def main(): argument_spec = aci_argument_spec() argument_spec.update( name=dict(type='str', aliases=['block_name']), switch_type=dict(type='str', choices=['leaf', 'spine'], required=True), profile=dict(type='str', aliases=['profile_name', 'switch_profile']), association=dict(type='str', aliases=['association_name', 'switch_association']), description=dict(type='str', aliases=['descr']), from_node=dict(type='int', aliases=['from', 'from_']), to_node=dict(type='int', aliases=['to', 'to_']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']) ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['profile', 'association', 'name']], ['state', 'present', ['profile', 'association', 'name']], ] ) aci = ACIModule(module) name = module.params.get('name') profile = module.params.get('profile') switch_type = module.params.get('switch_type') association = module.params.get('association') descr = module.params.get('descr') from_node = module.params.get('from_node') to_node = module.params.get('to_node') state = module.params.get('state') if switch_type == 'spine': aci_root_class = 'fabricSpineP' aci_root_rn = 'fabric/spprof-{0}'.format(profile) aci_subclass1_class = 'fabricSpineS' aci_subclass1_rn = 'spines-{0}-typ-range'.format(association) elif switch_type == 'leaf': aci_root_class = 'fabricLeafP' aci_root_rn = 'fabric/leprof-{0}'.format(profile) aci_subclass1_class = 'fabricLeafS' aci_subclass1_rn = 'leaves-{0}-typ-range'.format(association) aci.construct_url( root_class=dict( aci_class=aci_root_class, aci_rn=aci_root_rn, module_object=profile, target_filter={'name': profile}, ), subclass_1=dict( aci_class=aci_subclass1_class, aci_rn=aci_subclass1_rn, module_object=association, target_filter={'name': association}, ), subclass_2=dict( aci_class='fabricNodeBlk', aci_rn='nodeblk-{0}'.format(name), module_object=name, target_filter={'name': name}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='fabricNodeBlk', class_config=dict( name=name, descr=descr, from_=from_node, to_=to_node ), ) aci.get_diff(aci_class='fabricNodeBlk') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( name=dict(type='str', aliases=['policy_group', 'policy_group_name']), switch_type=dict(type='str', choices=['leaf', 'spine'], required=True), monitoring_policy=dict( type='str', aliases=['monitoring', 'fabricRsMonInstFabricPol']), tech_support_export_policy=dict(type='str', aliases=[ 'tech_support', 'tech_support_export', 'fabricRsNodeTechSupP' ]), core_export_policy=dict( type='str', aliases=['core', 'core_export', 'fabricRsNodeCoreP']), inventory_policy=dict(type='str', aliases=['inventory', 'fabricRsCallhomeInvPol']), power_redundancy_policy=dict( type='str', aliases=['power_redundancy', 'fabricRsPsuInstPol']), twamp_server_policy=dict( type='str', aliases=['twamp_server', 'fabricRsTwampServerPol']), twamp_responder_policy=dict( type='str', aliases=['twamp_responder', 'fabricRsTwampResponderPol']), node_control_policy=dict(type='str', aliases=['node_control', 'fabricRsNodeCtrl']), analytics_cluster=dict(type='str'), analytics_name=dict(type='str'), description=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['name']], ['state', 'present', ['name']], ], required_together=[ ('analytics_cluster', 'analytics_name'), ], ) name = module.params.get('name') switch_type = module.params.get('switch_type') description = module.params.get('description') monitoring_policy = module.params.get('monitoring_policy') tech_support_export_policy = module.params.get( 'tech_support_export_policy') core_export_policy = module.params.get('core_export_policy') inventory_policy = module.params.get('inventory_policy') power_redundancy_policy = module.params.get('power_redundancy_policy') twamp_server_policy = module.params.get('twamp_server_policy') twamp_responder_policy = module.params.get('twamp_responder_policy') node_control_policy = module.params.get('node_control_policy') analytics_cluster = module.params.get('analytics_cluster') analytics_name = module.params.get('analytics_name') state = module.params.get('state') child_classes = [ 'fabricRsMonInstFabricPol', 'fabricRsNodeTechSupP', 'fabricRsNodeCoreP', 'fabricRsCallhomeInvPol', 'fabricRsPsuInstPol', 'fabricRsTwampServerPol', 'fabricRsTwampResponderPol', 'fabricRsNodeCtrl', 'fabricRsNodeCfgSrv' ] aci_class = ACI_CLASS_MAPPING[switch_type]["class"] aci_rn = ACI_CLASS_MAPPING[switch_type]["rn"] aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class=aci_class, aci_rn='fabric/funcprof/{0}{1}'.format(aci_rn, name), module_object=name, target_filter={'name': name}, ), child_classes=child_classes, ) aci.get_existing() if state == 'present': child_configs = [] if monitoring_policy is not None: child_configs.append( dict(fabricRsMonInstFabricPol=dict(attributes=dict( tnMonFabricPolName=monitoring_policy)))) if tech_support_export_policy is not None: child_configs.append( dict(fabricRsNodeTechSupP=dict(attributes=dict( tnDbgexpTechSupPName=tech_support_export_policy)))) if core_export_policy is not None: child_configs.append( dict(fabricRsNodeCoreP=dict(attributes=dict( tnDbgexpCorePName=core_export_policy)))) if inventory_policy is not None: child_configs.append( dict(fabricRsCallhomeInvPol=dict(attributes=dict( tnCallhomeInvPName=inventory_policy)))) if power_redundancy_policy is not None: child_configs.append( dict(fabricRsPsuInstPol=dict(attributes=dict( tnPsuInstPolName=power_redundancy_policy)))) if twamp_server_policy is not None: child_configs.append( dict(fabricRsTwampServerPol=dict(attributes=dict( tnTwampServerPolName=twamp_server_policy)))) if twamp_responder_policy is not None: child_configs.append( dict(fabricRsTwampResponderPol=dict(attributes=dict( tnTwampResponderPolName=twamp_responder_policy)))) if node_control_policy is not None: child_configs.append( dict(fabricRsNodeCtrl=dict(attributes=dict( tnFabricNodeControlName=node_control_policy)))) if analytics_cluster and analytics_name: analytics_tdn = ( 'uni/fabric/analytics/cluster-{0}/cfgsrv-{1}'.format( analytics_cluster, analytics_name)) child_configs.append( dict(fabricRsNodeCfgSrv=dict(attributes=dict( tDn=analytics_tdn)))) aci.payload( aci_class=aci_class, class_config=dict( name=name, descr=description, ), child_configs=child_configs, ) aci.get_diff(aci_class=aci_class) aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( contract_type=dict(type="str", required=True, choices=["consumer", "provider"]), ap=dict(type="str", aliases=["app_profile", "app_profile_name" ]), # Not required for querying all objects epg=dict(type="str", aliases=["epg_name" ]), # Not required for querying all objects contract=dict(type="str", aliases=["contract_name" ]), # Not required for querying all objects priority=dict(type="str", choices=[ "level1", "level2", "level3", "level4", "level5", "level6", "unspecified" ]), provider_match=dict( type="str", choices=["all", "at_least_one", "at_most_one", "none"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["ap", "contract", "epg", "tenant"]], ["state", "present", ["ap", "contract", "epg", "tenant"]], ], ) ap = module.params.get("ap") contract = module.params.get("contract") contract_type = module.params.get("contract_type") epg = module.params.get("epg") priority = module.params.get("priority") provider_match = module.params.get("provider_match") if provider_match is not None: provider_match = PROVIDER_MATCH_MAPPING[provider_match] state = module.params.get("state") tenant = module.params.get("tenant") aci_class = ACI_CLASS_MAPPING[contract_type]["class"] aci_rn = ACI_CLASS_MAPPING[contract_type]["rn"] if contract_type == "consumer" and