def _add_firewall_rules(module, oneandone_conn, firewall_id, rules): """ Adds new rules to a firewall policy. """ try: firewall_rules = [] for rule in rules: firewall_rule = oneandone.client.FirewallPolicyRule( protocol=rule['protocol'], port_from=rule['port_from'], port_to=rule['port_to'], source=rule['source']) firewall_rules.append(firewall_rule) if module.check_mode: firewall_policy_id = get_firewall_policy(oneandone_conn, firewall_id) if (firewall_rules and firewall_policy_id): return True return False firewall_policy = oneandone_conn.add_firewall_policy_rule( firewall_id=firewall_id, firewall_policy_rules=firewall_rules) return firewall_policy except Exception as e: module.fail_json(msg=str(e))
def create_firewall_policy(module, oneandone_conn): """ Create a new firewall policy. module : AnsibleModule object oneandone_conn: authenticated oneandone object """ try: name = module.params.get('name') description = module.params.get('description') rules = module.params.get('rules') wait = module.params.get('wait') wait_timeout = module.params.get('wait_timeout') wait_interval = module.params.get('wait_interval') firewall_rules = [] for rule in rules: firewall_rule = oneandone.client.FirewallPolicyRule( protocol=rule['protocol'], port_from=rule['port_from'], port_to=rule['port_to'], source=rule['source']) firewall_rules.append(firewall_rule) firewall_policy_obj = oneandone.client.FirewallPolicy( name=name, description=description ) _check_mode(module, True) firewall_policy = oneandone_conn.create_firewall_policy( firewall_policy=firewall_policy_obj, firewall_policy_rules=firewall_rules ) if wait: wait_for_resource_creation_completion( oneandone_conn, OneAndOneResources.firewall_policy, firewall_policy['id'], wait_timeout, wait_interval) firewall_policy = get_firewall_policy(oneandone_conn, firewall_policy['id'], True) # refresh changed = True if firewall_policy else False _check_mode(module, False) return (changed, firewall_policy) except Exception as e: module.fail_json(msg=str(e))
def remove_firewall_policy(module, oneandone_conn): """ Removes a firewall policy. module : AnsibleModule object oneandone_conn: authenticated oneandone object """ try: fp_id = module.params.get('name') firewall_policy_id = get_firewall_policy(oneandone_conn, fp_id) if module.check_mode: if firewall_policy_id is None: _check_mode(module, False) _check_mode(module, True) firewall_policy = oneandone_conn.delete_firewall(firewall_policy_id) changed = True if firewall_policy else False return (changed, { 'id': firewall_policy['id'], 'name': firewall_policy['name'] }) except Exception as e: module.fail_json(msg=str(e))
def update_firewall_policy(module, oneandone_conn): """ Updates a firewall policy based on input arguments. Firewall rules and server ips can be added/removed to/from firewall policy. Firewall policy name and description can be updated as well. module : AnsibleModule object oneandone_conn: authenticated oneandone object """ try: firewall_policy_id = module.params.get('firewall_policy') name = module.params.get('name') description = module.params.get('description') add_server_ips = module.params.get('add_server_ips') remove_server_ips = module.params.get('remove_server_ips') add_rules = module.params.get('add_rules') remove_rules = module.params.get('remove_rules') changed = False firewall_policy = get_firewall_policy(oneandone_conn, firewall_policy_id, True) if firewall_policy is None: _check_mode(module, False) if name or description: _check_mode(module, True) firewall_policy = oneandone_conn.modify_firewall( firewall_id=firewall_policy['id'], name=name, description=description) changed = True if add_server_ips: if module.check_mode: _check_mode( module, _add_server_ips(module, oneandone_conn, firewall_policy['id'], add_server_ips)) firewall_policy = _add_server_ips(module, oneandone_conn, firewall_policy['id'], add_server_ips) changed = True if remove_server_ips: chk_changed = False for server_ip_id in remove_server_ips: if module.check_mode: chk_changed |= _remove_firewall_server( module, oneandone_conn, firewall_policy['id'], server_ip_id) _remove_firewall_server(module, oneandone_conn, firewall_policy['id'], server_ip_id) _check_mode(module, chk_changed) firewall_policy = get_firewall_policy(oneandone_conn, firewall_policy['id'], True) changed = True if add_rules: firewall_policy = _add_firewall_rules(module, oneandone_conn, firewall_policy['id'], add_rules) _check_mode(module, firewall_policy) changed = True if remove_rules: chk_changed = False for rule_id in remove_rules: if module.check_mode: chk_changed |= _remove_firewall_rule( module, oneandone_conn, firewall_policy['id'], rule_id) _remove_firewall_rule(module, oneandone_conn, firewall_policy['id'], rule_id) _check_mode(module, chk_changed) firewall_policy = get_firewall_policy(oneandone_conn, firewall_policy['id'], True) changed = True return (changed, firewall_policy) except Exception as e: module.fail_json(msg=str(e))
