def main(): helper = get_connection( template=True, template_stack=True, with_classic_provider_spec=True, argument_spec=dict(name=dict(), ), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=False, required_one_of=helper.required_one_of, ) # Verify imports, build pandevice object tree. parent = helper.get_pandevice_parent(module) name = module.params['name'] if name is None: try: listing = VirtualRouter.refreshall(parent) except PanDeviceError as e: module.fail_json(msg='Failed refreshall: {0}'.format(e)) vrlist = helper.to_module_dict(listing) module.exit_json(changed=False, vrlist=vrlist) vr = VirtualRouter(name) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) spec = helper.to_module_dict(vr) module.exit_json(changed=False, spec=spec)
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) # Verify libs, initialize pandevice object tree. parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for virtual router "{0}"'. format(vr.name)) listing = bgp.findall(BgpDampeningProfile) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'cutoff': module.params['cutoff'], 'reuse': module.params['reuse'], 'max_hold_time': module.params['max_hold_time'], 'decay_half_life_reachable': module.params['decay_half_life_reachable'], 'decay_half_life_unreachable': module.params['decay_half_life_unreachable'], } obj = BgpDampeningProfile(**spec) bgp.add(obj) # Apply the requested state. changed = helper.apply_state(obj, listing, module) # Optional commit. if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json( msg='BGP is not configured on virtual router {0}'.format(vr.name)) listing = bgp.findall(BgpPolicyConditionalAdvertisement) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'used_by': module.params['used_by'], } obj = BgpPolicyConditionalAdvertisement(**spec) bgp.add(obj) # TODO(gfreeman) - Remove this in 2.12. for ansible_param in ('non_exist_filter', 'advertise_filter'): val = module.params[ansible_param] if val is not None: import pickle from base64 import b64decode module.deprecate('Param {0} is deprecated'.format(ansible_param), '2.12') filter_obj = pickle.loads(b64decode(val)) obj.add(filter_obj) changed, diff = helper.apply_state(obj, listing, module) if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, diff=diff, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) # Verify libs are present, get pandevice parent. parent = helper.get_pandevice_parent(module) # Verify the virtual router is present. vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for "{0}"'.format(vr.name)) listing = bgp.findall(BgpPeerGroup) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'aggregated_confed_as_path': module.params['aggregated_confed_as_path'], 'soft_reset_with_stored_info': module.params['soft_reset_with_stored_info'], 'type': module.params['type'], 'export_nexthop': module.params['export_nexthop'], 'import_nexthop': module.params['import_nexthop'], 'remove_private_as': module.params['remove_private_as'], } obj = BgpPeerGroup(**spec) bgp.add(obj) # Apply the state. changed = helper.apply_state(obj, listing, module) # Optional commit. if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for "{0}"'.format(vr.name)) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'address_family_identifier': module.params['address_family_identifier'], 'route_table': module.params['route_table'], 'set_origin': module.params['set_origin'], 'set_med': module.params['set_med'], 'set_local_preference': module.params['set_local_preference'], 'set_as_path_limit': module.params['set_as_path_limit'], 'set_community': module.params['set_community'], 'set_extended_community': module.params['set_extended_community'], 'metric': module.params['metric'], } listing = bgp.findall(BgpRedistributionRule) obj = BgpRedistributionRule(**spec) bgp.add(obj) changed, diff = helper.apply_state(obj, listing, module) if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, diff=diff, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) spec = { 'name': module.params['name'], 'priority': module.params['priority'], 'action': module.params['action'], 'filter_type': module.params['filter_type'], 'filter_interface': module.params['filter_interface'], 'filter_destination': module.params['filter_destination'], 'filter_nexthop': module.params['filter_nexthop'], 'ospf_filter_pathtype': module.params['ospf_filter_pathtype'], 'ospf_filter_area': module.params['ospf_filter_area'], 'ospf_filter_tag': module.params['ospf_filter_tag'], 'bgp_filter_community': module.params['bgp_filter_community'], 'bgp_filter_extended_community': module.params['bgp_filter_extended_community'], } if module.params['type'] == 'ipv4': obj = RedistributionProfile(**spec) else: obj = RedistributionProfileIPv6(**spec) listing = vr.findall(obj.