def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
group=dict(type="str"), # Not required for querying all objects
policy=dict(type="str"), # Not required for querying all objects
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["group"]],
["state", "present", ["group"]],
],
)
state = module.params.get("state")
group = module.params.get("group")
policy = module.params.get("policy")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="maintMaintGrp",
aci_rn="fabric/maintgrp-{0}".format(group),
target_filter={"name": group},
module_object=group,
),
child_classes=["maintRsMgrpp"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="maintMaintGrp",
class_config=dict(
name=group,
nameAlias=name_alias,
),
child_configs=[
dict(maintRsMgrpp=dict(attributes=dict(
tnMaintMaintPName=policy, ), ), ),
],
)
aci.get_diff(aci_class="maintMaintGrp")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
cdp_policy=dict(type="str", required=False, aliases=["cdp_interface", "name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
admin_state=dict(type="bool"),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["cdp_policy"]],
["state", "present", ["cdp_policy"]],
],
)
aci = ACIModule(module)
cdp_policy = module.params.get("cdp_policy")
description = module.params.get("description")
admin_state = aci.boolean(module.params.get("admin_state"), "enabled", "disabled")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="cdpIfPol",
aci_rn="infra/cdpIfP-{0}".format(cdp_policy),
module_object=cdp_policy,
target_filter={"name": cdp_policy},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cdpIfPol",
class_config=dict(
name=cdp_policy,
descr=description,
adminSt=admin_state,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="cdpIfPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str", aliases=["snmp_policy", "snmp_policy_name"]),
admin_state=dict(type="str", choices=["enabled", "disabled"]),
contact=dict(type="str"),
description=dict(type="str"),
location=dict(type="str"),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name"]],
],
)
aci = ACIModule(module)
name = module.params.get("name")
admin_state = module.params.get("admin_state")
contact = module.params.get("contact")
description = module.params.get("description")
location = module.params.get("location")
state = module.params.get("state")
aci.construct_url(
root_class=dict(
aci_class="snmpPol",
aci_rn="fabric/snmppol-{0}".format(name),
module_object=name,
target_filter={"name": name},
),
child_classes=["snmpCommunityP", "snmpClientGrpP"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="snmpPol",
class_config=dict(name=name, adminSt=admin_state, contact=contact, descr=description, loc=location),
)
aci.get_diff(aci_class="snmpPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str", aliases=["name", "tenant_name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant"]],
["state", "present", ["tenant"]],
],
)
description = module.params.get("description")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvTenant",
class_config=dict(
name=tenant,
descr=description,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="fvTenant")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str", aliases=["leaf_switch_profile", "leaf_profile"]),
description=dict(type="str", aliases=["descr"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name"]],
],
)
aci = ACIModule(module)
name = module.params.get("name")
description = module.params.get("description")
state = module.params.get("state")
child_classes = ["fabricLeafS"]
aci.construct_url(
root_class=dict(
aci_class="fabricLeafP",
aci_rn="fabric/leprof-{0}".format(name),
module_object=name,
target_filter={"name": name},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fabricLeafP",
class_config=dict(name=name, descr=description),
)
aci.get_diff(aci_class="fabricLeafP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
interface_profile=dict(type="str",
aliases=[
"leaf_interface_profile_name",
"leaf_interface_profile",
"interface_profile_name"
]),
access_port_selector=dict(type="str",
aliases=[
"name", "access_port_selector_name"
]), # Not required for querying all objects
description=dict(type="str"),
port_blk=dict(
type="str",
aliases=["leaf_port_blk_name", "leaf_port_blk", "port_blk_name"]),
leaf_port_blk_description=dict(type="str"),
from_port=dict(type="str",
aliases=["from", "fromPort", "from_port_range"]),
to_port=dict(type="str", aliases=["to", "toPort", "to_port_range"]),
from_card=dict(type="str", aliases=["from_card_range"]),
to_card=dict(type="str", aliases=["to_card_range"]),
policy_group=dict(type="str", aliases=["policy_group_name"]),
interface_type=dict(type="str",
default="switch_port",
choices=[
"breakout", "fex", "port_channel",
"switch_port", "vpc", "fex_port_channel",
"fex_vpc"
]),
type=dict(type="str", default="leaf", choices=["fex", "leaf"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["interface_profile", "access_port_selector"]],
[
"state", "present",
["interface_profile", "access_port_selector"]
],
],
)
interface_profile = module.params.get("interface_profile")
access_port_selector = module.params.get("access_port_selector")
description = module.params.get("description")
port_blk = module.params.get("port_blk")
leaf_port_blk_description = module.params.get("leaf_port_blk_description")
from_port = module.params.get("from_port")
to_port = module.params.get("to_port")
from_card = module.params.get("from_card")
to_card = module.params.get("to_card")
policy_group = module.params.get("policy_group")
interface_type = module.params.get("interface_type")
state = module.params.get("state")
type_profile = module.params.get("type")
# Build child_configs dynamically
child_configs = [
dict(infraPortBlk=dict(attributes=dict(
descr=leaf_port_blk_description,
name=port_blk,
fromPort=from_port,
toPort=to_port,
fromCard=from_card,
toCard=to_card,
), ), )
]
# Add infraRsAccBaseGrp only when policy_group was defined
if policy_group is not None:
child_configs.append(
dict(infraRsAccBaseGrp=dict(attributes=dict(
tDn=INTERFACE_TYPE_MAPPING[interface_type].format(
policy_group), ), ), ))
aci = ACIModule(module)
aci_class = "infraAccPortP"
aci_rn = "accportprof"
if type_profile == "fex":
aci_class = "infraFexP"
aci_rn = "fexprof"
aci.construct_url(
root_class=dict(
aci_class=aci_class,
aci_rn="infra/" + aci_rn + "-{0}".format(interface_profile),
module_object=interface_profile,
target_filter={"name": interface_profile},
),
subclass_1=dict(
aci_class="infraHPortS",
# NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module
aci_rn="hports-{0}-typ-range".format(access_port_selector),
module_object=access_port_selector,
target_filter={"name": access_port_selector},
),
