def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str', aliases=['block_name']),
switch_type=dict(type='str', choices=['leaf', 'spine'], required=True),
profile=dict(type='str', aliases=['profile_name',
'switch_profile']),
association=dict(type='str', aliases=['association_name',
'switch_association']),
description=dict(type='str', aliases=['descr']),
from_node=dict(type='int', aliases=['from', 'from_']),
to_node=dict(type='int', aliases=['to', 'to_']),
state=dict(type='str', default='present',
choices=['absent', 'present', 'query'])
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['profile', 'association', 'name']],
['state', 'present', ['profile', 'association', 'name']],
]
)
aci = ACIModule(module)
name = module.params.get('name')
profile = module.params.get('profile')
switch_type = module.params.get('switch_type')
association = module.params.get('association')
descr = module.params.get('descr')
from_node = module.params.get('from_node')
to_node = module.params.get('to_node')
state = module.params.get('state')
if switch_type == 'spine':
aci_root_class = 'fabricSpineP'
aci_root_rn = 'fabric/spprof-{0}'.format(profile)
aci_subclass1_class = 'fabricSpineS'
aci_subclass1_rn = 'spines-{0}-typ-range'.format(association)
elif switch_type == 'leaf':
aci_root_class = 'fabricLeafP'
aci_root_rn = 'fabric/leprof-{0}'.format(profile)
aci_subclass1_class = 'fabricLeafS'
aci_subclass1_rn = 'leaves-{0}-typ-range'.format(association)
aci.construct_url(
root_class=dict(
aci_class=aci_root_class,
aci_rn=aci_root_rn,
module_object=profile,
target_filter={'name': profile},
),
subclass_1=dict(
aci_class=aci_subclass1_class,
aci_rn=aci_subclass1_rn,
module_object=association,
target_filter={'name': association},
),
subclass_2=dict(
aci_class='fabricNodeBlk',
aci_rn='nodeblk-{0}'.format(name),
module_object=name,
target_filter={'name': name},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fabricNodeBlk',
class_config=dict(
name=name,
descr=descr,
from_=from_node,
to_=to_node
),
)
aci.get_diff(aci_class='fabricNodeBlk')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
name=dict(type='str', aliases=['policy_group', 'policy_group_name']),
switch_type=dict(type='str', choices=['leaf', 'spine'], required=True),
monitoring_policy=dict(
type='str', aliases=['monitoring', 'fabricRsMonInstFabricPol']),
tech_support_export_policy=dict(type='str',
aliases=[
'tech_support',
'tech_support_export',
'fabricRsNodeTechSupP'
]),
core_export_policy=dict(
type='str', aliases=['core', 'core_export', 'fabricRsNodeCoreP']),
inventory_policy=dict(type='str',
aliases=['inventory', 'fabricRsCallhomeInvPol']),
power_redundancy_policy=dict(
type='str', aliases=['power_redundancy', 'fabricRsPsuInstPol']),
twamp_server_policy=dict(
type='str', aliases=['twamp_server', 'fabricRsTwampServerPol']),
twamp_responder_policy=dict(
type='str',
aliases=['twamp_responder', 'fabricRsTwampResponderPol']),
node_control_policy=dict(type='str',
aliases=['node_control', 'fabricRsNodeCtrl']),
analytics_cluster=dict(type='str'),
analytics_name=dict(type='str'),
description=dict(type='str'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['name']],
['state', 'present', ['name']],
],
required_together=[
('analytics_cluster', 'analytics_name'),
],
)
name = module.params.get('name')
switch_type = module.params.get('switch_type')
description = module.params.get('description')
monitoring_policy = module.params.get('monitoring_policy')
tech_support_export_policy = module.params.get(
'tech_support_export_policy')
core_export_policy = module.params.get('core_export_policy')
inventory_policy = module.params.get('inventory_policy')
power_redundancy_policy = module.params.get('power_redundancy_policy')
twamp_server_policy = module.params.get('twamp_server_policy')
twamp_responder_policy = module.params.get('twamp_responder_policy')
node_control_policy = module.params.get('node_control_policy')
analytics_cluster = module.params.get('analytics_cluster')
analytics_name = module.params.get('analytics_name')
state = module.params.get('state')
child_classes = [
'fabricRsMonInstFabricPol', 'fabricRsNodeTechSupP',
'fabricRsNodeCoreP', 'fabricRsCallhomeInvPol', 'fabricRsPsuInstPol',
'fabricRsTwampServerPol', 'fabricRsTwampResponderPol',
'fabricRsNodeCtrl', 'fabricRsNodeCfgSrv'
]
aci_class = ACI_CLASS_MAPPING[switch_type]["class"]
aci_rn = ACI_CLASS_MAPPING[switch_type]["rn"]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class=aci_class,
aci_rn='fabric/funcprof/{0}{1}'.format(aci_rn, name),
module_object=name,
target_filter={'name': name},
),
child_classes=child_classes,
)
aci.get_existing()
if state == 'present':
child_configs = []
if monitoring_policy is not None:
child_configs.append(
dict(fabricRsMonInstFabricPol=dict(attributes=dict(
tnMonFabricPolName=monitoring_policy))))
if tech_support_export_policy is not None:
child_configs.append(
dict(fabricRsNodeTechSupP=dict(attributes=dict(
tnDbgexpTechSupPName=tech_support_export_policy))))
if core_export_policy is not None:
child_configs.append(
dict(fabricRsNodeCoreP=dict(attributes=dict(
tnDbgexpCorePName=core_export_policy))))
if inventory_policy is not None:
child_configs.append(
dict(fabricRsCallhomeInvPol=dict(attributes=dict(
tnCallhomeInvPName=inventory_policy))))
if power_redundancy_policy is not None:
child_configs.append(
dict(fabricRsPsuInstPol=dict(attributes=dict(
tnPsuInstPolName=power_redundancy_policy))))
if twamp_server_policy is not None:
child_configs.append(
dict(fabricRsTwampServerPol=dict(attributes=dict(
tnTwampServerPolName=twamp_server_policy))))
if twamp_responder_policy is not None:
child_configs.append(
dict(fabricRsTwampResponderPol=dict(attributes=dict(
tnTwampResponderPolName=twamp_responder_policy))))
if node_control_policy is not None:
child_configs.append(
dict(fabricRsNodeCtrl=dict(attributes=dict(
tnFabricNodeControlName=node_control_policy))))
if analytics_cluster and analytics_name:
analytics_tdn = (
'uni/fabric/analytics/cluster-{0}/cfgsrv-{1}'.format(
analytics_cluster, analytics_name))
child_configs.append(
dict(fabricRsNodeCfgSrv=dict(attributes=dict(
tDn=analytics_tdn))))
aci.payload(
aci_class=aci_class,
class_config=dict(
name=name,
descr=description,
),
child_configs=child_configs,
)
aci.get_diff(aci_class=aci_class)
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
contract_type=dict(type="str",
required=True,
choices=["consumer", "provider"]),
ap=dict(type="str",
aliases=["app_profile", "app_profile_name"
]), # Not required for querying all objects
epg=dict(type="str",
aliases=["epg_name"
]), # Not required for querying all objects
contract=dict(type="str",
aliases=["contract_name"
]), # Not required for querying all objects
priority=dict(type="str",
choices=[
"level1", "level2", "level3", "level4", "level5",
"level6", "unspecified"
]),
provider_match=dict(
type="str", choices=["all", "at_least_one", "at_most_one",
"none"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["ap", "contract", "epg", "tenant"]],
["state", "present", ["ap", "contract", "epg", "tenant"]],
],
)
ap = module.params.get("ap")
contract = module.params.get("contract")
contract_type = module.params.get("contract_type")
epg = module.params.get("epg")
priority = module.params.get("priority")
provider_match = module.params.get("provider_match")
if provider_match is not None:
provider_match = PROVIDER_MATCH_MAPPING[provider_match]
state = module.params.get("state")
tenant = module.params.get("tenant")
aci_class = ACI_CLASS_MAPPING[contract_type]["class"]
aci_rn = ACI_CLASS_MAPPING[contract_type]["rn"]
if contract_type == "consumer" and provider_match is not None:
module.fail_json(
