def param_device_group(self):
if self._values['parameters'] is None:
return None
result = self._values['parameters'].get('deviceGroup', None)
if not result:
return result
return fq_name(self.partition, result)
def import_to_device(self):
name = os.path.split(self.want.file)[1]
self.upload_file_to_device(self.want.file, name)
time.sleep(2)
full_name = fq_name(self.want.partition, self.want.name)
cmd = 'tmsh load asm policy {0} file /var/config/rest/downloads/{1}'.format(full_name, name)
uri = "https://{0}:{1}/mgmt/tm/util/bash/".format(
self.client.provider['server'],
self.client.provider['server_port'],
)
args = dict(
command='run',
utilCmdArgs='-c "{0}"'.format(cmd)
)
resp = self.client.api.post(uri, json=args)
try:
response = resp.json()
if 'commandResult' in response:
if 'Unexpected Error' in response['commandResult']:
raise F5ModuleError(response['commandResult'])
except ValueError as ex:
raise F5ModuleError(str(ex))
if 'code' in response and response['code'] == 400:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
return True
def key(self):
if self._values['key'] is None:
return None
if self._values['key'] in ['', 'none']:
return ''
result = fq_name(self.partition, self._values['key'])
return result
def trusted_responders(self):
if self._values['trusted_responders'] is None:
return None
if self._values['trusted_responders'] in ['', 'none']:
return ''
result = fq_name(self.partition, self._values['trusted_responders'])
return result
def ssl_profile(self):
if self._values['ssl_profile'] is None:
return None
if self._values['ssl_profile'] in ['', 'none']:
return ''
result = fq_name(self.partition, self._values['ssl_profile'])
return result
def certificate(self):
if self._values['certificate'] is None:
return None
if self._values['certificate'] in ['', 'none']:
return ''
result = fq_name(self.partition, self._values['certificate'])
return result
def fw_enforced_policy(self):
if self._values['fw_enforced_policy'] is None:
return None
if self._values['fw_enforced_policy'] in ['none', '']:
return None
name = self._values['fw_enforced_policy']
return fq_name(self.partition, name)
def _read_purge_collection(self):
type = self.module.params['type']
pool_name = transform_name(name=fq_name(self.module.params['partition'], self.module.params['pool']))
uri = "https://{0}:{1}/mgmt/tm/gtm/pool/{2}/{3}/members".format(
self.client.provider['server'],
self.client.provider['server_port'],
type,
pool_name
)
query = '?$select=name,selfLink,fullPath,subPath'
resp = self.client.api.get(uri + query)
try:
response = resp.json()
except ValueError as ex:
raise F5ModuleError(str(ex))
if 'code' in response and response['code'] == 400:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
if 'items' in response:
return response['items']
return []
def dns_resolver(self):
if self._values['dns_resolver'] is None:
return None
if self._values['dns_resolver'] == '' or self._values['dns_resolver'] == 'none':
return ''
result = fq_name(self.partition, self._values['dns_resolver'])
return result
def publish_on_device(self):
params = dict(
name=fq_name(self.want.partition,
self.want.name,
sub_path='Drafts'
),
command="publish"
)
uri = "https://{0}:{1}/mgmt/tm/ltm/policy/".format(
self.client.provider['server'],
self.client.provider['server_port'],
)
resp = self.client.api.post(uri, json=params)
try:
response = resp.json()
except ValueError as ex:
raise F5ModuleError(str(ex))
if 'code' in response and response['code'] in [400, 403]:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
return True
def external_logging_publisher(self):
if self._values['external_logging_publisher'] is None:
return None
if self._values['external_logging_publisher'] in ['none', '']:
return ''
result = fq_name(self.partition, self._values['external_logging_publisher'])
return result
def name(self):
if self._values['remote_host'] is None:
return None
if self._values['name'] is None:
return None
name = fq_name(self.partition, self._values['name'])
return name
def create_from_template_on_device(self):
full_name = fq_name(self.want.partition, self.want.name)
cmd = 'tmsh create asm policy {0} policy-template {1}'.format(full_name, self.want.template)
uri = "https://{0}:{1}/mgmt/tm/util/bash/".format(
self.client.provider['server'],
self.client.provider['server_port'],
)
args = dict(
command='run',
utilCmdArgs='-c "{0}"'.format(cmd)
)
resp = self.client.api.post(uri, json=args)
try:
response = resp.json()
if 'commandResult' in response:
if 'Unexpected Error' in response['commandResult']:
raise F5ModuleError(response['commandResult'])
except ValueError as ex:
raise F5ModuleError(str(ex))
if 'code' in response and response['code'] == 400:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
def create(self):
if self.want.parent is None:
self.want.update({'parent': fq_name(self.want.partition, 'tcp')})
self._set_changed_options()
if self.module.check_mode:
return True
self.create_on_device()
return True
def port_lists(self):
if self._values['port_lists'] is None:
return None
result = []
for x in self._values['port_lists']:
