def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
timeout=dict(type="int", default=30),
state=dict(type="str",
default="present",
choices=["present", "absent"]),
))
module = AnsibleModule(argument_spec, supports_check_mode=True)
if not HAS_PURESTORAGE:
module.fail_json(msg="py-pure-client sdk is required for this module")
blade = get_system(module)
api_version = list(blade.get_versions().items)
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="FlashBlade REST version not supported. "
"Minimum version required: {0}".format(MIN_REQUIRED_API_VERSION))
state = module.params["state"]
if 5 < module.params["timeout"] > 180 and module.params["timeout"] != 0:
module.fail_json(msg="Timeout value must be between 5 and 180 minutes")
blade = get_system(module)
current_timeout = list(blade.get_arrays().items)[0].idle_timeout * 60000
if state == "present" and current_timeout != module.params["timeout"]:
set_timeout(module, blade)
elif state == "absent" and current_timeout != 0:
disable_timeout(module, blade)
module.exit_json(changed=False)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
state=dict(type="str",
default="present",
choices=["absent", "present"]),
enabled=dict(type="bool", default=True),
name=dict(type="str", required=True),
role=dict(
type="str",
choices=[
"readonly", "ops_admin", "storage_admin", "array_admin"
],
),
public_key=dict(type="str", no_log=True),
token_ttl=dict(type="int", default=86400, no_log=False),
issuer=dict(type="str"),
))
module = AnsibleModule(argument_spec, supports_check_mode=True)
pattern = re.compile("^[a-zA-Z0-9]([a-zA-Z0-9_]{0,54}[a-zA-Z0-9])?$")
if module.params["issuer"]:
if not pattern.match(module.params["issuer"]):
module.fail_json(
msg=
"API Client Issuer name {0} does not conform to required naming convention"
.format(module.params["issuer"]))
if not pattern.match(module.params["name"]):
module.fail_json(
msg=
"Object Store Virtual Host name {0} does not conform to required naming convention"
.format(module.params["name"]))
if not HAS_PURESTORAGE:
module.fail_json(msg="py-pure-client sdk is required for this module")
blade = get_system(module)
api_version = list(blade.get_versions().items)
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="FlashBlade REST version not supported. "
"Minimum version required: {0}".format(MIN_REQUIRED_API_VERSION))
state = module.params["state"]
exists = bool(
blade.get_api_clients(
names=[module.params["name"]]).status_code == 200)
if exists:
client = list(
blade.get_api_clients(names=[module.params["name"]]).items)[0]
if not exists and state == "present":
create_client(module, blade)
elif exists and state == "present":
update_client(module, blade, client)
elif exists and state == "absent":
delete_client(module, blade)
module.exit_json(changed=False)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
state=dict(type="str",
default="present",
choices=["absent", "present"]),
name=dict(type="str", required=True),
))
module = AnsibleModule(argument_spec, supports_check_mode=True)
blade = get_system(module)
api_version = list(blade.get_versions().items)
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="FlashBlade REST version not supported. "
"Minimum version required: {0}".format(MIN_REQUIRED_API_VERSION))
state = module.params["state"]
exists = bool(
blade.get_object_store_virtual_hosts(
names=[module.params["name"]]).status_code == 200)
if len(list(
blade.get_object_store_virtual_hosts().items)) < MAX_HOST_COUNT:
if not exists and state == "present":
add_host(module, blade)
elif exists and state == "absent":
delete_host(module, blade)
else:
module.warn("Maximum Object Store Virtual Host reached.")