msg=
"the 'provider_match' is only configurable for Provided Contracts")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
subclass_2=dict(
aci_class="fvAEPg",
aci_rn="epg-{0}".format(epg),
module_object=epg,
target_filter={"name": epg},
),
subclass_3=dict(
aci_class=aci_class,
aci_rn="{0}{1}".format(aci_rn, contract),
module_object=contract,
target_filter={"tnVzBrCPName": contract},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class=aci_class,
class_config=dict(
matchT=provider_match,
prio=priority,
tnVzBrCPName=contract,
),
)
aci.get_diff(aci_class=aci_class)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
port_security=dict(
type="str",
aliases=["name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
max_end_points=dict(type="int"),
port_security_timeout=dict(type="int"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["port_security"]],
["state", "present", ["port_security"]],
],
)
port_security = module.params.get("port_security")
description = module.params.get("description")
max_end_points = module.params.get("max_end_points")
port_security_timeout = module.params.get("port_security_timeout")
name_alias = module.params.get("name_alias")
if max_end_points is not None and max_end_points not in range(12001):
module.fail_json(msg="The max_end_points must be between 0 and 12000")
if port_security_timeout is not None and port_security_timeout not in range(
60, 3601):
module.fail_json(
msg="The port_security_timeout must be between 60 and 3600")
state = module.params.get("state")
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class="l2PortSecurityPol",
aci_rn="infra/portsecurityP-{0}".format(port_security),
module_object=port_security,
target_filter={"name": port_security},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="l2PortSecurityPol",
class_config=dict(
name=port_security,
descr=description,
maximum=max_end_points,
nameAlias=name_alias,
timeout=port_security_timeout,
),
)
aci.get_diff(aci_class="l2PortSecurityPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects
l3out=dict(type="str", aliases=["l3out_name"]), # Not required for querying all objects
node_profile=dict(type="str", aliases=["node_profile_name", "logical_node"]), # Not required for querying all objects
interface_profile=dict(type="str", aliases=["interface_profile_name", "logical_interface"]),
path_dn=dict(type="str"),
pod_id=dict(type="str"),
node_id=dict(type="str"),
path_ep=dict(type="str"),
side=dict(type="str", choices=["A", "B"]),
address=dict(type="str", aliases=["addr", "ip_address"]),
ipv6_dad=dict(type="str", choices=["enabled", "disabled"]),
description=dict(type="str", aliases=["descr"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "present", ["side", "interface_profile", "node_profile", "l3out", "tenant"]],
["state", "absent", ["side", "interface_profile", "node_profile", "l3out", "tenant"]],
],
mutually_exclusive=[
["path_dn", "pod_id"],
["path_dn", "node_id"],
["path_dn", "path_ep"],
],
required_together=[
["pod_id", "node_id", "path_ep"],
],
)
aci = ACIModule(module)
tenant = module.params.get("tenant")
l3out = module.params.get("l3out")
node_profile = module.params.get("node_profile")
interface_profile = module.params.get("interface_profile")
pod_id = module.params.get("pod_id")
node_id = module.params.get("node_id")
path_ep = module.params.get("path_ep")
path_dn = module.params.get("path_dn")
side = module.params.get("side")
address = module.params.get("address")
ipv6_dad = module.params.get("ipv6_dad")
description = module.params.get("description")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
if not path_dn:
if pod_id and node_id and path_ep:
path_dn = ("topology/pod-{0}/protpaths-{1}/pathep-[{2}]".format(pod_id,
node_id,
path_ep))
else:
path_dn = None
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l3extOut",
aci_rn="out-{0}".format(l3out),
module_object=l3out,
target_filter={"name": l3out},
),
subclass_2=dict(
aci_class="l3extLNodeP",
aci_rn="lnodep-{0}".format(node_profile),
module_object=node_profile,
target_filter={"name": node_profile},
),
subclass_3=dict(
aci_class="l3extLIfP",
aci_rn="lifp-{0}".format(interface_profile),
module_object=interface_profile,
target_filter={"name": interface_profile},
),
subclass_4=dict(
aci_class="l3extRsPathL3OutAtt",
aci_rn="rspathL3OutAtt-[{0}]".format(path_dn),
module_object=path_dn,
target_filter={"name": path_dn},
),
subclass_5=dict(
aci_class="l3extMember",
aci_rn="mem-{0}".format(side),
module_object=side,
target_filter={"name": side},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="l3extMember",
class_config=dict(
name=side,
addr=address,
ipv6Dad=ipv6_dad,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="l3extMember")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
vrf=dict(type='str',
aliases=['context', 'name', 'vrf_name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
policy_control_direction=dict(type='str',
choices=['egress', 'ingress']),
policy_control_preference=dict(type='str',
choices=['enforced', 'unenforced']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
preferred_group=dict(type='str', choices=['enabled', 'disabled']),
match_type=dict(type='str',
choices=['all', 'at_least_one', 'at_most_one',
'none']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['tenant', 'vrf']],
['state', 'present', ['tenant', 'vrf']],
],
)
description = module.params.get('description')
policy_control_direction = module.params.get('policy_control_direction')
policy_control_preference = module.params.get('policy_control_preference')
state = module.params.get('state')
tenant = module.params.get('tenant')
vrf = module.params.get('vrf')
name_alias = module.params.get('name_alias')
preferred_group = module.params.get('preferred_group')
match_type = module.params.get('match_type')
if match_type is not None:
match_type = MATCH_TYPE_MAPPING[match_type]
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvCtx',
aci_rn='ctx-{0}'.format(vrf),
module_object=vrf,
target_filter={'name': vrf},
),
child_classes=['vzAny'])
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvCtx',
class_config=dict(
descr=description,
pcEnfDir=policy_control_direction,
pcEnfPref=policy_control_preference,
name=vrf,
nameAlias=name_alias,
),
child_configs=[
dict(vzAny=dict(attributes=dict(prefGrMemb=preferred_group,
matchT=match_type))),
],
)
aci.get_diff(aci_class='fvCtx')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
pool=dict(type='str',
aliases=['pool_name'
]), # Not required for querying all objects
block_name=dict(type='str',
aliases=['name'
]), # Not required for querying all objects
block_end=dict(type='int',
aliases=['end'
]), # Not required for querying all objects
block_start=dict(type='int',
aliases=["start"
]), # Not required for querying all objects
allocation_mode=dict(type='str',
aliases=['mode'],
choices=['dynamic', 'inherit', 'static']),
description=dict(type='str', aliases=['descr']),
pool_allocation_mode=dict(type='str',
aliases=['pool_mode'],
choices=['dynamic', 'static']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
'state', 'absent',
['pool', 'block_end', 'block_name', 'block_start']
],
[
'state', 'present',
['pool', 'block_end', 'block_name', 'block_start']
],
],
)
allocation_mode = module.params.get('allocation_mode')
description = module.params.get('description')
pool = module.params.get('pool')
pool_allocation_mode = module.params.get('pool_allocation_mode')
block_end = module.params.get('block_end')
block_name = module.params.get('block_name')
block_start = module.params.get('block_start')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
if block_end is not None:
