def run_module():
module_args = dict(
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['present']),
autonomous_system=dict(type='int', required=False),
)
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = 'global-default-system-config'
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
autonomous_system = module.params.get("autonomous_system")
if module.check_mode:
module.exit_json(**result)
obj_type = 'global-system-config'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type,
controller_ip, username,
password, state)
## begin: object specific
old_js = js
js = {"global-system-config": {}}
## limit properties because of web api limitation
for k in old_js["global-system-config"]:
if k in [
"bgpaas_parameters", "igmp_enable", "parent_type",
"ibgp_auto_mesh", "rd_cluster_seed", "autonomous_system",
"enable_4byte_as", "display_name", "plugin_tuning", "tag_refs",
"id_perms:enable", "id_perms:description",
"id_perms:user_visible", "id_perms:permissions",
"fast_convergence_parameters", "ip_fabric_subnets",
"annotations", "mac_limit_control",
"user_defined_log_statistics", "config_version",
"supported_vendor_hardwares", "enable_security_policy_draft",
"perms2", "bgp_router_refs", "supported_fabric_annotations",
"alarm_enable", "mac_move_control",
"data_center_interconnect_loopback_namespace",
"bgp_always_compare_med",
"data_center_interconnect_asn_namespace",
"graceful_restart_parameters", "supported_device_families",
"mac_aging_time", "fq_name", "uuid", "display_name",
"parent_type", "parent_uuid"
]:
js["global-system-config"][k] = old_js["global-system-config"][k]
if autonomous_system:
js["global-system-config"]["autonomous_system"] = autonomous_system
## end: object specific
payload = json.dumps(js)
#print (payload)
#print (js.get("global-system-config").get("uuid"))
#sys.exit(35)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str', required=False),
firewall_rules=dict(type='list', required=False))
result = dict(changed=False, message='')
required_if_args = [["state", "present", ["firewall_rules"]]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
firewall_rules = module.params.get("firewall_rules")
if module.check_mode:
module.exit_json(**result)
config_api_url = 'http://' + controller_ip + ':8082/'
obj_type = 'firewall-policy'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
if project:
js = json.loads('''
{ "firewall-policy":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
else:
js = json.loads('''
{ "firewall-policy":
{
"fq_name": ["%s"],
"parent_type": "policy-management"
}
}
''' % (name))
## begin: object specific
if (firewall_rules):
firewall_rule_refs = []
for i in range(len(firewall_rules)):
# get uuid of each firewall rule
firewall_rule_name = firewall_rules[i]
if project:
firewall_rule_fqname = [domain, project, firewall_rule_name]
else:
firewall_rule_fqname = [
"default-policy-management", firewall_rule_name
]
response = requests.post(config_api_url + 'fqname-to-id',
data=json.dumps({
"type":
"firewall-rule",
"fq_name":
firewall_rule_fqname
}),
headers=vnc_api_headers)
if not response.status_code == 200:
module.fail_json(msg="specified firewall-rule doesn't exist",
**result)
firewall_rule_uuid = json.loads(response.text).get("uuid")
firewall_rule_refs.append({
"attr": {
"sequence": "{}".format(i)
},
"to": firewall_rule_fqname,
"uuid": firewall_rule_uuid
})
js["firewall-policy"]["firewall_rule_refs"] = firewall_rule_refs
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
health_check_type=dict(
type='str',
required=False,
default='link-local',
choices=['link-local', 'end-to-end']),
monitor_type=dict(type='str',
required=False,
default='PING',
choices=['PING', 'HTTP', 'BFD']),
url_path=dict(type='str',
required=False,
default='local-ip'),
max_retries=dict(type=int, required=False, default=2),
timeout=dict(type=int, required=False, default=5),
delay=dict(type=int, required=False, default=3))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
health_check_type = module.params.get("health_check_type")
monitor_type = module.params.get("monitor_type")
url_path = module.params.get("url_path")
max_retries = module.params.get("max_retries")
timeout = module.params.get("timeout")
delay = module.params.get("delay")
if module.check_mode:
module.exit_json(**result)
obj_type = 'service-health-check'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "service-health-check":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
## begin: object specific
if state == 'present':
service_health_check_properties = js.get("service-health-check").get(
"service_health_check_properties")
if service_health_check_properties == None:
service_health_check_properties = {}
service_health_check_properties[
"health_check_type"] = health_check_type
service_health_check_properties["monitor_type"] = monitor_type
service_health_check_properties["url_path"] = url_path
service_health_check_properties["max_retries"] = max_retries
service_health_check_properties["timeout"] = timeout
service_health_check_properties["delay"] = delay
js["service-health-check"][
"service_health_check_properties"] = service_health_check_properties
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
router_type=dict(
type='str',
required=False,
choices=['snat-routing', 'vxlan-routing']),
connected_networks=dict(type='list', required=False),
route_target_list=dict(type='list', required=False),
vxlan_network_identifier=dict(type='int',
required=False),
physical_router_refs=dict(type='list', required=False))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
router_type = module.params.get("router_type")
connected_networks = module.params.get("connected_networks")
route_target_list = module.params.get("route_target_list")
vxlan_network_identifier = module.params.get("vxlan_network_identifier")
physical_router_refs = module.params.get("physical_router_refs")
if module.check_mode:
module.exit_json(**result)
## begin: logical-router
obj_type = 'logical-router'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
