def main(): argument_spec = aci_argument_spec() argument_spec.update( source=dict(type='str', aliases=['name', 'source_name' ]), # Not required for querying all objects polling_interval=dict(type='int'), url=dict(type='str'), url_username=dict(type='str'), url_password=dict(type='str', no_log=True), url_protocol=dict(type='str', default='scp', choices=['http', 'local', 'scp', 'usbkey'], aliases=['url_proto']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['source']], ['state', 'present', ['url_protocol', 'source', 'url']], ], ) polling_interval = module.params.get('polling_interval') url_protocol = module.params.get('url_protocol') state = module.params.get('state') source = module.params.get('source') url = module.params.get('url') url_password = module.params.get('url_password') url_username = module.params.get('url_username') name_alias = module.params.get('name_alias') aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='firmwareOSource', aci_rn='fabric/fwrepop', module_object=source, target_filter={'name': source}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='firmwareOSource', class_config=dict( name=source, url=url, password=url_password, pollingInterval=polling_interval, proto=url_protocol, user=url_username, nameAlias=name_alias, ), ) aci.get_diff(aci_class='firmwareOSource') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects l3out=dict(type="str", aliases=["l3out_name" ]), # Not required for querying all objects extepg=dict(type="str", aliases=["extepg_name", "name"]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), preferred_group=dict(type="bool"), dscp=dict( type="str", choices=[ "AF11", "AF12", "AF13", "AF21", "AF22", "AF23", "AF31", "AF32", "AF33", "AF41", "AF42", "AF43", "CS0", "CS1", "CS2", "CS3", "CS4", "CS5", "CS6", "CS7", "EF", "VA", "unspecified", ], aliases=["target"], ), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "present", ["extepg", "l3out", "tenant"]], ["state", "absent", ["extepg", "l3out", "tenant"]], ], ) aci = ACIModule(module) tenant = module.params.get("tenant") l3out = module.params.get("l3out") extepg = module.params.get("extepg") description = module.params.get("description") preferred_group = aci.boolean(module.params.get("preferred_group"), "include", "exclude") dscp = module.params.get("dscp") state = module.params.get("state") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="l3extOut", aci_rn="out-{0}".format(l3out), module_object=l3out, target_filter={"name": l3out}, ), subclass_2=dict( aci_class="l3extInstP", aci_rn="instP-{0}".format(extepg), module_object=extepg, target_filter={"name": extepg}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="l3extInstP", class_config=dict( name=extepg, descr=description, prefGrMemb=preferred_group, targetDscp=dscp, nameAlias=name_alias, ), ) aci.get_diff(aci_class="l3extInstP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( port_security=dict( type='str', aliases=['name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), max_end_points=dict(type='int'), port_security_timeout=dict(type='int'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['port_security']], ['state', 'present', ['port_security']], ], ) port_security = module.params.get('port_security') description = module.params.get('description') max_end_points = module.params.get('max_end_points') port_security_timeout = module.params.get('port_security_timeout') name_alias = module.params.get('name_alias') if max_end_points is not None and max_end_points not in range(12001): module.fail_json( msg='The "max_end_points" must be between 0 and 12000') if port_security_timeout is not None and port_security_timeout not in range( 60, 3601): module.fail_json( msg='The "port_security_timeout" must be between 60 and 3600') state = module.params.get('state') aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='l2PortSecurityPol', aci_rn='infra/portsecurityP-{0}'.format(port_security), module_object=port_security, target_filter={'name': port_security}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2PortSecurityPol', class_config=dict( name=port_security, descr=description, maximum=max_end_points, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l2PortSecurityPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( compare_export_policy=dict(type='str'), compare_snapshot=dict(type='str'), description=dict(type='str', aliases=['descr']), export_policy=dict(type='str'), fail_on_decrypt=dict(type='bool'), import_mode=dict(type='str', choices=['atomic', 'best-effort']), import_policy=dict(type='str'), import_type=dict(type='str', choices=['merge', 'replace']), snapshot=dict(type='str', required=True), state=dict(type='str', default='rollback', choices=['preview', 'rollback']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ [ 'state', 'preview', ['compare_export_policy', 'compare_snapshot'] ], ['state', 'rollback', ['import_policy']], ], ) aci = ACIModule(module) description = module.params.get('description') export_policy = module.params.get('export_policy') fail_on_decrypt = aci.boolean(module.params.get('fail_on_decrypt')) import_mode = module.params.get('import_mode') import_policy = module.params.get('import_policy') import_type = module.params.get('import_type') snapshot = module.params.get('snapshot') state = module.params.get('state') if state == 'rollback': if snapshot.startswith('run-'): snapshot = snapshot.replace('run-', '', 1) if not snapshot.endswith('.tar.gz'): snapshot += '.tar.gz' filename = 'ce2_{0}-{1}'.format(export_policy, snapshot) aci.construct_url(root_class=dict( aci_class='configImportP', aci_rn='fabric/configimp-{0}'.format(import_policy), module_object=import_policy, target_filter={'name': import_policy}, ), ) aci.get_existing() aci.payload( aci_class='configImportP', class_config=dict( adminSt='triggered', descr=description, failOnDecryptErrors=fail_on_decrypt, fileName=filename, importMode=import_mode, importType=import_type, name=import_policy, snapshot='yes', ), ) aci.get_diff(aci_class='configImportP') aci.post_config() elif state == 'preview': aci.url = '%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml' % module.params aci.filter_string = ( '?