child_classes=["infraPortBlk", "infraRsAccBaseGrp"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="infraHPortS",
class_config=dict(
descr=description,
name=access_port_selector,
# type='range',
),
child_configs=child_configs,
)
aci.get_diff(aci_class="infraHPortS")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
contract=dict(type="str",
aliases=["contract_name", "name"
]), # Not required for querying all objects
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
scope=dict(
type="str",
choices=["application-profile", "context", "global", "tenant"]),
priority=dict(type="str",
choices=["level1", "level2", "level3", "unspecified"
]), # No default provided on purpose
dscp=dict(
type="str",
choices=[
"AF11",
"AF12",
"AF13",
"AF21",
"AF22",
"AF23",
"AF31",
"AF32",
"AF33",
"AF41",
"AF42",
"AF43",
"CS0",
"CS1",
"CS2",
"CS3",
"CS4",
"CS5",
"CS6",
"CS7",
"EF",
"VA",
"unspecified",
],
aliases=["target"],
), # No default provided on purpose
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["contract", "tenant"]],
["state", "present", ["contract", "tenant"]],
],
)
contract = module.params.get("contract")
description = module.params.get("description")
scope = module.params.get("scope")
priority = module.params.get("priority")
dscp = module.params.get("dscp")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="vzBrCP",
aci_rn="brc-{0}".format(contract),
module_object=contract,
target_filter={"name": contract},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="vzBrCP",
class_config=dict(
name=contract,
descr=description,
scope=scope,
prio=priority,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="vzBrCP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
{
"name": dict(type="str", aliases=["selector", "cloud_external_epg_selector", "external_epg_selector", "extepg_selector", "selector_name"]),
"subnet": dict(type="str", aliases=["ip"]),
"tenant": dict(type="str"),
"cloud_external_epg": dict(type="str"),
"ap": dict(type="str", aliases=["app_profile", "app_profile_name"]),
"state": dict(type="str", default="present", choices=["absent", "present", "query"]),
}
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["subnet", "tenant", "ap", "cloud_external_epg"]],
["state", "present", ["subnet", "tenant", "ap", "cloud_external_epg"]],
],
)
name = module.params.get("name")
subnet = module.params.get("subnet")
tenant = module.params.get("tenant")
ap = module.params.get("ap")
cloud_external_epg = module.params.get("cloud_external_epg")
state = module.params.get("state")
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class={
"aci_class": "fvTenant",
"aci_rn": "tn-{0}".format(tenant),
"target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant),
"module_object": tenant,
},
subclass_1={"aci_class": "cloudApp", "aci_rn": "cloudapp-{0}".format(ap), "target_filter": 'eq(cloudApp.name, "{0}")'.format(ap), "module_object": ap},
subclass_2={
"aci_class": "cloudExtEPg",
"aci_rn": "cloudextepg-{0}".format(cloud_external_epg),
"target_filter": 'eq(cloudExtEPg.name, "{0}")'.format(cloud_external_epg),
"module_object": cloud_external_epg,
},
subclass_3={
"aci_class": "cloudExtEPSelector",
"aci_rn": "extepselector-[{0}]".format(subnet),
"target_filter": 'eq(cloudExtEPSelector.name, "{0}")'.format(subnet),
"module_object": subnet,
},
child_classes=[],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cloudExtEPSelector",
class_config={
"name": name,
"subnet": subnet,
},
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudExtEPSelector")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
profile=dict(type="str",
aliases=["spine_profile", "spine_switch_profile"]),
name=dict(type="str",
aliases=["association_name", "switch_association"]),
policy_group=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["profile", "name"]],
["state", "present", ["profile", "name"]],
],
)
aci = ACIModule(module)
profile = module.params.get("profile")
name = module.params.get("name")
policy_group = module.params.get("policy_group")
state = module.params.get("state")
child_classes = ["fabricRsSpNodePGrp", "fabricNodeBlk"]
aci.construct_url(
root_class=dict(
aci_class="fabricSpineP",
aci_rn="fabric/spprof-{0}".format(profile),
module_object=profile,
target_filter={"name": profile},
),
subclass_1=dict(
aci_class="fabricSpineS",
aci_rn="spines-{0}-typ-range".format(name),
module_object=name,
target_filter={"name": name},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
child_configs = []
if policy_group:
tDn = "uni/fabric/funcprof/spnodepgrp-{0}".format(policy_group)
child_configs.append(
dict(fabricRsSpNodePGrp=dict(attributes=dict(tDn=tDn))))
aci.payload(
aci_class="fabricSpineS",
class_config=dict(name=name),
child_configs=child_configs,
)
aci.get_diff(aci_class="fabricSpineS")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
node_profile=dict(
type="str", aliases=["name", "node_profile_name", "logical_node"]),
tenant=dict(type="str", aliases=["tenant_name"]),
l3out=dict(type="str", aliases=["l3out_name"]),
description=dict(type="str", aliases=["descr"]),
dscp=dict(
type="str",
choices=[
"AF11",
"AF12",
"AF13",
"AF21",
"AF22",
"AF23",
"AF31",
"AF32",
"AF33",
"AF41",
"AF42",
"AF43",
"CS0",
"CS1",
"CS2",
"CS3",
"CS4",
"CS5",
"CS6",
"CS7",
"EF",
"VA",
"unspecified",
],
aliases=["target_dscp"],
),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant", "l3out", "node_profile"]],
["state", "present", ["tenant", "l3out", "node_profile"]],
],
)
node_profile = module.params.get("node_profile")
tenant = module.params.get("tenant")
l3out = module.params.get("l3out")
description = module.params.get("description")
dscp = module.params.get("dscp")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l3extOut",
aci_rn="out-{0}".format(l3out),
module_object=l3out,
target_filter={"name": l3out},
),
subclass_2=dict(
aci_class="l3extLNodeP",
aci_rn="lnodep-{0}".format(node_profile),
module_object=node_profile,
target_filter={"name": node_profile},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="l3extLNodeP",
class_config=dict(
descr=description,
name=node_profile,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="l3extLNodeP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
destination_epg=dict(type="dict", options=destination_epg_spec()),
destination_group=dict(type="str", aliases=[
"name", "dst_group"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
name_alias=dict(type="str"),
source_ip=dict(type="str"),
destination_ip=dict(type="str"),
mtu=dict(type="int"),
ttl=dict(type="int"),
flow_id=dict(type="int"),
version_enforced=dict(type="bool"),
span_version=dict(type="str", choices=["version_1", "version_2"]),
dscp=dict(type="str",
choices=[
"CS0", "CS1", "CS2", "CS3", "CS4", "CS5", "CS6", "CS7",
"EF", "VA", "AF11", "AF12", "AF13", "AF21", "AF22",
"AF23", "AF31", "AF32", "AF33", "AF41", "AF42", "AF43",