## create payload and call API
if update and state == 'present':
pass
else:
js = json.loads('''
{ "logical-router":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
if router_type:
js["logical-router"]["logical_router_type"] = router_type
if vxlan_network_identifier:
js["logical-router"]["vxlan_network_identifier"] = str(
vxlan_network_identifier)
if physical_router_refs:
js["logical-router"]["physical_router_refs"] = [{
"to": ["default-global-system-config", physical_router]
} for physical_router in physical_router_refs]
if route_target_list:
js["logical-router"]["configured_route_target_list"] = {
"route_target": [
"target:{}".format(route_target)
for route_target in route_target_list
]
}
print("connected_networks", connected_networks)
if not connected_networks == None:
print("try to connect", connected_networks)
js["logical-router"]["virtual_machine_interface_refs"] = []
for network in connected_networks:
js["logical-router"]["virtual_machine_interface_refs"].append({
"parent_type":
"project",
"fq_name": [domain, project],
"virtual_network_refs": [{
"to": [domain, project, network]
}],
"virtual_machine_interface_device_owner":
"network:router_interface"
})
## end: logical-router
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str', required=False),
tag_type=dict(type='str',
required=False,
default='label',
choices=[
"application", "site", "deployment",
"tier", "label"
]))
result = dict(changed=False, message='')
required_if_args = [["state", "present", ["tag_type"]]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
tag_type = module.params.get("tag_type")
if module.check_mode:
module.exit_json(**result)
obj_type = 'tag'
tag_type_name = tag_type + '=' + name
(web_api, update, uuid, js) = login_and_check_id(module,
tag_type_name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
if project:
js = json.loads('''
{ "tag":
{
"fq_name": ["%s", "%s", "%s"],
"tag_type_name": "%s",
"tag_value": "%s",
"parent_type": "project"
}
}
''' % (domain, project, name, tag_type, name))
else:
js = json.loads('''
{ "tag":
{
"fq_name": ["%s"],
"tag_type_name": "%s",
"tag_value": "%s"
}
}
''' % (name, tag_type, name))
## begin: object specific
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
loadbalancer_subnet_uuid=dict(type='str',
required=False),
loadbalancer_pool_uuid=dict(type='str', required=False),
address=dict(type='str', required=False),
port=dict(type='int', required=False),
weight=dict(type='int', required=False, default=1))
result = dict(changed=False, message='')
required_if_args = [[
"state", "present",
[
"loadbalancer_subnet_uuid", "loadbalancer_pool_uuid", "address",
"port"
]
]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
loadbalancer_subnet_uuid = module.params.get("loadbalancer_subnet_uuid")
loadbalancer_pool_uuid = module.params.get("loadbalancer_pool_uuid")
address = module.params.get("address")
port = module.params.get("port")
weight = module.params.get("weight")
if module.check_mode:
module.exit_json(**result)
obj_type = 'loadbalancer-member'
(web_api, update, uuid, js) = login_and_check_id(
module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project,
loadbalancer_pool="undefined-" + loadbalancer_pool_uuid)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "loadbalancer-member":
{
"fq_name": ["%s", "%s", "undefined-%s", "%s"],
"parent_type": "loadbalancer-pool",
"loadbalancer_member_properties": {"admin_state": true}
}
}
''' % (domain, project, loadbalancer_pool_uuid, name))
## begin: object specific
if (address):
js["loadbalancer-member"]["loadbalancer_member_properties"][
"subnet_id"] = loadbalancer_subnet_uuid
if (address):
js["loadbalancer-member"]["loadbalancer_member_properties"][
"address"] = address
if (port):
js["loadbalancer-member"]["loadbalancer_member_properties"][
"protocol_port"] = port
if (weight):
js["loadbalancer-member"]["loadbalancer_member_properties"][
"weight"] = weight
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=False),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str', required=False, default='present', choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False),
rule_object=dict(type='str', required=True),
rule_field=dict(type='str', required=True),
role_crud_list=dict(type='list', required=False),
role_name_list=dict(type='list', required=False)
)
result = dict(
changed=False,
message=''
)
required_if_args = [
["state", "present", ["role_crud_list", "role_name_list"]]
]
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args
)
name = "default-api-access-list"
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
rule_object = module.params.get("rule_object")
rule_field = module.params.get("rule_field")
role_crud_list = module.params.get("role_crud_list")
role_name_list = module.params.get("role_name_list")
if module.check_mode:
module.exit_json(**result)
obj_type='api-access-list'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type, controller_ip, username, password, state, domain=domain, project=project)
if update:
pass
else:
module.fail_json(msg='default-api-access-list is not available. cannot add an entry to that.', **result)
## begin: object specific
rbac_rule = js["api-access-list"].get("api_access_list_entries").get("rbac_rule")
entry_to_be_deleted = -1
for i in range(len(rbac_rule)):
rbac_entry = rbac_rule[i]
tmp_rule_object = rbac_entry.get("rule_object")
tmp_rule_field = rbac_entry.get("rule_field")
if tmp_rule_object == rule_object and tmp_rule_field == rule_field:
if state == 'present':
module.fail_json(msg='That entry is already available. please firstly delete and re-create it.', **result)
if state == 'absent':
entry_to_be_deleted = i
if state == 'present':
rule_perms = []
for i in range(len(role_name_list)):
rule_perms.append({"role_name": role_name_list[i], "role_crud": role_crud_list[i]})
rbac_rule.append ({"rule_object": rule_object, "rule_field": rule_field, "rule_perms": rule_perms})