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&' 's2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s' ) % module.params # Generate rollback comparison get_preview(aci) aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects l3out=dict(type='str', aliases=['l3out_name']), # Not required for querying all objects logical_node=dict(type='str', aliases=['node_profile', 'node_profile_name']), # Not required for querying all objects pod_id=dict(type='int'), node_id=dict(type='int'), prefix=dict(type='str', aliases=['route']), track_policy=dict(type='str'), preference=dict(type='int'), bfd=dict(type='str', choices=['bfd', None]), description=dict(type='str', aliases=['descr']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'present', ['prefix', 'node_id', 'pod_id', 'logical_node', 'l3out', 'tenant']], ['state', 'absent', ['prefix', 'node_id', 'pod_id', 'logical_node', 'l3out', 'tenant']], ], ) aci = ACIModule(module) tenant = module.params.get('tenant') l3out = module.params.get('l3out') logical_node = module.params.get('logical_node') node_id = module.params.get('node_id') pod_id = module.params.get('pod_id') prefix = module.params.get('prefix') track_policy = module.params.get('track_policy') preference = module.params.get('preference') bfd = module.params.get('bfd') description = module.params.get('description') state = module.params.get('state') name_alias = module.params.get('name_alias') fabric_node = 'topology/pod-{0}/node-{1}'.format(pod_id, node_id) child_classes = ['ipNexthopP'] if track_policy is not None: child_classes.append('ipRsRouteTrack') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l3extOut', aci_rn='out-{0}'.format(l3out), module_object=l3out, target_filter={'name': l3out}, ), subclass_2=dict( aci_class='l3extLNodeP', aci_rn='lnodep-{0}'.format(logical_node), module_object=logical_node, target_filter={'name': logical_node}, ), subclass_3=dict( aci_class='l3extRsNodeL3OutAtt', aci_rn='rsnodeL3OutAtt-[{0}]'.format(fabric_node), module_object=fabric_node, target_filter={'name': fabric_node}, ), subclass_4=dict( aci_class='ipRouteP', aci_rn='rt-[{0}]'.format(prefix), module_object=prefix, target_filter={'name': prefix}, ), child_classes=child_classes ) aci.get_existing() if state == 'present': child_configs = [] class_config = dict( descr=description, ip=prefix, pref=preference, nameAlias=name_alias, ) if bfd is not None: class_config['rtCtrl'] = bfd if track_policy is not None: tDn = 'uni/tn-{0}/tracklist-{1}'.format(tenant, track_policy) child_configs.append({'ipRsRouteTrack': {'attributes': {'tDn': tDn}}}) aci.payload( aci_class='ipRouteP', class_config=class_config, child_configs=child_configs ), aci.get_diff(aci_class='ipRouteP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( profile=dict(type="str", aliases=["leaf_profile", "leaf_switch_profile"]), name=dict(type="str", aliases=["association_name", "switch_association"]), policy_group=dict(type="str"), description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["profile", "name"]], ["state", "present", ["profile", "name"]], ], ) aci = ACIModule(module) profile = module.params.get("profile") name = module.params.get("name") policy_group = module.params.get("policy_group") description = module.params.get("description") state = module.params.get("state") child_classes = ["fabricRsLeNodePGrp", "fabricNodeBlk"] aci.construct_url( root_class=dict( aci_class="fabricLeafP", aci_rn="fabric/leprof-{0}".format(profile), module_object=profile, target_filter={"name": profile}, ), subclass_1=dict( aci_class="fabricLeafS", aci_rn="leaves-{0}-typ-range".format(name), module_object=name, target_filter={"name": name}, ), child_classes=child_classes, ) aci.get_existing() if state == "present": child_configs = [] if policy_group: tDn = "uni/fabric/funcprof/lenodepgrp-{0}".format(policy_group) child_configs.append( dict(fabricRsLeNodePGrp=dict(attributes=dict(tDn=tDn)))) aci.payload( aci_class="fabricLeafS", class_config=dict(name=name, descr=description), child_configs=child_configs, ) aci.get_diff(aci_class="fabricLeafS") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( domain_type=dict(type='str', required=True, choices=['fc', 'l2dom', 'l3dom', 'phys', 'vmm'], aliases=['type']), domain=dict(type='str', aliases=['domain_name', 'domain_profile', 'name']), # Not required for querying all objects dscp=dict(type='str', choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ], aliases=['target']), encap_mode=dict(type='str', choices=['unknown', 'vlan', 'vxlan']), multicast_address=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), vm_provider=dict(type='str', choices=[ 'cloudfoundry', 'kubernetes', 'microsoft', 'openshift', 'openstack', 'redhat', 'vmware' ]), vswitch=dict(type='str', choices=['avs', 'default', 'dvs', 'unknown']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['domain_type', 'vmm', ['vm_provider']], ['state', 'absent', ['domain', 'domain_type']], ['state', 'present', ['domain', 'domain_type']], ], ) dscp = module.params.get('dscp') domain = module.params.get('domain') domain_type = module.params.get('domain_type') encap_mode = module.params.get('encap_mode') multicast_address = module.params.get('multicast_address') vm_provider = module.params.get('vm_provider') vswitch = module.params.get('vswitch') if vswitch is not None: vswitch = VSWITCH_MAPPING.get(vswitch) state = module.params.get('state') name_alias = module.params.get('name_alias') if domain_type != 'vmm': if vm_provider is not None: module.fail_json( msg="Domain type '{0}' cannot have parameter 'vm_provider'". format(domain_type)) if encap_mode is not None: module.fail_json( msg="Domain type '{0}' cannot have parameter 'encap_mode'". format(domain_type)) if multicast_address is not None: module.fail_json( msg="Domain type '{0}' cannot have parameter 'multicast_address'" .format(domain_type)) if vswitch is not None: module.fail_json( msg="Domain type '{0}' cannot have parameter 'vswitch'".format( domain_type)) if dscp is not None and domain_type not in ['l2dom', 'l3dom']: module.fail_json( msg="DSCP values can only be assigned to 'l2ext and 'l3ext' domains" ) # Compile the full domain for URL building if domain_type == 'fc': domain_class = 'fcDomP' domain_mo = 'uni/fc-{0}'.format(domain) domain_rn = 'fc-{0}'.format(domain) elif domain_type == 'l2dom': domain_class = 'l2extDomP' domain_mo = 'uni/l2dom-{0}'.format(domain) domain_rn = 'l2dom-{0}'.format(domain) elif domain_type == 'l3dom': domain_class = 'l3extDomP' domain_mo = 'uni/l3dom-{0}'.format(domain) domain_rn = 'l3dom-{0}'.format(domain) elif domain_type == 'phys': domain_class = 'physDomP' domain_mo = 'uni/phys-{0}'.format(domain) domain_rn = 'phys-{0}'.format(domain) elif domain_type == 'vmm': domain_class = 'vmmDomP' domain_mo = 'uni/vmmp-{0}/dom-{1}'.format( VM_PROVIDER_MAPPING.get(vm_provider), domain) domain_rn = 'vmmp-{0}/dom-{1}'.format( VM_PROVIDER_MAPPING.get(vm_provider), domain) # Ensure that querying all objects works when only domain_type is provided if domain is None: domain_mo = None aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class=domain_class, aci_rn=domain_rn, module_object=domain_mo, target_filter={'name': domain}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class=domain_class, class_config=dict( encapMode=encap_mode, mcastAddr=multicast_address, mode=vswitch, name=domain, targetDscp=dscp, nameAlias=name_alias, ), ) aci.get_diff(aci_class=domain_class) aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( name=dict(type='str', aliases=['credential_name', 'credential_profile']), credential_password=dict(type='str', no_log=True), credential_username=dict(type='str'), description=dict(type='str', aliases=['descr']), domain=dict(type='str', aliases=['domain_name', 'domain_profile']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), vm_provider=dict(type='str', choices=VM_PROVIDER_MAPPING.keys()), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['domain']], ['state', 'present', ['domain']], ], ) name = module.params.get('name') credential_password = module.params.get('credential_password') credential_username = module.params.get('credential_username') description = module.params.get('description') domain = module.params.get('domain') state = module.params.get('state') vm_provider = module.params.get('vm_provider') name_alias = module.params.get('name_alias') credential_class = 'vmmUsrAccP' usracc_mo = 'uni/vmmp-{0}/dom-{1}/usracc-{2}'.format(VM_PROVIDER_MAPPING.get(vm_provider), domain, name) usracc_rn = 'vmmp-{0}/dom-{1}/usracc-{2}'.format(VM_PROVIDER_MAPPING.get(vm_provider), domain, name) # Ensure that querying all objects works when only domain is provided if name is None: usracc_mo = None aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class=credential_class, aci_rn=usracc_rn, module_object=usracc_mo, target_filter={'name': domain, 'usracc': name}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class=credential_class, class_config=dict( descr=description, name=name, pwd=credential_password, usr=credential_username, nameAlias=name_alias, ), ) aci.get_diff(aci_class=credential_class) aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( compare_export_policy=dict(type="str"), compare_snapshot=dict(type="str"), description=dict(type="str", aliases=["descr"]), export_policy=dict(type="str"), fail_on_decrypt=dict(type="bool"), import_mode=dict(type="str", choices=["atomic", "best-effort"]), import_policy=dict(type="str"), import_type=dict(type="str", choices=["merge", "replace"]), snapshot=dict(type="str", required=True), state=dict(type="str", default="rollback", choices=["preview", "rollback"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ [ "state", "preview", ["compare_export_policy", "compare_snapshot"] ], ["state", "rollback", ["import_policy"]], ], ) aci = ACIModule(module) description = module.params.get("description") export_policy = module.params.get("export_policy") fail_on_decrypt = aci.boolean(module.params.get("fail_on_decrypt")) import_mode = module.params.get("import_mode") import_policy = module.params.get("import_policy") import_type = module.params.get("import_type") snapshot = module.params.get("snapshot") state = module.params.get("state") if state == "rollback": if snapshot.startswith("run-"): snapshot = snapshot.replace("run-", "", 1) if not snapshot.endswith(".tar.gz"): snapshot += ".tar.gz" filename = "ce2_{0}-{1}".format(export_policy, snapshot) aci.construct_url(root_class=dict( aci_class="configImportP", aci_rn="fabric/configimp-{0}".format(import_policy), module_object=import_policy, target_filter={"name": import_policy}, ), ) aci.get_existing() aci.payload( aci_class="configImportP", class_config=dict( adminSt="triggered", descr=description, failOnDecryptErrors=fail_on_decrypt, fileName=filename, importMode=import_mode, importType=import_type, name=import_policy, snapshot="yes", ), ) aci.get_diff(aci_class="configImportP") aci.post_config() elif state == "preview": aci.url = "%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml" % module.params aci.filter_string = ( "?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&" "s2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s" ) % module.params # Generate rollback comparison get_preview(aci) aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( pool=dict(type='str', aliases=['name', 'pool_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), pool_allocation_mode=dict(type='str', aliases=['allocation_mode', 'mode'], choices=['dynamic', 'static']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['pool']], ['state', 'present', ['pool']], ], ) description = module.params.get('description') pool = module.params.get('pool') pool_allocation_mode = module.params.get('pool_allocation_mode') state = module.params.get('state') name_alias = module.params.get('name_alias') pool_name = pool # ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static) if pool is not None: if pool_allocation_mode is not None: pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode) else: module.fail_json( msg= "ACI requires the 'pool_allocation_mode' when 'pool' is provided" ) aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='fvnsVlanInstP', aci_rn='infra/vlanns-{0}'.format(pool_name), module_object=pool, target_filter={'name': pool}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvnsVlanInstP', class_config=dict( allocMode=pool_allocation_mode, descr=description, name=pool, nameAlias=name_alias, ), ) aci.get_diff(aci_class='fvnsVlanInstP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( name=dict(type="str", aliases=["syslog_src", "syslog_source"]), include=dict(type="list", elements="str", choices=["audit", "events", "faults", "session"]), min_severity=dict(type="str", choices=[ "alerts", "critical", "debugging", "emergencies", "errors", "information", "notifications", "warnings" ]), destination_group=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["name"]], ["state", "present", ["name"]], ], ) name = module.params.get("name") include = module.params.get("include") min_severity = module.params.get("min_severity") destination_group = module.params.get("destination_group") state = module.params.get("state") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="syslogSrc", aci_rn="fabric/moncommon/slsrc-{0}".format(name), module_object=name, target_filter={"name": name}, ), child_classes=["syslogRsDestGroup"], ) aci.get_existing() if state == "present": class_config = dict(name=name, minSev=min_severity) if include: class_config["incl"] = ",".join(include) aci.payload( aci_class="syslogSrc", class_config=class_config, child_configs=[ dict(syslogRsDestGroup=dict(attributes=dict(tDn=( "uni/fabric/slgroup-{0}".format(destination_group))), ), ), ], ) aci.get_diff(aci_class="syslogSrc") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( aaa_user=dict(type="str", required=True), aaa_user_type=dict(type="str", default="user", choices=["appuser", "user"]), certificate=dict(type="str", aliases=["cert_data", "certificate_data"]), name=dict(type="str"), # Not required for querying all objects state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["aaa_user", "name"]], ["state", "present", ["aaa_user", "certificate", "name"]], ], ) aaa_user = module.params.get("aaa_user") aaa_user_type = module.params.get("aaa_user_type") certificate = module.params.get("certificate") name = module.params.get("name") state = module.params.get("state") name_alias = module.params.get("name_alias") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class=ACI_MAPPING.get(aaa_user_type).get("aci_class"), aci_rn=ACI_MAPPING.get(aaa_user_type).get("aci_mo") + aaa_user, module_object=aaa_user, target_filter={"name": aaa_user}, ), subclass_1=dict( aci_class="aaaUserCert", aci_rn="usercert-{0}".format(name), module_object=name, target_filter={"name": name}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="aaaUserCert", class_config=dict( data=certificate, name=name, nameAlias=name_alias, ), ) aci.get_diff(aci_class="aaaUserCert") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects ap=dict(type="str", aliases=["app_profile", "app_profile_name" ]), # Not required for querying all objects epg=dict(type="str", aliases=["epg_name" ]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), encap_id=dict(type="int", aliases=["vlan", "vlan_id"]), primary_encap_id=dict(type="str", aliases=["primary_vlan", "primary_vlan_id"]), deploy_immediacy=dict(type="str", choices=["immediate", "lazy"]), interface_mode=dict(type="str", choices=[ "802.1p", "access", "native", "regular", "tagged", "trunk", "untagged" ], aliases=["interface_mode_name", "mode"]), interface_type=dict(type="str", default="switch_port", choices=[ "fex", "port_channel", "switch_port", "vpc", "fex_port_channel", "fex_vpc" ]), pod_id=dict(type="int", aliases=["pod", "pod_number" ]), # Not required for querying all objects leafs=dict(type="list", elements="str", aliases=["leaves", "nodes", "paths", "switches" ]), # Not required for querying all objects interface=dict(type="str"), # Not required for querying all objects extpaths=dict(type="list", elements="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["interface_type", "fex", ["extpaths"]], ["interface_type", "fex_vpc", ["extpaths"]], ["interface_type", "fex_port_channel", ["extpaths"]], [ "state", "absent", ["ap", "epg", "interface", "leafs", "pod_id", "tenant"] ], [ "state", "present", [ "ap", "encap_id", "epg", "interface", "leafs", "pod_id", "tenant" ] ], ], ) tenant = module.params.get("tenant") ap = module.params.get("ap") epg = module.params.get("epg") description = module.params.get("description") encap_id = module.params.get("encap_id") primary_encap_id = module.params.get("primary_encap_id") deploy_immediacy = module.params.get("deploy_immediacy") interface_mode = module.params.get("interface_mode") interface_type = module.params.get("interface_type") pod_id = module.params.get("pod_id") leafs = module.params.get("leafs") interface = module.params.get("interface") extpaths = module.params.get("extpaths") state = module.params.get("state") aci = ACIModule(module) if leafs is not None: # Process leafs, and support dash-delimited leafs leafs = [] for leaf in module.params.get("leafs"): # Users are likely to use integers for leaf IDs, which would raise an exception when using the join method leafs.extend(str(leaf).split("-")) if len(leafs) == 1: if interface_type in ["vpc", "fex_vpc"]: aci.fail_json(msg='A interface_type of "vpc" requires 2 leafs') leafs = leafs[0] elif len(leafs) == 2: if interface_type not in ["vpc", "fex_vpc"]: aci.fail_json( msg= 'The interface_types "switch_port", "port_channel", and "fex" \ do not support using multiple leafs for a single binding') leafs = "-".join(leafs) else: aci.fail_json( msg='The "leafs" parameter must not have more than 2 entries') if extpaths is not None: # Process extpaths, and support dash-delimited extpaths extpaths = [] for extpath in module.params.get("extpaths"): # Users are likely to use integers for extpaths IDs, which would raise an exception when using the join method extpaths.extend(str(extpath).split("-")) if len(extpaths) == 1: if interface_type == "fex_vpc": aci.fail_json( msg='A interface_type of "fex_vpc" requires 2 extpaths') extpaths = extpaths[0] elif len(extpaths) == 2: if interface_type != "fex_vpc": aci.fail_json(msg='The interface_types "fex" \ and "fex_port_channel" do not support using multiple extpaths for a single binding' ) extpaths = "-".join(extpaths) else: aci.fail_json( msg='The "extpaths" parameter must not have more than 2 entries' ) if encap_id is not None: if encap_id not in range(1, 4097): aci.fail_json(msg="Valid VLAN assignments are from 1 to 4096") encap_id = "vlan-{0}".format(encap_id) if primary_encap_id is not None: try: primary_encap_id = int(primary_encap_id) if isinstance(primary_encap_id, int) and primary_encap_id in range( 1, 4097): primary_encap_id = "vlan-{0}".format(primary_encap_id) else: aci.fail_json( msg="Valid VLAN assignments are from 1 to 4096 or unknown." ) except Exception as e: if isinstance(primary_encap_id, str) and primary_encap_id != "unknown": aci.fail_json( msg= "Valid VLAN assignments are from 1 to 4096 or unknown. %s" % e) static_path = INTERFACE_TYPE_MAPPING[interface_type].format( pod_id=pod_id, leafs=leafs, extpaths=extpaths, interface=interface) path_target_filter = {} if pod_id is not None and leafs is not None and interface is not None and ( interface_type != "fex" or extpaths is not None): path_target_filter = {"tDn": static_path} if interface_mode is not None: interface_mode = INTERFACE_MODE_MAPPING[interface_mode] aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvAp", aci_rn="ap-{0}".format(ap), module_object=ap, target_filter={"name": ap}, ), subclass_2=dict( aci_class="fvAEPg", aci_rn="epg-{0}".format(epg), module_object=epg, target_filter={"name": epg}, ), subclass_3=dict( aci_class="fvRsPathAtt", aci_rn="rspathAtt-[{0}]".format(static_path), module_object=static_path, target_filter=path_target_filter, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="fvRsPathAtt", class_config=dict( descr=description, encap=encap_id, primaryEncap=primary_encap_id, instrImedcy=deploy_immediacy, mode=interface_mode, tDn=static_path, ), ) aci.get_diff(aci_class="fvRsPathAtt") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( domain_type=dict(type='str', required=True, choices=['fc', 