provider_match is not None: module.fail_json( msg= "the 'provider_match' is only configurable for Provided Contracts") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvAp", aci_rn="ap-{0}".format(ap), module_object=ap, target_filter={"name": ap}, ), subclass_2=dict( aci_class="fvAEPg", aci_rn="epg-{0}".format(epg), module_object=epg, target_filter={"name": epg}, ), subclass_3=dict( aci_class=aci_class, aci_rn="{0}{1}".format(aci_rn, contract), module_object=contract, target_filter={"tnVzBrCPName": contract}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class=aci_class, class_config=dict( matchT=provider_match, prio=priority, tnVzBrCPName=contract, ), ) aci.get_diff(aci_class=aci_class) aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( port_security=dict( type="str", aliases=["name"]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), max_end_points=dict(type="int"), port_security_timeout=dict(type="int"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["port_security"]], ["state", "present", ["port_security"]], ], ) port_security = module.params.get("port_security") description = module.params.get("description") max_end_points = module.params.get("max_end_points") port_security_timeout = module.params.get("port_security_timeout") name_alias = module.params.get("name_alias") if max_end_points is not None and max_end_points not in range(12001): module.fail_json(msg="The max_end_points must be between 0 and 12000") if port_security_timeout is not None and port_security_timeout not in range( 60, 3601): module.fail_json( msg="The port_security_timeout must be between 60 and 3600") state = module.params.get("state") aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class="l2PortSecurityPol", aci_rn="infra/portsecurityP-{0}".format(port_security), module_object=port_security, target_filter={"name": port_security}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="l2PortSecurityPol", class_config=dict( name=port_security, descr=description, maximum=max_end_points, nameAlias=name_alias, timeout=port_security_timeout, ), ) aci.get_diff(aci_class="l2PortSecurityPol") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects l3out=dict(type="str", aliases=["l3out_name"]), # Not required for querying all objects node_profile=dict(type="str", aliases=["node_profile_name", "logical_node"]), # Not required for querying all objects interface_profile=dict(type="str", aliases=["interface_profile_name", "logical_interface"]), path_dn=dict(type="str"), pod_id=dict(type="str"), node_id=dict(type="str"), path_ep=dict(type="str"), side=dict(type="str", choices=["A", "B"]), address=dict(type="str", aliases=["addr", "ip_address"]), ipv6_dad=dict(type="str", choices=["enabled", "disabled"]), description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "present", ["side", "interface_profile", "node_profile", "l3out", "tenant"]], ["state", "absent", ["side", "interface_profile", "node_profile", "l3out", "tenant"]], ], mutually_exclusive=[ ["path_dn", "pod_id"], ["path_dn", "node_id"], ["path_dn", "path_ep"], ], required_together=[ ["pod_id", "node_id", "path_ep"], ], ) aci = ACIModule(module) tenant = module.params.get("tenant") l3out = module.params.get("l3out") node_profile = module.params.get("node_profile") interface_profile = module.params.get("interface_profile") pod_id = module.params.get("pod_id") node_id = module.params.get("node_id") path_ep = module.params.get("path_ep") path_dn = module.params.get("path_dn") side = module.params.get("side") address = module.params.get("address") ipv6_dad = module.params.get("ipv6_dad") description = module.params.get("description") state = module.params.get("state") name_alias = module.params.get("name_alias") if not path_dn: if pod_id and node_id and path_ep: path_dn = ("topology/pod-{0}/protpaths-{1}/pathep-[{2}]".format(pod_id, node_id, path_ep)) else: path_dn = None aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="l3extOut", aci_rn="out-{0}".format(l3out), module_object=l3out, target_filter={"name": l3out}, ), subclass_2=dict( aci_class="l3extLNodeP", aci_rn="lnodep-{0}".format(node_profile), module_object=node_profile, target_filter={"name": node_profile}, ), subclass_3=dict( aci_class="l3extLIfP", aci_rn="lifp-{0}".format(interface_profile), module_object=interface_profile, target_filter={"name": interface_profile}, ), subclass_4=dict( aci_class="l3extRsPathL3OutAtt", aci_rn="rspathL3OutAtt-[{0}]".format(path_dn), module_object=path_dn, target_filter={"name": path_dn}, ), subclass_5=dict( aci_class="l3extMember", aci_rn="mem-{0}".format(side), module_object=side, target_filter={"name": side}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="l3extMember", class_config=dict( name=side, addr=address, ipv6Dad=ipv6_dad, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class="l3extMember") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects vrf=dict(type='str', aliases=['context', 'name', 'vrf_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), policy_control_direction=dict(type='str', choices=['egress', 'ingress']), policy_control_preference=dict(type='str', choices=['enforced', 'unenforced']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), preferred_group=dict(type='str', choices=['enabled', 'disabled']), match_type=dict(type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['tenant', 'vrf']], ['state', 'present', ['tenant', 'vrf']], ], ) description = module.params.get('description') policy_control_direction = module.params.get('policy_control_direction') policy_control_preference = module.params.get('policy_control_preference') state = module.params.get('state') tenant = module.params.get('tenant') vrf = module.params.get('vrf') name_alias = module.params.get('name_alias') preferred_group = module.params.get('preferred_group') match_type = module.params.get('match_type') if match_type is not None: match_type = MATCH_TYPE_MAPPING[match_type] aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvCtx', aci_rn='ctx-{0}'.format(vrf), module_object=vrf, target_filter={'name': vrf}, ), child_classes=['vzAny']) aci.get_existing() if state == 'present': aci.payload( aci_class='fvCtx', class_config=dict( descr=description, pcEnfDir=policy_control_direction, pcEnfPref=policy_control_preference, name=vrf, nameAlias=name_alias, ), child_configs=[ dict(vzAny=dict(attributes=dict(prefGrMemb=preferred_group, matchT=match_type))), ], ) aci.get_diff(aci_class='fvCtx') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( pool=dict(type='str', aliases=['pool_name' ]), # Not required for querying all objects block_name=dict(type='str', aliases=['name' ]), # Not required for querying all objects block_end=dict(type='int', aliases=['end' ]), # Not required for querying all objects block_start=dict(type='int', aliases=["start" ]), # Not required for querying all objects allocation_mode=dict(type='str', aliases=['mode'], choices=['dynamic', 'inherit', 'static']), description=dict(type='str', aliases=['descr']), pool_allocation_mode=dict(type='str', aliases=['pool_mode'], choices=['dynamic', 'static']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ 'state', 'absent', ['pool', 'block_end', 'block_name', 'block_start'] ], [ 'state', 'present', ['pool', 'block_end', 'block_name', 'block_start'] ], ], ) allocation_mode = module.params.get('allocation_mode') description = module.params.get('description') pool = module.params.get('pool') pool_allocation_mode = module.params.get('pool_allocation_mode') block_end = module.params.get('block_end') block_name = module.params.get('block_name') block_start = module.params.get('block_start') state = module.params.get('state') name_alias = module.params.get('name_alias') if block_end is not None: encap_end = 'vlan-{0}'.format(block_end) else: encap_end = None if block_start is not None: encap_start = 'vlan-{0}'.format(block_start) else: encap_start = None # Collect proper mo information aci_block_mo = 'from-[{0}]-to-[{1}]'.format(encap_start, encap_end) pool_name = pool # Validate block_end and block_start are valid for its respective encap type for encap_id in block_end, block_start: if encap_id is not None: if not 1 <= encap_id <= 4094: module.fail_json( msg= "vlan pools must have 'block_start' and 'block_end' values between 1 and 4094" ) if block_end is not None and block_start is not None: # Validate block_start is less than block_end if block_start > block_end: module.fail_json( msg= "The 'block_start' must be less than or equal to the 'block_end'" ) elif block_end is None and block_start is None: if block_name is None: # Reset range managed object to None for aci util to properly handle query aci_block_mo = None # ACI Pool URL requires the allocation mode (ex: uni/infra/vlanns-[poolname]-static) if pool is not None: if pool_allocation_mode is not None: pool_name = '[{0}]-{1}'.format(pool, pool_allocation_mode) else: module.fail_json( msg= "ACI requires the 'pool_allocation_mode' when 'pool' is provided" ) aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fvnsVlanInstP', aci_rn='infra/vlanns-{0}'.format(pool_name), module_object=pool, target_filter={'name': pool}, ), subclass_1=dict( aci_class='fvnsEncapBlk', aci_rn=aci_block_mo, module_object=aci_block_mo, target_filter={ 'from': encap_start, 'to': encap_end, 'name': block_name }, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='fvnsEncapBlk', class_config={ "allocMode": allocation_mode, "descr": description, "from": encap_start, "name": block_name, "to": encap_end, "nameAlias": name_alias, }, ) aci.get_diff(aci_class='fvnsEncapBlk') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( arp_flooding=dict(type='bool'), bd=dict(type='str', aliases=['bd_name', 'name']), # Not required for querying all objects bd_type=dict(type='str', choices=['ethernet', 'fc']), description=dict(type='str'), enable_multicast=dict(type='bool'), enable_routing=dict(type='bool'), endpoint_clear=dict(type='bool'), endpoint_move_detect=dict(type='str', choices=['default', 'garp']), endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']), endpoint_retention_policy=dict(type='str'), igmp_snoop_policy=dict(type='str'), ip_learning=dict(type='bool'), ipv6_nd_policy=dict(type='str'), l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']), l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']), ipv6_l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']), limit_ip_learn=dict(type='bool'), mac_address=dict(type='str', aliases=['mac']), multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects vrf=dict(type='str', aliases=['vrf_name']), route_profile=dict(type='str'), route_profile_l3out=dict(type='str'), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['bd', 'tenant']], ['state', 'present', ['bd', 'tenant']], ], ) aci = ACIModule(module) arp_flooding = aci.boolean(module.params.get('arp_flooding')) bd = module.params.get('bd') bd_type = module.params.get('bd_type') if bd_type == 'ethernet': # ethernet type is represented as regular, but that is not clear to the users bd_type = 'regular' description = module.params.get('description') enable_multicast = aci.boolean(module.params.get('enable_multicast')) enable_routing = aci.boolean(module.params.get('enable_routing')) endpoint_clear = aci.boolean(module.params.get('endpoint_clear')) endpoint_move_detect = module.params.get('endpoint_move_detect') if endpoint_move_detect == 'default': # the ACI default setting is an empty string, but that is not a good input value endpoint_move_detect = '' endpoint_retention_action = module.params.get('endpoint_retention_action') endpoint_retention_policy = module.params.get('endpoint_retention_policy') igmp_snoop_policy = module.params.get('igmp_snoop_policy') ip_learning = aci.boolean(module.params.get('ip_learning')) ipv6_nd_policy = module.params.get('ipv6_nd_policy') l2_unknown_unicast = module.params.get('l2_unknown_unicast') l3_unknown_multicast = module.params.get('l3_unknown_multicast') ipv6_l3_unknown_multicast = module.params.get('ipv6_l3_unknown_multicast') limit_ip_learn = aci.boolean(module.params.get('limit_ip_learn')) mac_address = module.params.get('mac_address') multi_dest = module.params.get('multi_dest') state = module.params.get('state') tenant = module.params.get('tenant') vrf = module.params.get('vrf') route_profile = module.params.get('route_profile') route_profile_l3out = module.params.get('route_profile_l3out') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='fvBD', aci_rn='BD-{0}'.format(bd), module_object=bd, target_filter={'name': bd}, ), child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet', 'fvRsBDToProfile'], ) aci.get_existing() if state == 'present': class_config = dict( arpFlood=arp_flooding, descr=description, epClear=endpoint_clear, epMoveDetectMode=endpoint_move_detect, ipLearning=ip_learning, limitIpLearnToSubnets=limit_ip_learn, mac=mac_address, mcastAllow=enable_multicast, multiDstPktAct=multi_dest, name=bd, type=bd_type, unicastRoute=enable_routing, unkMacUcastAct=l2_unknown_unicast, unkMcastAct=l3_unknown_multicast, nameAlias=name_alias, ) if ipv6_l3_unknown_multicast is not None: class_config['v6unkMcastAct'] = ipv6_l3_unknown_multicast aci.payload( aci_class='fvBD', class_config=class_config, child_configs=[ {'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}}, {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}}, {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}}, {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}}, {'fvRsBDToProfile': {'attributes': {'tnL3extOutName': route_profile_l3out, 'tnRtctrlProfileName': route_profile}}}, ], ) aci.get_diff(aci_class='fvBD') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( action_rule=dict(type="str", aliases=["action_rule_name", "name" ]), # Not required for querying all objects tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["action_rule", "tenant"]], ["state", "present", ["action_rule", "tenant"]], ], ) action_rule = module.params.get("action_rule") description = module.params.get("description") state = module.params.get("state") tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="rtctrlAttrP", aci_rn="attr-{0}".format(action_rule), module_object=action_rule, target_filter={"name": action_rule}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="rtctrlAttrP", class_config=dict( name=action_rule, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class="rtctrlAttrP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( address=dict(type="str"), client_group=dict( type="str", aliases=["client_group_name", "client_group_profile"]), policy=dict(type="str", aliases=["snmp_policy", "snmp_policy_name"]), client_name=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["policy", "client_group", "address"]], ["state", "present", ["policy", "client_group", "address"]], ], ) aci = ACIModule(module) client_group = module.params.get("client_group") policy = module.params.get("policy") client_name = module.params.get("client_name") address = module.params.get("address") state = module.params.get("state") aci.construct_url( root_class=dict( aci_class="snmpPol", aci_rn="fabric/snmppol-{0}".format(policy), module_object=policy, target_filter={"name": policy}, ), subclass_1=dict( aci_class="snmpClientGrpP", aci_rn="clgrp-{0}".format(client_group), module_object=client_group, target_filter={"name": client_group}, ), subclass_2=dict( aci_class="snmpClientP", aci_rn="client-[{0}]".format(address), module_object=address, target_filter={"addr": address}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="snmpClientP", class_config=dict(addr=address, name=client_name), ) aci.get_diff(aci_class="snmpClientP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( pod_id=dict(type="int", aliases=["pod", "pod_number"]), node_id=dict(type="int", aliases=["leaf", "spine", "node"]), fex_id=dict(type="int"), node_type=dict(type="str", choices=["leaf", "spine"]), interface=dict(type="str"), description=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_one_of=[ ("node_type", "fex_id"), ], required_if=[ ["state", "absent", ["pod_id", "node_id", "interface"]], [ "state", "present", ["pod_id", "node_id", "interface", "description"] ], ], ) aci = ACIModule(module) pod_id = module.params.get("pod_id") node_id = module.params.get("node_id") interface = module.params.get("interface") description = module.params.get("description") fex_id = module.params.get("fex_id") node_type = module.params.get("node_type") state = module.params.get("state") class_name = "infraHPathS" children = ["infraRsHPathAtt"] if fex_id: rn = "hpaths-{0}_eth{1}_{2}.json".format(node_id, fex_id, interface.replace("/", "_")) child_configs = [ dict(infraRsHPathAtt=dict(attributes=dict( tDn="topology/pod-{0}/paths-{1}/extpaths-{2}/pathep-[eth{3}]". format(pod_id, node_id, fex_id, interface)))), ] elif node_type == "spine": rn = "shpaths-{0}_eth{1}".format(node_id, interface.replace("/", "_")) class_name = "infraSHPathS" children = ["infraRsSHPathAtt"] child_configs = [ dict(infraRsSHPathAtt=dict(attributes=dict( tDn="topology/pod-{0}/paths-{1}/pathep-[eth{2}]".format( pod_id, node_id, interface)))), ] elif node_type == "leaf": rn = "hpaths-{0}_eth{1}".format(node_id, interface.replace("/", "_")) child_configs = [ dict(infraRsHPathAtt=dict(attributes=dict( tDn="topology/pod-{0}/paths-{1}/pathep-[eth{2}]".format( pod_id, node_id, interface)))), ] aci.construct_url( root_class=dict( aci_class="infraInfra", aci_rn="infra", module_object="infra", target_filter={"name": "infra"}, ), subclass_1=dict( aci_class=class_name, aci_rn=rn, ), child_classes=children, ) aci.get_existing() if state == "present": aci.payload( aci_class=class_name, class_config=dict(descr=description, ), child_configs=child_configs, ) aci.get_diff(aci_class=class_name) aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name', 'name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), scope=dict( type='str', choices=['application-profile', 'context', 'global', 'tenant']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified' ]), # No default provided on purpose dscp=dict(type='str', choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ], aliases=['target']), # No default provided on purpose state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'tenant']], ['state', 'present', ['contract', 'tenant']], ], ) contract = module.params.get('contract') description = module.params.get('description') scope = module.params.get('scope') priority = module.params.get('priority') dscp = module.params.get('dscp') state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzBrCP', class_config=dict( name=contract, descr=description, scope=scope, prio=priority, targetDscp=dscp, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzBrCP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( leaf_interface_profile=dict( type='str', aliases=['leaf_interface_profile_name' ]), # Not required for querying all objects access_port_selector=dict(type='str', aliases=[ 'name', 'access_port_selector_name' ]), # Not required for querying all objects leaf_port_blk=dict(type='str', aliases=[ 'leaf_port_blk_name' ]), # Not required for querying all objects leaf_port_blk_description=dict(type='str'), from_port=dict( type='str', aliases=['from', 'fromPort', 'from_port_range'] ), # Not required for querying all objects and deleting sub port blocks to_port=dict( type='str', aliases=['to', 'toPort', 'to_port_range'] ), # Not required for querying all objects and deleting sub port blocks from_sub_port=dict( type='str', aliases=['fromSubPort', 'from_sub_port_range'] ), # Not required for querying all objects and deleting sub port blocks to_sub_port=dict( type='str', aliases=['toSubPort', 'to_sub_port_range'] ), # Not required for querying all objects and deleting sub port blocks from_card=dict(type='str', aliases=['from_card_range']), to_card=dict(type='str', aliases=['to_card_range']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ 'state', 'absent', [ 'access_port_selector', 'leaf_port_blk', 'leaf_interface_profile' ] ], [ 'state', 'present', [ 'access_port_selector', 'leaf_port_blk', 'from_port', 'to_port', 'from_sub_port', 'to_sub_port', 'leaf_interface_profile' ] ], ], ) leaf_interface_profile = module.params.get('leaf_interface_profile') access_port_selector = module.params.get('access_port_selector') leaf_port_blk = module.params.get('leaf_port_blk') leaf_port_blk_description = module.params.get('leaf_port_blk_description') from_port = module.params.get('from_port') to_port = module.params.get('to_port') from_sub_port = module.params.get('from_sub_port') to_sub_port = module.params.get('to_sub_port') from_card = module.params.get('from_card') to_card = module.params.get('to_card') state = module.params.get('state') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='infraAccPortP', aci_rn='infra/accportprof-{0}'.format(leaf_interface_profile), module_object=leaf_interface_profile, target_filter={'name': leaf_interface_profile}, ), subclass_1=dict( aci_class='infraHPortS', # NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module aci_rn='hports-{0}-typ-range'.format(access_port_selector), module_object=access_port_selector, target_filter={'name': access_port_selector}, ), subclass_2=dict( aci_class='infraSubPortBlk', aci_rn='subportblk-{0}'.format(leaf_port_blk), module_object=leaf_port_blk, target_filter={'name': leaf_port_blk}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='infraSubPortBlk', class_config=dict( descr=leaf_port_blk_description, name=leaf_port_blk, fromPort=from_port, toPort=to_port, fromSubPort=from_sub_port, toSubPort=to_sub_port, fromCard=from_card, toCard=to_card, # type='range', ), ) aci.get_diff(aci_class='infraSubPortBlk') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( description=dict(type="str", aliases=["descr"]), node_id=dict(type="int"), # Not required for querying all objects pod_id=dict(type="int"), role=dict(type="str", choices=["leaf", "spine", "unspecified"], aliases=["role_name"]), serial=dict(type="str", aliases=["serial_number" ]), # Not required for querying all objects switch=dict(type="str", aliases=["name", "switch_name"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["node_id", "serial"]], ["state", "present", ["node_id", "serial"]], ], ) pod_id = module.params.get("pod_id") serial = module.params.get("serial") node_id = module.params.get("node_id") switch = module.params.get("switch") description = module.params.get("description") role = module.params.get("role") state = module.params.get("state") name_alias = module.params.get("name_alias") aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class="fabricNodeIdentP", aci_rn="controller/nodeidentpol/nodep-{0}".format(serial), module_object=serial, target_filter={"serial": serial}, )) aci.get_existing() if state == "present": aci.payload( aci_class="fabricNodeIdentP", class_config=dict( descr=description, name=switch, nodeId=node_id, podId=pod_id, # NOTE: Originally we were sending 'rn', but now we need 'dn' for idempotency # FIXME: Did this change with ACI version ? dn="uni/controller/nodeidentpol/nodep-{0}".format(serial), # rn='nodep-{0}'.format(serial), role=role, serial=serial, nameAlias=name_alias, ), ) aci.get_diff(aci_class="fabricNodeIdentP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json(**aci.result)