encap_end = 'vlan-{0}'.format(block_end)
else:
encap_end = None
if block_start is not None:
encap_start = 'vlan-{0}'.format(block_start)
else:
encap_start = None
# Collect proper mo information
aci_block_mo = 'from-[{0}]-to-[{1}]'.format(encap_start, encap_end)
pool_name = pool
# Validate block_end and block_start are valid for its respective encap type
for encap_id in block_end, block_start:
if encap_id is not None:
if not 1 <= encap_id <= 4094:
module.fail_json(
msg=
"vlan pools must have 'block_start' and 'block_end' values between 1 and 4094"
)
if block_end is not None and block_start is not None:
# Validate block_start is less than block_end
if block_start > block_end:
module.fail_json(
msg=
"The 'block_start' must be less than or equal to the 'block_end'"
)
elif block_end is None and block_start is None:
if block_name is None:
# Reset range managed object to None for aci util to properly handle query
aci_block_mo = None
# ACI Pool URL requires the allocation mode (ex: uni/infra/vlanns-[poolname]-static)
if pool is not None:
if pool_allocation_mode is not None:
pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode)
else:
module.fail_json(
msg=
"ACI requires the 'pool_allocation_mode' when 'pool' is provided"
)
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvnsVlanInstP',
aci_rn='infra/vlanns-{0}'.format(pool_name),
module_object=pool,
target_filter={'name': pool},
),
subclass_1=dict(
aci_class='fvnsEncapBlk',
aci_rn=aci_block_mo,
module_object=aci_block_mo,
target_filter={
'from': encap_start,
'to': encap_end,
'name': block_name
},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fvnsEncapBlk',
class_config={
"allocMode": allocation_mode,
"descr": description,
"from": encap_start,
"name": block_name,
"to": encap_end,
"nameAlias": name_alias,
},
)
aci.get_diff(aci_class='fvnsEncapBlk')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
arp_flooding=dict(type='bool'),
bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects
bd_type=dict(type='str', choices=['ethernet', 'fc']),
description=dict(type='str'),
enable_multicast=dict(type='bool'),
enable_routing=dict(type='bool'),
endpoint_clear=dict(type='bool'),
endpoint_move_detect=dict(type='str', choices=['default', 'garp']),
endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']),
endpoint_retention_policy=dict(type='str'),
igmp_snoop_policy=dict(type='str'),
ip_learning=dict(type='bool'),
ipv6_nd_policy=dict(type='str'),
l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']),
l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']),
ipv6_l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']),
limit_ip_learn=dict(type='bool'),
mac_address=dict(type='str', aliases=['mac']),
multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
vrf=dict(type='str', aliases=['vrf_name']),
route_profile=dict(type='str'),
route_profile_l3out=dict(type='str'),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['bd', 'tenant']],
['state', 'present', ['bd', 'tenant']],
],
)
aci = ACIModule(module)
arp_flooding = aci.boolean(module.params.get('arp_flooding'))
bd = module.params.get('bd')
bd_type = module.params.get('bd_type')
if bd_type == 'ethernet':
# ethernet type is represented as regular, but that is not clear to the users
bd_type = 'regular'
description = module.params.get('description')
enable_multicast = aci.boolean(module.params.get('enable_multicast'))
enable_routing = aci.boolean(module.params.get('enable_routing'))
endpoint_clear = aci.boolean(module.params.get('endpoint_clear'))
endpoint_move_detect = module.params.get('endpoint_move_detect')
if endpoint_move_detect == 'default':
# the ACI default setting is an empty string, but that is not a good input value
endpoint_move_detect = ''
endpoint_retention_action = module.params.get('endpoint_retention_action')
endpoint_retention_policy = module.params.get('endpoint_retention_policy')
igmp_snoop_policy = module.params.get('igmp_snoop_policy')
ip_learning = aci.boolean(module.params.get('ip_learning'))
ipv6_nd_policy = module.params.get('ipv6_nd_policy')
l2_unknown_unicast = module.params.get('l2_unknown_unicast')
l3_unknown_multicast = module.params.get('l3_unknown_multicast')
ipv6_l3_unknown_multicast = module.params.get('ipv6_l3_unknown_multicast')
limit_ip_learn = aci.boolean(module.params.get('limit_ip_learn'))
mac_address = module.params.get('mac_address')
multi_dest = module.params.get('multi_dest')
state = module.params.get('state')
tenant = module.params.get('tenant')
vrf = module.params.get('vrf')
route_profile = module.params.get('route_profile')
route_profile_l3out = module.params.get('route_profile_l3out')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='fvBD',
aci_rn='BD-{0}'.format(bd),
module_object=bd,
target_filter={'name': bd},
),
child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet', 'fvRsBDToProfile'],
)
aci.get_existing()
if state == 'present':
class_config = dict(
arpFlood=arp_flooding,
descr=description,
epClear=endpoint_clear,
epMoveDetectMode=endpoint_move_detect,
ipLearning=ip_learning,
limitIpLearnToSubnets=limit_ip_learn,
mac=mac_address,
mcastAllow=enable_multicast,
multiDstPktAct=multi_dest,
name=bd,
type=bd_type,
unicastRoute=enable_routing,
unkMacUcastAct=l2_unknown_unicast,
unkMcastAct=l3_unknown_multicast,
nameAlias=name_alias,
)
if ipv6_l3_unknown_multicast is not None:
class_config['v6unkMcastAct'] = ipv6_l3_unknown_multicast
aci.payload(
aci_class='fvBD',
class_config=class_config,
child_configs=[
{'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}},
{'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}},
{'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}},
{'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}},
{'fvRsBDToProfile': {'attributes': {'tnL3extOutName': route_profile_l3out, 'tnRtctrlProfileName': route_profile}}},
],
)
aci.get_diff(aci_class='fvBD')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
action_rule=dict(type="str",
aliases=["action_rule_name", "name"
]), # Not required for querying all objects
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["action_rule", "tenant"]],
["state", "present", ["action_rule", "tenant"]],
],
)
action_rule = module.params.get("action_rule")
description = module.params.get("description")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="rtctrlAttrP",
aci_rn="attr-{0}".format(action_rule),
module_object=action_rule,
target_filter={"name": action_rule},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="rtctrlAttrP",
class_config=dict(
name=action_rule,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="rtctrlAttrP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
address=dict(type="str"),
client_group=dict(
type="str", aliases=["client_group_name", "client_group_profile"]),
policy=dict(type="str", aliases=["snmp_policy", "snmp_policy_name"]),
client_name=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["policy", "client_group", "address"]],
["state", "present", ["policy", "client_group", "address"]],
],
)
aci = ACIModule(module)
client_group = module.params.get("client_group")
policy = module.params.get("policy")
client_name = module.params.get("client_name")
address = module.params.get("address")
state = module.params.get("state")
aci.construct_url(
root_class=dict(
aci_class="snmpPol",
aci_rn="fabric/snmppol-{0}".format(policy),
module_object=policy,
target_filter={"name": policy},
),
subclass_1=dict(
aci_class="snmpClientGrpP",
aci_rn="clgrp-{0}".format(client_group),
module_object=client_group,
target_filter={"name": client_group},
),
subclass_2=dict(
aci_class="snmpClientP",
aci_rn="client-[{0}]".format(address),