__class__) vr.add(obj) changed = helper.apply_state(obj, listing, module) if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) # TODO(gfreeman) - removed in 2.12 if module.params['replace'] is not None: module.deprecate('Param "replace" is deprecated; please remove it from your playbooks', '2.12') vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP config not yet added to {0}'.format(vr.name)) parent = bgp listing = parent.findall(BgpAuthProfile) commit = module.params['commit'] spec = { 'name': module.params['name'], 'secret': module.params['secret'], } obj = BgpAuthProfile(**spec) parent.add(obj) changed = helper.apply_state(obj, listing, module) if commit and changed: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) # Other params. state = module.params['state'] vr_name = module.params['vr_name'] commit = module.params['commit'] vr = VirtualRouter(vr_name) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) parent = vr # Generate the kwargs for network.Bgp. bgp_params = [ 'enable', 'router_id', 'reject_default_route', 'allow_redist_default_route', 'install_route', 'ecmp_multi_as', 'enforce_first_as', 'local_as' ] bgp_spec = dict((k, module.params[k]) for k in bgp_params) # Generate the kwargs for network.BgpRoutingOptions. bgp_routing_options_params = [ 'as_format', 'always_compare_med', 'deterministic_med_comparison', 'default_local_preference', 'graceful_restart_enable', 'gr_stale_route_time', 'gr_local_restart_time', 'gr_max_peer_restart_time', 'reflector_cluster_id', 'confederation_member_as', 'aggregate_med', ] bgp_routing_options_spec = dict( (k, module.params[k]) for k in bgp_routing_options_params) bgp = Bgp(**bgp_spec) bgp_routing_options = BgpRoutingOptions(**bgp_routing_options_spec) bgp.add(bgp_routing_options) changed = False live_bgp = parent.find('', Bgp) if state == 'present': if live_bgp is None: changed = True parent.add(bgp) if not module.check_mode: try: bgp.create() except PanDeviceError as e: module.fail_json(msg='Failed create: {0}'.format(e)) else: live_options = None other_children = [] options_children = [] for x in live_bgp.children: if x.__class__ == BgpRoutingOptions: live_options = x options_children = x.children x.removeall() else: other_children.append(x) live_bgp.removeall() if live_options is not None: live_bgp.add(live_options) parent.add(bgp) if not live_bgp.equal(bgp): changed = True bgp.extend(other_children) bgp_routing_options.extend(options_children) if not module.check_mode: try: bgp.apply() except PanDeviceError as e: module.fail_json(msg='Failed apply: {0}'.format(e)) else: if live_bgp is not None: changed = True if not module.check_mode: try: live_bgp.delete() except PanDeviceError as e: module.fail_json(msg='Failed delete: {0}'.format(e)) if commit and changed: helper.commit(module) module.exit_json(msg='BGP configuration successful.', changed=changed)
def main(): helper = get_connection( template=True, template_stack=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for virtual router {0}'.format(vr.name)) policy = None if module.params['policy_type'] == 'conditional-advertisement': policy_cls = BgpPolicyConditionalAdvertisement else: policy_cls = BgpPolicyAggregationAddress policy = bgp.find_or_create(module.params['policy_name'], policy_cls) obj_type = None if module.params['filter_type'] == 'non-exist': obj_type = BgpPolicyNonExistFilter elif module.params['filter_type'] == 'advertise': obj_type = BgpPolicyAdvertiseFilter elif module.params['filter_type'] == 'suppress': obj_type = BgpPolicySuppressFilter else: module.fail_json(msg='Unknown filter_type: {0}'.format(module.params['filter_type'])) listing = policy.findall(obj_type) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'match_afi': module.params['match_afi'], 'match_safi': module.params['match_safi'], 'match_route_table': module.params['match_route_table'], 'match_nexthop': module.params['match_nexthop'], 'match_from_peer': module.params['match_from_peer'], 