def main(): argument_spec = aci_argument_spec() argument_spec.update( lldp_policy=dict(type='str', require=False, aliases=['name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), receive_state=dict(type='raw'), # Turn into a boolean in v2.9 transmit_state=dict(type='raw'), # Turn into a boolean in v2.9 state=dict(type='str', default='present', choices=['absent', 'present', 'query']), method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['lldp_policy']], ['state', 'present', ['lldp_policy']], ], ) aci = ACIModule(module) lldp_policy = module.params['lldp_policy'] description = module.params['description'] receive_state = aci.boolean(module.params['receive_state'], 'enabled', 'disabled') transmit_state = aci.boolean(module.params['transmit_state'], 'enabled', 'disabled') state = module.params['state'] aci.construct_url( root_class=dict( aci_class='lldpIfPol', aci_rn='infra/lldpIfP-{0}'.format(lldp_policy), filter_target='eq(lldpIfPol.name, "{0}")'.format(lldp_policy), module_object=lldp_policy, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lldpIfPol', class_config=dict( name=lldp_policy, descr=description, adminRxSt=receive_state, adminTxSt=transmit_state, ), ) aci.get_diff(aci_class='lldpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( lldp_policy=dict(type='str', require=False, aliases=['name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), receive_state=dict(type='raw'), # Turn into a boolean in v2.9 transmit_state=dict(type='raw'), # Turn into a boolean in v2.9 state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['lldp_policy']], ['state', 'present', ['lldp_policy']], ], ) aci = ACIModule(module) lldp_policy = module.params['lldp_policy'] description = module.params['description'] receive_state = aci.boolean(module.params['receive_state'], 'enabled', 'disabled') transmit_state = aci.boolean(module.params['transmit_state'], 'enabled', 'disabled') state = module.params['state'] aci.construct_url( root_class=dict( aci_class='lldpIfPol', aci_rn='infra/lldpIfP-{0}'.format(lldp_policy), filter_target='eq(lldpIfPol.name, "{0}")'.format(lldp_policy), module_object=lldp_policy, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lldpIfPol', class_config=dict( name=lldp_policy, descr=description, adminRxSt=receive_state, adminTxSt=transmit_state, ), ) aci.get_diff(aci_class='lldpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( mcp=dict(type='str', aliases=['mcp_interface', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), admin_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['mcp']], ['state', 'present', ['mcp']], ], ) aci = ACIModule(module) mcp = module.params.get('mcp') description = module.params.get('description') admin_state = aci.boolean(module.params.get('admin_state'), 'enabled', 'disabled') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='mcpIfPol', aci_rn='infra/mcpIfP-{0}'.format(mcp), module_object=mcp, target_filter={'name': mcp}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='mcpIfPol', class_config=dict( name=mcp, descr=description, adminSt=admin_state, nameAlias=name_alias, ), ) aci.get_diff(aci_class='mcpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( cdp_policy=dict(type='str', required=False, aliases=['cdp_interface', 'name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), admin_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['cdp_policy']], ['state', 'present', ['cdp_policy']], ], ) aci = ACIModule(module) cdp_policy = module.params['cdp_policy'] description = module.params['description'] admin_state = aci.boolean(module.params['admin_state'], 'enabled', 'disabled') state = module.params['state'] aci.construct_url(root_class=dict( aci_class='cdpIfPol', aci_rn='infra/cdpIfP-{0}'.format(cdp_policy), module_object=cdp_policy, target_filter={'name': cdp_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='cdpIfPol', class_config=dict( name=cdp_policy, descr=description, adminSt=admin_state, ), ) aci.get_diff(aci_class='cdpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2_policy=dict(type='str', required=False, aliases=['name']), # Not required for querying all policies description=dict(type='str', aliases=['descr']), vlan_scope=dict(type='str', choices=['global', 'portlocal']), # No default provided on purpose qinq=dict(type='str', choices=['core', 'disabled', 'edge']), vepa=dict(type='raw'), # Turn into a boolean in v2.9 state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2_policy']], ['state', 'present', ['l2_policy']], ], ) aci = ACIModule(module) l2_policy = module.params['l2_policy'] vlan_scope = module.params['vlan_scope'] qinq = module.params['qinq'] if qinq is not None: qinq = QINQ_MAPPING[qinq] vepa = aci.boolean(module.params['vepa'], 'enabled', 'disabled') description = module.params['description'] state = module.params['state'] aci.construct_url( root_class=dict( aci_class='l2IfPol', aci_rn='infra/l2IfP-{0}'.format(l2_policy), module_object=l2_policy, target_filter={'name': l2_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2IfPol', class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, ), ) aci.get_diff(aci_class='l2IfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( mcp=dict(type='str', required=False, aliases=['mcp_interface', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), admin_state=dict(type='raw'), # Turn into a boolean in v2.9 state=dict(type='str', default='present', choices=['absent', 'present', 'query']), method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['mcp']], ['state', 'present', ['mcp']], ], ) aci = ACIModule(module) mcp = module.params['mcp'] description = module.params['description'] admin_state = aci.boolean(module.params['admin_state'], 'enabled', 'disabled') state = module.params['state'] aci.construct_url(root_class=dict( aci_class='mcpIfPol', aci_rn='infra/mcpIfP-{0}'.format(mcp), filter_target='eq(mcpIfPol.name, "{0}")'.format(mcp), module_object=mcp, ), ) aci.get_existing() if state == 'present': # Filter out module parameters with null values aci.payload( aci_class='mcpIfPol', class_config=dict( name=mcp, descr=description, adminSt=admin_state, ), ) # Generate config diff which will be used as POST request body aci.get_diff(aci_class='mcpIfPol') # Submit changes if module not in check_mode and the proposed is different than existing aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( epg=dict(type='str', aliases=['epg_name', 'name']), # Not required for querying all objects bd=dict(type='str', aliases=['bd_name', 'bridge_domain']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), intra_epg_isolation=dict(choices=['enforced', 'unenforced']), fwd_control=dict(type='str', choices=['none', 'proxy-arp']), preferred_group=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['ap', 'epg', 'tenant']], ['state', 'present', ['ap', 'epg', 'tenant']], ], ) aci = ACIModule(module) epg = module.params['epg'] bd = module.params['bd'] description = module.params['description'] priority = module.params['priority'] intra_epg_isolation = module.params['intra_epg_isolation'] fwd_control = module.params['fwd_control'] preferred_group = aci.boolean(module.params['preferred_group'], 'include', 'exclude') state = module.params['state'] tenant = module.params['tenant'] ap = module.params['ap'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), filter_target='eq(fvAp.name, "{0}")'.format(ap), module_object=ap, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), filter_target='eq(fvAEPg.name, "{0}")'.format(epg), module_object=epg, ), child_classes=['fvRsBd'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvAEPg', class_config=dict( name=epg, descr=description, prio=priority, pcEnfPref=intra_epg_isolation, fwdCtrl=fwd_control, prefGrMemb=preferred_group, ), child_configs=[ dict(fvRsBd=dict(attributes=dict(tnFvBDName=bd))), ], ) aci.get_diff(aci_class='fvAEPg') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( bd=dict(type='str', aliases=['bd_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), enable_vip=dict(type='bool'), gateway=dict(type='str', aliases=['gateway_ip']), # Not required for querying all objects mask=dict(type='int', aliases=['subnet_mask']), # Not required for querying all objects subnet_name=dict(type='str', aliases=['name']), nd_prefix_policy=dict(type='str'), preferred=dict(type='bool'), route_profile=dict(type='str'), route_profile_l3_out=dict(type='str'), scope=dict(type='list', choices=['private', 