module_object=address,
target_filter={"addr": address},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="snmpClientP",
class_config=dict(addr=address, name=client_name),
)
aci.get_diff(aci_class="snmpClientP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
pod_id=dict(type="int", aliases=["pod", "pod_number"]),
node_id=dict(type="int", aliases=["leaf", "spine", "node"]),
fex_id=dict(type="int"),
node_type=dict(type="str", choices=["leaf", "spine"]),
interface=dict(type="str"),
description=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=[
("node_type", "fex_id"),
],
required_if=[
["state", "absent", ["pod_id", "node_id", "interface"]],
[
"state", "present",
["pod_id", "node_id", "interface", "description"]
],
],
)
aci = ACIModule(module)
pod_id = module.params.get("pod_id")
node_id = module.params.get("node_id")
interface = module.params.get("interface")
description = module.params.get("description")
fex_id = module.params.get("fex_id")
node_type = module.params.get("node_type")
state = module.params.get("state")
class_name = "infraHPathS"
children = ["infraRsHPathAtt"]
if fex_id:
rn = "hpaths-{0}_eth{1}_{2}.json".format(node_id, fex_id,
interface.replace("/", "_"))
child_configs = [
dict(infraRsHPathAtt=dict(attributes=dict(
tDn="topology/pod-{0}/paths-{1}/extpaths-{2}/pathep-[eth{3}]".
format(pod_id, node_id, fex_id, interface)))),
]
elif node_type == "spine":
rn = "shpaths-{0}_eth{1}".format(node_id, interface.replace("/", "_"))
class_name = "infraSHPathS"
children = ["infraRsSHPathAtt"]
child_configs = [
dict(infraRsSHPathAtt=dict(attributes=dict(
tDn="topology/pod-{0}/paths-{1}/pathep-[eth{2}]".format(
pod_id, node_id, interface)))),
]
elif node_type == "leaf":
rn = "hpaths-{0}_eth{1}".format(node_id, interface.replace("/", "_"))
child_configs = [
dict(infraRsHPathAtt=dict(attributes=dict(
tDn="topology/pod-{0}/paths-{1}/pathep-[eth{2}]".format(
pod_id, node_id, interface)))),
]
aci.construct_url(
root_class=dict(
aci_class="infraInfra",
aci_rn="infra",
module_object="infra",
target_filter={"name": "infra"},
),
subclass_1=dict(
aci_class=class_name,
aci_rn=rn,
),
child_classes=children,
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class=class_name,
class_config=dict(descr=description, ),
child_configs=child_configs,
)
aci.get_diff(aci_class=class_name)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
contract=dict(type='str',
aliases=['contract_name', 'name'
]), # Not required for querying all objects
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
scope=dict(
type='str',
choices=['application-profile', 'context', 'global', 'tenant']),
priority=dict(type='str',
choices=['level1', 'level2', 'level3', 'unspecified'
]), # No default provided on purpose
dscp=dict(type='str',
choices=[
'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31',
'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1',
'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA',
'unspecified'
],
aliases=['target']), # No default provided on purpose
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['contract', 'tenant']],
['state', 'present', ['contract', 'tenant']],
],
)
contract = module.params.get('contract')
description = module.params.get('description')
scope = module.params.get('scope')
priority = module.params.get('priority')
dscp = module.params.get('dscp')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzBrCP',
aci_rn='brc-{0}'.format(contract),
module_object=contract,
target_filter={'name': contract},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzBrCP',
class_config=dict(
name=contract,
descr=description,
scope=scope,
prio=priority,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzBrCP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
leaf_interface_profile=dict(
type='str', aliases=['leaf_interface_profile_name'
]), # Not required for querying all objects
access_port_selector=dict(type='str',
aliases=[
'name', 'access_port_selector_name'
]), # Not required for querying all objects
leaf_port_blk=dict(type='str', aliases=[
'leaf_port_blk_name'
]), # Not required for querying all objects
leaf_port_blk_description=dict(type='str'),
from_port=dict(
type='str', aliases=['from', 'fromPort', 'from_port_range']
), # Not required for querying all objects and deleting sub port blocks
to_port=dict(
type='str', aliases=['to', 'toPort', 'to_port_range']
), # Not required for querying all objects and deleting sub port blocks
from_sub_port=dict(
type='str', aliases=['fromSubPort', 'from_sub_port_range']
), # Not required for querying all objects and deleting sub port blocks
to_sub_port=dict(
type='str', aliases=['toSubPort', 'to_sub_port_range']
), # Not required for querying all objects and deleting sub port blocks
from_card=dict(type='str', aliases=['from_card_range']),
to_card=dict(type='str', aliases=['to_card_range']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
'state', 'absent',
[
'access_port_selector', 'leaf_port_blk',
'leaf_interface_profile'
]
],
[
'state', 'present',
[
'access_port_selector', 'leaf_port_blk', 'from_port',
'to_port', 'from_sub_port', 'to_sub_port',
'leaf_interface_profile'
]
],
],
)
leaf_interface_profile = module.params.get('leaf_interface_profile')
access_port_selector = module.params.get('access_port_selector')
leaf_port_blk = module.params.get('leaf_port_blk')
leaf_port_blk_description = module.params.get('leaf_port_blk_description')
from_port = module.params.get('from_port')
to_port = module.params.get('to_port')
from_sub_port = module.params.get('from_sub_port')
to_sub_port = module.params.get('to_sub_port')
from_card = module.params.get('from_card')
to_card = module.params.get('to_card')
state = module.params.get('state')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='infraAccPortP',
aci_rn='infra/accportprof-{0}'.format(leaf_interface_profile),
module_object=leaf_interface_profile,
target_filter={'name': leaf_interface_profile},
),
subclass_1=dict(
aci_class='infraHPortS',
# NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module
aci_rn='hports-{0}-typ-range'.format(access_port_selector),
module_object=access_port_selector,
target_filter={'name': access_port_selector},
),
subclass_2=dict(
aci_class='infraSubPortBlk',
aci_rn='subportblk-{0}'.format(leaf_port_blk),
module_object=leaf_port_blk,
target_filter={'name': leaf_port_blk},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='infraSubPortBlk',
class_config=dict(
descr=leaf_port_blk_description,
name=leaf_port_blk,
fromPort=from_port,
toPort=to_port,
fromSubPort=from_sub_port,
toSubPort=to_sub_port,
fromCard=from_card,
toCard=to_card,
# type='range',
),
)
aci.get_diff(aci_class='infraSubPortBlk')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
description=dict(type="str", aliases=["descr"]),
node_id=dict(type="int"), # Not required for querying all objects
pod_id=dict(type="int"),
role=dict(type="str",
choices=["leaf", "spine", "unspecified"],
aliases=["role_name"]),
serial=dict(type="str",
aliases=["serial_number"
]), # Not required for querying all objects
switch=dict(type="str", aliases=["name", "switch_name"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["node_id", "serial"]],
["state", "present", ["node_id", "serial"]],
],
)
pod_id = module.params.get("pod_id")
serial = module.params.get("serial")
node_id = module.params.get("node_id")
switch = module.params.get("switch")
description = module.params.get("description")
role = module.params.get("role")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class="fabricNodeIdentP",
aci_rn="controller/nodeidentpol/nodep-{0}".format(serial),
module_object=serial,
target_filter={"serial": serial},
))