def create_server(module, oneandone_conn): """ Create new server module : AnsibleModule object oneandone_conn: authenticated oneandone object Returns a dictionary containing a 'changed' attribute indicating whether any server was added, and a 'servers' attribute with the list of the created servers' hostname, id and ip addresses. """ hostname = module.params.get('hostname') description = module.params.get('description') auto_increment = module.params.get('auto_increment') count = module.params.get('count') fixed_instance_size = module.params.get('fixed_instance_size') vcore = module.params.get('vcore') cores_per_processor = module.params.get('cores_per_processor') ram = module.params.get('ram') hdds = module.params.get('hdds') datacenter = module.params.get('datacenter') appliance = module.params.get('appliance') ssh_key = module.params.get('ssh_key') private_network = module.params.get('private_network') monitoring_policy = module.params.get('monitoring_policy') firewall_policy = module.params.get('firewall_policy') load_balancer = module.params.get('load_balancer') server_type = module.params.get('server_type') wait = module.params.get('wait') wait_timeout = module.params.get('wait_timeout') wait_interval = module.params.get('wait_interval') datacenter_id = get_datacenter(oneandone_conn, datacenter) if datacenter_id is None: _check_mode(module, False) module.fail_json(msg='datacenter %s not found.' % datacenter) fixed_instance_size_id = None if fixed_instance_size: fixed_instance_size_id = get_fixed_instance_size( oneandone_conn, fixed_instance_size) if fixed_instance_size_id is None: _check_mode(module, False) module.fail_json(msg='fixed_instance_size %s not found.' % fixed_instance_size) appliance_id = get_appliance(oneandone_conn, appliance) if appliance_id is None: _check_mode(module, False) module.fail_json(msg='appliance %s not found.' % appliance) private_network_id = None if private_network: private_network_id = get_private_network(oneandone_conn, private_network) if private_network_id is None: _check_mode(module, False) module.fail_json(msg='private network %s not found.' % private_network) monitoring_policy_id = None if monitoring_policy: monitoring_policy_id = get_monitoring_policy(oneandone_conn, monitoring_policy) if monitoring_policy_id is None: _check_mode(module, False) module.fail_json(msg='monitoring policy %s not found.' % monitoring_policy) firewall_policy_id = None if firewall_policy: firewall_policy_id = get_firewall_policy(oneandone_conn, firewall_policy) if firewall_policy_id is None: _check_mode(module, False) module.fail_json(msg='firewall policy %s not found.' % firewall_policy) load_balancer_id = None if load_balancer: load_balancer_id = get_load_balancer(oneandone_conn, load_balancer) if load_balancer_id is None: _check_mode(module, False) module.fail_json(msg='load balancer %s not found.' % load_balancer) if auto_increment: hostnames = _auto_increment_hostname(count, hostname) descriptions = _auto_increment_description(count, description) else: hostnames = [hostname] * count descriptions = [description] * count hdd_objs = [] if hdds: for hdd in hdds: hdd_objs.append( oneandone.client.Hdd(size=hdd['size'], is_main=hdd['is_main'])) servers = [] for index, name in enumerate(hostnames): server = _create_server(module=module, oneandone_conn=oneandone_conn, hostname=name, description=descriptions[index], fixed_instance_size_id=fixed_instance_size_id, vcore=vcore, cores_per_processor=cores_per_processor, ram=ram, hdds=hdd_objs, datacenter_id=datacenter_id, appliance_id=appliance_id, ssh_key=ssh_key, private_network_id=private_network_id, monitoring_policy_id=monitoring_policy_id, firewall_policy_id=firewall_policy_id, load_balancer_id=load_balancer_id, server_type=server_type, wait=wait, wait_timeout=wait_timeout, wait_interval=wait_interval) if server: servers.append(server) changed = False if servers: for server in servers: if server: _check_mode(module, True) _check_mode(module, False) servers = [_insert_network_data(_server) for _server in servers] changed = True _check_mode(module, False) return (changed, servers)