'public', 'shared']), subnet_control=dict(type='str', choices=['nd_ra', 'no_gw', 'querier_ip', 'unspecified']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_together=[['gateway', 'mask']], required_if=[ ['state', 'present', ['bd', 'gateway', 'mask', 'tenant']], ['state', 'absent', ['bd', 'gateway', 'mask', 'tenant']], ], ) aci = ACIModule(module) description = module.params['description'] enable_vip = aci.boolean(module.params['enable_vip']) tenant = module.params['tenant'] bd = module.params['bd'] gateway = module.params['gateway'] mask = module.params['mask'] if mask is not None and mask not in range(0, 129): # TODO: split checkes between IPv4 and IPv6 Addresses module.fail_json(msg='Valid Subnet Masks are 0 to 32 for IPv4 Addresses and 0 to 128 for IPv6 addresses') if gateway is not None: gateway = '{0}/{1}'.format(gateway, str(mask)) subnet_name = module.params['subnet_name'] nd_prefix_policy = module.params['nd_prefix_policy'] preferred = aci.boolean(module.params['preferred']) route_profile = module.params['route_profile'] route_profile_l3_out = module.params['route_profile_l3_out'] scope = module.params['scope'] if 'private' in scope and 'public' in scope: module.fail_json(msg="Parameter 'scope' cannot be both 'private' and 'public', got: %s" % scope) else: scope = ','.join(sorted(scope)) state = module.params['state'] subnet_control = module.params['subnet_control'] if subnet_control: subnet_control = SUBNET_CONTROL_MAPPING[subnet_control] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), filter_target='eq(fvBD.name, "{0}")'.format(bd), module_object=bd, ), subclass_2=dict( aci_class='fvSubnet', aci_rn='subnet-[{0}]'.format(gateway), filter_target='eq(fvSubnet.ip, "{0}")'.format(gateway), module_object=gateway, ), child_classes=['fvRsBDSubnetToProfile', 'fvRsNdPfxPol'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvSubnet', class_config=dict( ctrl=subnet_control, descr=description, ip=gateway, name=subnet_name, preferred=preferred, scope=scope, virtual=enable_vip, ), child_configs=[ {'fvRsBDSubnetToProfile': {'attributes': {'tnL3extOutName': route_profile_l3_out, 'tnRtctrlProfileName': route_profile}}}, {'fvRsNdPfxPol': {'attributes': {'tnNdPfxPolName': nd_prefix_policy}}}, ], ) aci.get_diff(aci_class='fvSubnet') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( bd=dict(type='str', aliases=['bd_name']), description=dict(type='str', aliases=['descr']), enable_vip=dict(type='bool'), gateway=dict(type='str', aliases=['gateway_ip']), mask=dict(type='int', aliases=['subnet_mask']), subnet_name=dict(type='str', aliases=['name']), nd_prefix_policy=dict(type='str'), preferred=dict(type='bool'), route_profile=dict(type='str'), route_profile_l3_out=dict(type='str'), scope=dict( type='list', choices=[['private'], ['public'], ['shared'], ['private', 'shared'], ['shared', 'private'], ['public', 'shared'], ['shared', 'public']], ), subnet_control=dict( type='str', choices=['nd_ra', 'no_gw', 'querier_ip', 'unspecified']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_together=[['gateway', 'mask']], required_if=[ ['state', 'present', ['bd', 'gateway', 'mask', 'tenant']], ['state', 'absent', ['bd', 'gateway', 'mask', 'tenant']], ], ) aci = ACIModule(module) description = module.params['description'] enable_vip = aci.boolean(module.params['enable_vip']) tenant = module.params['tenant'] bd = module.params['bd'] gateway = module.params['gateway'] mask = module.params['mask'] if mask is not None and mask not in range(0, 129): # TODO: split checkes between IPv4 and IPv6 Addresses module.fail_json( msg= 'Valid Subnet Masks are 0 to 32 for IPv4 Addresses and 0 to 128 for IPv6 addresses' ) if gateway is not None: gateway = '{0}/{1}'.format(gateway, str(mask)) subnet_name = module.params['subnet_name'] nd_prefix_policy = module.params['nd_prefix_policy'] preferred = aci.boolean(module.params['preferred']) route_profile = module.params['route_profile'] route_profile_l3_out = module.params['route_profile_l3_out'] scope = module.params['scope'] if scope: if len(scope) == 1: scope = scope[0] elif 'public' in scope: scope = 'public,shared' else: scope = 'private,shared' state = module.params['state'] subnet_control = module.params['subnet_control'] if subnet_control: subnet_control = SUBNET_CONTROL_MAPPING[subnet_control] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), filter_target='eq(fvBD.name, "{0}")'.format(bd), module_object=bd, ), subclass_2=dict( aci_class='fvSubnet', aci_rn='subnet-[{0}]'.format(gateway), filter_target='eq(fvSubnet.ip, "{0}")'.format(gateway), module_object=gateway, ), child_classes=['fvRsBDSubnetToProfile', 'fvRsNdPfxPol'], ) aci.get_existing() if state == 'present': # Filter out module params with null values aci.payload( aci_class='fvSubnet', class_config=dict( ctrl=subnet_control, descr=description, ip=gateway, name=subnet_name, preferred=preferred, scope=scope, virtual=enable_vip, ), child_configs=[ { 'fvRsBDSubnetToProfile': { 'attributes': { 'tnL3extOutName': route_profile_l3_out, 'tnRtctrlProfileName': route_profile } } }, { 'fvRsNdPfxPol': { 'attributes': { 'tnNdPfxPolName': nd_prefix_policy } } }, ], ) # Generate config diff which will be used as POST request body aci.get_diff(aci_class='fvSubnet') # Submit changes if module not in check_mode and the proposed is different than existing aci.post_config() elif state == 'absent': aci.delete_config() module.exit_json(**aci.result)
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name']), subject=dict(type='str', aliases=['contract_subject', 'name', 'subject_name']), tenant=dict(type='str', aliases=['tenant_name']), priority=dict(type='str', choices=['unspecified', 'level1', 'level2', 'level3']), reverse_filter=dict(type='bool'), dscp=dict(type='str', aliases=['target']), description=dict(type='str', aliases=['descr']), consumer_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), provider_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), directive=dict( type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 filter=dict(type='str', aliases=['filter_name'], removed_in_version='2.4'), # Deprecated starting from v2.4 method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'subject', 'tenant']], ['state', 'present', ['contract', 'subject', 'tenant']], ], ) aci = ACIModule(module) subject = module.params['subject'] priority = module.params['priority'] reverse_filter = aci.boolean(module.params['reverse_filter']) contract = module.params['contract'] dscp = module.params['dscp'] description = module.params['description'] filter_name = module.params['filter'] directive = module.params['directive'] consumer_match = module.params['consumer_match'] if consumer_match is not None: consumer_match = MATCH_MAPPING[consumer_match] provider_match = module.params['provider_match'] if provider_match is not None: provider_match = MATCH_MAPPING[provider_match] state = module.params['state'] tenant = module.params['tenant'] if directive is not None or filter_name is not None: module.fail_json( msg= "Managing Contract Subjects to Filter bindings has been moved to module 'aci_subject_bind_filter'" ) aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), filter_target='eq(vzBrCP.name, "{0}")'.format(contract), module_object=contract, ), subclass_2=dict( aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), filter_target='eq(vzSubj.name, "{0}")'.format(subject), module_object=subject, ), ) aci.get_existing() if state == 'present': # Filter out module parameters with null values aci.payload( aci_class='vzSubj', class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, ), ) # Generate config diff which will be used as POST request body aci.get_diff(aci_class='vzSubj') # Submit changes if module not in check_mode and the proposed is different than existing aci.post_config() elif state == 'absent': aci.delete_config() module.exit_json(**aci.result)