"unspecified"
]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["destination_group", "tenant"]],
[
"state", "present",
[
"destination_group", "destination_ip", "source_ip",
"destination_epg", "tenant"
]
],
],
)
aci = ACIModule(module)
destination_epg = module.params.get("destination_epg")
destination_group = module.params.get("destination_group")
description = module.params.get("description")
state = module.params.get("state")
tenant = module.params.get("tenant")
destination_ip = module.params.get("destination_ip")
source_ip = module.params.get("source_ip")
span_version = module.params.get("span_version")
name_alias = module.params.get("name_alias")
dscp = module.params.get("dscp")
mtu = str(module.params.get("mtu"))
ttl = str(module.params.get("ttl"))
flow_id = str(module.params.get("flow_id"))
version_enforced = module.params.get("version_enforced")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="spanDestGrp",
aci_rn="destgrp-{0}".format(destination_group),
module_object=destination_group,
target_filter={"name": destination_group},
),
child_classes=["spanDest", "spanRsDestEpg"],
)
aci.get_existing()
if state == "present":
dest_tdn = "uni/tn-{0}/ap-{1}/epg-{2}".format(
destination_epg["tenant"], destination_epg["ap"],
destination_epg["epg"])
if version_enforced is True:
version_enforced = "yes"
else:
version_enforced = "no"
if span_version == "version_1":
span_version = "ver1"
else:
span_version = "ver2"
child_configs = [
dict(spanDest=dict(attributes=dict(name=destination_group),
children=[
dict(spanRsDestEpg=dict(attributes=dict(
ip=destination_ip,
srcIpPrefix=source_ip,
ver=span_version,
verEnforced=version_enforced,
ttl=ttl,
mtu=mtu,
flowId=flow_id,
dscp=dscp,
tDn=dest_tdn)))
])),
]
aci.payload(
aci_class="spanDestGrp",
class_config=dict(
name=destination_group,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="spanDestGrp")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
pool_type=dict(type="str",
required=True,
aliases=["type"],
choices=["vlan", "vsan", "vxlan"]),
description=dict(type="str", aliases=["descr"]),
pool=dict(type="str",
aliases=["name", "pool_name"
]), # Not required for querying all objects
pool_allocation_mode=dict(type="str",
aliases=["allocation_mode", "mode"],
choices=["dynamic", "static"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["pool"]],
["state", "present", ["pool"]],
],
)
description = module.params.get("description")
pool = module.params.get("pool")
pool_type = module.params.get("pool_type")
pool_allocation_mode = module.params.get("pool_allocation_mode")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
aci_class = ACI_POOL_MAPPING[pool_type]["aci_class"]
aci_mo = ACI_POOL_MAPPING[pool_type]["aci_mo"]
pool_name = pool
# ACI Pool URL requires the pool_allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static)
if pool_type != "vxlan" and pool is not None:
if pool_allocation_mode is not None:
pool_name = "[{0}]-{1}".format(pool, pool_allocation_mode)
else:
module.fail_json(
msg=
"ACI requires parameter 'pool_allocation_mode' for 'pool_type' of 'vlan' and 'vsan' when parameter 'pool' is provided"
)
# Vxlan pools do not support pool allocation modes
if pool_type == "vxlan" and pool_allocation_mode is not None:
module.fail_json(
msg=
"vxlan pools do not support setting the 'pool_allocation_mode'; please remove this parameter from the task"
)
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class=aci_class,
aci_rn="{0}{1}".format(aci_mo, pool_name),
module_object=pool,
target_filter={"name": pool},
), )
aci.get_existing()
if state == "present":
# Filter out module parameters with null values
aci.payload(
aci_class=aci_class,
class_config=dict(
allocMode=pool_allocation_mode,
descr=description,
name=pool,
nameAlias=name_alias,
),
)
# Generate config diff which will be used as POST request body
aci.get_diff(aci_class=aci_class)
# Submit changes if module not in check_mode and the proposed is different than existing
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
bd=dict(type="str",
aliases=["bd_name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
dhcp_label=dict(type="str",
aliases=["name"
]), # Not required for querying all objects
dhcp_option=dict(type="str"),
scope=dict(type="str",
default="infra",
choices=["infra", "tenant"],
aliases=["owner"]), # Not required for querying all objects
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["bd", "tenant", "dhcp_label", "scope"]],
["state", "present", ["bd", "tenant", "dhcp_label", "scope"]],
],
)
tenant = module.params.get("tenant")
bd = module.params.get("bd")
description = module.params.get("description")
dhcp_label = module.params.get("dhcp_label")
dhcp_option = module.params.get("dhcp_option")
scope = module.params.get("scope")
state = module.params.get("state")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvBD",
aci_rn="BD-{0}".format(bd),
module_object=bd,
target_filter={"name": bd},
),
subclass_2=dict(
aci_class="dhcpLbl",
aci_rn="dhcplbl-{0}".format(dhcp_label),
module_object=dhcp_label,
target_filter={"name": dhcp_label},
),
child_classes=["dhcpRsDhcpOptionPol"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="dhcpLbl",
class_config=dict(
descr=description,
name=dhcp_label,
owner=scope,
),
child_configs=[
{
"dhcpRsDhcpOptionPol": {
"attributes": {
"tnDhcpOptionPolName": dhcp_option
}
}
},
],
)
aci.get_diff(aci_class="dhcpLbl")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
port_security=dict(
type="str",
aliases=["name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
max_end_points=dict(type="int"),
port_security_timeout=dict(type="int"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["port_security"]],
["state", "present", ["port_security"]],
],
)
port_security = module.params.get("port_security")
description = module.params.get("description")
max_end_points = module.params.get("max_end_points")
port_security_timeout = module.params.get("port_security_timeout")
name_alias = module.params.get("name_alias")
if max_end_points is not None and max_end_points not in range(12001):
module.fail_json(msg="The max_end_points must be between 0 and 12000")
if port_security_timeout is not None and port_security_timeout not in range(
60, 3601):
module.fail_json(
msg="The port_security_timeout must be between 60 and 3600")
state = module.params.get("state")
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class="l2PortSecurityPol",
aci_rn="infra/portsecurityP-{0}".format(port_security),
module_object=port_security,
target_filter={"name": port_security},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="l2PortSecurityPol",
class_config=dict(
name=port_security,
descr=description,
maximum=max_end_points,
nameAlias=name_alias,
timeout=port_security_timeout,
),
)
