def check_cli(module, cli):
"""
This method checks if vRouter exists on the target node.
This method also checks for idempotency using the vrouter-interface-show
command.
If the given vRouter exists, return VROUTER_EXISTS as True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
:return Booleans: VROUTER_EXISTS, INTERFACE_EXISTS
"""
vrouter_name = module.params['pn_vrouter_name']
interface_ip = module.params['pn_ip']
# Check for vRouter
check_vrouter = 'vrouter-show format name no-show-headers'
out = run_commands(module, check_vrouter)[1]
if out:
out = out.split()
VROUTER_EXISTS = True if vrouter_name in out else False
if interface_ip:
# Check for interface and VRRP and fetch nic for VRRP
show = cli + ' vrouter-loopback-interface-show '
show += 'vrouter-name %s ' % vrouter_name
show += 'format ip no-show-headers'
out = run_commands(module, show)[1]
if out and interface_ip in out.split():
INTERFACE_EXISTS = True
else:
INTERFACE_EXISTS = False
return VROUTER_EXISTS, INTERFACE_EXISTS
def check_cli(module, cli):
"""
This method checks for idempotency using prefix-list-network-show command.
If network exists, return as True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
network = module.params['pn_network']
show = cli
cli += ' prefix-list-show format name no-show-headers'
out = run_commands(module, cli)[1]
if name not in out.split()[-1]:
module.fail_json(failed=True,
msg='Prefix list with name %s does not exists' % name)
cli = show
cli += ' prefix-list-network-show name %s format network no-show-headers' % name
rc, out, err = run_commands(module, cli)
if out:
out = out.split()[-1]
return True if network in out.split('/')[0] else False
return False
def check_cli(module, cli):
"""
This method checks for pim ssm config using the vrouter-show command.
If a user already exists on the given switch, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_vrouter_name']
show = cli
cli += ' vrouter-show format name no-show-headers '
out = run_commands(module, cli)[1]
if out:
out = out.split()
if name in out:
pass
else:
return False
cli = show
cli += ' vrouter-show name %s format proto-multi no-show-headers' % name
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if 'none' not in out else False
def check_cli(module, cli):
"""
This method checks if vRouter exists on the target node.
This method also checks for idempotency using the vrouter-bgp-show command.
If the given vRouter exists, return VROUTER_EXISTS as True else False.
If the given neighbor exists on the given vRouter, return NEIGHBOR_EXISTS as True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
:return Booleans: VROUTER_EXISTS, NEIGHBOR_EXISTS
"""
vrouter_name = module.params['pn_vrouter_name']
neighbor = module.params['pn_neighbor']
# Check for vRouter
check_vrouter = cli + ' vrouter-show format name no-show-headers'
out = run_commands(module, check_vrouter)[1]
if out:
out = out.split()
VROUTER_EXISTS = True if vrouter_name in out else False
if neighbor:
# Check for BGP neighbor
show = cli + ' vrouter-bgp-show vrouter-name %s ' % vrouter_name
show += 'format neighbor no-show-headers'
out = run_commands(module, show)[1]
if out and neighbor in out.split():
NEIGHBOR_EXISTS = True
else:
NEIGHBOR_EXISTS = False
return VROUTER_EXISTS, NEIGHBOR_EXISTS
def check_cli(module, cli):
"""
This method checks for idempotency using the snmp-vacm-show command.
If a user with given name exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
user_name = module.params['pn_user_name']
show = cli
cli += ' snmp-user-show format user-name no-show-headers'
rc, out, err = run_commands(module, cli)
if out and user_name in out.split():
pass
else:
return None
cli = show
cli += ' snmp-vacm-show format user-name no-show-headers'
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if user_name in out else False
def check_cli(module, cli):
"""
This method checks for idempotency using the cpu-class-show command.
If a user with given name exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
clicopy = cli
cli += ' system-settings-show format cpu-class-enable no-show-headers'
out = run_commands(module, cli)[1]
out = out.split()
if 'on' not in out:
module.fail_json(
failed=True,
msg='Enable CPU class before creating or deleting'
)
cli = clicopy
cli += ' cpu-class-show format name no-show-headers'
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if name in out else False
def check_cli(module, cli):
"""
This method checks if vRouter exists on the target node.
This method also checks for idempotency using the show command.
If the given vRouter exists, return VROUTER_EXISTS as True else False.
If an OSPF network with the given ip exists on the given vRouter,
return NETWORK_EXISTS as True else False.