'match_med': module.params['match_med'], 'match_as_path_regex': module.params['match_as_path_regex'], 'match_community_regex': module.params['match_community_regex'], 'match_extended_community_regex': module.params['match_extended_community_regex'], } obj = obj_type(**spec) policy.add(obj) # Handle address prefixes. for x in module.params['address_prefix']: if isinstance(x, dict): if 'name' not in x: module.fail_json(msg='Address prefix dict requires "name": {0}'.format(x)) obj.add(BgpPolicyAddressPrefix( to_text(x['name'], encoding='utf-8', errors='surrogate_or_strict'), None if x.get('exact') is None else module.boolean(x['exact']), )) else: obj.add(BgpPolicyAddressPrefix(to_text(x, encoding='utf-8', errors='surrogate_or_strict'))) if module.params['state'] == 'return-object': module.deprecate('state=return-object is deprecated', '2.12') import pickle from base64 import b64encode obj.parent = None panos_obj = b64encode(pickle.dumps(obj, protocol=pickle.HIGHEST_PROTOCOL)) module.exit_json(msg='returning serialized object', panos_obj=panos_obj) changed = helper.apply_state(obj, listing, module) if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_enabled_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) # Other params. vr_name = module.params['vr_name'] commit = module.params['commit'] vr = VirtualRouter(vr_name) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) parent = vr listing = parent.findall(Bgp) # Generate the kwargs for network.Bgp. bgp_params = [ 'enable', 'router_id', 'reject_default_route', 'allow_redist_default_route', 'install_route', 'ecmp_multi_as', 'enforce_first_as', 'local_as' ] bgp_spec = dict((k, module.params[k]) for k in bgp_params) # Generate the kwargs for network.BgpRoutingOptions. bgp_routing_options_params = [ 'as_format', 'always_compare_med', 'deterministic_med_comparison', 'default_local_preference', 'graceful_restart_enable', 'gr_stale_route_time', 'gr_local_restart_time', 'gr_max_peer_restart_time', 'reflector_cluster_id', 'confederation_member_as', 'aggregate_med', ] bgp_routing_options_spec = dict( (k, module.params[k]) for k in bgp_routing_options_params) bgp = Bgp(**bgp_spec) bgp_routing_options = BgpRoutingOptions(**bgp_routing_options_spec) bgp.add(bgp_routing_options) parent.add(bgp) # Apply the state. changed, diff = helper.apply_state(bgp, listing, module, 'enable') if commit and changed: helper.commit(module) module.exit_json(msg='BGP configuration successful.', changed=changed, diff=diff)
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for "{0}"'.format(vr.name)) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'match_afi': module.params['match_afi'], 'match_safi': module.params['match_safi'], 'match_route_table': module.params['match_route_table'], 'match_nexthop': module.params['match_nexthop'], 'match_from_peer': module.params['match_from_peer'], 'match_med': module.params['match_med'], 'match_as_path_regex': module.params['match_as_path_regex'], 'match_community_regex': module.params['match_community_regex'], 'match_extended_community_regex': module.params['match_extended_community_regex'], 'used_by': module.params['used_by'], 'action': module.params['action'], 'action_local_preference': module.params['action_local_preference'], 'action_med': module.params['action_med'], 'action_nexthop': module.params['action_nexthop'], 'action_origin': module.params['action_origin'], 'action_as_path_limit': module.params['action_as_path_limit'], 'action_as_path_type': module.params['action_as_path_type'], 'action_as_path_prepend_times': module.params['action_as_path_prepend_times'], 'action_community_type': module.params['action_community_type'], 'action_community_argument': module.params['action_community_argument'], 'action_extended_community_type': module.params['action_extended_community_type'], 'action_extended_community_argument': module.params['action_extended_community_argument'], } # Add the correct rule type. if module.params['type'] == 'import': spec['action_dampening'] = module.params['action_dampening'] spec['action_weight'] = module.params['action_weight'] obj = BgpPolicyImportRule(**spec) else: obj = BgpPolicyExportRule(**spec) # Handle address prefixes. for x in module.params['address_prefix']: if isinstance(x, dict): if 'name' not in x: module.fail_json( msg='Address prefix dict requires "name": {0}'.format(x)) obj.add( BgpPolicyAddressPrefix( to_text(x['name'], encoding='utf-8', errors='surrogate_or_strict'), None if x.get('exact') is None else module.boolean(x['exact']), )) else: obj.add( BgpPolicyAddressPrefix( to_text(x, encoding='utf-8', errors='surrogate_or_strict'))) listing = bgp.findall(obj.