def configure_network(device): eth1 = EthernetInterface(name='ethernet1/1', mode='layer3', ip=('192.168.55.20/24', )) eth2 = EthernetInterface(name='ethernet1/2', mode='layer3', ip=('192.168.45.20/24', )) eth3 = EthernetInterface(name='ethernet1/3', mode='layer3', ip=('192.168.35.20/24', )) device.add(eth1) device.add(eth2) device.add(eth3) eth1.create() eth2.create() eth3.create() untrust = Zone(name='untrust', mode='layer3', interface=['ethernet1/1']) web = Zone(name='web', mode='layer3', interface=['ethernet1/2']) db = Zone(name='db', mode='layer3', interface=['ethernet1/3']) device.add(untrust) device.add(web) device.add(db) untrust.create() web.create() db.create() vr_default = VirtualRouter( name='default', interface=['ethernet1/1', 'ethernet1/2', 'ethernet1/3']) device.add(vr_default) vr_default.create() default_route = StaticRoute(name='default', destination='0.0.0.0/0', nexthop='192.168.55.2') vr_default.add(default_route) default_route.create()
def main(): helper = get_connection( vsys_importable=True, template=True, template_stack=True, with_state=True, with_classic_provider_spec=True, argument_spec=setup_args(), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) # Verify imports, build pandevice object tree. parent = helper.get_pandevice_parent(module) # Exclude non-object items from kwargs passed to the object. exclude_list = [ 'ip_address', 'username', 'password', 'api_key', 'state', 'commit', 'provider', 'template', 'template_stack', 'vsys', 'port', ] # Generate the kwargs for network.VirtualRouter. obj_spec = dict((k, module.params[k]) for k in helper.argument_spec.keys() if k not in exclude_list) name = module.params['name'] state = module.params['state'] commit = module.params['commit'] # Retrieve current virtual routers. try: vr_list = VirtualRouter.refreshall(parent, add=False) except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) # Create the new state object. virtual_router = VirtualRouter(**obj_spec) parent.add(virtual_router) reference_params = { 'refresh': True, 'update': not module.check_mode, 'return_type': 'bool', } changed = False if state == 'present': for item in vr_list: if item.name != name: continue if not item.equal(virtual_router, compare_children=False): changed = True virtual_router.extend(item.children) if not module.check_mode: try: virtual_router.apply() except PanDeviceError as e: module.fail_json(msg='Failed apply: {0}'.format(e)) break else: changed = True if not module.check_mode: try: virtual_router.create() except PanDeviceError as e: module.fail_json(msg='Failed apply: {0}'.format(e)) changed |= virtual_router.set_vsys(module.params['vsys'], **reference_params) else: changed |= virtual_router.set_vsys(None, **reference_params) if name in [x.name for x in vr_list]: changed = True if not module.check_mode: try: virtual_router.delete() except PanDeviceError as e: module.fail_json(msg='Failed delete: {0}'.format(e)) if commit and changed: helper.commit(module) if not changed: msg = 'no changes required.' elif module.check_mode: msg = 'Changes are required.' else: msg = 'Virtual router update successful.' module.exit_json(msg=msg, changed=changed)