def main(): argument_spec = aci_argument_spec() argument_spec.update( tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects l3out=dict(type='str', aliases=['l3out_name', 'name']), # Not required for querying all objects domain=dict(type='str', aliases=['ext_routed_domain_name', 'routed_domain']), vrf=dict(type='str', aliases=['vrf_name']), description=dict(type='str', aliases=['descr']), route_control=dict(type='list', elements='str', choices=['export', 'import'], aliases=['route_control_enforcement']), dscp=dict(type='str', choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ], aliases=['target']), l3protocol=dict(type='list', elements='str', choices=['bgp', 'eigrp', 'ospf', 'pim', 'static']), asn=dict(type='int', aliases=['as_number']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l3out', 'tenant']], ['state', 'present', ['l3out', 'tenant', 'domain', 'vrf']], ], ) aci = ACIModule(module) l3out = module.params.get('l3out') domain = module.params.get('domain') dscp = module.params.get('dscp') description = module.params.get('description') enforceRtctrl = module.params.get('route_control') vrf = module.params.get('vrf') l3protocol = module.params.get('l3protocol') asn = module.params.get('asn') state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') if l3protocol: if 'eigrp' in l3protocol and asn is None: module.fail_json( msg="Parameter 'asn' is required when l3protocol is 'eigrp'") if 'eigrp' not in l3protocol and asn is not None: module.warn( "Parameter 'asn' is only applicable when l3protocol is 'eigrp'. The ASN will be ignored" ) enforce_ctrl = '' if enforceRtctrl is not None: if len(enforceRtctrl) == 1 and enforceRtctrl[0] == 'import': aci.fail_json( "The route_control parameter is invalid: allowed options are export or import,export only" ) elif len(enforceRtctrl) == 1 and enforceRtctrl[0] == 'export': enforce_ctrl = 'export' else: enforce_ctrl = 'export,import' child_classes = [ 'l3extRsL3DomAtt', 'l3extRsEctx', 'bgpExtP', 'ospfExtP', 'eigrpExtP', 'pimExtP' ] aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='l3extOut', aci_rn='out-{0}'.format(l3out), module_object=l3out, target_filter={'name': l3out}, ), child_classes=child_classes, ) aci.get_existing() child_configs = [ dict(l3extRsL3DomAtt=dict(attributes=dict( tDn='uni/l3dom-{0}'.format(domain)))), dict(l3extRsEctx=dict(attributes=dict(tnFvCtxName=vrf))), ] if l3protocol is not None: for protocol in l3protocol: if protocol == 'bgp': child_configs.append( dict(bgpExtP=dict( attributes=dict(descr='', nameAlias='')))) elif protocol == 'eigrp': child_configs.append( dict(eigrpExtP=dict( attributes=dict(descr='', nameAlias='', asn=asn)))) elif protocol == 'ospf': child_configs.append( dict(ospfExtP=dict( attributes=dict(descr='', nameAlias='')))) elif protocol == 'pim': child_configs.append( dict(pimExtP=dict( attributes=dict(descr='', nameAlias='')))) if state == 'present': aci.payload( aci_class='l3extOut', class_config=dict( name=l3out, descr=description, dn='uni/tn-{0}/out-{1}'.format(tenant, l3out), enforceRtctrl=enforce_ctrl, targetDscp=dscp, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class='l3extOut') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( tenant=dict(type="str"), contract=dict(type="str"), subject=dict(type="str"), service_graph=dict(type="str"), state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ "state", "absent", ["contract", "service_graph", "subject", "tenant"] ], [ "state", "present", ["contract", "service_graph", "subject", "tenant"] ], ], ) aci = ACIModule(module) tenant = module.params.get("tenant") contract = module.params.get("contract") subject = module.params.get("subject") service_graph = module.params.get("service_graph") state = module.params.get("state") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict(aci_class="vzBrCP", aci_rn="brc-{0}".format(contract), module_object=contract, target_filter={"name": contract}), subclass_2=dict(aci_class="vzSubj", aci_rn="subj-{0}".format(subject), module_object=subject, target_filter={"name": subject}), subclass_3=dict(aci_class="vzRsSubjGraphAtt", aci_rn="rsSubjGraphAtt", module_object=service_graph, target_filter={"name": service_graph}), ) aci.get_existing() if state == "present": aci.payload(aci_class="vzRsSubjGraphAtt", class_config=dict(tnVnsAbsGraphName=service_graph)) aci.get_diff(aci_class="vzRsSubjGraphAtt") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( port_security=dict( type='str', aliases=['name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), max_end_points=dict(type='int'), port_security_timeout=dict(type='int'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['port_security']], ['state', 'present', ['port_security']], ], ) port_security = module.params.get('port_security') description = module.params.get('description') max_end_points = module.params.get('max_end_points') port_security_timeout = module.params.get('port_security_timeout') name_alias = module.params.get('name_alias') if max_end_points is not None and max_end_points not in range(12001): module.fail_json( msg='The "max_end_points" must be between 0 and 12000') if port_security_timeout is not None and port_security_timeout not in range( 60, 3601): module.fail_json( msg='The "port_security_timeout" must be between 60 and 3600') state = module.params.get('state') aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='l2PortSecurityPol', aci_rn='infra/portsecurityP-{0}'.format(port_security), module_object=port_security, target_filter={'name': port_security}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2PortSecurityPol', class_config=dict( name=port_security, descr=description, maximum=max_end_points, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l2PortSecurityPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update({ "access_key_id": dict(type="str"), "account_id": dict(type="str"), "is_account_in_org": dict(type="bool"), "is_trusted": dict(type="bool"), "secret_access_key": dict(type="str", no_log=True), "tenant": dict(type="str"), "state": dict(type="str", default="present", choices=["absent", "present", "query"]), }) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["tenant"]], ["state", "present", ["tenant"]], ], ) aci = ACIModule(module) access_key_id = module.params.get("access_key_id") account_id = module.params.get("account_id") annotation = module.params.get("annotation") is_account_in_org = aci.boolean(module.params.get("is_account_in_org")) is_trusted = aci.boolean(module.params.get("is_trusted")) secret_access_key = module.params.get("secret_access_key") tenant = module.params.get("tenant") state = module.params.get("state") child_configs = [] aci.construct_url( root_class={ "aci_class": "fvTenant", "aci_rn": "tn-{0}".format(tenant), "target_filter": 'eq(fvTenant.name, "{0}")'.format(tenant), "module_object": tenant, }, subclass_1={ "aci_class": "cloudAwsProvider", "aci_rn": "awsprovider".format(), "target_filter": { "account_id": account_id }, "module_object": account_id, }, child_classes=[], ) aci.get_existing() if state == "present": aci.payload( aci_class="cloudAwsProvider", class_config={ "accessKeyId": access_key_id, "accountId": account_id, "annotation": annotation, "isAccountInOrg": is_account_in_org, "isTrusted": is_trusted, "secretAccessKey": secret_access_key, }, child_configs=child_configs, ) aci.get_diff(aci_class="cloudAwsProvider") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name"]), # Not required for querying all objects ap=dict(type="str", aliases=["app_profile", "app_profile_name", "name"]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), monitoring_policy=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["tenant", "ap"]], ["state", "present", ["tenant", "ap"]], ], ) ap = module.params.get("ap") description = module.params.get("description") state = module.params.get("state") tenant = module.params.get("tenant") name_alias = module.params.get("name_alias") monitoring_policy = module.params.get("monitoring_policy") child_configs = [dict(fvRsApMonPol=dict(attributes=dict(tnMonEPGPolName=monitoring_policy)))] aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvAp", aci_rn="ap-{0}".format(ap), module_object=ap, target_filter={"name": ap}, ), child_classes=["fvRsApMonPol"], ) aci.get_existing() if state == "present": aci.payload( aci_class="fvAp", class_config=dict( name=ap, descr=description, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class="fvAp") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( interface_profile=dict(type="str", aliases=[ "leaf_interface_profile_name", "leaf_interface_profile", "interface_profile_name" ]), access_port_selector=dict(type="str", aliases=[ "name", "access_port_selector_name" ]), # Not required for querying all objects port_blk=dict(type="str", aliases=["leaf_port_blk_name", "leaf_port_blk" ]), # Not required for querying all objects port_blk_description=dict(type="str", aliases=["leaf_port_blk_description"]), from_port=dict(type="str", aliases=["from", "fromPort", "from_port_range"]), to_port=dict(type="str", aliases=["to", "toPort", "to_port_range"]), from_card=dict(type="str", aliases=["from_card_range"]), to_card=dict(type="str", aliases=["to_card_range"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), type=dict(type="str", default="leaf", choices=[ "fex", "leaf" ]), # This parameter is not required for querying all objects ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ "state", "absent", ["access_port_selector", "port_blk", "interface_profile"] ], [ "state", "present", [ "access_port_selector", "port_blk", "from_port", "to_port", "interface_profile" ] ], ], ) interface_profile = module.params.get("interface_profile") access_port_selector = module.params.get("access_port_selector") port_blk = module.params.get("port_blk") port_blk_description = module.params.get("port_blk_description") from_port = module.params.get("from_port") to_port = module.params.get("to_port") from_card = module.params.get("from_card") to_card = module.params.get("to_card") state = module.params.get("state") type_port = module.params.get("type") aci = ACIModule(module) aci_class = "infraAccPortP" aci_rn = "accportprof" if type_port == "fex": aci_class = "infraFexP" aci_rn = "fexprof" aci.construct_url( root_class=dict( aci_class=aci_class, aci_rn="infra/" + aci_rn + "-{0}".format(interface_profile), module_object=interface_profile, target_filter={"name": interface_profile}, ), subclass_1=dict( aci_class="infraHPortS", # NOTE: normal rn: hports-{name}-typ-{type}, hence here hardcoded to range for purposes of module aci_rn="hports-{0}-typ-range".format(access_port_selector), module_object=access_port_selector, target_filter={"name": access_port_selector}, ), subclass_2=dict( aci_class="infraPortBlk", aci_rn="portblk-{0}".format(port_blk), module_object=port_blk, target_filter={"name": port_blk}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="infraPortBlk", class_config=dict( descr=port_blk_description, name=port_blk, fromPort=from_port, toPort=to_port, fromCard=from_card, toCard=to_card, # type='range', ), ) aci.get_diff(aci_class="infraPortBlk") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( lldp_policy=dict(type='str', aliases=['name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), receive_state=dict(type='bool'), transmit_state=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['lldp_policy']], ['state', 'present', ['lldp_policy']], ], ) aci = ACIModule(module) lldp_policy = module.params.get('lldp_policy') description = module.params.get('description') receive_state = aci.boolean(module.params.get('receive_state'), 'enabled', 'disabled') transmit_state = aci.boolean(module.params.get('transmit_state'), 'enabled', 'disabled') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='lldpIfPol', aci_rn='infra/lldpIfP-{0}'.format(lldp_policy), module_object=lldp_policy, target_filter={'name': lldp_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lldpIfPol', class_config=dict( name=lldp_policy, descr=description, adminRxSt=receive_state, adminTxSt=transmit_state, nameAlias=name_alias, ), ) aci.get_diff(aci_class='lldpIfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update(aci_owner_spec()) argument_spec.update( name=dict(type="str", aliases=["scheduler_name" ]), # Not required for querying all objects description=dict(type="str", aliases=["descr"]), windowname=dict(type="str"), recurring=dict(type="bool"), concurCap=dict( type="int"), # Number of devices it will run against concurrently maxTime=dict( type="str" ), # The amount of minutes a process will be able to run (unlimited or dd:hh:mm:ss) date=dict( type="str"), # The date the process will run YYYY-MM-DDTHH:MM:SS state=dict(type="str", default="present", choices=["absent", "present", "query"]), hour=dict(type="int"), minute=dict(type="int"), day=dict( type="str", default="every-day", choices=[ "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday", "every-day", "even-day", "odd-day" ], ), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "absent", ["name"]], ["state", "present", ["name"]], ], ) state = module.params.get("state") name = module.params.get("name") windowname = module.params.get("windowname") recurring = module.params.get("recurring") date = module.params.get("date") hour = module.params.get("hour") minute = module.params.get("minute") maxTime = module.params.get("maxTime") concurCap = module.params.get("concurCap") day = module.params.get("day") description = module.params.get("description") name_alias = module.params.get("name_alias") if recurring: child_configs = [ dict(trigRecurrWindowP=dict(attributes=dict( name=windowname, hour=hour, minute=minute, procCa=maxTime, concurCap=concurCap, day=day, ))) ] elif recurring is False: child_configs = [ dict(trigAbsWindowP=dict(attributes=dict( name=windowname, procCap=maxTime, concurCap=concurCap, date=date, ))) ] else: child_configs = [] aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class="trigSchedP", aci_rn="fabric/schedp-{0}".format(name), target_filter={"name": name}, module_object=name, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="trigSchedP", class_config=dict( name=name, descr=description, nameAlias=name_alias, ), child_configs=child_configs, ) aci.get_diff(aci_class="trigSchedP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( path=dict(type='str', required=True, aliases=['uri']), method=dict(type='str', default='get', choices=['delete', 'get', 'post'], aliases=['action']), src=dict(type='path', aliases=['config_file']), content=dict(type='raw'), ) module = AnsibleModule( argument_spec=argument_spec, mutually_exclusive=[['content', 'src']], ) content = module.params['content'] path = module.params['path'] src = module.params['src'] # Report missing file file_exists = False if src: if os.path.isfile(src): file_exists = True else: module.fail_json(msg="Cannot find/access src '%s'" % src) # Find request type if path.find('.xml') != -1: rest_type = 'xml' if not HAS_LXML_ETREE: module.fail_json(msg='The lxml python library is missing, or lacks etree support.') if not HAS_XMLJSON_COBRA: module.fail_json(msg='The xmljson python library is missing, or lacks cobra support.') elif path.find('.json') != -1: rest_type = 'json' else: module.fail_json(msg='Failed to find REST API payload type (neither .xml nor .json).') aci = ACIRESTModule(module) aci.result['status'] = -1 # Ensure we always return a status # We include the payload as it may be templated payload = content if file_exists: with open(src, 'r') as config_object: # TODO: Would be nice to template this, requires action-plugin payload = config_object.read() # Validate payload if rest_type == 'json': if content and isinstance(content, dict): # Validate inline YAML/JSON payload = json.dumps(payload) elif payload and isinstance(payload, str) and HAS_YAML: try: # Validate YAML/JSON string payload = json.dumps(yaml.safe_load(payload)) except Exception as e: module.fail_json(msg='Failed to parse provided JSON/YAML payload: %s' % to_text(e), exception=to_text(e), payload=payload) elif rest_type == 'xml' and HAS_LXML_ETREE: if content and isinstance(content, dict) and HAS_XMLJSON_COBRA: # Validate inline YAML/JSON # FIXME: Converting from a dictionary to XML is unsupported at this time # payload = etree.tostring(payload) pass elif payload and isinstance(payload, str): try: # Validate XML string payload = lxml.etree.tostring(lxml.etree.fromstring(payload)) except Exception as e: module.fail_json(msg='Failed to parse provided XML payload: %s' % to_text(e), payload=payload) # Perform actual request using auth cookie (Same as aci.request(), but also supports XML) if 'port' in aci.params and aci.params['port'] is not None: aci.url = '%(protocol)s://%(host)s:%(port)s/' % aci.params + path.lstrip('/') else: aci.url = '%(protocol)s://%(host)s/' % aci.params + path.lstrip('/') if aci.params['method'] != 'get': path += '?rsp-subtree=modified' aci.url = update_qsl(aci.url, {'rsp-subtree': 'modified'}) # Sign and encode request as to APIC's wishes if aci.params['private_key'] is not None: aci.cert_auth(path=path, payload=payload) aci.method = aci.params['method'].upper() # Perform request resp, info = fetch_url(module, aci.url, data=payload, headers=aci.headers, method=aci.method, timeout=aci.params['timeout'], use_proxy=aci.params['use_proxy']) aci.response = info['msg'] aci.status = info['status'] # Report failure if info['status'] != 200: try: # APIC error aci.response_type(info['body'], rest_type) aci.fail_json(msg='APIC Error %(code)s: %(text)s' % aci.error) except KeyError: # Connection error aci.fail_json(msg='Connection failed for %(url)s. %(msg)s' % info) aci.response_type(resp.read(), rest_type) aci.result['imdata'] = aci.imdata aci.result['totalCount'] = aci.totalCount # Report success aci.exit_json(**aci.result)
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects l3out=dict(type="str", aliases=["l3out_name" ]), # Not required for querying all objects logical_node=dict(type="str", aliases=["node_profile", "node_profile_name" ]), # Not required for querying all objects pod_id=dict(type="int"), node_id=dict(type="int"), prefix=dict(type="str", aliases=["route"]), track_policy=dict(type="str"), preference=dict(type="int"), bfd=dict(type="str", choices=["bfd", None]), description=dict(type="str", aliases=["descr"]), state=dict(type="str", default="present", choices=["absent", "present", "query"]), name_alias=dict(type="str"), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ [ "state", "present", [ "prefix", "node_id", "pod_id", "logical_node", "l3out", "tenant" ] ], [ "state", "absent", [ "prefix", "node_id", "pod_id", "logical_node", "l3out", "tenant" ] ], ], ) aci = ACIModule(module) tenant = module.params.get("tenant") l3out = module.params.get("l3out") logical_node = module.params.get("logical_node") node_id = module.params.get("node_id") pod_id = module.params.get("pod_id") prefix = module.params.get("prefix") track_policy = module.params.get("track_policy") preference = module.params.get("preference") bfd = module.params.get("bfd") description = module.params.get("description") state = module.params.get("state") name_alias = module.params.get("name_alias") fabric_node = "topology/pod-{0}/node-{1}".format(pod_id, node_id) child_classes = ["ipNexthopP"] if track_policy is not None: child_classes.append("ipRsRouteTrack") aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="l3extOut", aci_rn="out-{0}".format(l3out), module_object=l3out, target_filter={"name": l3out}, ), subclass_2=dict( aci_class="l3extLNodeP", aci_rn="lnodep-{0}".format(logical_node), module_object=logical_node, target_filter={"name": logical_node}, ), subclass_3=dict( aci_class="l3extRsNodeL3OutAtt", aci_rn="rsnodeL3OutAtt-[{0}]".format(fabric_node), module_object=fabric_node, target_filter={"name": fabric_node}, ), subclass_4=dict( aci_class="ipRouteP", aci_rn="rt-[{0}]".format(prefix), module_object=prefix, target_filter={"name": prefix}, ), child_classes=child_classes, ) aci.get_existing() if state == "present": child_configs = [] class_config = dict( descr=description, ip=prefix, pref=preference, nameAlias=name_alias, ) if bfd is not None: class_config["rtCtrl"] = bfd if track_policy is not None: tDn = "uni/tn-{0}/tracklist-{1}".format(tenant, track_policy) child_configs.append( {"ipRsRouteTrack": { "attributes": { "tDn": tDn } }}) aci.payload(aci_class="ipRouteP", class_config=class_config, child_configs=child_configs), aci.get_diff(aci_class="ipRouteP") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update(aci_annotation_spec()) argument_spec.update( bd=dict(type="str", aliases=["bd_name", "bridge_domain" ]), # Not required for querying all objects l3out=dict(type="str"), # Not required for querying all objects tenant=dict(type="str", aliases=["tenant_name" ]), # Not required for querying all objects state=dict(type="str", default="present", choices=["absent", "present", "query"]), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ["state", "present", ["bd", "l3out", "tenant"]], ["state", "absent", ["bd", "l3out", "tenant"]], ], ) bd = module.params.get("bd") l3out = module.params.get("l3out") state = module.params.get("state") tenant = module.params.get("tenant") aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class="fvTenant", aci_rn="tn-{0}".format(tenant), module_object=tenant, target_filter={"name": tenant}, ), subclass_1=dict( aci_class="fvBD", aci_rn="BD-{0}".format(bd), module_object=bd, target_filter={"name": bd}, ), subclass_2=dict( aci_class="fvRsBDToOut", aci_rn="rsBDToOut-{0}".format(l3out), module_object=l3out, target_filter={"tnL3extOutName": l3out}, ), ) aci.get_existing() if state == "present": aci.payload( aci_class="fvRsBDToOut", class_config=dict(tnL3extOutName=l3out), ) aci.get_diff(aci_class="fvRsBDToOut") aci.post_config() elif state == "absent": aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( port_channel=dict(type='str', aliases=['name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), min_links=dict(type='int'), max_links=dict(type='int'), mode=dict( type='str', choices=['active', 'mac-pin', 'mac-pin-nicload', 'off', 