elif state == 'absent':
if entry_to_be_deleted == -1:
module.fail_json(msg='cannot find rbac entry that matches the given rule.', **result)
del rbac_rule[entry_to_be_deleted]
## end: object specific
payload=json.dumps(js)
failed = crud (web_api, controller_ip, update, state, result, payload=payload, obj_type=obj_type, uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
global_object=dict(type='bool', required=False),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
subnet=dict(type='str', required=False),
subnet_prefix=dict(type='int', required=False),
flood_unknown_unicast=dict(type='bool', required=False),
ip_fabric_forwarding=dict(type='bool', required=False),
fabric_snat=dict(type='bool', required=False),
display_name=dict(type='str', required=False),
igmp_enable=dict(type='bool', required=False),
mac_learning_enabled=dict(type='bool', required=False),
port_security_enabled=dict(type='bool', required=False),
allow_transit=dict(type='bool', required=False),
forwarding_mode=dict(
type='str',
required=False,
choices=['default', 'l2_l3', 'l3', 'l2']),
max_flows=dict(type='int', required=False),
rpf=dict(type='str',
required=False,
choices=['enable', 'disable']),
vxlan_network_identifier=dict(type='int',
required=False),
route_target_list=dict(type='list', required=False),
import_route_target_list=dict(type='list',
required=False),
export_route_target_list=dict(type='list',
required=False),
virtual_network_category=dict(type='str',
required=False,
choices=['routed']),
network_policy_refs=dict(type='list', required=False),
tag_refs=dict(type='list', required=False))
result = dict(changed=False, message='')
required_if_args = [[
"global_object", True,
[
"domain", "project", "name", "route_target_list",
"vxlan_network_identifier"
]
]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
subnet = module.params.get("subnet")
subnet_prefix = module.params.get("subnet_prefix")
flood_unknown_unicast = module.params.get("flood_unknown_unicast")
ip_fabric_forwarding = module.params.get("ip_fabric_forwarding")
fabric_snat = module.params.get("fabric_snat")
rpf = module.params.get("rpf")
allow_transit = module.params.get("allow_transit")
forwarding_mode = module.params.get("forwarding_mode")
vxlan_network_identifier = module.params.get("vxlan_network_identifier")
route_target_list = module.params.get("route_target_list")
import_route_target_list = module.params.get("import_route_target_list")
export_route_target_list = module.params.get("export_route_target_list")
virtual_network_category = module.params.get("virtual_network_category")
network_policy_refs = module.params.get("network_policy_refs")
tag_refs = module.params.get("tag_refs")
if module.check_mode:
module.exit_json(**result)
## begin: virtual-network
config_api_url = 'http://' + controller_ip + ':8082/'
obj_type = 'virtual-network'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "virtual-network":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
if subnet:
if (js["virtual-network"].get("network_ipam_refs") == None):
js["virtual-network"]["network_ipam_refs"] = [{
"to":
["default-domain", "default-project", "default-network-ipam"],
"attr": {
"ipam_subnets": [{
"subnet": {
"ip_prefix": subnet,
"ip_prefix_len": subnet_prefix
}
}]
}
}]
subnet_uuid = str(uuid_module.uuid4())
js["virtual-network"]["network_ipam_refs"][0]["attr"][
"ipam_subnets"][0]["subnet_uuid"] = subnet_uuid
js["virtual-network"]["network_ipam_refs"][0]["attr"][
"ipam_subnets"][0]["subnet_name"] = subnet_uuid
if flood_unknown_unicast:
js["virtual-network"]["flood_unknown_unicast"] = True
if ip_fabric_forwarding:
js["virtual-network"]["ip_fabric_forwarding"] = True
if fabric_snat:
js["virtual-network"]["fabric_snat"] = True
if virtual_network_category:
js["virtual-network"][
"virtual_network_category"] = virtual_network_category
if not network_policy_refs == None:
# ["default-domain:admin:network-policy1"], []]
network_policy_refs_list = []
for np_fqname in network_policy_refs:
response = requests.post(config_api_url + 'fqname-to-id',
data=json.dumps({
"type":
"network-policy",
"fq_name":
np_fqname.split(":")
}),
headers=vnc_api_headers)
if not response.status_code == 200:
module.fail_json(msg="network-policy specified doesn't exist",
**result)
np_uuid = json.loads(response.text).get("uuid")
network_policy_refs_list.append({
"to": np_fqname.split(":"),
"uuid": np_uuid,
"attr": {
"sequence": {
"major": 0,
"minor": 0
}
}
})
js["virtual-network"]["network_policy_refs"] = network_policy_refs_list
if not tag_refs == None:
# ["default-domain:admin:site=A"], []]
tag_refs_list = []
for tag_fqname in tag_refs:
tag_uuid = fqname_to_id(module, tag_fqname, 'tag', controller_ip)
tag_refs_list.append({
"to": tag_fqname.split(":"),
"uuid": tag_uuid
})
js["virtual-network"]["tag_refs"] = tag_refs_list
if js["virtual-network"].get("virtual_network_properties") == None:
js["virtual-network"]["virtual_network_properties"] = {}
if rpf:
js["virtual-network"]["virtual_network_properties"]["rpf"] = rpf
if allow_transit:
js["virtual-network"]["virtual_network_properties"][
"allow_transit"] = allow_transit
if forwarding_mode:
js["virtual-network"]["virtual_network_properties"][
"forwarding_mode"] = forwarding_mode
if vxlan_network_identifier:
js["virtual-network"]["virtual_network_properties"][
"vxlan_network_identifier"] = vxlan_network_identifier
if route_target_list:
js["virtual-network"]["route_target_list"] = {
"route_target": route_target_list
}
if import_route_target_list:
js["virtual-network"]["import_route_target_list"] = {
"route_target": import_route_target_list
}
if export_route_target_list:
js["virtual-network"]["export_route_target_list"] = {
"route_target": export_route_target_list
}
## end: virtual-network
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False),
endpoint_1=dict(type='dict', required=False),
endpoint_2=dict(type='dict', required=False),
service=dict(type='dict', required=False),
action_list=dict(type='dict', required=False),