aci.get_diff(aci_class="l2PortSecurityPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects
ap=dict(type="str", aliases=["app_profile", "app_profile_name", "name"]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
monitoring_policy=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant", "ap"]],
["state", "present", ["tenant", "ap"]],
],
)
ap = module.params.get("ap")
description = module.params.get("description")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
monitoring_policy = module.params.get("monitoring_policy")
child_configs = [dict(fvRsApMonPol=dict(attributes=dict(tnMonEPGPolName=monitoring_policy)))]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvAp",
aci_rn="ap-{0}".format(ap),
module_object=ap,
target_filter={"name": ap},
),
child_classes=["fvRsApMonPol"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvAp",
class_config=dict(
name=ap,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="fvAp")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str", required=True),
cloud_context_profile=dict(type="str", required=True),
state=dict(type="str",
default="query",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
tenant = module.params.get("tenant")
cloud_context_profile = module.params.get("cloud_context_profile")
state = module.params.get("state")
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
target_filter='eq(fvTenant.name, "{0}")'.format(tenant),
module_object=tenant),
subclass_1=dict(
aci_class="cloudCtxProfile",
aci_rn="ctxprofile-{0}".format(cloud_context_profile),
target_filter='eq(cloudCtxProfile.name, "{0}")'.format(
cloud_context_profile),
module_object=cloud_context_profile,
),
subclass_2=dict(aci_class="cloudRouterP",
aci_rn="routerp-default",
target_filter='eq(cloudRouterP.name, "default")',
module_object="default"),
child_classes=[
"cloudRsToVpnGwPol", "cloudRsToHostRouterPol", "cloudIntNetworkP"
],
)
aci.get_existing()
if state == "present":
child_configs.append(
dict(cloudIntNetworkP=dict(attributes=dict(name="default"))))
aci.payload(aci_class="cloudRouterP",
class_config=dict(name="default"),
child_configs=child_configs)
aci.get_diff(aci_class="cloudRouterP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
description=dict(
type="str",
),
name=dict(type="str", aliases=["cloud_context_profile"]),
name_alias=dict(
type="str",
),
tenant=dict(
type="str",
),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
primary_cidr=dict(
type="str",
),
# FIXME: didn't find the flow_log in UI
# flow_log=dict(type='str'),
vrf=dict(type="str"),
region=dict(type="str"),
cloud=dict(type="str", choices=["aws", "azure"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name", "tenant"]],
["state", "present", ["name", "tenant", "vrf", "region", "primary_cidr", "cloud"]],
],
)
description = module.params.get("description")
name = module.params.get("name")
name_alias = module.params.get("name_alias")
tenant = module.params.get("tenant")
state = module.params.get("state")
primary_cidr = module.params.get("primary_cidr")
child_configs = []
vrf = module.params.get("vrf")
region = module.params.get("region")
cloud = module.params.get("cloud")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), target_filter='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant),
subclass_1=dict(
aci_class="cloudCtxProfile", aci_rn="ctxprofile-{0}".format(name), target_filter='eq(cloudCtxProfile.name, "{0}")'.format(name), module_object=name
),
child_classes=["cloudRsToCtx", "cloudRsCtxProfileToRegion", "cloudRouterP", "cloudCidr"],
)
aci.get_existing()
if state == "present":
child_configs.append(dict(cloudRsToCtx=dict(attributes=dict(tnFvCtxName=vrf))))
child_configs.append(dict(cloudRsCtxProfileToRegion=dict(attributes=dict(tDn="uni/clouddomp/provp-{0}/region-{1}".format(cloud, region)))))
child_configs.append(dict(cloudCidr=dict(attributes=dict(addr=primary_cidr, primary="yes"))))
aci.payload(
aci_class="cloudCtxProfile",
class_config=dict(
descr=description,
name=name,
name_alias=name_alias,
type="regular",
),
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudCtxProfile")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
bd=dict(type="str"),
l2out=dict(type="str", aliases=["name"]),
domain=dict(type="str"),
vlan=dict(type="int"),
description=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str"),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["l2out", "tenant"]],
["state", "present", ["bd", "l2out", "tenant", "domain", "vlan"]],
],
)
bd = module.params.get("bd")
l2out = module.params.get("l2out")
description = module.params.get("description")
domain = module.params.get("domain")
vlan = module.params.get("vlan")
state = module.params.get("state")
tenant = module.params.get("tenant")
name_alias = module.params.get("name_alias")
child_classes = ["l2extRsEBd", "l2extRsL2DomAtt", "l2extLNodeP"]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="l2extOut",
aci_rn="l2out-{0}".format(l2out),
module_object=l2out,
target_filter={"name": l2out},
),
child_classes=child_classes,
)
aci.get_existing()
if state == "present":
child_configs = [
dict(l2extRsL2DomAtt=dict(attributes=dict(
tDn="uni/l2dom-{0}".format(domain)))),
dict(l2extRsEBd=dict(attributes=dict(
tnFvBDName=bd, encap="vlan-{0}".format(vlan)))),
]
aci.payload(
aci_class="l2extOut",
class_config=dict(name=l2out,
descr=description,
dn="uni/tn-{0}/l2out-{1}".format(tenant, l2out),
nameAlias=name_alias),
child_configs=child_configs,
)
aci.get_diff(aci_class="l2extOut")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
arp_flooding=dict(type="bool"),
bd=dict(type="str",
aliases=["bd_name",
"name"]), # Not required for querying all objects
bd_type=dict(type="str", choices=["ethernet", "fc"]),
description=dict(type="str"),
enable_multicast=dict(type="bool"),
enable_routing=dict(type="bool"),
endpoint_clear=dict(type="bool"),
endpoint_move_detect=dict(type="str", choices=["default", "garp"]),
endpoint_retention_action=dict(type="str",
choices=["inherit", "resolve"]),
endpoint_retention_policy=dict(type="str"),
igmp_snoop_policy=dict(type="str"),
ip_learning=dict(type="bool"),
ipv6_nd_policy=dict(type="str"),
l2_unknown_unicast=dict(type="str", choices=["proxy", "flood"]),
l3_unknown_multicast=dict(type="str", choices=["flood", "opt-flood"]),
ipv6_l3_unknown_multicast=dict(type="str",
choices=["flood", "opt-flood"]),
limit_ip_learn=dict(type="bool"),
mac_address=dict(type="str", aliases=["mac"]),
multi_dest=dict(type="str",
choices=["bd-flood", "drop", "encap-flood"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
vrf=dict(type="str", aliases=["vrf_name"]),
route_profile=dict(type="str"),
route_profile_l3out=dict(type="str"),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["bd", "tenant"]],
["state", "present", ["bd", "tenant"]],
],
)