module.exit_json(changed=False)
def generate_default_dict(module, blade):
default_info = {}
defaults = blade.arrays.list_arrays().items[0]
default_info["flashblade_name"] = defaults.name
default_info["purity_version"] = defaults.version
default_info["filesystems"] = len(
blade.file_systems.list_file_systems().items)
default_info["snapshots"] = len(
blade.file_system_snapshots.list_file_system_snapshots().items)
default_info["buckets"] = len(blade.buckets.list_buckets().items)
default_info["object_store_users"] = len(
blade.object_store_users.list_object_store_users().items)
default_info["object_store_accounts"] = len(
blade.object_store_accounts.list_object_store_accounts().items)
default_info["blades"] = len(blade.blade.list_blades().items)
default_info["certificates"] = len(
blade.certificates.list_certificates().items)
default_info["total_capacity"] = blade.arrays.list_arrays_space(
).items[0].capacity
api_version = blade.api_version.list_versions().versions
if POLICIES_API_VERSION in api_version:
default_info["policies"] = len(blade.policies.list_policies().items)
if CERT_GROUPS_API_VERSION in api_version:
default_info["certificate_groups"] = len(
blade.certificate_groups.list_certificate_groups().items)
if REPLICATION_API_VERSION in api_version:
default_info["fs_replicas"] = len(
blade.file_system_replica_links.list_file_system_replica_links(
).items)
default_info["remote_credentials"] = len(
blade.object_store_remote_credentials.
list_object_store_remote_credentials().items)
default_info["bucket_replicas"] = len(
blade.bucket_replica_links.list_bucket_replica_links().items)
default_info["connected_arrays"] = len(
blade.array_connections.list_array_connections().items)
default_info["targets"] = len(blade.targets.list_targets().items)
default_info["kerberos_keytabs"] = len(
blade.keytabs.list_keytabs().items)
# This section is just for REST 2.x features
if MIN_32_API in api_version:
blade = get_system(module)
default_info["object_store_virtual_hosts"] = len(
blade.get_object_store_virtual_hosts().items)
default_info["api_clients"] = len(blade.get_api_clients().items)
default_info["idle_timeout"] = int(
list(blade.get_arrays().items)[0].idle_timeout / 60000)
if list(blade.get_arrays_eula().items)[0].signature.accepted:
default_info["EULA"] = "Signed"
else:
default_info["EULA"] = "Not Signed"
return default_info
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
state=dict(
type="str",
default="import",
choices=["absent", "rotate", "import", "export"],
),
name=dict(type="str"),
prefix=dict(type="str"),
keytab_file=dict(type="str"),
filetype=dict(type="str", choices=["binary", "base64"]),
)
)
required_if = [["state", "import", ["prefix"]]]
module = AnsibleModule(
argument_spec, required_if=required_if, supports_check_mode=True
)
if not HAS_PURESTORAGE:
module.fail_json(msg="py-pure-client sdk is required for this module")
state = module.params["state"]
blade = get_system(module)
api_version = list(blade.get_versions().items)
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="Minimum FlashBlade REST version required: {0}".format(
MIN_REQUIRED_API_VERSION
)
)
if not module.params["prefix"]:
module.params["prefix"] = list(blade.get_active_directory().items)[0].name
if state == "import":
import_keytab(module, blade)
elif state == "export":
export_keytab(module, blade)
elif state == "rotate":
rotate_keytab(module, blade)
elif state == "absent":
delete_keytab(module, blade)
module.exit_json(changed=False)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
state=dict(type="str",
default="present",
choices=["absent", "present", "show"]),
name=dict(type="str"),
account=dict(type="str"),
policy=dict(type="list", elements="str"),
))
required_if = [
["state", "present", ["name", "account", "policy"]],
["state", "absent", ["name", "account", "policy"]],
]
module = AnsibleModule(argument_spec,
required_if=required_if,
supports_check_mode=True)
blade = get_system(module)
api_version = list(blade.get_versions().items)
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="FlashBlade REST version not supported. "
"Minimum version required: {0}".format(MIN_REQUIRED_API_VERSION))
state = module.params["state"]
if (blade.get_object_store_users(
names=[module.params["account"] + "/" +
module.params["name"]]).status_code != 200):
module.fail_json(msg="Account User {0}/{1} does not exist".format(
module.params["account"], module.params["name"]))
if state == "show":
list_policy(module, blade)
elif state == "present":
add_policy(module, blade)
elif state == "absent":
remove_policy(module, blade)
module.exit_json(changed=False)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
company=dict(type="str", required=True),
name=dict(type="str", required=True),
title=dict(type="str", required=True),
))
module = AnsibleModule(argument_spec, supports_check_mode=True)
if not HAS_PURITY_FB:
module.fail_json(msg="purity_fb sdk is required for this module")
blade = get_blade(module)
api_version = blade.api_version.list_versions().versions
api_version = blade.api_version.list_versions().versions
if EULA_API_VERSION not in api_version:
module.fail_json(
msg="Purity//FB must be upgraded to support this module.")