def main(): argument_spec = aci_argument_spec() argument_spec.update( bd=dict(type='str', aliases=['bd_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), enable_vip=dict(type='bool'), gateway=dict(type='str', aliases=['gateway_ip']), # Not required for querying all objects mask=dict(type='int', aliases=['subnet_mask']), # Not required for querying all objects subnet_name=dict(type='str', aliases=['name']), nd_prefix_policy=dict(type='str'), preferred=dict(type='bool'), route_profile=dict(type='str'), route_profile_l3_out=dict(type='str'), scope=dict(type='list', choices=['private', 'public', 'shared']), subnet_control=dict(type='str', choices=['nd_ra', 'no_gw', 'querier_ip', 'unspecified']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_together=[['gateway', 'mask']], required_if=[ ['state', 'present', ['bd', 'gateway', 'mask', 'tenant']], ['state', 'absent', ['bd', 'gateway', 'mask', 'tenant']], ], ) aci = ACIModule(module) description = module.params['description'] enable_vip = aci.boolean(module.params['enable_vip']) tenant = module.params['tenant'] bd = module.params['bd'] gateway = module.params['gateway'] mask = module.params['mask'] if mask is not None and mask not in range(0, 129): # TODO: split checkes between IPv4 and IPv6 Addresses module.fail_json(msg='Valid Subnet Masks are 0 to 32 for IPv4 Addresses and 0 to 128 for IPv6 addresses') if gateway is not None: gateway = '{0}/{1}'.format(gateway, str(mask)) subnet_name = module.params['subnet_name'] nd_prefix_policy = module.params['nd_prefix_policy'] preferred = aci.boolean(module.params['preferred']) route_profile = module.params['route_profile'] route_profile_l3_out = module.params['route_profile_l3_out'] scope = module.params['scope'] if isinstance(scope, SEQUENCETYPE): if 'private' in scope and 'public' in scope: module.fail_json(msg="Parameter 'scope' cannot be both 'private' and 'public', got: %s" % scope) else: scope = ','.join(sorted(scope)) state = module.params['state'] subnet_control = module.params['subnet_control'] if subnet_control: subnet_control = SUBNET_CONTROL_MAPPING[subnet_control] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), filter_target='eq(fvBD.name, "{0}")'.format(bd), module_object=bd, ), subclass_2=dict( aci_class='fvSubnet', aci_rn='subnet-[{0}]'.format(gateway), filter_target='eq(fvSubnet.ip, "{0}")'.format(gateway), module_object=gateway, ), child_classes=['fvRsBDSubnetToProfile', 'fvRsNdPfxPol'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvSubnet', class_config=dict( ctrl=subnet_control, descr=description, ip=gateway, name=subnet_name, preferred=preferred, scope=scope, virtual=enable_vip, ), child_configs=[ {'fvRsBDSubnetToProfile': {'attributes': {'tnL3extOutName': route_profile_l3_out, 'tnRtctrlProfileName': route_profile}}}, {'fvRsNdPfxPol': {'attributes': {'tnNdPfxPolName': nd_prefix_policy}}}, ], ) aci.get_diff(aci_class='fvSubnet') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( lldp_policy=dict(type='str', aliases=['name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), receive_state=dict(type='bool'), transmit_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['lldp_policy']], ['state', 'present', ['lldp_policy']], ], ) aci = ACIModule(module) lldp_policy = module.params.get('lldp_policy') description = module.params.get('description') receive_state = aci.boolean(module.params.get('receive_state'), 'enabled', 'disabled') transmit_state = aci.boolean(module.params.get('transmit_state'), 'enabled', 'disabled') state = module.params.get('state') aci.construct_url(root_class=dict( aci_class='lldpIfPol', aci_rn='infra/lldpIfP-{0}'.format(lldp_policy), module_object=lldp_policy, target_filter={'name': lldp_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lldpIfPol', class_config=dict( name=lldp_policy, descr=description, adminRxSt=receive_state, adminTxSt=transmit_state, ), ) aci.get_diff(aci_class='lldpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2_policy=dict(type='str', required=False, aliases=['name']), # Not required for querying all policies description=dict(type='str', aliases=['descr']), vlan_scope=dict(type='str', choices=['global', 'portlocal']), # No default provided on purpose qinq=dict(type='str', choices=['core', 'disabled', 'edge']), vepa=dict(type='raw'), # Turn into a boolean in v2.9 state=dict(type='str', default='present', choices=['absent', 'present', 'query']), method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2_policy']], ['state', 'present', ['l2_policy']], ], ) aci = ACIModule(module) l2_policy = module.params['l2_policy'] vlan_scope = module.params['vlan_scope'] qinq = module.params['qinq'] if qinq is not None: qinq = QINQ_MAPPING[qinq] vepa = aci.boolean(module.params['vepa'], 'enabled', 'disabled') description = module.params['description'] state = module.params['state'] aci.construct_url( root_class=dict( aci_class='l2IfPol', aci_rn='infra/l2IfP-{0}'.format(l2_policy), filter_target='eq(l2IfPol.name, "{0}")'.format(l2_policy), module_object=l2_policy, ), ) aci.get_existing() if state == 'present': # Filter out module parameters with null values aci.payload( aci_class='l2IfPol', class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, ), ) # Generate config diff which will be used as POST request body aci.get_diff(aci_class='l2IfPol') # Submit changes if module not in check_mode and the proposed is different than existing aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flooding=dict(type='bool'), bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects bd_type=dict(type='str', choices=['ethernet', 'fc']), description=dict(type='str'), enable_multicast=dict(type='bool'), enable_routing=dict(type='bool'), endpoint_clear=dict(type='bool'), endpoint_move_detect=dict(type='str', choices=['default', 'garp']), endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']), endpoint_retention_policy=dict(type='str'), igmp_snoop_policy=dict(type='str'), ip_learning=dict(type='bool'), ipv6_nd_policy=dict(type='str'), l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']), l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']), limit_ip_learn=dict(type='bool'), mac_address=dict(type='str', aliases=['mac']), multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects vrf=dict(type='str', aliases=['vrf_name']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['bd', 'tenant']], ['state', 'present', ['bd', 'tenant']], ], ) aci = ACIModule(module) arp_flooding = aci.boolean(module.params['arp_flooding']) bd = module.params['bd'] bd_type = module.params['bd_type'] if bd_type == 'ethernet': # ethernet type is represented as regular, but that is not clear to the users bd_type = 'regular' description = module.params['description'] enable_multicast = aci.boolean(module.params['enable_multicast']) enable_routing = aci.boolean(module.params['enable_routing']) endpoint_clear = aci.boolean(module.params['endpoint_clear']) endpoint_move_detect = module.params['endpoint_move_detect'] if endpoint_move_detect == 'default': # the ACI default setting is an empty string, but that is not a good input value endpoint_move_detect = '' endpoint_retention_action = module.params['endpoint_retention_action'] endpoint_retention_policy = module.params['endpoint_retention_policy'] igmp_snoop_policy = module.params['igmp_snoop_policy'] ip_learning = aci.boolean(module.params['ip_learning']) ipv6_nd_policy = module.params['ipv6_nd_policy'] l2_unknown_unicast = module.params['l2_unknown_unicast'] l3_unknown_multicast = module.params['l3_unknown_multicast'] limit_ip_learn = aci.boolean(module.params['limit_ip_learn']) mac_address = module.params['mac_address'] multi_dest = module.params['multi_dest'] state = module.params['state'] tenant = module.params['tenant'] vrf = module.params['vrf'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), module_object=bd, target_filter={'name': bd}, ), child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvBD', class_config=dict( arpFlood=arp_flooding, descr=description, epClear=endpoint_clear, epMoveDetectMode=endpoint_move_detect, ipLearning=ip_learning, limitIpLearnToSubnets=limit_ip_learn, mac=mac_address, mcastAllow=enable_multicast, multiDstPktAct=multi_dest, name=bd, type=bd_type, unicastRoute=enable_routing, unkMacUcastAct=l2_unknown_unicast, unkMcastAct=l3_unknown_multicast, ), child_configs=[ {'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}}, {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}}, {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}}, {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}}, ], ) aci.get_diff(aci_class='fvBD') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects l3out=dict(type='str', aliases=['l3out_name' ]), # Not required for querying all objects extepg=dict(type='str', aliases=['extepg_name', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), preferred_group=dict(type='bool'), dscp=dict(type='str', choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ], aliases=['target']), state=dict(type='str', default='present', choices=['absent', 