aci = ACIModule(module)
arp_flooding = aci.boolean(module.params.get("arp_flooding"))
bd = module.params.get("bd")
bd_type = module.params.get("bd_type")
if bd_type == "ethernet":
# ethernet type is represented as regular, but that is not clear to the users
bd_type = "regular"
description = module.params.get("description")
enable_multicast = aci.boolean(module.params.get("enable_multicast"))
enable_routing = aci.boolean(module.params.get("enable_routing"))
endpoint_clear = aci.boolean(module.params.get("endpoint_clear"))
endpoint_move_detect = module.params.get("endpoint_move_detect")
if endpoint_move_detect == "default":
# the ACI default setting is an empty string, but that is not a good input value
endpoint_move_detect = ""
endpoint_retention_action = module.params.get("endpoint_retention_action")
endpoint_retention_policy = module.params.get("endpoint_retention_policy")
igmp_snoop_policy = module.params.get("igmp_snoop_policy")
ip_learning = aci.boolean(module.params.get("ip_learning"))
ipv6_nd_policy = module.params.get("ipv6_nd_policy")
l2_unknown_unicast = module.params.get("l2_unknown_unicast")
l3_unknown_multicast = module.params.get("l3_unknown_multicast")
ipv6_l3_unknown_multicast = module.params.get("ipv6_l3_unknown_multicast")
limit_ip_learn = aci.boolean(module.params.get("limit_ip_learn"))
mac_address = module.params.get("mac_address")
multi_dest = module.params.get("multi_dest")
state = module.params.get("state")
tenant = module.params.get("tenant")
vrf = module.params.get("vrf")
route_profile = module.params.get("route_profile")
route_profile_l3out = module.params.get("route_profile_l3out")
name_alias = module.params.get("name_alias")
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvBD",
aci_rn="BD-{0}".format(bd),
module_object=bd,
target_filter={"name": bd},
),
child_classes=[
"fvRsCtx", "fvRsIgmpsn", "fvRsBDToNdP", "fvRsBdToEpRet",
"fvRsBDToProfile"
],
)
aci.get_existing()
if state == "present":
class_config = dict(
arpFlood=arp_flooding,
descr=description,
epClear=endpoint_clear,
epMoveDetectMode=endpoint_move_detect,
ipLearning=ip_learning,
limitIpLearnToSubnets=limit_ip_learn,
mac=mac_address,
mcastAllow=enable_multicast,
multiDstPktAct=multi_dest,
name=bd,
type=bd_type,
unicastRoute=enable_routing,
unkMacUcastAct=l2_unknown_unicast,
unkMcastAct=l3_unknown_multicast,
nameAlias=name_alias,
)
if ipv6_l3_unknown_multicast is not None:
class_config["v6unkMcastAct"] = ipv6_l3_unknown_multicast
aci.payload(
aci_class="fvBD",
class_config=class_config,
child_configs=[
{
"fvRsCtx": {
"attributes": {
"tnFvCtxName": vrf
}
}
},
{
"fvRsIgmpsn": {
"attributes": {
"tnIgmpSnoopPolName": igmp_snoop_policy
}
}
},
{
"fvRsBDToNdP": {
"attributes": {
"tnNdIfPolName": ipv6_nd_policy
}
}
},
{
"fvRsBdToEpRet": {
"attributes": {
"resolveAct": endpoint_retention_action,
"tnFvEpRetPolName": endpoint_retention_policy
}
}
},
{
"fvRsBDToProfile": {
"attributes": {
"tnL3extOutName": route_profile_l3out,
"tnRtctrlProfileName": route_profile
}
}
},
],
)
aci.get_diff(aci_class="fvBD")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str", aliases=["interface_name"]),
destination_tenant=dict(type="str"),
description=dict(type="str", aliases=["descr"]),
tenant=dict(type="str", aliases=["tenant_name"]),
contract=dict(type="str", aliases=["contract_name"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name", "destination_tenant", "tenant", "contract"]],
["state", "present", ["name", "destination_tenant", "tenant", "contract"]],
],
)
name = module.params.get("name")
destination_tenant = module.params.get("destination_tenant")
description = module.params.get("description")
tenant = module.params.get("tenant")
contract = module.params.get("contract")
state = module.params.get("state")
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(destination_tenant),
module_object=destination_tenant,
target_filter={"name": destination_tenant},
),
subclass_1=dict(
aci_class="vzCPIf",
aci_rn="cif-{0}".format(name),
module_object=name,
target_filter={"name": name},
),
child_classes=["vzRsIf"],
)
aci.get_existing()
if state == "present":
child_configs = [dict(vzRsIf=dict(attributes=dict(tDn="uni/tn-{0}/brc-{1}".format(tenant, contract))))]
aci.payload(aci_class="vzCPIf", class_config=dict(name=name, descr=description), child_configs=child_configs)
aci.get_diff(aci_class="vzCPIf")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update({
"description":
dict(type="str"),
"expressions":
dict(type="list", elements="dict", options=expression_spec()),
"name":
dict(type="str", aliases=["selector", "selector_name"]),
"tenant":
dict(type="str", required=True),
"ap":
dict(type="str", required=True),
"epg":
dict(type="str", required=True),
"state":
dict(type="str",
default="present",
choices=["absent", "present", "query"]),
})
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["name"]],
["state", "present", ["name"]],
],
)
description = module.params.get("description")
expressions = module.params.get("expressions")
name = module.params.get("name")
tenant = module.params.get("tenant")
ap = module.params.get("ap")
epg = module.params.get("epg")
state = module.params.get("state")
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class={
"aci_class": "fvTenant",
"aci_rn": "tn-{0}".format(tenant),
"target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant),
"module_object": tenant,
},
subclass_1={
"aci_class": "cloudApp",
"aci_rn": "cloudapp-{0}".format(ap),
"target_filter": 'eq(cloudApp.name, "{0}")'.format(ap),
"module_object": ap
},
subclass_2={
"aci_class": "cloudEPg",
"aci_rn": "cloudepg-{0}".format(epg),
"target_filter": 'eq(cloudEPg.name, "{0}")'.format(epg),
"module_object": epg,
},
subclass_3={
"aci_class": "cloudEPSelector",
"aci_rn": "epselector-{0}".format(name),
"target_filter": 'eq(cloudEPSelector.name, "{0}")'.format(name),
"module_object": name,
},
child_classes=[],
)
aci.get_existing()
if state == "present":
expressions_list = []
for expression in expressions:
key = expression.get("key")
operator = expression.get("operator")
if expression.get("value"):
value = "'" + "','".join(
expression.get("value").split(",")) + "'"
else:
value = None
if operator in ["has_key", "does_not_have_key"]:
if value:
module.fail_json(
msg=
"Attribute 'value' is not supported for operator '{0}' in expression '{1}'"
.format(operator, key))
if key in ["ip", "region"]:
module.fail_json(
msg=
"Operator '{0}' is not supported when expression key is '{1}'"
.format(operator, key))
if operator in ["not_in", "in", "equals", "not_equals"
] and not value:
module.fail_json(
msg=
"Attribute 'value' needed for operator '{0}' in expression '{1}'"
.format(operator, key))
if key in ["ip", "region", "zone"]:
key = EXPRESSION_KEYS.get(key)
else:
key = "custom:" + key