:param module: The Ansible module to fetch input parameters
:return Booleans: VROUTER_EXISTS, NETWORK_EXISTS
"""
vrouter_name = module.params['pn_vrouter_name']
network = module.params['pn_network']
show_cli = pn_cli(module)
# Check for vRouter
check_vrouter = cli + ' vrouter-show format name no-show-headers '
out = run_commands(module, check_vrouter)[1]
if out:
out = out.split()
VROUTER_EXISTS = True if vrouter_name in out else False
# Check for OSPF networks
check_network = cli + ' vrouter-ospf-show vrouter-name %s ' % vrouter_name
check_network += 'format network no-show-headers'
out = run_commands(module, check_network)[1]
if out and network in out:
NETWORK_EXISTS = True
else:
NETWORK_EXISTS = False
return VROUTER_EXISTS, NETWORK_EXISTS
def check_cli(module, cli):
"""
This method checks for idempotency using the snmp-trap-sink-show command.
If a trap with given name exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
community = module.params['pn_community']
dest_host = module.params['pn_dest_host']
show = cli
cli += ' snmp-community-show format community-string no-show-headers'
rc, out, err = run_commands(module, cli)
if out:
out = out.split()
if community in out:
cli = show
cli += ' snmp-trap-sink-show community %s format type,dest-host no-show-headers' % community
rc, out, err = run_commands(module, cli)
if out:
out = out.split()
return True if dest_host in out else False
else:
return None
def check_cli(module, cli):
"""
This method checks if vRouter exists on the target node.
This method also checks for idempotency using the vrouter-interface-show
command.
If the given vRouter exists, return VROUTER_EXISTS as True else False.
If an interface with the given ip exists on the given vRouter,
return INTERFACE_EXISTS as True else False. This is required for
vrouter-interface-add.
If nic_str exists on the given vRouter, return NIC_EXISTS as True else
False. This is required for vrouter-interface-remove.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
:return Booleans: VROUTER_EXISTS, INTERFACE_EXISTS, NIC_EXISTS
"""
vrouter_name = module.params['pn_vrouter_name']
interface_ip = module.params['pn_ip']
nic_str = module.params['pn_nic']
# Check for vRouter
check_vrouter = cli + ' vrouter-show format name no-show-headers'
out = run_commands(module, check_vrouter)[1]
if out:
out = out.split()
VROUTER_EXISTS = True if vrouter_name in out else False
if interface_ip:
# Check for interface and VRRP and fetch nic for VRRP
show = cli + ' vrouter-interface-show vrouter-name %s ' % vrouter_name
show += 'ip2 %s format ip2,nic no-show-headers' % interface_ip
out = run_commands(module, show)[1]
if out and interface_ip in out.split(' ')[-2]:
INTERFACE_EXISTS = True
else:
INTERFACE_EXISTS = False
if nic_str:
# Check for nic
show = cli + ' vrouter-interface-show vrouter-name %s ' % vrouter_name
show += 'format nic no-show-headers'
out = run_commands(module, show)[1]
if out:
out = out.split()
NIC_EXISTS = True if nic_str in out else False
return VROUTER_EXISTS, INTERFACE_EXISTS, NIC_EXISTS
def check_cli(module, cli):
"""
This method checks for idempotency using the ipv6-security-reguard command.
If a name exists, return True if name exists else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
vlans = module.params['pn_vlans']
show = cli
cli += ' ipv6security-raguard-show format name no-show-headers'
out = run_commands(module, cli)[1]
if out:
out = out.split()
NAME_EXISTS = True if name in out else False
show += ' vlan-show format id no-show-headers'
out = run_commands(module, show)[1]
if out:
out = out.split()
if vlans and '-' in vlans:
vlan_list = list()
vlans = vlans.strip().split('-')
for vlan in range(int(vlans[0]), int(vlans[1]) + 1):
vlan_list.append(str(vlan))
for vlan in vlan_list:
if vlan not in out:
module.fail_json(
failed=True,
msg=
'vlan id %s does not exist. Make sure you create vlan before adding it'
% vlan)
else:
if vlans not in out:
module.fail_json(
failed=True,
msg=
'vlan id %s does not exist. Make sure you create vlan before adding it'
% vlans)
return NAME_EXISTS
def check_cli(module, cli):
"""
This method checks for pim ssm config using the vrouter-show command.
If a user already exists on the given switch, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_vrouter_name']
network = module.params['pn_network']
show = cli
cli += ' vrouter-show name %s format name no-show-headers' % name
rc, out, err = run_commands(module, cli)
VROUTER_EXISTS = '' if out else None
cli = show
cli += ' vrouter-bgp-network-show vrouter-name %s network %s format network no-show-headers' % (name, network)
out = run_commands(module, cli)[1]
out = out.split()
NETWORK_EXISTS = True if network in out[-1] else False
return NETWORK_EXISTS, VROUTER_EXISTS
def check_cli(module, cli):
"""
This method checks if vRouter exists on the target node.