'present', 'query'])) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'present', ['extepg', 'l3out', 'tenant']], ['state', 'absent', ['extepg', 'l3out', 'tenant']], ], ) aci = ACIModule(module) tenant = module.params.get('tenant') l3out = module.params.get('l3out') extepg = module.params.get('extepg') description = module.params.get('description') preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude') dscp = module.params.get('dscp') state = module.params.get('state') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l3extOut', aci_rn='out-{0}'.format(l3out), module_object=l3out, target_filter={'name': l3out}, ), subclass_2=dict( aci_class='l3extInstP', aci_rn='instP-{0}'.format(extepg), module_object=extepg, target_filter={'name': extepg}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l3extInstP', class_config=dict(name=extepg, descr=description, prefGrMemb=preferred_group, targetDscp=dscp), ) aci.get_diff(aci_class='l3extInstP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( description=dict(type='str', aliases=['descr']), export_policy=dict(type='str', aliases=['name']), # Not required for querying all objects format=dict(type='str', choices=['json', 'xml']), include_secure=dict(type='bool'), max_count=dict(type='int'), snapshot=dict(type='str'), state=dict(type='str', choices=['absent', 'present', 'query'], default='present'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ ['state', 'absent', ['export_policy', 'snapshot']], ['state', 'present', ['export_policy']], ], ) aci = ACIModule(module) description = module.params['description'] export_policy = module.params['export_policy'] file_format = module.params['format'] include_secure = aci.boolean(module.params['include_secure']) max_count = module.params['max_count'] if max_count is not None: if max_count in range(1, 11): max_count = str(max_count) else: module.fail_json(msg="Parameter 'max_count' must be a number between 1 and 10") snapshot = module.params['snapshot'] if snapshot is not None and not snapshot.startswith('run-'): snapshot = 'run-' + snapshot state = module.params['state'] if state == 'present': aci.construct_url( root_class=dict( aci_class='configExportP', aci_rn='fabric/configexp-{0}'.format(export_policy), filter_target='eq(configExportP.name, "{0}")'.format(export_policy), module_object=export_policy, ), ) aci.get_existing() aci.payload( aci_class='configExportP', class_config=dict( adminSt='triggered', descr=description, format=file_format, includeSecureFields=include_secure, maxSnapshotCount=max_count, name=export_policy, snapshot='yes', ), ) aci.get_diff('configExportP') # Create a new Snapshot aci.post_config() else: # Prefix the proper url to export_policy if export_policy is not None: export_policy = 'uni/fabric/configexp-{0}'.format(export_policy) aci.construct_url( root_class=dict( aci_class='configSnapshotCont', aci_rn='backupst/snapshots-[{0}]'.format(export_policy), filter_target='(configSnapshotCont.name, "{0}")'.format(export_policy), module_object=export_policy, ), subclass_1=dict( aci_class='configSnapshot', aci_rn='snapshot-{0}'.format(snapshot), filter_target='eq(configSnapshot.name, "{0}")'.format(snapshot), module_object=snapshot, ), ) aci.get_existing() if state == 'absent': # Build POST request to used to remove Snapshot aci.payload( aci_class='configSnapshot', class_config=dict( name=snapshot, retire="yes", ), ) if aci.existing: aci.get_diff('configSnapshot') # Mark Snapshot for Deletion aci.post_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( aaa_password=dict(type='str', no_log=True), aaa_password_lifetime=dict(type='int'), aaa_password_update_required=dict(type='bool'), aaa_user=dict(type='str', required=True, aliases=['name']), # Not required for querying all objects clear_password_history=dict(type='bool'), description=dict(type='str', aliases=['descr']), email=dict(type='str'), enabled=dict(type='bool'), expiration=dict(type='str'), expires=dict(type='bool'), first_name=dict(type='str'), last_name=dict(type='str'), phone=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['aaa_user']], ['state', 'present', ['aaa_user']], ['expires', True, ['expiration']], ], ) aci = ACIModule(module) if not HAS_DATEUTIL: module.fail_json(msg='dateutil required for this module') aaa_password = module.params['aaa_password'] aaa_password_lifetime = module.params['aaa_password_lifetime'] aaa_password_update_required = aci.boolean(module.params['aaa_password_update_required']) aaa_user = module.params['aaa_user'] clear_password_history = module.params['clear_password_history'] description = module.params['description'] email = module.params['email'] enabled = aci.boolean(module.params['enabled'], 'active', 'inactive') expires = aci.boolean(module.params['expires']) first_name = module.params['first_name'] last_name = module.params['last_name'] phone = module.params['phone'] state = module.params['state'] expiration = module.params['expiration'] if expiration is not None and expiration != 'never': try: expiration = aci.iso8601_format(dateutil.parser.parse(expiration).replace(tzinfo=tzutc())) except Exception as e: module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params['expiration'], e)) aci.construct_url( root_class=dict( aci_class='aaaUser', aci_rn='userext/user-{0}'.format(aaa_user), filter_target='eq(aaaUser.name, "{0}")'.format(aaa_user), module_object=aaa_user, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='aaaUser', class_config=dict( accountStatus=enabled, clearPwdHistory=clear_password_history, email=email, expiration=expiration, expires=expires, firstName=first_name, lastName=last_name, name=aaa_user, phone=phone, pwd=aaa_password, pwdLifeTime=aaa_password_lifetime, pwdUpdateRequired=aaa_password_update_required, ), ) aci.get_diff(aci_class='aaaUser') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( compare_export_policy=dict(type='str'), compare_snapshot=dict(type='str'), description=dict(type='str', aliases=['descr']), export_policy=dict(type='str'), fail_on_decrypt=dict(type='bool'), import_mode=dict(type='str', choices=['atomic', 'best-effort']), import_policy=dict(type='str'), import_type=dict(type='str', choices=['merge', 'replace']), snapshot=dict(type='str', required=True), state=dict(type='str', default='rollback', choices=['preview', 'rollback']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ ['state', 'preview', ['compare_export_policy', 'compare_snapshot']], ['state', 'rollback', ['import_policy']], ], ) aci = ACIModule(module) description = module.params['description'] export_policy = module.params['export_policy'] fail_on_decrypt = aci.boolean(module.params['fail_on_decrypt']) import_mode = module.params['import_mode'] import_policy = module.params['import_policy'] import_type = module.params['import_type'] snapshot = module.params['snapshot'] state = module.params['state'] if state == 'rollback': if snapshot.startswith('run-'): snapshot = snapshot.replace('run-', '', 1) if not snapshot.endswith('.tar.gz'): snapshot += '.tar.gz' filename = 'ce2_{0}-{1}'.format(export_policy, snapshot) aci.construct_url( root_class=dict( aci_class='configImportP', aci_rn='fabric/configimp-{0}'.format(import_policy), filter_target='eq(configImportP.name, "{0}")'.format(import_policy), module_object=import_policy, ), ) aci.get_existing() aci.payload( aci_class='configImportP', class_config=dict( adminSt='triggered', descr=description, failOnDecryptErrors=fail_on_decrypt, fileName=filename, importMode=import_mode, importType=import_type, name=import_policy, snapshot='yes', ), ) aci.get_diff(aci_class='configImportP') aci.post_config() elif state == 'preview': aci.url = '%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml' % module.params aci.filter_string = ( '?