item = fq_name(self.partition, x)
result.append(item)
return result
def issuer_cert(self):
if self._values['issuer_cert'] is None:
return None
name = fq_name(self.partition, self._values['issuer_cert'])
if name.endswith('.crt'):
return name
else:
return name + '.crt'
def express_server(self):
try:
if self._values['dns_express']['server'] is None:
return None
if self._values['dns_express']['server'] in ['', 'none']:
return ''
return fq_name(self.partition, self._values['dns_express']['server'])
except (TypeError, KeyError):
return None
def destinations(self):
if self._values['destinations'] is None:
return None
if len(self._values['destinations']) == 1 and self._values['destinations'][0] == '':
return ''
result = [fq_name(self.partition, x) for x in self._values['destinations']]
result = list(set(result))
result.sort()
return result
def destinations(self):
if self._values['destinations'] is None:
return None
results = []
for destination in self._values['destinations']:
result = fq_name(destination['partition'], destination['name'])
results.append(result)
results.sort()
return results
def address_lists(self):
if self._values['address_lists'] is None:
return None
result = []
for x in self._values['address_lists']:
item = fq_name(self.partition, x)
result.append(item)
result = sorted(result)
return result
def client_key(self):
if self._values['client_key'] is None:
return None
if self._values['client_key'] == '':
return ''
result = fq_name(self.partition, self._values['client_key'])
if not result.endswith('.key'):
result += '.key'
return result
def monitors(self):
if self._values['monitors'] is None:
return None
monitors = [fq_name(self.partition, x) for x in self.monitors_list]
if self.monitor_type == 'm_of_n':
monitors = ' '.join(monitors)
result = 'min %s of { %s }' % (self.quorum, monitors)
else:
result = ' and '.join(monitors).strip()
return result
def irules(self):
results = []
if self._values['irules'] is None:
return None
if len(self._values['irules']) == 1 and self._values['irules'][0] == '':
return ''
for irule in self._values['irules']:
result = fq_name(self.partition, irule)
results.append(result)
return results
def _handle_forward_action(self, action, item):
"""Handle the nuances of the forwarding type
Right now there is only a single type of forwarding that can be done. As that
functionality expands, so-to will the behavior of this, and other, methods.
Therefore, do not be surprised that the logic here is so rigid. It's deliberate.
:param action:
:param item:
:return:
"""
action['type'] = 'forward'
if not any(x for x in ['pool', 'virtual'] if x in item):
raise F5ModuleError(
"A 'pool' or 'virtual' must be specified when the 'forward' type is used."
)
if item.get('pool', None):
action['pool'] = fq_name(self.partition, item['pool'])
elif item.get('virtual', None):
action['virtual'] = fq_name(self.partition, item['virtual'])
def traffic_group(self):
if self._values['traffic_group'] is None:
return None
else:
result = fq_name(self.partition, self._values['traffic_group'])
if result.startswith('/Common/'):
return result
else:
raise F5ModuleError(
"Traffic groups can only exist in /Common"
)
def ha_order(self):
if self._values['ha_order'] is None:
return None
if len(self._values['ha_order']) == 1 and self._values['ha_order'][0] == '':
if self.auto_failback == 'true':
raise F5ModuleError(
'Cannot enable auto failback when HA order list is empty, at least one device must be specified.'
)
return 'none'
result = [fq_name(self.partition, value) for value in self._values['ha_order']]
return result
def traffic_group(self):
if self._values['traffic_group']:
result = fq_name(self.partition, self._values['traffic_group'])
elif self.param_traffic_group:
result = self.param_traffic_group
else:
return None
if not result.startswith('/Common/'):
raise F5ModuleError(
"Traffic groups can only exist in /Common"
)
return result
def remove_from_device(self):
uri = "https://{0}:{1}/mgmt/tm/gtm/pool/{2}/{3}/members/{4}".format(
self.client.provider['server'],
self.client.provider['server_port'],
self.want.type,
transform_name(name=fq_name(self.want.partition, self.want.pool)),
transform_name(self.want.partition, self.want.name),
)
response = self.client.api.delete(uri)
if response.status == 200:
return True
raise F5ModuleError(response.content)
def device_group(self):
if self._values['device_group'] not in [None, 'none']:
result = fq_name(self.partition, self._values['device_group'])
elif self.param_device_group not in [None, 'none']:
result = self.param_device_group
else:
return None
if not result.startswith('/Common/'):
raise F5ModuleError(
"Device groups can only exist in /Common"
)
return result
def monitors(self):
if self._values['monitors'] is None:
return None
if self._values['monitors'] == 'default':
return 'default'
monitors = [fq_name(self.partition, x) for x in self.monitors_list]
if self.availability_requirement_type == 'at_least':
monitors = ' '.join(monitors)
result = 'min {0} of {{ {1} }}'.format(self.at_least, monitors)
else:
result = ' and '.join(monitors).strip()
return result