'l2dom', 'l3dom', 'phys', 'vmm']), domain=dict(type='str', aliases=['domain_name', 'domain_profile' ]), # Not required for querying all objects pool=dict(type='str', aliases=['pool_name', 'vlan_pool' ]), # Not required for querying all objects pool_allocation_mode=dict(type='str', required=True, aliases=['allocation_mode', 'mode'], choices=['dynamic', 'static']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), vm_provider=dict(type='str', choices=[ 'cloudfoundry', 'kubernetes', 'microsoft', 'openshift', 'openstack', 'redhat', 'vmware' ]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['domain_type', 'vmm', ['vm_provider']], ['state', 'absent', ['domain', 'domain_type', 'pool']], ['state', 'present', ['domain', 'domain_type', 'pool']], ], ) domain = module.params.get('domain') domain_type = module.params.get('domain_type') pool = module.params.get('pool') pool_allocation_mode = module.params.get('pool_allocation_mode') vm_provider = module.params.get('vm_provider') state = module.params.get('state') # Report when vm_provider is set when type is not virtual if domain_type != 'vmm' and vm_provider is not None: module.fail_json(msg="Domain type '{0}' cannot have a 'vm_provider'". format(domain_type)) # ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static) pool_name = pool if pool is not None: pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode) # Compile the full domain for URL building if domain_type == 'fc': domain_class = 'fcDomP' domain_mo = 'uni/fc-{0}'.format(domain) domain_rn = 'fc-{0}'.format(domain) elif domain_type == 'l2dom': domain_class = 'l2extDomP' domain_mo = 'uni/l2dom-{0}'.format(domain) domain_rn = 'l2dom-{0}'.format(domain) elif domain_type == 'l3dom': domain_class = 'l3extDomP' domain_mo = 'uni/l3dom-{0}'.format(domain) domain_rn = 'l3dom-{0}'.format(domain) elif domain_type == 'phys': domain_class = 'physDomP' domain_mo = 'uni/phys-{0}'.format(domain) domain_rn = 'phys-{0}'.format(domain) elif domain_type == 'vmm': domain_class = 'vmmDomP' domain_mo = 'uni/vmmp-{0}/dom-{1}'.format( VM_PROVIDER_MAPPING[vm_provider], domain) domain_rn = 'vmmp-{0}/dom-{1}'.format(VM_PROVIDER_MAPPING[vm_provider], domain) # Ensure that querying all objects works when only domain_type is provided if domain is None: domain_mo = None aci_mo = 'uni/infra/vlanns-{0}'.format(pool_name) aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class=domain_class, aci_rn=domain_rn, module_object=domain_mo, target_filter={'name': domain}, ), child_classes=['infraRsVlanNs'], ) aci.get_existing() if state == 'present': aci.payload(aci_class=domain_class, class_config=dict(name=domain), child_configs=[ { 'infraRsVlanNs': { 'attributes': { 'tDn': aci_mo } } }, ]) aci.get_diff(aci_class=domain_class) aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( link_level_policy=dict(type='str', aliases=['name']), description=dict(type='str', aliases=['descr']), auto_negotiation=dict(type='bool', default='true'), speed=dict(type='str', default='inherit', choices=[ '100M', '1G', '10G', '25G', '40G', '50G', '100G', '200G', '400G', 'inherit' ]), link_debounce_interval=dict(type='int', default='100'), forwarding_error_correction=dict(type='str', default='inherit', choices=[ 'inherit', 'kp-fec', 'cl91-rs-fec', 'cl74-fc-fec', 'disable-fec', 'ieee-rs-fec', 'cons16-rs-fec' ]), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['link_level_policy']], ['state', 'present', ['link_level_policy']], ], ) aci = ACIModule(module) link_level_policy = module.params['link_level_policy'] description = module.params['description'] auto_negotiation = aci.boolean(module.params['auto_negotiation'], 'on', 'off') speed = module.params['speed'] link_debounce_interval = module.params['link_debounce_interval'] if link_debounce_interval is not None and link_debounce_interval not in range( 0, 5001): module.fail_json( msg= 'The "link_debounce_interval" must be a value between 0 and 5000') forwarding_error_correction = module.params['forwarding_error_correction'] state = module.params['state'] aci.construct_url(root_class=dict( aci_class='fabricHIfPol', aci_rn='infra/hintfpol-{0}'.format(link_level_policy), module_object=link_level_policy, target_filter={'name': link_level_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='fabricHIfPol', class_config=dict( name=link_level_policy, descr=description, autoNeg=auto_negotiation, speed=speed, linkDebounce=link_debounce_interval, fecMode=forwarding_error_correction, ), ) aci.get_diff(aci_class='fabricHIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( leaf_interface_profile=dict( type='str', aliases=['leaf_interface_profile_name' ]), # Not required for querying all objects access_port_selector=dict(type='str', aliases=[ 'name', 'access_port_selector_name' ]), # Not required for querying all objects leaf_port_blk=dict(type='str', aliases=[ 'leaf_port_blk_name' ]), # Not required for querying all objects leaf_port_blk_description=dict(type='str'), from_port=dict(type='str', aliases=['from', 'fromPort', 'from_port_range']), to_port=dict(type='str', aliases=['to', 'toPort', 'to_port_range']), from_card=dict(type='str', aliases=['from_card_range']), to_card=dict(type='str', aliases=['to_card_range']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ 'state', 'absent', [ 'access_port_selector', 'leaf_port_blk', 'leaf_interface_profile' ] ], [ 'state', 'present', [ 'access_port_selector', 'leaf_port_blk', 'from_port', 'to_port', 'leaf_interface_profile' ] ], ], ) leaf_interface_profile = module.params.get('leaf_interface_profile') access_port_selector = module.params.get('access_port_selector') leaf_port_blk = module.params.get('leaf_port_blk') leaf_port_blk_description = module.params.get('leaf_port_blk_description') from_port = module.params.get('from_port') to_port = module.params.get('to_port') from_card = module.params.get('from_card') to_card = module.params.get('to_card') state = module.params.get('state') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='infraAccPortP', aci_rn='infra/accportprof-{0}'.format(leaf_interface_profile), module_object=leaf_interface_profile, target_filter={'name': leaf_interface_profile}, ), subclass_1=dict( aci_class='infraHPortS', # NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module