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&' 's2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s' ) % module.params # Generate rollback comparison get_preview(aci) aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( admin_state=dict(type='raw'), # Turn into a boolean in v2.9 description=dict(type='str', aliases=['descr']), dst_group=dict(type='str'), src_group=dict(type='str', required=False, aliases=['name' ]), # Not required for querying all objects state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', required=False, aliases=['tenant_name' ]), # Not required for querying all objects method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['src_group', 'tenant']], ['state', 'present', ['src_group', 'tenant']], ], ) aci = ACIModule(module) admin_state = aci.boolean(module.params['admin_state'], 'enabled', 'disabled') description = module.params['description'] dst_group = module.params['dst_group'] src_group = module.params['src_group'] state = module.params['state'] tenant = module.params['tenant'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='spanSrcGrp', aci_rn='srcgrp-{0}'.format(src_group), filter_target='eq(spanSrcGrp.name, "{0}")'.format(src_group), module_object=src_group, ), child_classes=['spanSpanLbl'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='spanSrcGrp', class_config=dict( adminSt=admin_state, descr=description, name=src_group, ), child_configs=[{ 'spanSpanLbl': { 'attributes': { 'name': dst_group } } }], ) aci.get_diff(aci_class='spanSrcGrp') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( description=dict(type='str', aliases=['descr']), export_policy=dict( type='str', aliases=['name']), # Not required for querying all objects format=dict(type='str', choices=['json', 'xml']), include_secure=dict(type='bool'), max_count=dict(type='int'), snapshot=dict(type='str'), state=dict(type='str', choices=['absent', 'present', 'query'], default='present'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ ['state', 'absent', ['export_policy', 'snapshot']], ['state', 'present', ['export_policy']], ], ) aci = ACIModule(module) description = module.params['description'] export_policy = module.params['export_policy'] file_format = module.params['format'] include_secure = aci.boolean(module.params['include_secure']) max_count = module.params['max_count'] if max_count is not None: if max_count in range(1, 11): max_count = str(max_count) else: module.fail_json( msg="Parameter 'max_count' must be a number between 1 and 10") snapshot = module.params['snapshot'] if snapshot is not None and not snapshot.startswith('run-'): snapshot = 'run-' + snapshot state = module.params['state'] if state == 'present': aci.construct_url(root_class=dict( aci_class='configExportP', aci_rn='fabric/configexp-{0}'.format(export_policy), filter_target='eq(configExportP.name, "{0}")'.format( export_policy), module_object=export_policy, ), ) aci.get_existing() aci.payload( aci_class='configExportP', class_config=dict( adminSt='triggered', descr=description, format=file_format, includeSecureFields=include_secure, maxSnapshotCount=max_count, name=export_policy, snapshot='yes', ), ) aci.get_diff('configExportP') # Create a new Snapshot aci.post_config() else: # Prefix the proper url to export_policy if export_policy is not None: export_policy = 'uni/fabric/configexp-{0}'.format(export_policy) aci.construct_url( root_class=dict( aci_class='configSnapshotCont', aci_rn='backupst/snapshots-[{0}]'.format(export_policy), filter_target='(configSnapshotCont.name, "{0}")'.format( export_policy), module_object=export_policy, ), subclass_1=dict( aci_class='configSnapshot', aci_rn='snapshot-{0}'.format(snapshot), filter_target='eq(configSnapshot.name, "{0}")'.format( snapshot), module_object=snapshot, ), ) aci.get_existing() if state == 'absent': # Build POST request to used to remove Snapshot aci.payload( aci_class='configSnapshot', class_config=dict( name=snapshot, retire="yes", ), ) if aci.existing: aci.get_diff('configSnapshot') # Mark Snapshot for Deletion aci.post_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( epg=dict(type='str', aliases=['epg_name', 'name']), # Not required for querying all objects bd=dict(type='str', aliases=['bd_name', 'bridge_domain']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name']), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), intra_epg_isolation=dict(choices=['enforced', 'unenforced']), fwd_control=dict(type='str', choices=['none', 'proxy-arp']), preferred_group=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['ap', 'epg', 'tenant']], ['state', 'present', ['ap', 'epg', 'tenant']], ], ) aci = ACIModule(module) epg = module.params['epg'] bd = module.params['bd'] description = module.params['description'] priority = module.params['priority'] intra_epg_isolation = module.params['intra_epg_isolation'] fwd_control = module.params['fwd_control'] preferred_group = aci.boolean(module.params['preferred_group'], 'include', 'exclude') state = module.params['state'] tenant = module.params['tenant'] ap = module.params['ap'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), filter_target='eq(fvAp.name, "{0}")'.format(ap), module_object=ap, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), filter_target='eq(fvAEPg.name, "{0}")'.format(epg), module_object=epg, ), child_classes=['fvRsBd'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvAEPg', class_config=dict( name=epg, descr=description, prio=priority, pcEnfPref=intra_epg_isolation, fwdCtrl=fwd_control, prefGrMemb=preferred_group, ), child_configs=[ dict(fvRsBd=dict(attributes=dict(tnFvBDName=bd))), ], ) aci.get_diff(aci_class='fvAEPg') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( allow_useg=dict(type='str', choices=['encap', 'useg']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name' ]), # Not required for querying all objects deploy_immediacy=dict(type='str', choices=['immediate', 'on-demand']), domain=dict(type='str', aliases=['domain_name', 'domain_profile' ]), # Not required for querying all objects domain_type=dict(type='str', choices=['phys', 'vmm'], aliases=['type' ]), # Not required for querying all objects encap=dict(type='int'), encap_mode=dict(type='str', choices=['auto', 'vlan', 'vxlan']), epg=dict(type='str', aliases=['name', 'epg_name' ]), # Not required for querying all objects netflow=dict(type='raw'), # Turn into a boolean in v2.9 primary_encap=dict(type='int'), resolution_immediacy=dict( type='str', choices=['immediate', 'lazy', 'pre-provision']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects vm_provider=dict(type='str', choices=[ 'cloudfoundry', 'kubernetes', 'microsoft', 'openshift', 'openstack', 'redhat', 'vmware' ]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['domain_type', 'vmm', ['vm_provider']], [ 'state', 'absent', ['ap', 'domain', 'domain_type', 'epg', 'tenant'] ], [ 'state', 'present', ['ap', 'domain', 'domain_type', 'epg', 'tenant'] ], ], ) aci = ACIModule(module) allow_useg = module.params['allow_useg'] ap = module.params['ap'] deploy_immediacy = module.params['deploy_immediacy'] domain = module.params['domain'] domain_type = module.params['domain_type'] vm_provider = module.params['vm_provider'] encap = module.params['encap'] if encap is not None: if encap in range(1, 4097): encap = 'vlan-{0}'.format(encap) else: module.fail_json(msg='Valid VLAN assigments are from 1 to 4096') encap_mode = module.params['encap_mode'] epg = module.params['epg'] netflow = aci.boolean(module.params['netflow'], 'enabled', 'disabled') primary_encap = module.params['primary_encap'] if primary_encap is not None: if primary_encap in range(1, 4097): primary_encap = 'vlan-{0}'.format(primary_encap) else: module.fail_json(msg='Valid VLAN assigments are from 1 to 4096') resolution_immediacy = module.params['resolution_immediacy'] state = module.params['state'] tenant = module.params['tenant'] if domain_type == 'phys' and vm_provider is not None: module.fail_json(msg="Domain type 'phys' cannot have a 'vm_provider'") # Compile the full domain for URL building if domain_type == 'vmm': epg_domain = 'uni/vmmp-{0}/dom-{1}'.format( VM_PROVIDER_MAPPING[vm_provider], domain) elif domain_type is not None: epg_domain = 'uni/phys-{0}'.format(domain) else: epg_domain = None aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), filter_target='eq(fvAp.name, "{0}")'.format(ap), module_object=ap, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), filter_target='eq(fvTenant.name, "{0}")'.format(epg), module_object=epg, ), subclass_3=dict( aci_class='fvRsDomAtt', aci_rn='rsdomAtt-[{0}]'.format(epg_domain), filter_target='eq(fvRsDomAtt.tDn, "{0}")'.format(epg_domain), module_object=epg_domain, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvRsDomAtt', class_config=dict( classPref=allow_useg, encap=encap, encapMode=encap_mode, instrImedcy=deploy_immediacy, netflowPref=netflow, primaryEncap=primary_encap, resImedcy=resolution_immediacy, ), ) aci.get_diff(aci_class='fvRsDomAtt') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flooding=dict(type='bool'), bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects bd_type=dict(type='str', choices=['ethernet', 'fc']), description=dict(type='str'), enable_multicast=dict(type='bool'), enable_routing=dict(type='bool'), endpoint_clear=dict(type='bool'), endpoint_move_detect=dict(type='str', choices=['default', 'garp']), endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']), endpoint_retention_policy=dict(type='str'), igmp_snoop_policy=dict(type='str'), ip_learning=dict(type='bool'), ipv6_nd_policy=dict(type='str'), l2_unknown_unicast=dict(choices=['proxy', 'flood']), l3_unknown_multicast=dict(choices=['flood', 'opt-flood']), limit_ip_learn=dict(type='bool'), mac_address=dict(type='str', aliases=['mac']), multi_dest=dict(choices=['bd-flood', 'drop', 'encap-flood']), state=dict(choices=['absent', 'present', 'query'], type='str', default='present'), tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects vrf=dict(type='str', aliases=['vrf_name']), gateway_ip=dict( type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 scope=dict(type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 subnet_mask=dict( type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 protocol=dict(type='str', removed_in_version='2.6'), # Deprecated in v2.6 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['bd', 'tenant']], ['state', 'present', ['bd', 'tenant']], ], ) aci = ACIModule(module) arp_flooding = aci.boolean(module.params['arp_flooding']) bd = module.params['bd'] bd_type = module.params['bd_type'] if bd_type == 'ethernet': # ethernet type is represented as regular, but that is not clear to the users bd_type = 'regular' description = module.params['description'] enable_multicast = aci.boolean(module.params['enable_multicast']) enable_routing = aci.boolean(module.params['enable_routing']) endpoint_clear = aci.boolean(module.params['endpoint_clear']) endpoint_move_detect = module.params['endpoint_move_detect'] if endpoint_move_detect == 'default': # the ACI default setting is an empty string, but that is not a good input value endpoint_move_detect = '' endpoint_retention_action = module.params['endpoint_retention_action'] endpoint_retention_policy = module.params['endpoint_retention_policy'] igmp_snoop_policy = module.params['igmp_snoop_policy'] ip_learning = aci.boolean(module.params['ip_learning']) ipv6_nd_policy = module.params['ipv6_nd_policy'] l2_unknown_unicast = module.params['l2_unknown_unicast'] l3_unknown_multicast = module.params['l3_unknown_multicast'] limit_ip_learn = aci.boolean(module.params['limit_ip_learn']) mac_address = module.params['mac_address'] multi_dest = module.params['multi_dest'] state = module.params['state'] tenant = module.params['tenant'] vrf = module.params['vrf'] # Give warning when fvSubnet parameters are passed as those have been moved to the aci_subnet module if module.params['gateway_ip'] or module.params[ 'subnet_mask'] or module.params['scope']: module._warnings = [ "The support for managing Subnets has been moved to its own module, aci_subnet. \ The new modules still supports 'gateway_ip' and 'subnet_mask' along with more features" ] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), filter_target='eq(fvBD.name, "{0}")'.format(bd), module_object=bd, ), child_classes=[ 'fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet' ], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvBD', class_config=dict( arpFlood=arp_flooding, descr=description, epClear=endpoint_clear, epMoveDetectMode=endpoint_move_detect, ipLearning=ip_learning, limitIpLearnToSubnets=limit_ip_learn, mac=mac_address, mcastAllow=enable_multicast, multiDstPktAct=multi_dest, name=bd, type=bd_type, unicastRoute=enable_routing, unkMacUcastAct=l2_unknown_unicast, unkMcastAct=l3_unknown_multicast, ), child_configs=[ { 'fvRsCtx': { 'attributes': { 'tnFvCtxName': vrf } } }, { 'fvRsIgmpsn': { 'attributes': { 'tnIgmpSnoopPolName': igmp_snoop_policy } } }, { 'fvRsBDToNdP': { 'attributes': { 'tnNdIfPolName': ipv6_nd_policy } } }, { 'fvRsBdToEpRet': { 'attributes': { 'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy } } }, ], ) aci.get_diff(aci_class='fvBD') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name' ]), # Not required for querying all objects subject=dict(type='str', aliases=['contract_subject', 'name', 'subject_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects priority=dict(type='str', choices=['unspecified', 'level1', 'level2', 'level3']), reverse_filter=dict(type='bool'), dscp=dict(type='str', aliases=['target'], choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ]), description=dict(type='str', aliases=['descr']), consumer_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), provider_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'subject', 'tenant']], ['state', 'present', ['contract', 'subject', 'tenant']], ], ) aci = ACIModule(module) subject = module.params.get('subject') priority = module.params.get('priority') reverse_filter = aci.boolean(module.params.get('reverse_filter')) contract = module.params.get('contract') dscp = module.params.get('dscp') description = module.params.get('description') consumer_match = module.params.get('consumer_match') if consumer_match is not None: consumer_match = MATCH_MAPPING.get(consumer_match) provider_match = module.params.get('provider_match') if provider_match is not None: provider_match = MATCH_MAPPING.get(provider_match) state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), subclass_2=dict( aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), module_object=subject, target_filter={'name': subject}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzSubj', class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzSubj') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', required=False, aliases=['tenant_name' ]), # Not required for querying all objects ospf=dict(type='str', required=False, aliases=['ospf_interface', 'name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), network_type=dict(type='str', choices=['bcast', 'p2p']), cost=dict(type='int'), controls=dict( type='list', choices=['advert-subnet', 'bfd', 'mtu-ignore', 'passive']), dead_interval=dict(type='int'), hello_interval=dict(type='int'), prefix_suppression=dict(type='bool'), priority=dict(type='int'), retransmit_interval=dict(type='int'), transmit_delay=dict(type='int'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['ospf', 'tenant']], ['state', 'present', ['ospf', 'tenant']], ], ) aci = ACIModule(module) tenant = module.params['tenant'] ospf = module.params['ospf'] description = module.params['description'] if module.params['controls'] is None: controls = None else: controls = ','.join(module.params['controls']) cost = module.params['cost'] if cost is not None and cost not in range(1, 451): module.fail_json( msg="Parameter 'cost' is only valid in range between 1 and 450.") dead_interval = module.params['dead_interval'] if dead_interval is not None and dead_interval not in range(1, 65536): module.fail_json( msg= "Parameter 'dead_interval' is only valid in range between 1 and 65536." ) hello_interval = module.params['hello_interval'] if hello_interval is not None and hello_interval not in range(1, 65536): module.fail_json( msg= "Parameter 'hello_interval' is only valid in range between 1 and 65536." ) network_type = module.params['network_type'] prefix_suppression = aci.boolean(module.params['prefix_suppression'], 'enabled', 'disabled') priority = module.params['priority'] if priority is not None and priority not in range(0, 256): module.fail_json( msg="Parameter 'priority' is only valid in range between 1 and 255." ) retransmit_interval = module.params['retransmit_interval'] if retransmit_interval is not None and retransmit_interval not in range( 1, 65536): module.fail_json( msg= "Parameter 'retransmit_interval' is only valid in range between 1 and 65536." ) transmit_delay = module.params['transmit_delay'] if transmit_delay is not None and transmit_delay not in range(1, 451): module.fail_json( msg= "Parameter 'transmit_delay' is only valid in range between 1 and 450." ) state = module.params['state'] aci.construct_url(root_class=dict( aci_class='ospfIfPol', aci_rn='tn-{0}/ospfIfPol-{1}'.format(tenant, ospf), module_object=ospf, target_filter={'name': ospf}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='ospfIfPol', class_config=dict( name=ospf, descr=description, cost=cost, ctrl=controls, deadIntvl=dead_interval, helloIntvl=hello_interval, nwT=network_type, pfxSuppress=prefix_suppression, prio=priority, rexmitIntvl=retransmit_interval, xmitDelay=transmit_delay, ), ) aci.get_diff(aci_class='ospfIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( name=dict(type='str', aliases=['maintenance_policy' ]), # Not