This method also checks for idempotency using the vrouter-interface-show
command.
If the given vRouter exists, return VROUTER_EXISTS as True else False.
If nic_str exists on the given vRouter, return NIC_EXISTS as True else
False. This is required for vrouter-ospf6-remove.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
:return Booleans: VROUTER_EXISTS, NIC_EXISTS
"""
vrouter_name = module.params['pn_vrouter_name']
nic_str = module.params['pn_nic']
# Check for vRouter
check_vrouter = cli + ' vrouter-show format name no-show-headers '
out = run_commands(module, check_vrouter)[1]
if out:
out = out.split()
VROUTER_EXISTS = True if vrouter_name in out else False
if nic_str:
# Check for nic
show = cli + ' vrouter-ospf6-show vrouter-name %s format nic no-show-headers' % vrouter_name
out = run_commands(module, show)[1]
if out:
out.split()
NIC_EXISTS = True if nic_str in out else False
return VROUTER_EXISTS, NIC_EXISTS
def check_cli(module, cli):
"""
This method checks for idempotency using the user-show command.
If a user already exists on the given switch, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
cli += ' user-show format name no-show-headers'
out = run_commands(module, cli)[1]
out = out.split()
return True if name in out else False
def check_cli(module, cli):
"""
This method checks for idempotency using the access-list-ip-show command.
If ip exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
ip = module.params['pn_ip']
clicopy = cli
cli += ' access-list-show name %s no-show-headers ' % name
out = run_commands(module, cli)[1]
if name not in out:
module.fail_json(failed=True,
msg='access-list with name %s does not exist' % name)
cli = clicopy
cli += ' access-list-ip-show name %s format ip no-show-headers' % name
out = run_commands(module, cli)[1]
out = out.split()
return True if ip in out else False
def check_cli(module, cli):
"""
This method checks for idempotency using the dscp-map-show name command.
If a user with given name exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_dscp_map']
cli += ' dscp-map-show name %s format name no-show-headers' % name
out = run_commands(module, cli)[1]
out = out.split()
return True if name in out[-1] else False
def check_cli(module, cli):
"""
This method checks for idempotency using the role-show command.
If a role with given name exists, return True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
role_name = module.params['pn_name']
cli += ' role-show format name no-show-headers'
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if role_name in out else False
def check_cli(module):
"""
This method checks for idempotency using the ipv6security-raguard-show command.
If a name exists, return True if name exists else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
name = module.params['pn_name']
cli = 'ipv6security-raguard-show format name parsable-delim ,'
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if name in out else False
def check_cli(module, cli):
"""
This method checks for idempotency using the snmp-community-show command.
If a user with given name exists, return as True else False.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
comm_str = module.params['pn_community_string']
cli += ' snmp-community-show format community-string no-show-headers'
out = run_commands(module, cli)[1]
if out:
out = out.split()
return True if comm_str in out else False
def check_list(module, list_name, command):
"""
This method checks for idempotency using provided command.
:param module: The Ansible module to fetch input parameters
:param cli: The CLI string
"""
cli = '%s format name no-show-headers' % command
out = run_commands(module, cli)[1]
if out:
out = out.split()
if list_name not in out:
module.fail_json(failed=True,
msg='%s name %s does not exists' %
(command, list_name))
def check_cli(module, cli):
"""
This method checks for idempotency using the log-audit-exception command.
If a list with given name exists, return exists as True else False.
:param module: The Ansible module to fetch input parameters.
:return Booleans: True or False.
"""
state = module.params['state']
audit_type = module.params['pn_audit_type']
pattern = module.params['pn_pattern']
access = module.params['pn_access']
scope = module.params['pn_scope']
cli += ' log-audit-exception-show'
cli += ' no-show-headers format '
cli += ' type,pattern,access,scope parsable-delim DELIM'
stdout = run_commands(module, cli)[1]
if stdout:
linelist = stdout.strip().split('\n')
for line in linelist:
wordlist = line.split('DELIM')
count = 0
if wordlist[0] == audit_type:
count += 1
if wordlist[1] == pattern:
count += 1
if wordlist[2] == access:
count += 1
if state == 'present' and wordlist[3] == scope:
count += 1
elif state == 'absent' and count == 3:
return True
if state == 'present' and count == 4:
return True
return False
def run_cli(module, cli, state_map):
"""
This method executes the cli command on the target node(s) and returns the
output. The module then exits based on the output.
:param cli: the complete cli string to be executed on the target node(s).
:param state_map: Provides state of the command.
