPING.get(arp_flag)
description = module.params.get('description')
dst_port = module.params.get('dst_port')
if FILTER_PORT_MAPPING.get(dst_port) is not None:
dst_port = FILTER_PORT_MAPPING.get(dst_port)
dst_end = module.params.get('dst_port_end')
if FILTER_PORT_MAPPING.get(dst_end) is not None:
dst_end = FILTER_PORT_MAPPING.get(dst_end)
dst_start = module.params.get('dst_port_start')
if FILTER_PORT_MAPPING.get(dst_start) is not None:
dst_start = FILTER_PORT_MAPPING.get(dst_start)
entry = module.params.get('entry')
ether_type = module.params.get('ether_type')
filter_name = module.params.get('filter')
icmp_msg_type = module.params.get('icmp_msg_type')
if icmp_msg_type is not None:
icmp_msg_type = ICMP_MAPPING.get(icmp_msg_type)
icmp6_msg_type = module.params.get('icmp6_msg_type')
if icmp6_msg_type is not None:
icmp6_msg_type = ICMP6_MAPPING.get(icmp6_msg_type)
ip_protocol = module.params.get('ip_protocol')
state = module.params.get('state')
stateful = aci.boolean(module.params.get('stateful'))
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
# validate that dst_port is not passed with dst_start or dst_end
if dst_port is not None and (dst_end is not None or dst_start is not None):
module.fail_json(msg="Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'")
elif dst_port is not None:
dst_end = dst_port
dst_start = dst_port
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzFilter',
aci_rn='flt-{0}'.format(filter_name),
module_object=filter_name,
target_filter={'name': filter_name},
),
subclass_2=dict(
aci_class='vzEntry',
aci_rn='e-{0}'.format(entry),
module_object=entry,
target_filter={'name': entry},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzEntry',
class_config=dict(
arpOpc=arp_flag,
descr=description,
dFromPort=dst_start,
dToPort=dst_end,
etherT=ether_type,
icmpv4T=icmp_msg_type,
icmpv6T=icmp6_msg_type,
name=entry,
prot=ip_protocol,
stateful=stateful,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzEntry')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
src_group=dict(type="str",
aliases=["name"
]), # Not required for querying all objects
admin_state=dict(type="bool"),
description=dict(type="str", aliases=["descr"]),
dst_group=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["src_group", "tenant"]],
["state", "present", ["src_group", "tenant"]],
],
)
aci = ACIModule(module)
admin_state = aci.boolean(module.params.get("admin_state"), "enabled",
"disabled")
description = module.params.get("description")
dst_group = module.params.get("dst_group")
src_group = module.params.get("src_group")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="spanSrcGrp",
aci_rn="srcgrp-{0}".format(src_group),
module_object=src_group,
target_filter={"name": src_group},
),
child_classes=["spanSpanLbl"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="spanSrcGrp",
class_config=dict(
adminSt=admin_state,
descr=description,
name=src_group,
nameAlias=name_alias,
),
child_configs=[{
"spanSpanLbl": {
"attributes": {
"name": dst_group
}
}
}],
)
aci.get_diff(aci_class="spanSrcGrp")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
l2_policy=dict(type='str',
aliases=['name'
]), # Not required for querying all policies
description=dict(type='str', aliases=['descr']),
vlan_scope=dict(type='str',
choices=['global', 'portlocal'
]), # No default provided on purpose
qinq=dict(type='str', choices=['core', 'disabled', 'edge']),
vepa=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['l2_policy']],
['state', 'present', ['l2_policy']],
],
)
aci = ACIModule(module)
l2_policy = module.params.get('l2_policy')
vlan_scope = module.params.get('vlan_scope')
qinq = module.params.get('qinq')
if qinq is not None:
qinq = QINQ_MAPPING.get(qinq)
vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled')
description = module.params.get('description')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='l2IfPol',
aci_rn='infra/l2IfP-{0}'.format(l2_policy),
module_object=l2_policy,
target_filter={'name': l2_policy},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l2IfPol',
class_config=dict(
name=l2_policy,
descr=description,
vlanScope=vlan_scope,
qinq=qinq,
vepa=vepa,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l2IfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