if operator in ["not_in", "in"]:
expressions_list.append("{0} {1}({2})".format(
key, EXPRESSION_OPERATORS.get(operator), value))
elif operator in ["equals", "not_equals"]:
expressions_list.append("{0}{1}{2}".format(
key, EXPRESSION_OPERATORS.get(operator), value))
elif operator == "does_not_have_key":
expressions_list.append("!{0}".format(key))
else:
expressions_list.append(key)
matchExpression = ",".join(expressions_list)
aci.payload(
aci_class="cloudEPSelector",
class_config={
"descr": description,
"matchExpression": matchExpression,
"name": name,
},
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudEPSelector")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
tenant=dict(type="str",
aliases=["tenant_name"
]), # Not required for querying all objects
vrf=dict(type="str",
aliases=["context", "name", "vrf_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
policy_control_direction=dict(type="str",
choices=["egress", "ingress"]),
policy_control_preference=dict(type="str",
choices=["enforced", "unenforced"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
preferred_group=dict(type="str", choices=["enabled", "disabled"]),
match_type=dict(type="str",
choices=["all", "at_least_one", "at_most_one",
"none"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["tenant", "vrf"]],
["state", "present", ["tenant", "vrf"]],
],
)
description = module.params.get("description")
policy_control_direction = module.params.get("policy_control_direction")
policy_control_preference = module.params.get("policy_control_preference")
state = module.params.get("state")
tenant = module.params.get("tenant")
vrf = module.params.get("vrf")
name_alias = module.params.get("name_alias")
preferred_group = module.params.get("preferred_group")
match_type = module.params.get("match_type")
if match_type is not None:
match_type = MATCH_TYPE_MAPPING[match_type]
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="fvTenant",
aci_rn="tn-{0}".format(tenant),
module_object=tenant,
target_filter={"name": tenant},
),
subclass_1=dict(
aci_class="fvCtx",
aci_rn="ctx-{0}".format(vrf),
module_object=vrf,
target_filter={"name": vrf},
),
child_classes=["vzAny"],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvCtx",
class_config=dict(
descr=description,
pcEnfDir=policy_control_direction,
pcEnfPref=policy_control_preference,
name=vrf,
nameAlias=name_alias,
),
child_configs=[
dict(vzAny=dict(attributes=dict(prefGrMemb=preferred_group,
matchT=match_type))),
],
)
aci.get_diff(aci_class="fvCtx")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
link_level_policy=dict(type="str", aliases=["name"]),
description=dict(type="str", aliases=["descr"]),
auto_negotiation=dict(type="bool", default="true"),
speed=dict(type="str",
default="inherit",
choices=[
"100M", "1G", "10G", "25G", "40G", "50G", "100G",
"200G", "400G", "inherit"
]),
link_debounce_interval=dict(type="int", default="100"),
forwarding_error_correction=dict(type="str",
default="inherit",
choices=[
"inherit", "kp-fec",
"cl91-rs-fec", "cl74-fc-fec",
"disable-fec", "ieee-rs-fec",
"cons16-rs-fec"
]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["link_level_policy"]],
["state", "present", ["link_level_policy"]],
],
)
aci = ACIModule(module)
link_level_policy = module.params["link_level_policy"]
description = module.params["description"]
auto_negotiation = aci.boolean(module.params["auto_negotiation"], "on",
"off")
speed = module.params["speed"]
link_debounce_interval = module.params["link_debounce_interval"]
if link_debounce_interval is not None and link_debounce_interval not in range(
0, 5001):
module.fail_json(
msg=
'The "link_debounce_interval" must be a value between 0 and 5000')
forwarding_error_correction = module.params["forwarding_error_correction"]
state = module.params["state"]
aci.construct_url(root_class=dict(
aci_class="fabricHIfPol",
aci_rn="infra/hintfpol-{0}".format(link_level_policy),
module_object=link_level_policy,
target_filter={"name": link_level_policy},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fabricHIfPol",
class_config=dict(
name=link_level_policy,
descr=description,
autoNeg=auto_negotiation,
speed=speed,
linkDebounce=link_debounce_interval,
fecMode=forwarding_error_correction,
),
)
aci.get_diff(aci_class="fabricHIfPol")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
address=dict(type="str", aliases=["cidr"]),
description=dict(type="str"),
name_alias=dict(type="str"),
tenant=dict(type="str", required=True),
cloud_context_profile=dict(type="str", required=True),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["address"]],
["state", "present", ["address"]],
],
)
address = module.params.get("address")
description = module.params.get("description")
name_alias = module.params.get("name_alias")
tenant = module.params.get("tenant")
cloud_context_profile = module.params.get("cloud_context_profile")
state = module.params.get("state")
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class=dict(aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), target_filter='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant),
subclass_1=dict(
aci_class="cloudCtxProfile",
aci_rn="ctxprofile-{0}".format(cloud_context_profile),
target_filter='eq(cloudCtxProfile.name, "{0}")'.format(cloud_context_profile),
module_object=cloud_context_profile,
),
subclass_2=dict(
aci_class="cloudCidr", aci_rn="cidr-[{0}]".format(address), target_filter='eq(cloudCidr.addr, "{0}")'.format(address), module_object=address
),
child_classes=[],
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class="cloudCidr",
class_config=dict(
addr=address,
descr=description,
nameAlias=name_alias,
primary="no",
),
child_configs=child_configs,
)
aci.get_diff(aci_class="cloudCidr")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
path=dict(type="str", required=True, aliases=["uri"]),
method=dict(type="str",
default="get",
choices=["delete", "get", "post"],
aliases=["action"]),
src=dict(type="path", aliases=["config_file"]),
content=dict(type="raw"),
)
module = AnsibleModule(
argument_spec=argument_spec,
mutually_exclusive=[["content", "src"]],
)
content = module.params.get("content")
path = module.params.get("path")
src = module.params.get("src")
# Report missing file
file_exists = False
if src:
if os.path.isfile(src):
file_exists = True
else:
module.fail_json(msg="Cannot find/access src '%s'" % src)
# Find request type
if path.find(".xml") != -1:
rest_type = "xml"
if not HAS_LXML_ETREE:
module.fail_json(
msg=
"The lxml python library is missing, or lacks etree support.")
if not HAS_XMLJSON_COBRA:
module.fail_json(
msg=
"The xmljson python library is missing, or lacks cobra support."
)
elif path.find(".json") != -1:
rest_type = "json"
else:
module.fail_json(
msg="Failed to find REST API payload type (neither .xml nor .json)."