:param module: The Ansible module to fetch command
"""
state = module.params['state']
command = state_map[state]
result, out, err = run_commands(module, cli)
results = dict(command=cli,
msg="%s operation completed" % cli,
changed=True)
# Response in JSON format
if result != 0:
module.exit_json(command=cli,
msg="%s operation failed" % cli,
changed=False)
module.exit_json(**results)
def main():
""" This section is for arguments parsing """
state_map = dict(
update='fabric-local-modify'
)
argument_spec = dict(
pn_cliswitch=dict(required=True, type='str'),
state=dict(required=False, type='str', choices=state_map.keys(), default='update'),
pn_fabric_network=dict(required=False, type='str',
choices=['mgmt', 'in-band', 'vmgmt'], default='mgmt'),
pn_vlan=dict(required=False, type='str'),
pn_control_network=dict(required=False, type='str',
choices=['in-band', 'mgmt', 'vmgmt']),
pn_fabric_advertisement_network=dict(required=False, type='str',
choices=['inband-mgmt', 'inband-only', 'inband-vmgmt', 'mgmt-only']),
)
module = AnsibleModule(
argument_spec=argument_spec,
required_one_of=[['pn_fabric_network', 'pn_vlan',
'pn_control_network',
'pn_fabric_advertisement_network']],
)
# Accessing the arguments
cliswitch = module.params['pn_cliswitch']
state = module.params['state']
fabric_network = module.params['pn_fabric_network']
vlan = module.params['pn_vlan']
control_network = module.params['pn_control_network']
fabric_adv_network = module.params['pn_fabric_advertisement_network']
command = state_map[state]
if vlan:
if int(vlan) < 1 or int(vlan) > 4092:
module.fail_json(
failed=True,
msg='Valid vlan range is 1 to 4092'
)
cli = pn_cli(module, cliswitch)
cli += ' vlan-show format id no-show-headers'
out = run_commands(module, cli)[1].split()
if vlan in out and vlan != '1':
module.fail_json(
failed=True,
msg='vlan %s is already in used. Specify unused vlan' % vlan
)
# Building the CLI command string
cli = pn_cli(module, cliswitch)
if command == 'fabric-local-modify':
cli += ' %s ' % command
if fabric_network:
cli += ' fabric-network ' + fabric_network
if vlan:
cli += ' vlan ' + vlan
if control_network:
cli += ' control-network ' + control_network
if fabric_adv_network:
cli += ' fabric-advertisement-network ' + fabric_adv_network
run_cli(module, cli, state_map)
def main():
""" This section is for arguments parsing """
state_map = dict(present='vrouter-loopback-interface-add',
absent='vrouter-loopback-interface-remove')
argument_spec = dict(
pn_cliswitch=dict(required=False, type='str'),
state=dict(required=False,
type='str',
choices=state_map.keys(),
default='present'),
pn_ip=dict(required=True, type='str'),
pn_index=dict(required=False, type='str'),
pn_vrouter_name=dict(required=True, type='str'),
)
module = AnsibleModule(
argument_spec=argument_spec,
required_if=(["state", "present", ["pn_vrouter_name", "pn_ip"]], [
"state", "absent", ["pn_vrouter_name", "pn_ip", "pn_index"]
]),
)
# Accessing the arguments
cliswitch = module.params['pn_cliswitch']
state = module.params['state']
ip = module.params['pn_ip']
index = module.params['pn_index']
vrouter_name = module.params['pn_vrouter_name']
command = state_map[state]
# Building the CLI command string
cli = pn_cli(module, cliswitch)
VROUTER_EXISTS, INTERFACE_EXISTS = check_cli(module, cli)
cli += ' %s vrouter-name %s ' % (command, vrouter_name)
if index and (int(index) < 1 or int(index) > 255):
module.fail_json(failed=True, msg='index should be in range 1 to 255')
if index and state == 'present':
show = 'vrouter-loopback-interface-show format index parsable-delim ,'
out = run_commands(module, show)[1]
if out:
out = out.split()
for res in out:
res = res.strip().split(',')
if index in res:
module.fail_json(failed=True,
msg='index with value %s exist' % index)
if command == 'vrouter-loopback-interface-add':
if VROUTER_EXISTS is False:
module.fail_json(failed=True,
msg='vRouter %s does not exist' % vrouter_name)
if INTERFACE_EXISTS is True:
module.exit_json(skipped=True,
msg='vRouter with loopback ip %s exist' % ip)
if ip:
cli += ' ip ' + ip
if index:
cli += ' index ' + index
if command == 'vrouter-loopback-interface-remove':
if VROUTER_EXISTS is False:
module.fail_json(failed=True,
msg='vRouter %s does not exist' % vrouter_name)
if INTERFACE_EXISTS is False:
module.exit_json(skipped=True,
msg='vRouter with loopback ip %s doesnt exist' %
ip)
if index:
cli += ' index ' + index
run_cli(module, cli, state_map)