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fabricNodeIdentP",
class_config=dict(
descr=description,
name=switch,
nodeId=node_id,
podId=pod_id,
# NOTE: Originally we were sending 'rn', but now we need 'dn' for idempotency
# FIXME: Did this change with ACI version ?
dn="uni/controller/nodeidentpol/nodep-{0}".format(serial),
# rn='nodep-{0}'.format(serial),
role=role,
serial=serial,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="fabricNodeIdentP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json(**aci.result)
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
l3out=dict(type='str',
aliases=['l3out_name',
'name']), # Not required for querying all objects
domain=dict(type='str',
aliases=['ext_routed_domain_name', 'routed_domain']),
vrf=dict(type='str', aliases=['vrf_name']),
description=dict(type='str', aliases=['descr']),
route_control=dict(type='list',
elements='str',
choices=['export', 'import'],
aliases=['route_control_enforcement']),
dscp=dict(type='str',
choices=[
'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31',
'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1',
'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA',
'unspecified'
],
aliases=['target']),
l3protocol=dict(type='list',
elements='str',
choices=['bgp', 'eigrp', 'ospf', 'pim', 'static']),
asn=dict(type='int', aliases=['as_number']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['l3out', 'tenant']],
['state', 'present', ['l3out', 'tenant', 'domain', 'vrf']],
],
)
aci = ACIModule(module)
l3out = module.params.get('l3out')
domain = module.params.get('domain')
dscp = module.params.get('dscp')
description = module.params.get('description')
enforceRtctrl = module.params.get('route_control')
vrf = module.params.get('vrf')
l3protocol = module.params.get('l3protocol')
asn = module.params.get('asn')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
if l3protocol:
if 'eigrp' in l3protocol and asn is None:
module.fail_json(
msg="Parameter 'asn' is required when l3protocol is 'eigrp'")
if 'eigrp' not in l3protocol and asn is not None:
module.warn(
"Parameter 'asn' is only applicable when l3protocol is 'eigrp'. The ASN will be ignored"
)
enforce_ctrl = ''
if enforceRtctrl is not None:
if len(enforceRtctrl) == 1 and enforceRtctrl[0] == 'import':
aci.fail_json(
"The route_control parameter is invalid: allowed options are export or import,export only"
)
elif len(enforceRtctrl) == 1 and enforceRtctrl[0] == 'export':
enforce_ctrl = 'export'
else:
enforce_ctrl = 'export,import'
child_classes = [
'l3extRsL3DomAtt', 'l3extRsEctx', 'bgpExtP', 'ospfExtP', 'eigrpExtP',
'pimExtP'
]
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='l3extOut',
aci_rn='out-{0}'.format(l3out),
module_object=l3out,
target_filter={'name': l3out},
),
child_classes=child_classes,
)
aci.get_existing()
child_configs = [
dict(l3extRsL3DomAtt=dict(attributes=dict(
tDn='uni/l3dom-{0}'.format(domain)))),
dict(l3extRsEctx=dict(attributes=dict(tnFvCtxName=vrf))),
]
if l3protocol is not None:
for protocol in l3protocol:
if protocol == 'bgp':
child_configs.append(
dict(bgpExtP=dict(
attributes=dict(descr='', nameAlias=''))))
elif protocol == 'eigrp':
child_configs.append(
dict(eigrpExtP=dict(
attributes=dict(descr='', nameAlias='', asn=asn))))
elif protocol == 'ospf':
child_configs.append(
dict(ospfExtP=dict(
attributes=dict(descr='', nameAlias=''))))
elif protocol == 'pim':
child_configs.append(
dict(pimExtP=dict(
attributes=dict(descr='', nameAlias=''))))
if state == 'present':
aci.payload(
aci_class='l3extOut',
class_config=dict(
name=l3out,
descr=description,
dn='uni/tn-{0}/out-{1}'.format(tenant, l3out),
enforceRtctrl=enforce_ctrl,
targetDscp=dscp,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class='l3extOut')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
tenant=dict(type="str"),
contract=dict(type="str"),
subject=dict(type="str"),
service_graph=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
"state", "absent",
["contract", "service_graph", "subject", "tenant"]
],
[
"state", "present",
["contract", "service_graph", "subject", "tenant"]
],
],
)
aci = ACIModule(module)
tenant = module.params.get("tenant")
contract = module.params.get("contract")
subject = module.params.get("subject")
service_graph = module.params.get("service_graph")
state = module.params.get("state")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(aci_class="vzBrCP",
aci_rn="brc-{0}".format(contract),
module_object=contract,
target_filter={"name": contract}),
subclass_2=dict(aci_class="vzSubj",
aci_rn="subj-{0}".format(subject),
module_object=subject,
target_filter={"name": subject}),
subclass_3=dict(aci_class="vzRsSubjGraphAtt",
aci_rn="rsSubjGraphAtt",
module_object=service_graph,
target_filter={"name": service_graph}),
)
aci.get_existing()
if state == "present":
aci.payload(aci_class="vzRsSubjGraphAtt",
class_config=dict(tnVnsAbsGraphName=service_graph))
aci.get_diff(aci_class="vzRsSubjGraphAtt")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
port_security=dict(
type='str',
aliases=['name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
max_end_points=dict(type='int'),
port_security_timeout=dict(type='int'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['port_security']],
['state', 'present', ['port_security']],
],
)
port_security = module.params.get('port_security')
description = module.params.get('description')
max_end_points = module.params.get('max_end_points')
port_security_timeout = module.params.get('port_security_timeout')
name_alias = module.params.get('name_alias')
if max_end_points is not None and max_end_points not in range(12001):
module.fail_json(
msg='The "max_end_points" must be between 0 and 12000')
if port_security_timeout is not None and port_security_timeout not in range(
60, 3601):
module.fail_json(
msg='The "port_security_timeout" must be between 60 and 3600')
state = module.params.get('state')
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class='l2PortSecurityPol',
aci_rn='infra/portsecurityP-{0}'.format(port_security),
module_object=port_security,
target_filter={'name': port_security},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l2PortSecurityPol',
class_config=dict(
name=port_security,
descr=description,
maximum=max_end_points,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l2PortSecurityPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update({
"access_key_id":
dict(type="str"),
"account_id":
dict(type="str"),
"is_account_in_org":
dict(type="bool"),
"is_trusted":
dict(type="bool"),
"secret_access_key":
dict(type="str", no_log=True),
"tenant":
dict(type="str"),
"state":
dict(type="str",
default="present",
choices=["absent", "present", "query"]),
})
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant"]],
["state", "present", ["tenant"]],
],
)
aci = ACIModule(module)
access_key_id = module.params.get("access_key_id")
account_id = module.params.get("account_id")
annotation = module.params.get("annotation")
is_account_in_org = aci.boolean(module.params.get("is_account_in_org"))
is_trusted = aci.boolean(module.params.get("is_trusted"))
secret_access_key = module.params.get("secret_access_key")
tenant = module.params.get("tenant")
state = module.params.get("state")
child_configs = []
aci.construct_url(
root_class={
"aci_class": "fvTenant",
"aci_rn": "tn-{0}".format(tenant),
"target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant),
"module_object": tenant,
},
subclass_1={
"aci_class": "cloudAwsProvider",
"aci_rn": "awsprovider".format(),
"target_filter": {
"account_id": account_id
},
"module_object": account_id,