description=dict(type="str", aliases=["descr"]),
export_policy=dict(type="str", aliases=["name"]), # Not required for querying all objects
format=dict(type="str", choices=["json", "xml"]),
include_secure=dict(type="bool"),
max_count=dict(type="int"),
snapshot=dict(type="str"),
state=dict(type="str", choices=["absent", "present", "query"], default="present"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=False,
required_if=[
["state", "absent", ["export_policy", "snapshot"]],
["state", "present", ["export_policy"]],
],
)
aci = ACIModule(module)
description = module.params.get("description")
export_policy = module.params.get("export_policy")
file_format = module.params.get("format")
include_secure = aci.boolean(module.params.get("include_secure"))
max_count = module.params.get("max_count")
if max_count is not None:
if max_count in range(1, 11):
max_count = str(max_count)
else:
module.fail_json(msg="Parameter 'max_count' must be a number between 1 and 10")
snapshot = module.params.get("snapshot")
if snapshot is not None and not snapshot.startswith("run-"):
snapshot = "run-" + snapshot
state = module.params.get("state")
if state == "present":
aci.construct_url(
root_class=dict(
aci_class="configExportP",
aci_rn="fabric/configexp-{0}".format(export_policy),
module_object=export_policy,
target_filter={"name": export_policy},
),
)
aci.get_existing()
aci.payload(
aci_class="configExportP",
class_config=dict(
adminSt="triggered",
descr=description,
format=file_format,
includeSecureFields=include_secure,
maxSnapshotCount=max_count,
name=export_policy,
snapshot="yes",
),
)
aci.get_diff("configExportP")
# Create a new Snapshot
aci.post_config()
else:
# Prefix the proper url to export_policy
if export_policy is not None:
export_policy = "uni/fabric/configexp-{0}".format(export_policy)
aci.construct_url(
root_class=dict(
aci_class="configSnapshotCont",
aci_rn="backupst/snapshots-[{0}]".format(export_policy),
module_object=export_policy,
target_filter={"name": export_policy},
),
subclass_1=dict(
aci_class="configSnapshot",
aci_rn="snapshot-{0}".format(snapshot),
module_object=snapshot,
target_filter={"name": snapshot},
),
)
aci.get_existing()
if state == "absent":
# Build POST request to used to remove Snapshot
aci.payload(
aci_class="configSnapshot",
class_config=dict(
name=snapshot,
retire="yes",
),
)
if aci.existing:
aci.get_diff("configSnapshot")
# Mark Snapshot for Deletion
aci.post_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
arp_flag=dict(type="str", choices=VALID_ARP_FLAGS),
description=dict(type="str", aliases=["descr"]),
dst_port=dict(type="str"),
dst_port_end=dict(type="str"),
dst_port_start=dict(type="str"),
entry=dict(type="str",
aliases=["entry_name", "filter_entry",
"name"]), # Not required for querying all objects
ether_type=dict(choices=VALID_ETHER_TYPES, type="str"),
filter=dict(type="str",
aliases=["filter_name"
]), # Not required for querying all objects
icmp_msg_type=dict(type="str", choices=VALID_ICMP_TYPES),
icmp6_msg_type=dict(type="str", choices=VALID_ICMP6_TYPES),
ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
stateful=dict(type="bool"),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["entry", "filter", "tenant"]],
["state", "present", ["entry", "filter", "tenant"]],
],
)
aci = ACIModule(module)
arp_flag = module.params.get("arp_flag")
if arp_flag is not None:
arp_flag = ARP_FLAG_MAPPING.get(arp_flag)
description = module.params.get("description")
dst_port = module.params.get("dst_port")
if FILTER_PORT_MAPPING.get(dst_port) is not None:
dst_port = FILTER_PORT_MAPPING.get(dst_port)
dst_end = module.params.get("dst_port_end")
if FILTER_PORT_MAPPING.get(dst_end) is not None:
dst_end = FILTER_PORT_MAPPING.get(dst_end)
dst_start = module.params.get("dst_port_start")
if FILTER_PORT_MAPPING.get(dst_start) is not None:
dst_start = FILTER_PORT_MAPPING.get(dst_start)
entry = module.params.get("entry")
ether_type = module.params.get("ether_type")
filter_name = module.params.get("filter")
icmp_msg_type = module.params.get("icmp_msg_type")
if icmp_msg_type is not None:
icmp_msg_type = ICMP_MAPPING.get(icmp_msg_type)
icmp6_msg_type = module.params.get("icmp6_msg_type")