)
aci = ACIRESTModule(module)
aci.result["status"] = -1 # Ensure we always return a status
# We include the payload as it may be templated
payload = content
if file_exists:
with open(src, "r") as config_object:
# TODO: Would be nice to template this, requires action-plugin
payload = config_object.read()
payload_output_file = json.loads(payload)
# Validate payload
if rest_type == "json":
if content and isinstance(content, dict):
# Validate inline YAML/JSON
payload = json.dumps(payload)
payload_output_file = json.loads(payload)
elif payload and isinstance(payload, str) and HAS_YAML:
try:
# Validate YAML/JSON string
payload = json.dumps(yaml.safe_load(payload))
payload_output_file = json.loads(payload)
except Exception as e:
module.fail_json(
msg="Failed to parse provided JSON/YAML payload: %s" %
to_text(e),
exception=to_text(e),
payload=payload)
elif rest_type == "xml" and HAS_LXML_ETREE:
if content and isinstance(content, dict) and HAS_XMLJSON_COBRA:
# Validate inline YAML/JSON
payload = etree.tostring(cobra.etree(payload)[0])
elif payload and isinstance(payload, str):
try:
# Validate XML string
payload = etree.tostring(etree.fromstring(payload))
except Exception as e:
module.fail_json(
msg="Failed to parse provided XML payload: %s" %
to_text(e),
payload=payload)
# Perform actual request using auth cookie (Same as aci.request(), but also supports XML)
if "port" in aci.params and aci.params.get("port") is not None:
aci.url = "%(protocol)s://%(host)s:%(port)s/" % aci.params + path.lstrip(
"/")
else:
aci.url = "%(protocol)s://%(host)s/" % aci.params + path.lstrip("/")
if aci.params.get("method") != "get":
path += "?rsp-subtree=modified"
aci.url = update_qsl(aci.url, {"rsp-subtree": "modified"})
# Sign and encode request as to APIC's wishes
if aci.params.get("private_key") is not None:
aci.cert_auth(path=path, payload=payload)
aci.method = aci.params.get("method").upper()
# Perform request
resp, info = fetch_url(module,
aci.url,
data=payload,
headers=aci.headers,
method=aci.method,
timeout=aci.params.get("timeout"),
use_proxy=aci.params.get("use_proxy"))
aci.response = info.get("msg")
aci.status = info.get("status")
# Report failure
if info.get("status") != 200:
try:
# APIC error
aci.response_type(info.get("body"), rest_type)
aci.fail_json(msg="APIC Error %(code)s: %(text)s" % aci.error)
except KeyError:
# Connection error
aci.fail_json(msg="Connection failed for %(url)s. %(msg)s" % info)
aci.response_type(resp.read(), rest_type)
aci.result["imdata"] = aci.imdata
aci.result["totalCount"] = aci.totalCount
if aci.params.get("method") != "get":
output_path = aci.params.get("output_path")
if output_path is not None:
with open(output_path, "a") as output_file:
json.dump([payload_output_file], output_file)
# Report success
aci.exit_json(**aci.result)
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
domain_type=dict(type="str",
required=True,
choices=["fc", "l2dom", "l3dom", "phys", "vmm"],
aliases=["type"]),
domain=dict(type="str",
aliases=["domain_name", "domain_profile",
"name"]), # Not required for querying all objects
dscp=dict(
type="str",
choices=[
"AF11",
"AF12",
"AF13",
"AF21",
"AF22",
"AF23",
"AF31",
"AF32",
"AF33",
"AF41",
"AF42",
"AF43",
"CS0",
"CS1",
"CS2",
"CS3",
"CS4",
"CS5",
"CS6",
"CS7",
"EF",
"VA",
"unspecified",
],
aliases=["target"],
),
encap_mode=dict(type="str", choices=["unknown", "vlan", "vxlan"]),
add_infra_pg=dict(type="bool", aliases=["infra_pg"]),
tag_collection=dict(type="bool"),
multicast_address=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
vm_provider=dict(type="str",
choices=[
"cloudfoundry", "kubernetes", "microsoft",
"openshift", "openstack", "redhat", "vmware"
]),
vswitch=dict(type="str", choices=["avs", "default", "dvs", "unknown"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["domain_type", "vmm", ["vm_provider"]],
["state", "absent", ["domain", "domain_type"]],
["state", "present", ["domain", "domain_type"]],
],
)
dscp = module.params.get("dscp")
domain = module.params.get("domain")
domain_type = module.params.get("domain_type")
encap_mode = module.params.get("encap_mode")
add_infra_pg = BOOL_TO_ACI_MAPPING[module.params.get("add_infra_pg")]
tag_collection = BOOL_TO_ACI_MAPPING[module.params.get("tag_collection")]
multicast_address = module.params.get("multicast_address")
vm_provider = module.params.get("vm_provider")
vswitch = module.params.get("vswitch")
if vswitch is not None:
vswitch = VSWITCH_MAPPING.get(vswitch)
state = module.params.get("state")
name_alias = module.params.get("name_alias")
if domain_type != "vmm":
if vm_provider is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'vm_provider'".
format(domain_type))
if encap_mode is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'encap_mode'".
format(domain_type))
if multicast_address is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'multicast_address'"
.format(domain_type))
if vswitch is not None:
module.fail_json(
msg="Domain type '{0}' cannot have parameter 'vswitch'".format(
domain_type))
if dscp is not None and domain_type not in ["l2dom", "l3dom"]:
module.fail_json(
msg="DSCP values can only be assigned to 'l2ext and 'l3ext' domains"
)
# Compile the full domain for URL building
if domain_type == "fc":
domain_class = "fcDomP"
domain_mo = "uni/fc-{0}".format(domain)
domain_rn = "fc-{0}".format(domain)
elif domain_type == "l2dom":
domain_class = "l2extDomP"
domain_mo = "uni/l2dom-{0}".format(domain)
domain_rn = "l2dom-{0}".format(domain)
elif domain_type == "l3dom":
domain_class = "l3extDomP"
domain_mo = "uni/l3dom-{0}".format(domain)
domain_rn = "l3dom-{0}".format(domain)
elif domain_type == "phys":
domain_class = "physDomP"
domain_mo = "uni/phys-{0}".format(domain)
domain_rn = "phys-{0}".format(domain)
elif domain_type == "vmm":
domain_class = "vmmDomP"
domain_mo = "uni/vmmp-{0}/dom-{1}".format(
VM_PROVIDER_MAPPING.get(vm_provider), domain)
domain_rn = "vmmp-{0}/dom-{1}".format(
VM_PROVIDER_MAPPING.get(vm_provider), domain)
# Ensure that querying all objects works when only domain_type is provided
if domain is None:
domain_mo = None
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class=domain_class,
aci_rn=domain_rn,
module_object=domain_mo,
target_filter={"name": domain},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class=domain_class,
class_config=dict(
encapMode=encap_mode,
mcastAddr=multicast_address,
configInfraPg=add_infra_pg,
enableTag=tag_collection,
mode=vswitch,
name=domain,
targetDscp=dscp,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class=domain_class)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
aep=dict(type="str",
aliases=["name", "aep_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
infra_vlan=dict(type="bool", aliases=["infrastructure_vlan"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["aep"]],
["state", "present", ["aep"]],
],
)
aep = module.params.get("aep")