},
child_classes=[],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cloudAwsProvider",
class_config={
"accessKeyId": access_key_id,
"accountId": account_id,
"annotation": annotation,
"isAccountInOrg": is_account_in_org,
"isTrusted": is_trusted,
"secretAccessKey": secret_access_key,
},
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudAwsProvider")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects
ap=dict(type="str", aliases=["app_profile", "app_profile_name", "name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
monitoring_policy=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant", "ap"]],
["state", "present", ["tenant", "ap"]],
],
)
ap = module.params.get("ap")
description = module.params.get("description")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
monitoring_policy = module.params.get("monitoring_policy")
child_configs = [dict(fvRsApMonPol=dict(attributes=dict(tnMonEPGPolName=monitoring_policy)))]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
child_classes=["fvRsApMonPol"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvAp",
class_config=dict(
name=ap,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="fvAp")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
interface_profile=dict(type="str",
aliases=[
"leaf_interface_profile_name",
"leaf_interface_profile",
"interface_profile_name"
]),
access_port_selector=dict(type="str",
aliases=[
"name", "access_port_selector_name"
]), # Not required for querying all objects
port_blk=dict(type="str",
aliases=["leaf_port_blk_name", "leaf_port_blk"
]), # Not required for querying all objects
port_blk_description=dict(type="str",
aliases=["leaf_port_blk_description"]),
from_port=dict(type="str",
aliases=["from", "fromPort", "from_port_range"]),
to_port=dict(type="str", aliases=["to", "toPort", "to_port_range"]),
from_card=dict(type="str", aliases=["from_card_range"]),
to_card=dict(type="str", aliases=["to_card_range"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
type=dict(type="str", default="leaf", choices=[
"fex", "leaf"
]), # This parameter is not required for querying all objects
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
"state", "absent",
["access_port_selector", "port_blk", "interface_profile"]
],
[
"state", "present",
[
"access_port_selector", "port_blk", "from_port", "to_port",
"interface_profile"
]
],
],
)
interface_profile = module.params.get("interface_profile")
access_port_selector = module.params.get("access_port_selector")
port_blk = module.params.get("port_blk")
port_blk_description = module.params.get("port_blk_description")
from_port = module.params.get("from_port")
to_port = module.params.get("to_port")
from_card = module.params.get("from_card")
to_card = module.params.get("to_card")
state = module.params.get("state")
type_port = module.params.get("type")
aci = ACIModule(module)
aci_class = "infraAccPortP"
aci_rn = "accportprof"
if type_port == "fex":
aci_class = "infraFexP"
aci_rn = "fexprof"
aci.construct_url(
root_class=dict(
aci_class=aci_class,
aci_rn="infra/" + aci_rn + "-{0}".format(interface_profile),
module_object=interface_profile,
target_filter={"name": interface_profile},
),
subclass_1=dict(
aci_class="infraHPortS",
# NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module
aci_rn="hports-{0}-typ-range".format(access_port_selector),
module_object=access_port_selector,
target_filter={"name": access_port_selector},
),
subclass_2=dict(
aci_class="infraPortBlk",
aci_rn="portblk-{0}".format(port_blk),
module_object=port_blk,
target_filter={"name": port_blk},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="infraPortBlk",
class_config=dict(
descr=port_blk_description,
name=port_blk,
fromPort=from_port,
toPort=to_port,
fromCard=from_card,
toCard=to_card,
# type='range',
),
)
aci.get_diff(aci_class="infraPortBlk")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
lldp_policy=dict(type='str',
aliases=['name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
receive_state=dict(type='bool'),
transmit_state=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['lldp_policy']],
['state', 'present', ['lldp_policy']],
],
)
aci = ACIModule(module)
lldp_policy = module.params.get('lldp_policy')
description = module.params.get('description')
receive_state = aci.boolean(module.params.get('receive_state'), 'enabled',
'disabled')
transmit_state = aci.boolean(module.params.get('transmit_state'),
'enabled', 'disabled')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='lldpIfPol',
aci_rn='infra/lldpIfP-{0}'.format(lldp_policy),
module_object=lldp_policy,
target_filter={'name': lldp_policy},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='lldpIfPol',
class_config=dict(
name=lldp_policy,
descr=description,
adminRxSt=receive_state,
adminTxSt=transmit_state,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='lldpIfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str",
aliases=["scheduler_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
windowname=dict(type="str"),
recurring=dict(type="bool"),
concurCap=dict(
type="int"), # Number of devices it will run against concurrently
maxTime=dict(
type="str"
), # The amount of minutes a process will be able to run (unlimited or dd:hh:mm:ss)
date=dict(
type="str"), # The date the process will run YYYY-MM-DDTHH:MM:SS
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
hour=dict(type="int"),
minute=dict(type="int"),
day=dict(
type="str",
default="every-day",
choices=[
"Monday", "Tuesday", "Wednesday", "Thursday", "Friday",
"Saturday", "Sunday", "every-day", "even-day", "odd-day"
],
),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name"]],
],
)
state = module.params.get("state")
name = module.params.get("name")
windowname = module.params.get("windowname")
recurring = module.params.get("recurring")
date = module.params.get("date")
hour = module.params.get("hour")
minute = module.params.get("minute")
maxTime = module.params.get("maxTime")
concurCap = module.params.get("concurCap")
day = module.params.get("day")
description = module.params.get("description")
name_alias = module.params.get("name_alias")
if recurring:
child_configs = [
dict(trigRecurrWindowP=dict(attributes=dict(
name=windowname,
hour=hour,
minute=minute,
procCa=maxTime,
concurCap=concurCap,
day=day,
)))
]
elif recurring is False:
child_configs = [
dict(trigAbsWindowP=dict(attributes=dict(
name=windowname,
procCap=maxTime,
concurCap=concurCap,
date=date,
)))
]
else:
child_configs = []
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class="trigSchedP",
aci_rn="fabric/schedp-{0}".format(name),
target_filter={"name": name},
module_object=name,
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="trigSchedP",
class_config=dict(
name=name,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="trigSchedP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
path=dict(type='str', required=True, aliases=['uri']),
method=dict(type='str', default='get', choices=['delete', 'get', 'post'], aliases=['action']),
src=dict(type='path', aliases=['config_file']),
content=dict(type='raw'),
)
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[['content', 'src']],
)
content = module.params['content']
path = module.params['path']
src = module.params['src']
# Report missing file
file_exists = False
if src:
if os.path.isfile(src):
file_exists = True
else:
module.fail_json(msg="Cannot find/access src '%s'" % src)
# Find request type
if path.find('.xml') != -1:
rest_type = 'xml'
if not HAS_LXML_ETREE:
module.fail_json(msg='The lxml python library is missing, or lacks etree support.')