)
result = dict(changed=False, message='')
required_if_args = [[
"state", "present", ["endpoint_1", "endpoint_2", "action_list"]
]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
endpoint_1 = module.params.get("endpoint_1")
endpoint_2 = module.params.get("endpoint_2")
service = module.params.get("service")
action_list = module.params.get("action_list")
if module.check_mode:
module.exit_json(**result)
obj_type = 'firewall-rule'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
if project:
js = json.loads('''
{ "firewall-rule":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
else:
js = json.loads('''
{ "firewall-rule":
{
"fq_name": ["%s"],
"parent_type": "policy-management"
}
}
''' % (name))
## begin: object specific
if (endpoint_1):
js["firewall-rule"]["endpoint_1"] = endpoint_1
if (endpoint_2):
js["firewall-rule"]["endpoint_2"] = endpoint_2
if (action_list):
js["firewall-rule"]["action_list"] = action_list
# set default values for webui
if js["firewall-rule"]["endpoint_1"].get("address_group") == None:
js["firewall-rule"]["endpoint_1"]["address_group"] = None
if js["firewall-rule"]["endpoint_1"].get("any") == None:
js["firewall-rule"]["endpoint_1"]["any"] = None
if js["firewall-rule"]["endpoint_1"].get("tags") == None:
js["firewall-rule"]["endpoint_1"]["tags"] = []
if js["firewall-rule"]["endpoint_2"].get("address_group") == None:
js["firewall-rule"]["endpoint_2"]["address_group"] = None
if js["firewall-rule"]["endpoint_2"].get("any") == None:
js["firewall-rule"]["endpoint_2"]["any"] = None
if js["firewall-rule"]["endpoint_2"].get("tags") == None:
js["firewall-rule"]["endpoint_2"]["tags"] = []
if js["firewall-rule"].get("direction") == None:
js["firewall-rule"]["direction"] = "<>"
if js["firewall-rule"].get("match_tag_types") == None:
js["firewall-rule"]["match_tag_types"] = {"tag_type": []}
if (service):
js["firewall-rule"]["service"] = service
if js["firewall-rule"].get("service") == None:
js["firewall-rule"]["service"] = {}
if js["firewall-rule"]["service"].get("protocol") == None:
js["firewall-rule"]["service"]["protocol"] = "any"
if js["firewall-rule"]["service"].get("src_ports") == None:
js["firewall-rule"]["service"]["src_ports"] = {
"start_port": 0,
"end_port": 65535
}
if js["firewall-rule"]["service"].get("dst_ports") == None:
js["firewall-rule"]["service"]["dst_ports"] = {
"start_port": 0,
"end_port": 65535
}
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='admin'),
physical_router=dict(type='str', required=True),
share=dict(type='list', required=False))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
physical_router = module.params.get("physical_router")
share = module.params.get("share")
if module.check_mode:
module.exit_json(**result)
obj_type = 'physical-interface'
(web_api, update, uuid,
js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project,
physical_router=physical_router)
## begin: object specific
config_api_url = 'http://' + controller_ip + ':8082/'
failed = False
if update:
if state == 'present':
if not share == None:
tmp_share_list = []
for tenant_name, tenant_permission in share:
response = requests.post(
config_api_url + 'fqname-to-id',
data='{"type": "project", "fq_name": ["%s", "%s"]}' %
(domain, tenant_name),
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(
msg=
"uuid of specified shared project cannot be obtained",
**result)
project_uuid = json.loads(response.text).get("uuid")
tmp_share_list.append({
"tenant": project_uuid,
"tenant_access": tenant_permission
})
js["physical-interface"]["perms2"]["share"] = tmp_share_list
response = requests.put(config_api_url + 'physical-interface/' +
uuid,
data=json.dumps(js),
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="physical-interface update failed",
**result)
elif state == 'absent':
# delete physical-interface
response = requests.delete(config_api_url + 'physical-interface/' +
uuid,
data=json.dumps(js),
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="physical-interface deletion failed",
**result)
else:
if state == 'present':
js = json.loads('''
{ "physical-interface":
{
"fq_name": ["default-global-system-config", "%s", "%s"],
"parent_type": "physical-router"
}
}
''' % (physical_router, name))
response = requests.post(config_api_url + 'physical-interfaces',
data=json.dumps(js),
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="physical-interface creation failed",
**result)
else:
module.fail_json(msg="physical-interface doesn't exist", **result)
## end: object specific
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['present']),
vxlan_network_identifier_mode=dict(
type='str',
required=False,
choices=['automatic', 'configured']),
encapsulation_priorities=dict(type='list',
required=False),
flow_export_rate=dict(type='int', required=False),
port_translation_pool=dict(type='dict', required=False))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = 'default-global-vrouter-config'
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
vxlan_network_identifier_mode = module.params.get(
"vxlan_network_identifier_mode")
encapsulation_priorities = module.params.get("encapsulation_priorities")
flow_export_rate = module.params.get("flow_export_rate")
port_translation_pool = module.params.get("port_translation_pool")
if module.check_mode:
module.exit_json(**result)
obj_type = 'global-vrouter-config'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type,
controller_ip, username,
password, state)
## begin: object specific
if vxlan_network_identifier_mode:
js["global-vrouter-config"][
"vxlan_network_identifier_mode"] = vxlan_network_identifier_mode
if encapsulation_priorities:
js["global-vrouter-config"]["encapsulation_priorities"][
"encapsulation"] = encapsulation_priorities
if flow_export_rate:
js["global-vrouter-config"]["flow_export_rate"] = flow_export_rate
if port_translation_pool:
port_translation_pool_list = []
if port_translation_pool.get("tcp"):
port_translation_pool_list.append({
"protocol":
"tcp",
"port_count":