blade = get_system(module)
set_eula(module, blade)
module.exit_json(changed=False)
def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = True
if not module.check_mode:
user = module.params["account"] + "/" + module.params["name"]
blade.object_store_users.create_object_store_users(names=[user])
if module.params["access_key"] and module.params["imported_key"]:
module.warn("'access_key: true' overrides imported keys")
if module.params["access_key"]:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={"name": user}))
s3user_facts["fb_s3user"] = {
"user": user,
"access_key": result.items[0].secret_access_key,
"access_id": result.items[0].name,
}
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg="Object Store User {0}: Creation failed".format(user))
else:
if module.params["imported_key"]:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
try:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params["imported_key"]],
object_store_access_key=ObjectStoreAccessKeyPost(
user={"name": user},
secret_access_key=module.
params["imported_secret"],
),
)
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg=
"Object Store User {0}: Creation failed with imported access key"
.format(user))
if module.params["policy"]:
blade = get_system(module)
api_version = list(blade.get_versions().items)
if POLICY_API_VERSION in api_version:
policy_list = module.params["policy"]
for policy in range(0, len(policy_list)):
if (blade.get_object_store_access_policies(
names=[policy_list[policy]]).status_code != 200):
module.warn(
"Policy {0} is not valid. Ignoring...".format(
policy_list[policy]))
policy_list.remove(policy_list[policy])
username = module.params["account"] + "/" + module.params[
"name"]
for policy in range(0, len(policy_list)):
if not (blade.
get_object_store_users_object_store_access_policies(
member_names=[username],
policy_names=[policy_list[policy]]).items):
res = (
blade.
post_object_store_access_policies_object_store_users(
member_names=[username],
policy_names=[policy_list[policy]],
))
if res.status_code != 200:
module.warn(
"Failed to add policy {0} to account user {1}. Skipping..."
.format(policy_list[policy], username))
if "pure:policy/full-access" not in policy_list:
# User Create adds the pure:policy/full-access policy by default
# If we are specifying a list then remove this default value
blade.delete_object_store_access_policies_object_store_users(
member_names=[username],
policy_names=["pure:policy/full-access"],
)
else:
module.warn(
"FlashBlade REST version not supported for user access policies. Skipping..."
)
module.exit_json(changed=changed, s3user_info=s3user_facts)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(gather_subset=dict(default="minimum", type="list",
elements="str")))
module = AnsibleModule(argument_spec, supports_check_mode=False)
blade = get_blade(module)
versions = blade.api_version.list_versions().versions
if MIN_REQUIRED_API_VERSION not in versions:
module.fail_json(msg="Minimum FlashBlade REST version required: {0}".
format(MIN_REQUIRED_API_VERSION))
subset = [test.lower() for test in module.params["gather_subset"]]
valid_subsets = (
"all",
"minimum",
"config",
"performance",
"capacity",
"network",
"subnets",
"lags",
"filesystems",
"snapshots",
"buckets",
"arrays",
"replication",
"policies",
"accounts",
"admins",
"ad",
"kerberos",
)
subset_test = (test in valid_subsets for test in subset)
if not all(subset_test):
module.fail_json(
msg="value must gather_subset must be one or more of: %s, got: %s"
% (",".join(valid_subsets), ",".join(subset)))
info = {}
if "minimum" in subset or "all" in subset:
info["default"] = generate_default_dict(module, blade)
if "performance" in subset or "all" in subset:
info["performance"] = generate_perf_dict(blade)
if "config" in subset or "all" in subset:
info["config"] = generate_config_dict(blade)
if "capacity" in subset or "all" in subset:
info["capacity"] = generate_capacity_dict(blade)
if "lags" in subset or "all" in subset:
info["lag"] = generate_lag_dict(blade)
if "network" in subset or "all" in subset:
info["network"] = generate_network_dict(blade)
if "subnets" in subset or "all" in subset:
info["subnet"] = generate_subnet_dict(blade)
if "filesystems" in subset or "all" in subset:
info["filesystems"] = generate_fs_dict(blade)
if "admins" in subset or "all" in subset:
info["admins"] = generate_admin_dict(blade)
if "snapshots" in subset or "all" in subset:
info["snapshots"] = generate_snap_dict(blade)
if "buckets" in subset or "all" in subset:
info["buckets"] = generate_bucket_dict(blade)
api_version = blade.api_version.list_versions().versions
if POLICIES_API_VERSION in api_version:
if "policies" in subset or "all" in subset:
info["policies"] = generate_policies_dict(blade)
if REPLICATION_API_VERSION in api_version:
if "arrays" in subset or "all" in subset:
info["arrays"] = generate_array_conn_dict(blade)
if "replication" in subset or "all" in subset:
info["file_replication"] = generate_file_repl_dict(blade)
info["bucket_replication"] = generate_bucket_repl_dict(blade)
info["snap_transfers"] = generate_snap_transfer_dict(blade)
info["remote_credentials"] = generate_remote_creds_dict(blade)
info["targets"] = generate_targets_dict(blade)
if MIN_32_API in api_version:
# Calls for data only available from Purity//FB 3.2 and higher
blade = get_system(module)
if "accounts" in subset or "all" in subset:
info["accounts"] = generate_object_store_accounts_dict(blade)
if "ad" in subset or "all" in subset:
info["active_directory"] = generate_ad_dict(blade)
if "kerberos" in subset or "all" in subset:
info["kerberos"] = generate_kerb_dict(blade)
module.exit_json(changed=False, purefb_info=info)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
state=dict(type="str",
default="present",
choices=["absent", "present"]),
username=dict(type="str"),
password=dict(type="str", no_log=True),
name=dict(type="str", required=True),
service=dict(type="str",
default="nfs",
choices=["nfs", "cifs", "HOST"]),
computer=dict(type="str"),
existing=dict(type="bool", default=False),
local_only=dict(type="bool", default=False),
domain=dict(type="str"),
join_ou=dict(type="str"),
directory_servers=dict(type="list", elements="str"),
kerberos_servers=dict(type="list", elements="str"),
service_principals=dict(type="list", elements="str"),
encryption=dict(
type="list",
elements="str",
choices=["aes256-sha1", "aes128-sha1", "arcfour-hmac"],
default=["aes256-sha1"],
),
))
required_if = [["state", "present", ["username", "password", "domain"]]]
module = AnsibleModule(argument_spec,
required_if=required_if,
supports_check_mode=True)
if not HAS_PURESTORAGE:
module.fail_json(msg="py-pure-client sdk is required for this module")
blade = get_system(module)
api_version = list(blade.get_versions().items)
module.params["encryption"] = [
crypt.replace("aes256-sha1", "aes256-cts-hmac-sha1-96").replace(
"aes128-sha1", "aes128-cts-hmac-sha1-96")
for crypt in module.params["encryption"]
]
if MIN_REQUIRED_API_VERSION not in api_version:
module.fail_json(
msg="FlashBlade REST version not supported. "
"Minimum version required: {0}".format(MIN_REQUIRED_API_VERSION))
state = module.params["state"]
exists = bool(blade.get_active_directory().total_item_count == 1)
# TODO: Check SMB mode.
# If mode is SMB adapter only allow nfs
# Only allow cifs or HOST is SMB mode is native
if module.params["service"].lower() in ["nfs", "cifs"]:
module.params["service"] = module.params["service"].lower()
if module.params["service"].upper() == "HOST":
module.params["service"] = module.params["service"].upper()
if not module.params["computer"]:
module.params["computer"] = module.params["name"].replace("_", "-")
if module.params["kerberos_servers"]:
module.params["kerberos_servers"] = module.params["kerberos_servers"][
0:5]
if module.params["directory_servers"]:
module.params["directory_servers"] = module.params[
"directory_servers"][0:5]
if not exists and state == "present":
create_account(module, blade)
elif exists and state == "present":
update_account(module, blade)
elif exists and state == "absent":
delete_account(module, blade)
module.exit_json(changed=False)