aci_rn='hports-{0}-typ-range'.format(access_port_selector), module_object=access_port_selector, target_filter={'name': access_port_selector}, ), subclass_2=dict( aci_class='infraPortBlk', aci_rn='portblk-{0}'.format(leaf_port_blk), module_object=leaf_port_blk, target_filter={'name': leaf_port_blk}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='infraPortBlk', class_config=dict( descr=leaf_port_blk_description, name=leaf_port_blk, fromPort=from_port, toPort=to_port, fromCard=from_card, toCard=to_card, # type='range', ), ) aci.get_diff(aci_class='infraPortBlk') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name'], required=True), ap=dict(type='str', aliases=['app_profile', 'app_profile_name'], required=True), epg=dict(type='str', aliases=['epg_name', 'name'], required=True), contract_master_ap=dict(type='str'), contract_master_epg=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract_master_ap', 'contract_master_epg']], ['state', 'present', ['contract_master_ap', 'contract_master_epg']], ], ) aci = ACIModule(module) tenant = module.params.get('tenant') ap = module.params.get('ap') epg = module.params.get('epg') contract_master_ap = module.params.get('contract_master_ap') contract_master_epg = module.params.get('contract_master_epg') state = module.params.get('state') name_alias = module.params.get('name_alias') contract_master = 'uni/tn-{0}/ap-{1}/epg-{2}'.format(tenant, contract_master_ap, contract_master_epg) child_configs = [] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), module_object=ap, target_filter={'name': ap}, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), module_object=epg, target_filter={'name': epg}, ), subclass_3=dict( aci_class='fvRsSecInherited', aci_rn='rssecInherited-[{0}]'.format(contract_master), module_object=contract_master, target_filter={'tDn': contract_master}, ), child_classes=[], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvRsSecInherited', class_config=dict( tDn=contract_master ), child_configs=child_configs ) aci.get_diff(aci_class='fvRsSecInherited') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( l2_policy=dict(type="str", aliases=["name"]), # Not required for querying all policies description=dict(type="str", aliases=["descr"]), vlan_scope=dict(type="str", choices=["global", "portlocal"]), # No default provided on purpose qinq=dict(type="str", choices=["core", "disabled", "edge"]), vepa=dict(type="bool"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["l2_policy"]], ["state", "present", ["l2_policy"]], ], ) aci = ACIModule(module) l2_policy = module.params.get("l2_policy") vlan_scope = module.params.get("vlan_scope") qinq = module.params.get("qinq") if qinq is not None: qinq = QINQ_MAPPING.get(qinq) vepa = aci.boolean(module.params.get("vepa"), "enabled", "disabled") description = module.params.get("description") state = module.params.get("state") name_alias = module.params.get("name_alias") aci.construct_url( root_class=dict( aci_class="l2IfPol", aci_rn="infra/l2IfP-{0}".format(l2_policy), module_object=l2_policy, target_filter={"name": l2_policy}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="l2IfPol", class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, nameAlias=name_alias, ), ) aci.get_diff(aci_class="l2IfPol") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update({ 'description': dict(type='str'), 'leaf_profile': dict(type='str', aliases=['leaf_profile_name']), # Not required for querying all objects 'leaf': dict(type='str', aliases=['name', 'leaf_name', 'leaf_profile_leaf_name', 'leaf_selector_name']), # Not required for querying all objects 'leaf_node_blk': dict(type='str', aliases=['leaf_node_blk_name', 'node_blk_name']), 'leaf_node_blk_description': dict(type='str'), # NOTE: Keyword 'from' is a reserved word in python, so we need it as a string 'from': dict(type='int', aliases=['node_blk_range_from', 'from_range', 'range_from']), 'to': dict(type='int', aliases=['node_blk_range_to', 'to_range', 'range_to']), 'policy_group': dict(type='str', aliases=['policy_group_name']), 'state': dict(type='str', default='present', choices=['absent', 'present', 'query']), 'name_alias': dict(type='str'), }) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['leaf_profile', 'leaf']], ['state', 'present', ['leaf_profile', 'leaf', 'leaf_node_blk', 'from', 'to']] ] ) description = module.params.get('description') leaf_profile = module.params.get('leaf_profile') leaf = module.params.get('leaf') leaf_node_blk = module.params.get('leaf_node_blk') leaf_node_blk_description = module.params.get('leaf_node_blk_description') from_ = module.params.get('from') to_ = module.params.get('to') policy_group = module.params.get('policy_group') state = module.params.get('state') name_alias = module.params.get('name_alias') # Build child_configs dynamically child_configs = [ dict( infraNodeBlk=dict( attributes=dict( descr=leaf_node_blk_description, name=leaf_node_blk, from_=from_, to_=to_, ), ), ), ] # Add infraRsAccNodePGrp only when policy_group was defined if policy_group is not None: child_configs.append(dict( infraRsAccNodePGrp=dict( attributes=dict( tDn='uni/infra/funcprof/accnodepgrp-{0}'.format(policy_group), ), ), )) aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='infraNodeP', aci_rn='infra/nprof-{0}'.format(leaf_profile), module_object=leaf_profile, target_filter={'name': leaf_profile}, ), subclass_1=dict( aci_class='infraLeafS', # NOTE: normal rn: leaves-{name}-typ-{type}, hence here hardcoded to range for purposes of module aci_rn='leaves-{0}-typ-range'.format(leaf), module_object=leaf, target_filter={'name': leaf}, ), # NOTE: infraNodeBlk is not made into a subclass because there is a 1-1 mapping between node block and leaf selector name child_classes=['infraNodeBlk', 'infraRsAccNodePGrp'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='infraLeafS', class_config=dict( descr=description, name=leaf, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class='infraLeafS') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( domain_type=dict(type="str", required=True, choices=["fc", "l2dom", "l3dom", "phys", "vmm"]), domain=dict(type="str", aliases=["domain_name", "domain_profile" ]), # Not required for querying all objects pool=dict(type="str", aliases=["pool_name", "vlan_pool" ]), # Not required for querying all objects pool_allocation_mode=dict(type="str", required=True, aliases=["allocation_mode", "mode"], choices=["dynamic", "static"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), vm_provider=dict(type="str", choices=[ "cloudfoundry", "kubernetes", "microsoft", "openshift", "openstack", "redhat", "vmware" ]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["domain_type", "vmm", ["vm_provider"]], ["state", "absent", ["domain", "domain_type", "pool"]], ["state", "present", ["domain", "domain_type", "pool"]], ], ) domain = module.params.get("domain") domain_type = module.params.get("domain_type") pool = module.params.get("pool") pool_allocation_mode = module.params.get("pool_allocation_mode") vm_provider = module.params.get("vm_provider") state = module.params.get("state") # Report when vm_provider is set when type is not virtual if domain_type != "vmm" and vm_provider is not None: module.fail_json(msg="Domain type '{0}' cannot have a 'vm_provider'". format(domain_type)) # ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static) pool_name = pool if pool is not None: pool_name = "[{0}]-{1}".format(pool, pool_allocation_mode) # Compile the full domain for URL building if domain_type == "fc": domain_class = "fcDomP" domain_mo = "uni/fc-{0}".format(domain) domain_rn = "fc-{0}".format(domain) elif domain_type == "l2dom": domain_class = "l2extDomP" domain_mo = "uni/l2dom-{0}".format(domain) domain_rn = "l2dom-{0}".format(domain) elif domain_type == "l3dom": domain_class = "l3extDomP" domain_mo = "uni/l3dom-{0}".format(domain) domain_rn = "l3dom-{0}".format(domain) elif domain_type == "phys": domain_class = "physDomP" domain_mo = "uni/phys-{0}".format(domain) domain_rn = "phys-{0}".format(domain) elif domain_type == "vmm": domain_class = "vmmDomP" domain_mo = "uni/vmmp-{0}/dom-{1}".format( VM_PROVIDER_MAPPING[vm_provider], domain) domain_rn = "vmmp-{0}/dom-{1}".format(VM_PROVIDER_MAPPING[vm_provider], domain) # Ensure that querying all objects works when only domain_type is provided if domain is None: domain_mo = None aci_mo = "uni/infra/vlanns-{0}".format(pool_name) aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class=domain_class, aci_rn=domain_rn, module_object=domain_mo, target_filter={"name": domain}, ), child_classes=["infraRsVlanNs"], ) aci.get_existing() if state == "present": aci.payload( aci_class=domain_class, class_config=dict(name=domain), child_configs=[ { "infraRsVlanNs": { "attributes": { "tDn": aci_mo } } }, ], ) aci.get_diff(aci_class=domain_class) aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects dst_group=dict(type="str"), # Not required for querying all objects src_group=dict(type="str"), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["dst_group", "src_group", "tenant"]], ["state", "present", ["dst_group", "src_group", "tenant"]], ], ) description = module.params.get("description") dst_group = module.params.get("dst_group") src_group = module.params.get("src_group") state = module.params.get("state") tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="spanSrcGrp", aci_rn="srcgrp-{0}".format(src_group), module_object=src_group, target_filter={"name": src_group}, ), subclass_2=dict( aci_class="spanSpanLbl", aci_rn="spanlbl-{0}".format(dst_group), module_object=dst_group, target_filter={"name": dst_group}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="spanSpanLbl", class_config=dict( descr=description, name=dst_group, nameAlias=name_alias, ), ) aci.get_diff(aci_class="spanSpanLbl") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( policy=dict(type='str', aliases=['snmp_policy', 'snmp_policy_name']), name=dict(type='str', aliases=['snmp_user_policy']), auth_type=dict(type='str', choices=['hmac-md5-96', 'hmac-sha1-96']), auth_key=dict(type='str'), privacy_type=dict(type='str', choices=['aes-128', 'des', 'none']), privacy_key=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query'])) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['policy', 'name']], ['state', 'present', ['policy', 'name']], ]) aci = ACIModule(module) policy = module.params.get('policy') name = module.params.get('name') auth_type = module.params.get('auth_type') auth_key = module.params.get('auth_key') privacy_type = module.params.get('privacy_type') privacy_key = module.params.get('privacy_key') state = module.params.get('state') aci.construct_url(root_class=dict( aci_class='snmpPol', aci_rn='fabric/snmppol-{0}'.format(policy), module_object=policy, target_filter={'name': policy}, ), subclass_1=dict( aci_class='snmpUserP', aci_rn='user-{0}'.format(name), module_object=name, target_filter={'name': name}, )) aci.get_existing() if state == 'present': aci.payload( aci_class='snmpUserP', class_config=dict(privType=privacy_type, privKey=privacy_key, authType=auth_type, authKey=auth_key, name=name), ) aci.get_diff(aci_class='snmpUserP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( aaa_password=dict(type='str', no_log=True), aaa_password_lifetime=dict(type='int'), aaa_password_update_required=dict(type='bool'), aaa_user=dict(type='str', aliases=['name']), # Not required for querying all objects clear_password_history=dict(type='bool'), description=dict(type='str', aliases=['descr']), email=dict(type='str'), enabled=dict(type='bool'), expiration=dict(type='str'), expires=dict(type='bool'), first_name=dict(type='str'), last_name=dict(type='str'), phone=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['aaa_user']], ['state', 'present', ['aaa_user']], ['expires', True, ['expiration']], ], ) aci = ACIModule(module) if not HAS_DATEUTIL: module.fail_json(msg='dateutil required for this module') aaa_password = module.params.get('aaa_password') aaa_password_lifetime = module.params.get('aaa_password_lifetime') aaa_password_update_required = aci.boolean(module.params.get('aaa_password_update_required')) aaa_user = module.params.get('aaa_user') clear_password_history = aci.boolean(module.params.get('clear_password_history'), 'yes', 'no') description = module.params.get('description') email = module.params.get('email') enabled = aci.boolean(module.params.get('enabled'), 'active', 'inactive') expires = aci.boolean(module.params.get('expires')) first_name = module.params.get('first_name') last_name = module.params.get('last_name') phone = module.params.get('phone') state = module.params.get('state') name_alias = module.params.get('name_alias') expiration = module.params.get('expiration') if expiration is not None and expiration != 'never': try: expiration = aci.iso8601_format(dateutil.parser.parse(expiration).replace(tzinfo=tzutc())) except Exception as e: module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params.get('expiration'), e)) aci.construct_url( root_class=dict( aci_class='aaaUser', aci_rn='userext/user-{0}'.format(aaa_user), module_object=aaa_user, target_filter={'name': aaa_user}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='aaaUser', class_config=dict( accountStatus=enabled, clearPwdHistory=clear_password_history, descr=description, email=email, expiration=expiration, expires=expires, firstName=first_name, lastName=last_name, name=aaa_user, phone=phone, pwd=aaa_password, pwdLifeTime=aaa_password_lifetime, pwdUpdateRequired=aaa_password_update_required, nameAlias=name_alias, ), ) aci.get_diff(aci_class='aaaUser') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update({ "description": dict(type="str"), "leaf_profile": dict(type="str", aliases=["leaf_profile_name" ]), # Not required for querying all objects "leaf": dict(type="str", aliases=[ "name", "leaf_name", "leaf_profile_leaf_name", "leaf_selector_name" ]), # Not required for querying all objects "leaf_node_blk": dict(type="str", aliases=["leaf_node_blk_name", "node_blk_name"]), "leaf_node_blk_description": dict(type="str"), # NOTE: Keyword 'from' is a reserved word in python, so we need it as a string "from": dict(type="int", aliases=["node_blk_range_from", "from_range", "range_from"]), "to": dict(type="int", aliases=["node_blk_range_to", "to_range", "range_to"]), "policy_group": dict(type="str", aliases=["policy_group_name"]), "state": dict(type="str", default="present", choices=["absent", "present", "query"]), "name_alias": dict(type="str"), }) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[["state", "absent", ["leaf_profile", "leaf"]], [ "state", "present", [ "leaf_profile", "leaf", "leaf_node_blk", "from", "to" ] ]], ) description = module.params.get("description") leaf_profile = module.params.get("leaf_profile") leaf = module.params.get("leaf") leaf_node_blk = module.params.get("leaf_node_blk") leaf_node_blk_description = module.params.get("leaf_node_blk_description") from_ = module.params.get("from") to_ = module.params.get("to") policy_group = module.params.get("policy_group") state = module.params.get("state") name_alias = module.params.get("name_alias") # Build child_configs dynamically child_configs = [ dict(infraNodeBlk=dict(attributes=dict( descr=leaf_node_blk_description, name=leaf_node_blk, from_=from_, to_=to_, ), ), ), ] # Add infraRsAccNodePGrp only when policy_group was defined if policy_group is not None: child_configs.append( dict(infraRsAccNodePGrp=dict(attributes=dict( tDn="uni/infra/funcprof/accnodepgrp-{0}".format( policy_group), ), ), )) aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="infraNodeP", aci_rn="infra/nprof-{0}".format(leaf_profile), module_object=leaf_profile, target_filter={"name": leaf_profile}, ), subclass_1=dict( aci_class="infraLeafS", # NOTE: normal rn: leaves-{name}-typ-{type}, hence here hardcoded to range for purposes of module aci_rn="leaves-{0}-typ-range".format(leaf), module_object=leaf, target_filter={"name": leaf}, ), # NOTE: infraNodeBlk is not made into a subclass because there is a 1-1 mapping between node block and leaf selector name child_classes=["infraNodeBlk", "infraRsAccNodePGrp"], ) aci.get_existing() if state == "present": aci.payload( aci_class="infraLeafS", class_config=dict( descr=description, name=leaf, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class="infraLeafS") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( bd=dict(type='str'), l2out=dict(type='str', aliases=['name']), domain=dict(type='str'), vlan=dict(type='int'), description=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str'), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2out', 'tenant']], ['state', 'present', ['bd', 'l2out', 'tenant', 'domain', 'vlan']], ], ) bd = module.params.get('bd') l2out = module.params.get('l2out') description = module.params.get('description') domain = module.params.get('domain') vlan = module.params.get('vlan') state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') child_classes = ['l2extRsEBd', 'l2extRsL2DomAtt', 'l2extLNodeP'] aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l2extOut', aci_rn='l2out-{0}'.format(l2out), module_object=l2out, target_filter={'name': l2out}, ), child_classes=child_classes, ) aci.get_existing() if state == 'present': child_configs = [ dict(l2extRsL2DomAtt=dict(attributes=dict( tDn='uni/l2dom-{0}'.format(domain)))), dict(l2extRsEBd=dict( attributes=dict(tnFvBDName=bd, encap='vlan-{0}'.format(vlan)))) ] aci.payload( aci_class='l2extOut', class_config=dict(name=l2out, descr=description, dn='uni/tn-{0}/l2out-{1}'.format(tenant, l2out), nameAlias=name_alias), child_configs=child_configs, ) aci.get_diff(aci_class='l2extOut') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2_policy=dict(type='str', aliases=['name' ]), # Not required for querying all policies description=dict(type='str', aliases=['descr']), vlan_scope=dict(type='str', choices=['global', 'portlocal' ]), # No default provided on purpose qinq=dict(type='str', choices=['core', 'disabled', 'edge']), vepa=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2_policy']], ['state', 'present', ['l2_policy']], ], ) aci = ACIModule(module) l2_policy = module.params.get('l2_policy') vlan_scope = module.params.get('vlan_scope') qinq = module.params.get('qinq') if qinq is not None: qinq = QINQ_MAPPING.get(qinq) vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled') description = module.params.get('description') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='l2IfPol', aci_rn='infra/l2IfP-{0}'.format(l2_policy), module_object=l2_policy, target_filter={'name': l2_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2IfPol', class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l2IfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(tenant=dict(type='str'), contract=dict(type='str'), subject=dict(type='str'), service_graph=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query'])) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ 'state', 'absent', ['contract', 'service_graph', 'subject', 'tenant'] ], [ 'state', 'present', ['contract', 'service_graph', 'subject', 'tenant'] ], ]) aci = ACIModule(module) tenant = module.params.get('tenant') contract = module.params.get('contract') subject = module.params.get('subject') service_graph = module.params.get('service_graph') state = module.params.get('state') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict(aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}), subclass_2=dict(aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), module_object=subject, target_filter={'name': subject}), subclass_3=dict(aci_class='vzRsSubjGraphAtt', aci_rn='rsSubjGraphAtt', module_object=service_graph, target_filter={'name': service_graph}), ) aci.get_existing() if state == 'present': aci.payload(aci_class='vzRsSubjGraphAtt', class_config=dict(tnVnsAbsGraphName=service_graph)) aci.get_diff(aci_class='vzRsSubjGraphAtt') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()