str(port_translation_pool.get("tcp"))
})
if port_translation_pool.get("udp"):
port_translation_pool_list.append({
"protocol":
"udp",
"port_count":
str(port_translation_pool.get("udp"))
})
js["global-vrouter-config"]["port_translation_pools"] = {
"port_translation_pool": port_translation_pool_list
}
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
loadbalancer_provider=dict(
type='str',
required=False,
default='opencontrail',
choices=['native', 'opencontrail']),
loadbalancer_virtual_network=dict(type='str',
required=False),
loadbalancer_subnet_uuid=dict(type='str',
required=False),
loadbalancer_member_address_list=dict(type='list',
required=False),
loadbalancer_member_port_list=dict(type='list',
required=False))
result = dict(changed=False, message='')
required_if_args = [[
"state", "present",
[
"loadbalancer_virtual_network", "loadbalancer_subnet_uuid",
"loadbalancer_member_address_list", "loadbalancer_member_port_list"
]
]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
loadbalancer_provider = module.params.get("loadbalancer_provider")
loadbalancer_virtual_network = module.params.get(
"loadbalancer_virtual_network")
loadbalancer_subnet_uuid = module.params.get("loadbalancer_subnet_uuid")
loadbalancer_member_address_list = module.params.get(
"loadbalancer_member_address_list")
loadbalancer_member_port_list = module.params.get(
"loadbalancer_member_port_list")
if module.check_mode:
module.exit_json(**result)
obj_type = 'loadbalancer'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{
"loadbalancer":
{
"fq_name": ["%s", "%s", "%s"],
"name": "%s",
"loadbalancer_properties": {
"admin_state": true,
"vip_subnet_id": "%s"
},
"parent_type": "project",
"virtual_machine_interface_refs": {
"instance_ip_back_refs": [
{
"instance_ip_address": [
{
"domain": "%s",
"fixedIp": "",
"project": "%s"
}
],
"subnet_uuid": "%s"
}
],
"parent_type": "project",
"virtual_machine_interface_device_owner": "neutron:LOADBALANCER",
"virtual_network_refs": [
{
"to": [
"%s",
"%s",
"%s"
]
}
]
}
}
,
"loadbalancer-healthmonitor":
{
"fq_name": ["%s", "%s", "%s-healthmonitor"],
"parent_type": "project",
"loadbalancer_healthmonitor_properties": {
"admin_state": true,
"delay": 5,
"timeout": 5,
"max_retries": 3,
"monitor_type": "TCP"
}
}
,
"loadbalancer-listener":
{
"fq_name": ["%s", "%s", "%s-listener"],
"parent_type": "project",
"loadbalancer_listener_properties": {
"admin_state": true,
"connection_limit": -1,
"protocol_port": 80,
"protocol": "TCP"
}
}
,
"loadbalancer-pool":
{
"fq_name": ["%s", "%s", "%s-pool"],
"parent_type": "project",
"loadbalancer_pool_properties": {
"admin_state": true,
"protocol": "TCP",
"loadbalancer_method": "LEAST_CONNECTIONS"
}
}
}
''' % (domain, project, name, name, loadbalancer_subnet_uuid, domain,
project, loadbalancer_subnet_uuid, domain, project,
loadbalancer_virtual_network, domain, project, name, domain,
project, name, domain, project, name))
## begin: object specific
js["loadbalancer"]["loadbalancer_provider"] = loadbalancer_provider
if not update:
js["loadbalancer-member"] = []
for i in range(len(loadbalancer_member_address_list)):
js["loadbalancer-member"].append({
"fq_name": [domain, project, "{}-member-{}".format(name, i)],
"parent_type":
"loadbalancer-pool",
"loadbalancer_member_properties": {
"admin_state": True,
"subnet_id": loadbalancer_subnet_uuid,
"weight": 1,
"address": loadbalancer_member_address_list[i],
"protocol_port": loadbalancer_member_port_list[i]
}
})
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
address=dict(type='str', required=True),
vendor=dict(type='str', required=False, default=''),
router_type=dict(type='str',
required=False,
default='router',
choices=[
'control-node',
'external-control-node', 'router'
]),
hold_time=dict(type='int', required=False, default=90),
admin_down=dict(type='bool',
required=False,
default=False),
address_families=dict(type='list', required=False),
autonomous_system=dict(type='int', required=True),
bgp_router_refs=dict(type='list', required=False))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
router_type = module.params.get("router_type")
address = module.params.get("address")
vendor = module.params.get("vendor")
hold_time = module.params.get("hold_time")
admin_down = module.params.get("admin_down")
address_families = module.params.get("address_families")
autonomous_system = module.params.get("autonomous_system")
bgp_router_refs = module.params.get("bgp_router_refs")
if module.check_mode:
module.exit_json(**result)
obj_type = 'bgp-router'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type,
controller_ip, username,
password, state)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "bgp-router":
{
"fq_name": ["default-domain","default-project","ip-fabric","__default__", "%s"],
"parent_type": "routing-instance"
}
}
''' % (name))
## begin: object specific
if js["bgp-router"].get("bgp_router_parameters") == None:
bgp_router_parameters = {}
js["bgp-router"]["bgp_router_parameters"] = bgp_router_parameters
else:
bgp_router_parameters = js["bgp-router"]["bgp_router_parameters"]
if router_type:
bgp_router_parameters["router_type"] = router_type
if address:
bgp_router_parameters["address"] = address
bgp_router_parameters["identifier"] = address
if vendor:
bgp_router_parameters["vendor"] = vendor
if hold_time:
bgp_router_parameters["hold_time"] = hold_time
if admin_down:
bgp_router_parameters["admin_down"] = admin_down
if autonomous_system:
bgp_router_parameters["autonomous_system"] = autonomous_system
if address_families:
bgp_router_parameters["address_families"] = address_families
if bgp_router_refs:
js["bgp-router"]["bgp_router_refs"] = [{
"to": [
"default-domain", "default-project", "ip-fabric",
"__default__", bgp_router
],
"attr":
None
} for bgp_router in bgp_router_refs]
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str', required=False, default='present', choices=['absent', 'present']),
uuid=dict(type='str', required=True),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False, default='default-project'),