description = module.params.get("description")
infra_vlan = module.params.get("infra_vlan")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
if infra_vlan:
child_configs = [
dict(infraProvAcc=dict(attributes=dict(name="provacc")))
]
elif infra_vlan is False:
child_configs = [
dict(infraProvAcc=dict(
attributes=dict(name="provacc", status="deleted")))
]
else:
child_configs = []
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class="infraAttEntityP",
aci_rn="infra/attentp-{0}".format(aep),
module_object=aep,
target_filter={"name": aep},
),
child_classes=["infraProvAcc"],
)
aci.get_existing()
try:
if len(aci.existing[0]
["infraAttEntityP"]) == 1 and infra_vlan is False:
child_configs = []
except Exception:
pass
if state == "present":
aci.payload(
aci_class="infraAttEntityP",
class_config=dict(
name=aep,
descr=description,
nameAlias=name_alias,
),
child_configs=child_configs,
)
aci.get_diff(aci_class="infraAttEntityP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
name=dict(type="str", aliases=["credential_name", "credential_profile"]),
credential_password=dict(type="str", no_log=True),
credential_username=dict(type="str"),
description=dict(type="str", aliases=["descr"]),
domain=dict(type="str", aliases=["domain_name", "domain_profile"]),
state=dict(type="str", default="present", choices=["absent", "present", "query"]),
vm_provider=dict(type="str", choices=list(VM_PROVIDER_MAPPING.keys())),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["domain"]],
["state", "present", ["domain"]],
],
)
name = module.params.get("name")
credential_password = module.params.get("credential_password")
credential_username = module.params.get("credential_username")
description = module.params.get("description")
domain = module.params.get("domain")
state = module.params.get("state")
vm_provider = module.params.get("vm_provider")
name_alias = module.params.get("name_alias")
credential_class = "vmmUsrAccP"
usracc_mo = "uni/vmmp-{0}/dom-{1}/usracc-{2}".format(VM_PROVIDER_MAPPING.get(vm_provider), domain, name)
usracc_rn = "vmmp-{0}/dom-{1}/usracc-{2}".format(VM_PROVIDER_MAPPING.get(vm_provider), domain, name)
# Ensure that querying all objects works when only domain is provided
if name is None:
usracc_mo = None
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class=credential_class,
aci_rn=usracc_rn,
module_object=usracc_mo,
target_filter={"name": domain, "usracc": name},
),
)
aci.get_existing()
if state == "present":
aci.payload(
aci_class=credential_class,
class_config=dict(
descr=description,
name=name,
pwd=credential_password,
usr=credential_username,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class=credential_class)
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
pool=dict(type="str",
aliases=["name", "pool_name"
]), # Not required for querying all objects
description=dict(type="str", aliases=["descr"]),
pool_allocation_mode=dict(type="str",
aliases=["allocation_mode", "mode"],
choices=["dynamic", "static"]),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["pool"]],
["state", "present", ["pool"]],
],
)
description = module.params.get("description")
pool = module.params.get("pool")
pool_allocation_mode = module.params.get("pool_allocation_mode")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
pool_name = pool
# ACI Pool URL requires the allocation mode for vlan and vsan pools (ex: uni/infra/vlanns-[poolname]-static)
if pool is not None:
if pool_allocation_mode is not None:
pool_name = "[{0}]-{1}".format(pool, pool_allocation_mode)
else:
module.fail_json(
msg=
"ACI requires the 'pool_allocation_mode' when 'pool' is provided"
)
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class="fvnsVlanInstP",
aci_rn="infra/vlanns-{0}".format(pool_name),
module_object=pool,
target_filter={"name": pool},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="fvnsVlanInstP",
class_config=dict(
allocMode=pool_allocation_mode,
descr=description,
name=pool,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="fvnsVlanInstP")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(aci_annotation_spec())
argument_spec.update(aci_owner_spec())
argument_spec.update(
aaa_password=dict(type="str", no_log=True),
aaa_password_lifetime=dict(type="int", no_log=False),
aaa_password_update_required=dict(type="bool", no_log=False),
aaa_user=dict(type="str",
aliases=["name"
]), # Not required for querying all objects
clear_password_history=dict(type="bool", no_log=False),
description=dict(type="str", aliases=["descr"]),
email=dict(type="str"),
enabled=dict(type="bool"),
expiration=dict(type="str"),
expires=dict(type="bool"),
first_name=dict(type="str"),
last_name=dict(type="str"),
phone=dict(type="str"),
state=dict(type="str",
default="present",
choices=["absent", "present", "query"]),
name_alias=dict(type="str"),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
["state", "absent", ["aaa_user"]],
["state", "present", ["aaa_user"]],
["expires", True, ["expiration"]],
],
)
aci = ACIModule(module)
if not HAS_DATEUTIL:
module.fail_json(msg="dateutil required for this module")
aaa_password = module.params.get("aaa_password")
aaa_password_lifetime = module.params.get("aaa_password_lifetime")
aaa_password_update_required = aci.boolean(
module.params.get("aaa_password_update_required"))
aaa_user = module.params.get("aaa_user")
clear_password_history = aci.boolean(
module.params.get("clear_password_history"), "yes", "no")
description = module.params.get("description")
email = module.params.get("email")
enabled = aci.boolean(module.params.get("enabled"), "active", "inactive")
expires = aci.boolean(module.params.get("expires"))
first_name = module.params.get("first_name")
last_name = module.params.get("last_name")
phone = module.params.get("phone")
state = module.params.get("state")
name_alias = module.params.get("name_alias")
expiration = module.params.get("expiration")
if expiration is not None and expiration != "never":
try:
expiration = aci.iso8601_format(
dateutil.parser.parse(expiration).replace(tzinfo=tzutc()))
except Exception as e:
module.fail_json(msg="Failed to parse date format '%s', %s" %
(module.params.get("expiration"), e))
aci.construct_url(root_class=dict(
aci_class="aaaUser",
aci_rn="userext/user-{0}".format(aaa_user),
module_object=aaa_user,
target_filter={"name": aaa_user},
), )
aci.get_existing()
if state == "present":
aci.payload(
aci_class="aaaUser",
class_config=dict(
accountStatus=enabled,
clearPwdHistory=clear_password_history,
descr=description,
email=email,
expiration=expiration,
expires=expires,
firstName=first_name,
lastName=last_name,
name=aaa_user,
phone=phone,
pwd=aaa_password,
pwdLifeTime=aaa_password_lifetime,
pwdUpdateRequired=aaa_password_update_required,
nameAlias=name_alias,
),
)
aci.get_diff(aci_class="aaaUser")
aci.post_config()
elif state == "absent":
aci.delete_config()
aci.exit_json()