'passive']), fast_select=dict(type='bool'), graceful_convergence=dict(type='bool'), load_defer=dict(type='bool'), suspend_individual=dict(type='bool'), symmetric_hash=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['port_channel']], ['state', 'present', ['port_channel']], ], ) port_channel = module.params.get('port_channel') description = module.params.get('description') min_links = module.params.get('min_links') if min_links is not None and min_links not in range(1, 17): module.fail_json( msg='The "min_links" must be a value between 1 and 16') max_links = module.params.get('max_links') if max_links is not None and max_links not in range(1, 17): module.fail_json( msg='The "max_links" must be a value between 1 and 16') mode = module.params.get('mode') state = module.params.get('state') name_alias = module.params.get('name_alias') # Build ctrl value for request ctrl = [] if module.params.get('fast_select') is True: ctrl.append('fast-sel-hot-stdby') if module.params.get('graceful_convergence') is True: ctrl.append('graceful-conv') if module.params.get('load_defer') is True: ctrl.append('load-defer') if module.params.get('suspend_individual') is True: ctrl.append('susp-individual') if module.params.get('symmetric_hash') is True: ctrl.append('symmetric-hash') if not ctrl: ctrl = None else: ctrl = ",".join(ctrl) aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='lacpLagPol', aci_rn='infra/lacplagp-{0}'.format(port_channel), module_object=port_channel, target_filter={'name': port_channel}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='lacpLagPol', class_config=dict( name=port_channel, ctrl=ctrl, descr=description, minLinks=min_links, maxLinks=max_links, mode=mode, nameAlias=name_alias, ), ) aci.get_diff(aci_class='lacpLagPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( protection_group=dict(type='str', aliases=['name', 'protection_group_name']), # Not required for querying all objects protection_group_id=dict(type='int', aliases=['id']), vpc_domain_policy=dict(type='str', aliases=['vpc_domain_policy_name']), switch_1_id=dict(type='int'), switch_2_id=dict(type='int'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['protection_group']], ['state', 'present', ['protection_group', 'protection_group_id', 'switch_1_id', 'switch_2_id']], ], ) protection_group = module.params.get('protection_group') protection_group_id = module.params.get('protection_group_id') vpc_domain_policy = module.params.get('vpc_domain_policy') switch_1_id = module.params.get('switch_1_id') switch_2_id = module.params.get('switch_2_id') state = module.params.get('state') name_alias = module.params.get('name_alias') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fabricExplicitGEp', aci_rn='fabric/protpol/expgep-{0}'.format(protection_group), module_object=protection_group, target_filter={'name': protection_group}, ), child_classes=['fabricNodePEp', 'fabricNodePEp', 'fabricRsVpcInstPol'], ) aci.get_existing() if state == 'present': aci.payload( aci_class='fabricExplicitGEp', class_config=dict( name=protection_group, id=protection_group_id, nameAlias=name_alias, ), child_configs=[ dict( fabricNodePEp=dict( attributes=dict( id='{0}'.format(switch_1_id), ), ), ), dict( fabricNodePEp=dict( attributes=dict( id='{0}'.format(switch_2_id), ), ), ), dict( fabricRsVpcInstPol=dict( attributes=dict( tnVpcInstPolName=vpc_domain_policy, ), ), ), ], ) aci.get_diff(aci_class='fabricExplicitGEp') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name' ]), # Not required for querying all objects subject=dict(type='str', aliases=['contract_subject', 'name', 'subject_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects priority=dict(type='str', choices=['unspecified', 'level1', 'level2', 'level3']), reverse_filter=dict(type='bool'), dscp=dict(type='str', aliases=['target'], choices=[ 'AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified' ]), description=dict(type='str', aliases=['descr']), consumer_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), provider_match=dict( type='str', choices=['all', 'at_least_one', 'at_most_one', 'none']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'subject', 'tenant']], ['state', 'present', ['contract', 'subject', 'tenant']], ], ) aci = ACIModule(module) subject = module.params.get('subject') priority = module.params.get('priority') reverse_filter = aci.boolean(module.params.get('reverse_filter')) contract = module.params.get('contract') dscp = module.params.get('dscp') description = module.params.get('description') consumer_match = module.params.get('consumer_match') if consumer_match is not None: consumer_match = MATCH_MAPPING.get(consumer_match) provider_match = module.params.get('provider_match') if provider_match is not None: provider_match = MATCH_MAPPING.get(provider_match) state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), subclass_2=dict( aci_class='vzSubj', aci_rn='subj-{0}'.format(subject), module_object=subject, target_filter={'name': subject}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzSubj', class_config=dict( name=subject, prio=priority, revFltPorts=reverse_filter, targetDscp=dscp, consMatchT=consumer_match, provMatchT=provider_match, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzSubj') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( filter=dict(type='str', aliases=['name', 'filter_name' ]), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name' ]), # Not required for querying all objects description=dict(type='str', aliases=['descr']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['filter', 'tenant']], ['state', 'present', ['filter', 'tenant']], ], ) filter_name = module.params.get('filter') description = module.params.get('description') state = module.params.get('state') tenant = module.params.get('tenant') name_alias = module.params.get('name_alias') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzFilter', aci_rn='flt-{0}'.format(filter_name), module_object=filter_name, target_filter={'name': filter_name}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzFilter', class_config=dict( name=filter_name, descr=description, nameAlias=name_alias, ), ) aci.get_diff(aci_class='vzFilter') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( l2_policy=dict(type='str', aliases=['name' ]), # Not required for querying all policies description=dict(type='str', aliases=['descr']), vlan_scope=dict(type='str', choices=['global', 'portlocal' ]), # No default provided on purpose qinq=dict(type='str', choices=['core', 'disabled', 'edge']), vepa=dict(type='bool'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), name_alias=dict(type='str'), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['l2_policy']], ['state', 'present', ['l2_policy']], ], ) aci = ACIModule(module) l2_policy = module.params.get('l2_policy') vlan_scope = module.params.get('vlan_scope') qinq = module.params.get('qinq') if qinq is not None: qinq = QINQ_MAPPING.get(qinq) vepa = aci.boolean(module.params.get('vepa'), 'enabled', 'disabled') description = module.params.get('description') state = module.params.get('state') name_alias = module.params.get('name_alias') aci.construct_url(root_class=dict( aci_class='l2IfPol', aci_rn='infra/l2IfP-{0}'.format(l2_policy), module_object=l2_policy, target_filter={'name': l2_policy}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='l2IfPol', class_config=dict( name=l2_policy, descr=description, vlanScope=vlan_scope, qinq=qinq, vepa=vepa, nameAlias=name_alias, ), ) aci.get_diff(aci_class='l2IfPol') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()