virtual_machine_interface_refs=dict(type='list', required=False)
)
result = dict(
changed=False,
message=''
)
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True
)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
uuid = module.params.get("uuid")
domain = module.params.get("domain")
project = module.params.get("project")
if module.check_mode:
module.exit_json(**result)
obj_type='virtual-machine'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type, controller_ip, username, password, state, domain=domain, project=project)
if update and state=='present':
pass
else:
## create payload and call API
js=json.loads (
'''
{ "virtual-machine":
{
"fq_name": ["%s"],
"uuid": "%s"
}
}
''' % (name, uuid)
)
## begin: object specific
if virtual_machine_interface_refs:
# ["default-domain:admin:vmi1"], []]
vmi_refs_list=[]
for vmi_fqname in virtual_machine_interface_refs:
vmi_uuid = fqname_to_id (module, vmi_fqname, 'virtual-machine-interface', controller_ip)
vmi_refs_list.append ({"to": vmi_fqname.split(":"), "uuid": vmi_uuid })
js ["virtual-machine-interface"]["virtual_machine_interface_refs"]=vmi_refs_list
## end: object specific
payload=json.dumps(js)
failed = crud (web_api, controller_ip, update, state, result, payload=payload, obj_type=obj_type, uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str', required=False, default='default-domain'),
service_virtualization_type=dict(type='str',
required=False,
default='virtual-machine'),
service_mode=dict(
type='str',
required=True,
choices=['transparent', 'in-network', 'in-network-nat']),
service_type=dict(type='str', required=False, default='firewall'),
version=dict(type='int', required=False, default='2'),
interface_type_list=dict(type='list',
required=False,
default=['left', 'right']))
result = dict(changed=False, message='')
required_if_args = [["state", "present", ["service_mode"]]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
service_virtualization_type = module.params.get(
"service_virtualization_type")
service_mode = module.params.get("service_mode")
service_type = module.params.get("service_type")
version = module.params.get("version")
interface_type_list = module.params.get("interface_type_list")
if module.check_mode:
module.exit_json(**result)
obj_type = 'service-template'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project='dummy')
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "service-template":
{
"fq_name": ["%s", "%s"],
"parent_type": "domain"
}
}
''' % (domain, name))
## begin: object specific
if (js["service-template"].get("service_template_properties") == None):
js["service-template"]["service_template_properties"] = {}
if (service_virtualization_type):
js["service-template"]["service_template_properties"][
"service_virtualization_type"] = service_virtualization_type
if (service_mode):
js["service-template"]["service_template_properties"][
"service_mode"] = service_mode
if (service_type):
js["service-template"]["service_template_properties"][
"service_type"] = service_type
if (interface_type_list):
js["service-template"]["service_template_properties"][
"interface_type"] = [{
"service_interface_type": interface_type
} for interface_type in interface_type_list]
if (version):
js["service-template"]["service_template_properties"][
"version"] = version
js["service-template"]["versionList"] = [{
"text": "v{}".format(version),
"id": version
}]
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='admin'),
fabric=dict(type='str', required=True),
vpg_vn_vlan_list=dict(type='list', required=True))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = "dummy"
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
fabric = module.params.get("fabric")
vpg_vn_vlan_list = module.params.get("vpg_vn_vlan_list")
if module.check_mode:
module.exit_json(**result)
## begin: object specific
config_api_url = 'http://' + controller_ip + ':8082/'
failed = False
obj_type = 'virtual-port-group'
# for keystone login
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project,
fabric=fabric)
for i in range(len(vpg_vn_vlan_list)):
native_vlan = None
vpg_name, vn_name, vlan_id = vpg_vn_vlan_list[i][0:3]
if (len(vpg_vn_vlan_list[i]) > 3):
native_vlan = vpg_vn_vlan_list[i][3]
## check if the vpg exists
response = requests.post(
config_api_url + 'fqname-to-id',
data=
'{"type": "virtual-port-group", "fq_name": ["default-global-system-config", "%s", "%s"]}'
% (fabric, vpg_name),
headers=vnc_api_headers)
if response.status_code == 200:
tmp = json.loads(response.text)
vpg_uuid = tmp.get("uuid")
response = requests.get(config_api_url + 'virtual-port-group/' +
vpg_uuid,
headers=vnc_api_headers)
vpg_vmi_refs = json.loads(response.text).get(
"virtual-port-group").get("virtual_machine_interface_refs")
physical_interface_refs = json.loads(response.text).get(
"virtual-port-group").get("physical_interface_refs")
if response.status_code == 200:
pass
else:
failed = True
result["message"] = response.text
module.fail_json(msg="cannot get vpg detail", **result)
else:
failed = True
result["message"] = response.text
module.fail_json(
msg=
"cannot assign / delete vlan-id / vn pair, since vpg is not available",
**result)
if state == 'present':
# TODO:
# check vpg's virtual_machine_interface refs and get attr vlan_tag
# annotation or virtual_machine_interface_refs' attr
# skip this if already available
# check virtual-network uuid
response = requests.post(
config_api_url + 'fqname-to-id',
data=
'{"type": "virtual-network", "fq_name": ["%s", "%s", "%s"]}' %
(domain, project, vn_name),
headers=vnc_api_headers)
if response.status_code == 200:
vn_uuid = json.loads(response.text).get("uuid")
else:
failed = True
result["message"] = response.text
module.fail_json(
msg=
"cannot assign / delete vlan-id / vn pair, since vn is not available",
**result)
# local link information: please make them the same with vpg side definition, since this definition will update VPG pi refs ..