if icmp6_msg_type is not None:
icmp6_msg_type = ICMP6_MAPPING.get(icmp6_msg_type)
ip_protocol = module.params.get("ip_protocol")
state = module.params.get("state")
stateful = aci.boolean(module.params.get("stateful"))
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
# validate that dst_port is not passed with dst_start or dst_end
if dst_port is not None and (dst_end is not None or dst_start is not None):
module.fail_json(
msg=
"Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'"
)
elif dst_port is not None:
dst_end = dst_port
dst_start = dst_port
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="vzFilter",
aci_rn="flt-{0}".format(filter_name),
module_object=filter_name,
target_filter={"name": filter_name},
),
subclass_2=dict(
aci_class="vzEntry",
aci_rn="e-{0}".format(entry),
module_object=entry,
target_filter={"name": entry},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="vzEntry",
class_config=dict(
arpOpc=arp_flag,
descr=description,
dFromPort=dst_start,
dToPort=dst_end,
etherT=ether_type,
icmpv4T=icmp_msg_type,
icmpv6T=icmp6_msg_type,
name=entry,
prot=ip_protocol,
stateful=stateful,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="vzEntry")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
ospf=dict(type="str",
aliases=["ospf_interface",
"name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
network_type=dict(type="str", choices=["bcast", "p2p"]),
cost=dict(type="int"),
controls=dict(
type="list",
elements="str",
choices=["advert-subnet", "bfd", "mtu-ignore", "passive"]),
dead_interval=dict(type="int"),
hello_interval=dict(type="int"),
prefix_suppression=dict(type="bool"),
priority=dict(type="int"),
retransmit_interval=dict(type="int"),
transmit_delay=dict(type="int"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["ospf", "tenant"]],
["state", "present", ["ospf", "tenant"]],
],
)
aci = ACIModule(module)
tenant = module.params.get("tenant")
ospf = module.params.get("ospf")
description = module.params.get("description")
name_alias = module.params.get("name_alias")
if module.params.get("controls") is None:
controls = None
else:
controls = ",".join(module.params.get("controls"))
cost = module.params.get("cost")
if cost is not None and cost not in range(1, 451):
module.fail_json(
msg="Parameter 'cost' is only valid in range between 1 and 450.")
dead_interval = module.params.get("dead_interval")
if dead_interval is not None and dead_interval not in range(1, 65536):
module.fail_json(
msg=
"Parameter 'dead_interval' is only valid in range between 1 and 65536."
)
hello_interval = module.params.get("hello_interval")
if hello_interval is not None and hello_interval not in range(1, 65536):
module.fail_json(
msg=
"Parameter 'hello_interval' is only valid in range between 1 and 65536."
)
network_type = module.params.get("network_type")
prefix_suppression = aci.boolean(module.params.get("prefix_suppression"),
"enabled", "disabled")
priority = module.params.get("priority")
if priority is not None and priority not in range(0, 256):
module.fail_json(
msg="Parameter 'priority' is only valid in range between 1 and 255."
)
retransmit_interval = module.params.get("retransmit_interval")
if retransmit_interval is not None and retransmit_interval not in range(
1, 65536):
module.fail_json(
msg=
"Parameter 'retransmit_interval' is only valid in range between 1 and 65536."
)
transmit_delay = module.params.get("transmit_delay")
if transmit_delay is not None and transmit_delay not in range(1, 451):
module.fail_json(
msg=
"Parameter 'transmit_delay' is only valid in range between 1 and 450."
)
state = module.params.get("state")
aci.construct_url(root_class=dict(
aci_class="ospfIfPol",
aci_rn="tn-{0}/ospfIfPol-{1}".format(tenant, ospf),
module_object=ospf,
target_filter={"name": ospf},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="ospfIfPol",
class_config=dict(
name=ospf,
descr=description,
cost=cost,
ctrl=controls,
deadIntvl=dead_interval,
helloIntvl=hello_interval,
nwT=network_type,
pfxSuppress=prefix_suppression,
prio=priority,
rexmitIntvl=retransmit_interval,
xmitDelay=transmit_delay,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="ospfIfPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