if not HAS_XMLJSON_COBRA:
module.fail_json(msg='The xmljson python library is missing, or lacks cobra support.')
elif path.find('.json') != -1:
rest_type = 'json'
else:
module.fail_json(msg='Failed to find REST API payload type (neither .xml nor .json).')
aci = ACIRESTModule(module)
aci.result['status'] = -1 # Ensure we always return a status
# We include the payload as it may be templated
payload = content
if file_exists:
with open(src, 'r') as config_object:
# TODO: Would be nice to template this, requires action-plugin
payload = config_object.read()
# Validate payload
if rest_type == 'json':
if content and isinstance(content, dict):
# Validate inline YAML/JSON
payload = json.dumps(payload)
elif payload and isinstance(payload, str) and HAS_YAML:
try:
# Validate YAML/JSON string
payload = json.dumps(yaml.safe_load(payload))
except Exception as e:
module.fail_json(msg='Failed to parse provided JSON/YAML payload: %s' % to_text(e), exception=to_text(e), payload=payload)
elif rest_type == 'xml' and HAS_LXML_ETREE:
if content and isinstance(content, dict) and HAS_XMLJSON_COBRA:
# Validate inline YAML/JSON
# FIXME: Converting from a dictionary to XML is unsupported at this time
# payload = etree.tostring(payload)
pass
elif payload and isinstance(payload, str):
try:
# Validate XML string
payload = lxml.etree.tostring(lxml.etree.fromstring(payload))
except Exception as e:
module.fail_json(msg='Failed to parse provided XML payload: %s' % to_text(e), payload=payload)
# Perform actual request using auth cookie (Same as aci.request(), but also supports XML)
if 'port' in aci.params and aci.params['port'] is not None:
aci.url = '%(protocol)s://%(host)s:%(port)s/' % aci.params + path.lstrip('/')
else:
aci.url = '%(protocol)s://%(host)s/' % aci.params + path.lstrip('/')
if aci.params['method'] != 'get':
path += '?rsp-subtree=modified'
aci.url = update_qsl(aci.url, {'rsp-subtree': 'modified'})
# Sign and encode request as to APIC's wishes
if aci.params['private_key'] is not None:
aci.cert_auth(path=path, payload=payload)
aci.method = aci.params['method'].upper()
# Perform request
resp, info = fetch_url(module, aci.url,
data=payload,
headers=aci.headers,
method=aci.method,
timeout=aci.params['timeout'],
use_proxy=aci.params['use_proxy'])
aci.response = info['msg']
aci.status = info['status']
# Report failure
if info['status'] != 200:
try:
# APIC error
aci.response_type(info['body'], rest_type)
aci.fail_json(msg='APIC Error %(code)s: %(text)s' % aci.error)
except KeyError:
# Connection error
aci.fail_json(msg='Connection failed for %(url)s. %(msg)s' % info)
aci.response_type(resp.read(), rest_type)
aci.result['imdata'] = aci.imdata
aci.result['totalCount'] = aci.totalCount
# Report success
aci.exit_json(**aci.result)
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
l3out=dict(type="str",
aliases=["l3out_name"
]), # Not required for querying all objects
logical_node=dict(type="str",
aliases=["node_profile", "node_profile_name"
]), # Not required for querying all objects
pod_id=dict(type="int"),
node_id=dict(type="int"),
prefix=dict(type="str", aliases=["route"]),
track_policy=dict(type="str"),
preference=dict(type="int"),
bfd=dict(type="str", choices=["bfd", None]),
description=dict(type="str", aliases=["descr"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
[
"state", "present",
[
"prefix", "node_id", "pod_id", "logical_node", "l3out",
"tenant"
]
],
[
"state", "absent",
[
"prefix", "node_id", "pod_id", "logical_node", "l3out",
"tenant"
]
],
],
)
aci = ACIModule(module)
tenant = module.params.get("tenant")
l3out = module.params.get("l3out")
logical_node = module.params.get("logical_node")
node_id = module.params.get("node_id")
pod_id = module.params.get("pod_id")
prefix = module.params.get("prefix")
track_policy = module.params.get("track_policy")
preference = module.params.get("preference")
bfd = module.params.get("bfd")
description = module.params.get("description")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
fabric_node = "topology/pod-{0}/node-{1}".format(pod_id, node_id)
child_classes = ["ipNexthopP"]
if track_policy is not None:
child_classes.append("ipRsRouteTrack")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l3extOut",
aci_rn="out-{0}".format(l3out),
module_object=l3out,
target_filter={"name": l3out},
),
subclass_2=dict(
aci_class="l3extLNodeP",
aci_rn="lnodep-{0}".format(logical_node),
module_object=logical_node,
target_filter={"name": logical_node},
),
subclass_3=dict(
aci_class="l3extRsNodeL3OutAtt",
aci_rn="rsnodeL3OutAtt-[{0}]".format(fabric_node),
module_object=fabric_node,
target_filter={"name": fabric_node},
),
subclass_4=dict(
aci_class="ipRouteP",
aci_rn="rt-[{0}]".format(prefix),
module_object=prefix,
target_filter={"name": prefix},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
child_configs = []
class_config = dict(
descr=description,
ip=prefix,
pref=preference,
nameAlias=name_alias,
)
if bfd is not None:
class_config["rtCtrl"] = bfd
if track_policy is not None:
tDn = "uni/tn-{0}/tracklist-{1}".format(tenant, track_policy)
child_configs.append(
{"ipRsRouteTrack": {
"attributes": {
"tDn": tDn
}
}})
aci.payload(aci_class="ipRouteP",
class_config=class_config,
child_configs=child_configs),
aci.get_diff(aci_class="ipRouteP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(
bd=dict(type="str",
aliases=["bd_name", "bridge_domain"
]), # Not required for querying all objects
l3out=dict(type="str"), # Not required for querying all objects
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "present", ["bd", "l3out", "tenant"]],
["state", "absent", ["bd", "l3out", "tenant"]],
],
)
bd = module.params.get("bd")
l3out = module.params.get("l3out")
state = module.params.get("state")
tenant = module.params.get("tenant")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvBD",
aci_rn="BD-{0}".format(bd),
module_object=bd,
target_filter={"name": bd},
),
subclass_2=dict(
aci_class="fvRsBDToOut",
aci_rn="rsBDToOut-{0}".format(l3out),
module_object=l3out,
target_filter={"tnL3extOutName": l3out},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvRsBDToOut",
class_config=dict(tnL3extOutName=l3out),
)
aci.get_diff(aci_class="fvRsBDToOut")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
port_channel=dict(type='str',
aliases=['name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
min_links=dict(type='int'),
max_links=dict(type='int'),
mode=dict(
type='str',
choices=['active', 'mac-pin', 'mac-pin-nicload', 'off',
'passive']),
fast_select=dict(type='bool'),
graceful_convergence=dict(type='bool'),
load_defer=dict(type='bool'),
suspend_individual=dict(type='bool'),
symmetric_hash=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['port_channel']],
['state', 'present', ['port_channel']],
],
)
port_channel = module.params.get('port_channel')
description = module.params.get('description')
min_links = module.params.get('min_links')
if min_links is not None and min_links not in range(1, 17):
module.fail_json(
msg='The "min_links" must be a value between 1 and 16')
max_links = module.params.get('max_links')
if max_links is not None and max_links not in range(1, 17):