local_link_information_list = []
for pi_refs in physical_interface_refs:
port_id = pi_refs.get("to")[2]
switch_info = pi_refs.get("to")[1]
local_link_information_list.append({
"fabric": fabric,
"switch_info": switch_info,
"port_id": port_id
})
local_link_information_str = json.dumps(
{"local_link_information": local_link_information_list})
# create vmi with vpg_uuid, vn_uuid and vlan-id
tmp_str = '''
{ "virtual-machine-interface":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project",
"device_owner": "baremetal:None",
"virtual_machine_interface_bindings": {
"key_value_pair": [
{"key": "vpg", "value": "%s"},
{"key": "vnic_type", "value": "baremetal"},
{"key": "vif_type", "value": "vrouter"}
]
},
"virtual_network_refs": [
{
"to": ["%s", "%s", "%s"],
"uuid": "%s"
}
],
"virtual_machine_interface_properties": {
"sub_interface_vlan_tag": %s
}
}
}
''' % (domain, project, "".join(
(vpg_name, '-', fabric, '-', vn_name, '-', str(vlan_id))),
vpg_name, domain, project, vn_name, vn_uuid, vlan_id)
js = json.loads(tmp_str)
js["virtual-machine-interface"][
"virtual_machine_interface_bindings"]["key_value_pair"].append(
{
"key": "profile",
"value": local_link_information_str
})
if (native_vlan == None):
js["virtual-machine-interface"][
"virtual_machine_interface_properties"] = {
"sub_interface_vlan_tag": vlan_id
}
else:
js["virtual-machine-interface"][
"virtual_machine_interface_bindings"][
"key_value_pair"].append({
"key": "tor_port_vlan_id",
"value": str(vlan_id)
})
js["virtual-machine-interface"][
"virtual_machine_interface_properties"] = {
"sub_interface_vlan_tag": 0
}
# TODO:
# check vpg's virtual_machine_interface refs and get attr vlan_tag
# annotation or virtual_machine_interface_refs' attr
# skip this if already available
response = requests.post(config_api_url +
'virtual-machine-interfaces',
data=json.dumps(js),
headers=vnc_api_headers)
if response.status_code == 200:
pass
elif response.status_code == 409:
# something occurred for this vmi .., set it failed, and continue
failed = True
result["message"] += response.text + '\n'
continue
else:
failed = True
result["message"] = response.text
module.fail_json(msg="vlan / vn assignment failed", **result)
elif state == 'absent':
# TODO:
# check vpg's virtual_machine_interface refs and get attr vlan_tag
# annotation or virtual_machine_interface_refs' attr
# skip this if already available
vmi_uuid = ''
for vmi_ref in vpg_vmi_refs:
if vlan_id == vmi_ref.get("attr").get("sub_inteface_vlan_tag"):
vmi_uuid = vmi_ref.get("uuid")
if vmi_uuid == '':
failed = True
module.fail_json(msg="cannot find vmi_uuid to be deleted",
**result)
# delete virtual-machine-interfaces
response = requests.delete(
config_api_url + 'virtual-machine-interfaces/' + vmi_uuid,
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="vn / vlan-id pair deletion failed",
**result)
## end: object specific
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
policy_rule=dict(type='list', required=False))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
policy_rule = module.params.get("policy_rule")
if module.check_mode:
module.exit_json(**result)
obj_type = 'network-policy'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "network-policy":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
## begin: object specific
if (policy_rule):
tmp_policy_rule = policy_rule[:]
for i in range(len(tmp_policy_rule)):
# set default values for policy rules
if tmp_policy_rule[i].get("direction") == None:
tmp_policy_rule[i]["direction"] = "<>"
if tmp_policy_rule[i].get("src_ports") == None:
tmp_policy_rule[i]["src_ports"] = [{
"start_port": -1,
"end_port": -1
}]
if tmp_policy_rule[i].get("dst_ports") == None:
tmp_policy_rule[i]["dst_ports"] = [{
"start_port": -1,
"end_port": -1
}]
js["network-policy"]["network_policy_entries"] = {
"policy_rule": tmp_policy_rule
}
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str', required=False, default='present', choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False, default='default-project'),
bgpaas_ip_address=dict(type='str', required=False),
hold_time=dict(type='int', required=False, default=90),
address_families=dict(type='list', required=False, default=['inet']),
autonomous_system=dict(type='int', required=True),
virtual_machine_interface_refs=dict(type='str', required=False)
)
result = dict(
changed=False,
message=''
)
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True
)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
address_families = module.params.get("address_families")
autonomous_system = module.params.get("autonomous_system")
bgpaas_ip_address = module.params.get("bgpaas_ip_address")
hold_time = module.params.get("hold_time")
virtual_machine_interface_refs = module.params.get("virtual_machine_interface_refs")
if module.check_mode:
module.exit_json(**result)