required for querying all objects runmode=dict(type='str', default='pauseOnlyOnFailures', choices=['pauseOnlyOnFailures', 'pauseNever']), graceful=dict(type='bool'), scheduler=dict(type='str'), ignoreCompat=dict(type='bool'), adminst=dict(type='str', default='untriggered', choices=['triggered', 'untriggered']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['name']], ['state', 'present', ['name', 'scheduler']], ], ) aci = ACIModule(module) state = module.params.get('state') name = module.params.get('name') runmode = module.params.get('runmode') scheduler = module.params.get('scheduler') adminst = module.params.get('adminst') graceful = aci.boolean(module.params.get('graceful')) ignoreCompat = aci.boolean(module.params.get('ignoreCompat')) name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='maintMaintP', aci_rn='fabric/maintpol-{0}'.format(name), target_filter={'name': name}, module_object=name, ), child_classes=['maintRsPolScheduler']) aci.get_existing() if state == 'present': aci.payload( aci_class='maintMaintP', class_config=dict( name=name, runMode=runmode, graceful=graceful, adminSt=adminst, ignoreCompat=ignoreCompat, nameAlias=name_alias, ), child_configs=[ dict(maintRsPolScheduler=dict(attributes=dict( tnTrigSchedPName=scheduler, ), ), ), ], ) aci.get_diff(aci_class='maintMaintP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( aaa_password=dict(type='str', no_log=True), aaa_password_lifetime=dict(type='int'), aaa_password_update_required=dict(type='bool'), aaa_user=dict(type='str', required=True, aliases=['name' ]), # Not required for querying all objects clear_password_history=dict(type='bool'), description=dict(type='str', aliases=['descr']), email=dict(type='str'), enabled=dict(type='bool'), expiration=dict(type='str'), expires=dict(type='bool'), first_name=dict(type='str'), last_name=dict(type='str'), phone=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['aaa_user']], ['state', 'present', ['aaa_user']], ['expires', True, ['expiration']], ], ) aci = ACIModule(module) if not HAS_DATEUTIL: module.fail_json(msg='dateutil required for this module') aaa_password = module.params['aaa_password'] aaa_password_lifetime = module.params['aaa_password_lifetime'] aaa_password_update_required = aci.boolean( module.params['aaa_password_update_required']) aaa_user = module.params['aaa_user'] clear_password_history = module.params['clear_password_history'] description = module.params['description'] email = module.params['email'] enabled = aci.boolean(module.params['enabled'], 'active', 'inactive') expires = aci.boolean(module.params['expires']) first_name = module.params['first_name'] last_name = module.params['last_name'] phone = module.params['phone'] state = module.params['state'] expiration = module.params['expiration'] if expiration is not None and expiration != 'never': try: expiration = aci.iso8601_format( dateutil.parser.parse(expiration).replace(tzinfo=tzutc())) except Exception as e: module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params['expiration'], e)) aci.construct_url(root_class=dict( aci_class='aaaUser', aci_rn='userext/user-{0}'.format(aaa_user), filter_target='eq(aaaUser.name, "{0}")'.format(aaa_user), module_object=aaa_user, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='aaaUser', class_config=dict( accountStatus=enabled, clearPwdHistory=clear_password_history, email=email, expiration=expiration, expires=expires, firstName=first_name, lastName=last_name, name=aaa_user, phone=phone, pwd=aaa_password, pwdLifeTime=aaa_password_lifetime, pwdUpdateRequired=aaa_password_update_required, ), ) aci.get_diff(aci_class='aaaUser') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( epg=dict(type='str', aliases=['epg_name', 'name']), # Not required for querying all objects bd=dict(type='str', aliases=['bd_name', 'bridge_domain']), ap=dict(type='str', aliases=['app_profile', 'app_profile_name']), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), intra_epg_isolation=dict(choices=['enforced', 'unenforced']), fwd_control=dict(type='str', choices=['none', 'proxy-arp']), preferred_group=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['ap', 'epg', 'tenant']], ['state', 'present', ['ap', 'epg', 'tenant']], ], ) aci = ACIModule(module) epg = module.params.get('epg') bd = module.params.get('bd') description = module.params.get('description') priority = module.params.get('priority') intra_epg_isolation = module.params.get('intra_epg_isolation') fwd_control = module.params.get('fwd_control') preferred_group = aci.boolean(module.params.get('preferred_group'), 'include', 'exclude') state = module.params.get('state') tenant = module.params.get('tenant') ap = module.params.get('ap') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvAp', aci_rn='ap-{0}'.format(ap), module_object=ap, target_filter={'name': ap}, ), subclass_2=dict( aci_class='fvAEPg', aci_rn='epg-{0}'.format(epg), module_object=epg, target_filter={'name': epg}, ), child_classes=['fvRsBd'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvAEPg', class_config=dict( name=epg, descr=description, prio=priority, pcEnfPref=intra_epg_isolation, fwdCtrl=fwd_control, prefGrMemb=preferred_group, ), child_configs=[dict( fvRsBd=dict( attributes=dict( tnFvBDName=bd, ), ), )], ) aci.get_diff(aci_class='fvAEPg') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name']), # Not required for querying all objects subject=dict(type='str', aliases=['contract_subject', 'name', 'subject_name']), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects priority=dict(type='str', choices=['unspecified', 'level1', 'level2', 'level3']), reverse_filter=dict(type='bool'), dscp=dict(type='str', aliases=['target'], choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified']), description=dict(type='str', aliases=['descr']), consumer_match=dict(type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), provider_match=dict(type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), directive=dict(type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 filter=dict(type='str', aliases=['filter_name'], removed_in_version='2.4'), # Deprecated starting from v2.4 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'subject', 'tenant']], ['state', 'present', ['contract', 'subject', 'tenant']], ], ) aci = ACIModule(module) subject = module.params['subject'] priority = module.params['priority'] reverse_filter = aci.boolean(module.params['reverse_filter']) contract = module.params['contract'] dscp = module.params['dscp'] description = module.params['description'] filter_name = module.params['filter'] directive = module.params['directive'] consumer_match = module.params['consumer_match'] if consumer_match is not None: consumer_match = MATCH_MAPPING[consumer_match] provider_match = module.params['provider_match'] if provider_match is not None: provider_match = MATCH_MAPPING[provider_match] state = module.params['state'] tenant = module.params['tenant'] if directive is not None or filter_name is not None: module.fail_json(msg="Managing Contract Subjects to Filter bindings has been moved to module 'aci_subject_bind_filter'") aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), subclass_2=dict( aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), module_object=subject, target_filter={'name': subject}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzSubj', class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, ), ) aci.get_diff(aci_class='vzSubj') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( admin_state=dict(type='raw'), # Turn into a boolean in v2.9 description=dict(type='str', aliases=['descr']), dst_group=dict(type='str'), src_group=dict(type='str', required=False, aliases=['name']), # Not required for querying all objects state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', required=False, aliases=['tenant_name']), # Not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['src_group', 'tenant']], ['state', 'present', ['src_group', 'tenant']], ], ) aci = ACIModule(module) admin_state = aci.boolean(module.params['admin_state'], 'enabled', 'disabled') description = module.params['description'] dst_group = module.params['dst_group'] src_group = module.params['src_group'] state = module.params['state'] tenant = module.params['tenant'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='spanSrcGrp', aci_rn='srcgrp-{0}'.format(src_group), filter_target='eq(spanSrcGrp.name, "{0}")'.format(src_group), module_object=src_group, ), child_classes=['spanSpanLbl'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='spanSrcGrp', class_config=dict( adminSt=admin_state, descr=description, name=src_group, ), child_configs=[{'spanSpanLbl': {'attributes': {'name': dst_group}}}], ) aci.get_diff(aci_class='spanSrcGrp') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( compare_export_policy=dict(type='str'), compare_snapshot=dict(type='str'), description=dict(type='str', aliases=['descr']), export_policy=dict(type='str'), fail_on_decrypt=dict(type='bool'), import_mode=dict(type='str', choices=['atomic', 'best-effort']), import_policy=dict(type='str'), import_type=dict(type='str', choices=['merge', 'replace']), snapshot=dict(type='str', required=True), state=dict(type='str', default='rollback', choices=['preview', 'rollback']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=False, required_if=[ [ 'state', 'preview', ['compare_export_policy', 'compare_snapshot'] ], ['state', 'rollback', ['import_policy']], ], ) aci = ACIModule(module) description = module.params['description'] export_policy = module.params['export_policy'] fail_on_decrypt = aci.boolean(module.params['fail_on_decrypt']) import_mode = module.params['import_mode'] import_policy = module.params['import_policy'] import_type = module.params['import_type'] snapshot = module.params['snapshot'] state = module.params['state'] if state == 'rollback': if snapshot.startswith('run-'): snapshot = snapshot.replace('run-', '', 1) if not snapshot.endswith('.tar.gz'): snapshot += '.tar.gz' filename = 'ce2_{0}-{1}'.format(export_policy, snapshot) aci.construct_url(root_class=dict( aci_class='configImportP', aci_rn='fabric/configimp-{0}'.format(import_policy), module_object=import_policy, target_filter={'name': import_policy}, ), ) aci.get_existing() aci.payload( aci_class='configImportP', class_config=dict( adminSt='triggered', descr=description, failOnDecryptErrors=fail_on_decrypt, fileName=filename, importMode=import_mode, importType=import_type, name=import_policy, snapshot='yes', ), ) aci.get_diff(aci_class='configImportP') aci.post_config() elif state == 'preview': aci.url = '%(protocol)s://%(host)s/mqapi2/snapshots.diff.xml' % module.params aci.filter_string = ( '?s1dn=uni/backupst/snapshots-[uni/fabric/configexp-%(export_policy)s]/snapshot-%(snapshot)s&' 's2dn=uni/backupst/snapshots-[uni/fabric/configexp-%(compare_export_policy)s]/snapshot-%(compare_snapshot)s' ) % module.params # Generate rollback comparison get_preview(aci) aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects src_group=dict(type='str', aliases=['name' ]), # Not required for querying all objects admin_state=dict(type='bool'), description=dict(type='str', aliases=['descr']), dst_group=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['src_group', 'tenant']], ['state', 'present', ['src_group', 'tenant']], ], ) aci = ACIModule(module) admin_state = aci.boolean(module.params['admin_state'], 'enabled', 'disabled') description = module.params['description'] dst_group = module.params['dst_group'] src_group = module.params['src_group'] state = module.params['state'] tenant = module.params['tenant'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='spanSrcGrp', aci_rn='srcgrp-{0}'.format(src_group), module_object=src_group, target_filter={'name': src_group}, ), child_classes=['spanSpanLbl'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='spanSrcGrp', class_config=dict( adminSt=admin_state, descr=description, name=src_group, ), child_configs=[{ 'spanSpanLbl': { 'attributes': { 'name': dst_group } } }], ) aci.get_diff(aci_class='spanSrcGrp') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flag=dict(type='str', choices=VALID_ARP_FLAGS), description=dict(type='str', aliases=['descr']), dst_port=dict(type='str'), dst_port_end=dict(type='str'), dst_port_start=dict(type='str'), entry=dict(type='str', aliases=['entry_name', 'filter_entry', 'name']), # Not required for querying all objects ether_type=dict(choices=VALID_ETHER_TYPES, type='str'), filter=dict(type='str', aliases=['filter_name']), # Not required for querying all objects icmp_msg_type=dict(type='str', choices=VALID_ICMP_TYPES), icmp6_msg_type=dict(type='str', choices=VALID_ICMP6_TYPES), ip_protocol=dict(choices=VALID_IP_PROTOCOLS, type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), stateful=dict(type='bool'), tenant=dict(type="str", aliases=['tenant_name']), # Not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['entry', 'filter', 'tenant']], ['state', 'present', ['entry', 'filter', 'tenant']], ], ) aci = ACIModule(module) arp_flag = module.params['arp_flag'] if arp_flag is not None: arp_flag = ARP_FLAG_MAPPING[arp_flag] description = module.params['description'] dst_port = module.params['dst_port'] if dst_port in FILTER_PORT_MAPPING.keys(): dst_port = FILTER_PORT_MAPPING[dst_port] dst_end = module.params['dst_port_end'] if dst_end in FILTER_PORT_MAPPING.keys(): dst_end = FILTER_PORT_MAPPING[dst_end] dst_start = module.params['dst_port_start'] if dst_start in FILTER_PORT_MAPPING.keys(): dst_start = FILTER_PORT_MAPPING[dst_start] entry = module.params['entry'] ether_type = module.params['ether_type'] filter_name = module.params['filter'] icmp_msg_type = module.params['icmp_msg_type'] if icmp_msg_type is not None: icmp_msg_type = ICMP_MAPPING[icmp_msg_type] icmp6_msg_type = module.params['icmp6_msg_type'] if icmp6_msg_type is not None: icmp6_msg_type = ICMP6_MAPPING[icmp6_msg_type] ip_protocol = module.params['ip_protocol'] state = module.params['state'] stateful = aci.boolean(module.params['stateful']) tenant = module.params['tenant'] # validate that dst_port is not passed with dst_start or dst_end if dst_port is not None and (dst_end is not None or dst_start is not None): module.fail_json(msg="Parameter 'dst_port' cannot be used with 'dst_end' and 'dst_start'") elif dst_port is not None: dst_end = dst_port dst_start = dst_port aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), filter_target='eq(fvTenant.name, "{0}")'.format(tenant), module_object=tenant, ), subclass_1=dict( aci_class='vzFilter', aci_rn='flt-{0}'.format(filter_name), filter_target='eq(vzFilter.name, "{0}")'.format(filter_name), module_object=filter_name, ), subclass_2=dict( aci_class='vzEntry', aci_rn='e-{0}'.format(entry), filter_target='eq(vzEntry.name, "{0}")'.format(entry), module_object=entry ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzEntry', class_config=dict( arpOpc=arp_flag, descr=description, dFromPort=dst_start, dToPort=dst_end, etherT=ether_type, icmpv4T=icmp_msg_type, icmpv6T=icmp6_msg_type, name=entry, prot=ip_protocol, stateful=stateful, ), ) aci.get_diff(aci_class='vzEntry') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2out=dict(type='str',aliases=['l2out_name']), description=dict(type='str',aliases=['descr']), extepg=dict(type='str',aliases=['extepg_name']), preferred_group=dict(type='bool'), qos_class=dict(type='str', default='level3',choices=['level1','level2','level3','level4','level5','level6','Unspecified']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']) ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2out', 'tenant', 'extepg']], ['state', 'present', ['l2out', 'tenant','extepg']], ], ) aci = ACIModule(module) l2out = module.params['l2out'] description = module.params['description'] preferred_group = aci.boolean(module.params['preferred_group'], 'include', 'exclude') state = module.params['state'] tenant = module.params['tenant'] extepg = module.params['extepg'] qos_class = module.params['qos_class'] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l2extOut', aci_rn='l2out-{0}'.format(l2out), module_object=l2out, target_filter={'name': l2out}, ), subclass_2=dict( aci_class='l2extInstP', aci_rn='instP-{0}'.format(extepg), module_object=extepg, target_filter={'name': extepg}, ) ) if state == 'present': aci.payload( aci_class='l2extInstP', class_config=dict( name=extepg, descr=description, dn='uni/tn-{0}/l2out-{1}/instP-{2}'.format(tenant, l2out, extepg), prefGrMemb=preferred_group ), ) aci.get_diff(aci_class='l2extInstP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()