__class__) bgp.add(obj) # Apply the state. changed, diff = helper.apply_state(obj, listing, module) # Optional commit. if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, diff=diff, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'prefix': module.params['prefix'], 'summary': module.params['summary'], 'as_set': module.params['as_set'], 'attr_local_preference': module.params['attr_local_preference'], 'attr_med': module.params['attr_med'], 'attr_weight': module.params['attr_weight'], 'attr_nexthop': module.params['attr_nexthop'], 'attr_origin': module.params['attr_origin'], 'attr_as_path_limit': module.params['attr_as_path_limit'], 'attr_as_path_type': module.params['attr_as_path_type'], 'attr_as_path_prepend_times': module.params['attr_as_path_prepend_times'], 'attr_community_type': module.params['attr_community_type'], 'attr_community_argument': module.params['attr_community_argument'], 'attr_extended_community_type': module.params['attr_extended_community_type'], 'attr_extended_community_argument': module.params['attr_extended_community_argument'], } obj = BgpPolicyAggregationAddress(**spec) vr_name = module.params['vr_name'] commit = module.params['commit'] vr = VirtualRouter(vr_name) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json(msg='BGP is not configured for "{0}"'.format(vr.name)) listing = bgp.findall(BgpPolicyAggregationAddress) bgp.add(obj) # Apply the desired state. changed, diff = helper.apply_state(obj, listing, module) # Optional: commit. if changed and commit: helper.commit(module) module.exit_json(changed=changed, diff=diff, msg='done')
def main(): helper = get_connection( template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) # Verify libs, setup pandevice object tree. parent = helper.get_pandevice_parent(module) vr = VirtualRouter(module.params['vr_name']) parent.add(vr) try: vr.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) bgp = vr.find('', Bgp) if bgp is None: module.fail_json( msg='BGP is not configured for "{0}".'.format(vr.name)) group = bgp.find(module.params['peer_group'], BgpPeerGroup) if group is None: module.fail_json(msg='BGP peer group does not exist: {0}.'.format( module.params['peer_group'])) listing = group.findall(BgpPeer) spec = { 'name': module.params['name'], 'enable': module.params['enable'], 'peer_as': module.params['peer_as'], 'enable_mp_bgp': module.params['enable_mp_bgp'], 'address_family_identifier': module.params['address_family_identifier'], 'subsequent_address_unicast': module.params['subsequent_address_unicast'], 'subsequent_address_multicast': module.params['subsequent_address_multicast'], 'local_interface': module.params['local_interface'], 'local_interface_ip': module.params['local_interface_ip'], 'peer_address_ip': module.params['peer_address_ip'], 'connection_authentication': module.params['connection_authentication'], 'connection_keep_alive_interval': module.params['connection_keep_alive_interval'], 'connection_min_route_adv_interval': module.params['connection_min_route_adv_interval'], 'connection_multihop': module.params['connection_multihop'], 'connection_open_delay_time': module.params['connection_open_delay_time'], 'connection_hold_time': module.params['connection_hold_time'], 'connection_idle_hold_time': module.params['connection_idle_hold_time'], 'connection_incoming_allow': module.params['connection_incoming_allow'], 'connection_outgoing_allow': module.params['connection_outgoing_allow'], 'connection_incoming_remote_port': module.params['connection_incoming_remote_port'], 'connection_outgoing_local_port': module.params['connection_outgoing_local_port'], 'enable_sender_side_loop_detection': module.params['enable_sender_side_loop_detection'], 'reflector_client': module.params['reflector_client'], 'peering_type': module.params['peering_type'], 'max_prefixes': module.params['max_prefixes'], 'bfd_profile': module.params['bfd_profile'], } obj = BgpPeer(**spec) group.add(obj) changed = helper.apply_state(obj, listing, module) if changed and module.params['commit']: helper.commit(module) module.exit_json(changed=changed, msg='done')