module.fail_json(
msg='The "max_links" must be a value between 1 and 16')
mode = module.params.get('mode')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
# Build ctrl value for request
ctrl = []
if module.params.get('fast_select') is True:
ctrl.append('fast-sel-hot-stdby')
if module.params.get('graceful_convergence') is True:
ctrl.append('graceful-conv')
if module.params.get('load_defer') is True:
ctrl.append('load-defer')
if module.params.get('suspend_individual') is True:
ctrl.append('susp-individual')
if module.params.get('symmetric_hash') is True:
ctrl.append('symmetric-hash')
if not ctrl:
ctrl = None
else:
ctrl = ",".join(ctrl)
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class='lacpLagPol',
aci_rn='infra/lacplagp-{0}'.format(port_channel),
module_object=port_channel,
target_filter={'name': port_channel},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='lacpLagPol',
class_config=dict(
name=port_channel,
ctrl=ctrl,
descr=description,
minLinks=min_links,
maxLinks=max_links,
mode=mode,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='lacpLagPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
protection_group=dict(type='str', aliases=['name', 'protection_group_name']), # Not required for querying all objects
protection_group_id=dict(type='int', aliases=['id']),
vpc_domain_policy=dict(type='str', aliases=['vpc_domain_policy_name']),
switch_1_id=dict(type='int'),
switch_2_id=dict(type='int'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['protection_group']],
['state', 'present', ['protection_group', 'protection_group_id', 'switch_1_id', 'switch_2_id']],
],
)
protection_group = module.params.get('protection_group')
protection_group_id = module.params.get('protection_group_id')
vpc_domain_policy = module.params.get('vpc_domain_policy')
switch_1_id = module.params.get('switch_1_id')
switch_2_id = module.params.get('switch_2_id')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fabricExplicitGEp',
aci_rn='fabric/protpol/expgep-{0}'.format(protection_group),
module_object=protection_group,
target_filter={'name': protection_group},
),
child_classes=['fabricNodePEp', 'fabricNodePEp', 'fabricRsVpcInstPol'],
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fabricExplicitGEp',
class_config=dict(
name=protection_group,
id=protection_group_id,
nameAlias=name_alias,
),
child_configs=[
dict(
fabricNodePEp=dict(
attributes=dict(
id='{0}'.format(switch_1_id),
),
),
),
dict(
fabricNodePEp=dict(
attributes=dict(
id='{0}'.format(switch_2_id),
),
),
),
dict(
fabricRsVpcInstPol=dict(
attributes=dict(
tnVpcInstPolName=vpc_domain_policy,
),
),
),
],
)
aci.get_diff(aci_class='fabricExplicitGEp')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
contract=dict(type='str',
aliases=['contract_name'
]), # Not required for querying all objects
subject=dict(type='str',
aliases=['contract_subject', 'name', 'subject_name'
]), # Not required for querying all objects
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
priority=dict(type='str',
choices=['unspecified', 'level1', 'level2', 'level3']),
reverse_filter=dict(type='bool'),
dscp=dict(type='str',
aliases=['target'],
choices=[
'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31',
'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1',
'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA',
'unspecified'
]),
description=dict(type='str', aliases=['descr']),
consumer_match=dict(
type='str', choices=['all', 'at_least_one', 'at_most_one',
'none']),
provider_match=dict(
type='str', choices=['all', 'at_least_one', 'at_most_one',
'none']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['contract', 'subject', 'tenant']],
['state', 'present', ['contract', 'subject', 'tenant']],
],
)
aci = ACIModule(module)
subject = module.params.get('subject')
priority = module.params.get('priority')
reverse_filter = aci.boolean(module.params.get('reverse_filter'))
contract = module.params.get('contract')
dscp = module.params.get('dscp')
description = module.params.get('description')
consumer_match = module.params.get('consumer_match')
if consumer_match is not None:
consumer_match = MATCH_MAPPING.get(consumer_match)
provider_match = module.params.get('provider_match')
if provider_match is not None:
provider_match = MATCH_MAPPING.get(provider_match)
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzBrCP',
aci_rn='brc-{0}'.format(contract),
module_object=contract,
target_filter={'name': contract},
),
subclass_2=dict(
aci_class='vzSubj',
aci_rn='subj-{0}'.format(subject),
module_object=subject,
target_filter={'name': subject},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzSubj',
class_config=dict(
name=subject,
prio=priority,
revFltPorts=reverse_filter,
targetDscp=dscp,
consMatchT=consumer_match,
provMatchT=provider_match,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzSubj')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
filter=dict(type='str',
aliases=['name', 'filter_name'
]), # Not required for querying all objects
tenant=dict(type='str',
aliases=['tenant_name'
]), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['filter', 'tenant']],
['state', 'present', ['filter', 'tenant']],
],
)
filter_name = module.params.get('filter')
description = module.params.get('description')
state = module.params.get('state')
tenant = module.params.get('tenant')
name_alias = module.params.get('name_alias')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzFilter',
aci_rn='flt-{0}'.format(filter_name),
module_object=filter_name,
target_filter={'name': filter_name},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzFilter',
class_config=dict(
name=filter_name,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='vzFilter')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
l2_policy=dict(type='str',
aliases=['name'
]), # Not required for querying all policies
description=dict(type='str', aliases=['descr']),
vlan_scope=dict(type='str',
choices=['global', 'portlocal'
]), # No default provided on purpose
qinq=dict(type='str', choices=['core', 'disabled', 'edge']),
vepa=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
name_alias=dict(type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['l2_policy']],
['state', 'present', ['l2_policy']],
],
)
aci = ACIModule(module)
l2_policy = module.params.get('l2_policy')
vlan_scope = module.params.get('vlan_scope')
qinq = module.params.get('qinq')
if qinq is not None:
qinq = QINQ_MAPPING.get(qinq)
vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled')
description = module.params.get('description')
state = module.params.get('state')
name_alias = module.params.get('name_alias')
aci.construct_url(root_class=dict(
aci_class='l2IfPol',
aci_rn='infra/l2IfP-{0}'.format(l2_policy),
module_object=l2_policy,
target_filter={'name': l2_policy},
), )
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='l2IfPol',
class_config=dict(
name=l2_policy,
descr=description,
vlanScope=vlan_scope,
qinq=qinq,
vepa=vepa,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class='l2IfPol')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