obj_type='bgp-as-a-service'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type, controller_ip, username, password, state, domain=domain, project=project)
if update and state=='present':
pass
else:
## create payload and call API
js=json.loads (
'''
{ "bgp-as-a-service":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name)
)
## begin: object specific
if autonomous_system:
js ["bgp-as-a-service"]["autonomous_system"]=autonomous_system
if bgpaas_ip_address:
js ["bgp-as-a-service"]["bgpaas_ip_address"]=bgpaas_ip_address
if js ["bgp-as-a-service"].get("bgpaas_session_attributes") == None:
js ["bgp-as-a-service"]["bgpaas_session_attributes"]={}
if address_families:
js ["bgp-as-a-service"]["bgpaas_session_attributes"]["address_families"]={"family": address_families}
if hold_time:
js ["bgp-as-a-service"]["bgpaas_session_attributes"]["hold_time"]=hold_time
## end: object specific
payload=json.dumps(js)
failed = crud (web_api, controller_ip, update, state, result, payload=payload, obj_type=obj_type, uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'),
mgmt_virtual_network=dict(type='str', required=False),
left_virtual_network=dict(type='str', required=True),
right_virtual_network=dict(type='str', required=True),
left_interface_uuids=dict(type='list', required=False),
right_interface_uuids=dict(type='list', required=False),
service_template=dict(type='str', required=True))
result = dict(changed=False, message='')
required_if_args = [[
"state", "present",
["left_virtual_network", "right_virtual_network", "service_template"]
]]
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
required_if=required_if_args)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
mgmt_virtual_network = module.params.get("mgmt_virtual_network")
left_virtual_network = module.params.get("left_virtual_network")
right_virtual_network = module.params.get("right_virtual_network")
left_interface_uuids = module.params.get("left_interface_uuids")
right_interface_uuids = module.params.get("right_interface_uuids")
service_template = module.params.get("service_template")
if module.check_mode:
module.exit_json(**result)
obj_type = 'service-instance'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "service-instance":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
## begin: object specific
config_api_url = 'http://' + controller_ip + ':8082/'
failed = False
userData = {}
right_virtual_network_fqname = ":".join(
(domain, project, right_virtual_network))
left_virtual_network_fqname = ":".join(
(domain, project, left_virtual_network))
js["service-instance"]["service_instance_properties"] = {
"interface_list": [{
"virtual_network": left_virtual_network_fqname
}, {
"virtual_network": right_virtual_network_fqname
}],
"left_virtual_network":
left_virtual_network_fqname,
"right_virtual_network":
right_virtual_network_fqname
}
js["service-instance"]["service_template_refs"] = [{
"to": [domain, service_template]
}]
if mgmt_virtual_network:
js["service-instance"]["service_instance_properties"][
"interface_list"].append({"virtual_network": mgmt_virtual_network})
if not update and left_interface_uuids:
tmp_port_tuples = []
for i in range(len(left_interface_uuids)):
port_tuple_uuid = str(uuid_module.uuid4())
tmp_port_tuples.append({
"to": [
domain, project, name,
"port-tuple{}-{}".format(i, port_tuple_uuid)
],
"vmis": [{
"fq_name": [domain, project, left_interface_uuids[i]],
"interfaceType": "left",
"uuid": left_interface_uuids[i]
}, {
"fq_name": [domain, project, right_interface_uuids[i]],
"interfaceType": "right",
"uuid": right_interface_uuids[i]
}]
})
js["service-instance"]["port_tuples"] = tmp_port_tuples
if update:
response = requests.get(config_api_url + 'service-instance/' + uuid,
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(
msg="cannot obtain service-instance object detail", **result)
port_tuples = json.loads(
response.text).get("service-instance").get("port_tuples")
for i in range(len(port_tuples)):
# href needs to be removed, to make webui update logic works ..
del port_tuples[i]["href"]
# get vmi uuids
port_tuple_uuid = port_tuples[i].get("uuid")
response = requests.get(config_api_url + 'port-tuple/' +
port_tuple_uuid,
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="cannot obtain port-tuple object detail",
**result)
vmi_back_refs = json.loads(response.text).get("port-tuple").get(
"virtual_machine_interface_back_refs")
vmis = []
for vmi_back_ref in vmi_back_refs:
vmi_uuid = vmi_back_ref.get("uuid")
response = requests.get(
config_api_url + 'virtual-machine-interface/' + vmi_uuid,
headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
module.fail_json(msg="cannot obtain vmi object detail",
**result)
vmi_service_interface_type = json.loads(
response.text).get("virtual-machine-interface").get(
"virtual_machine_interface_properties").get(
"service_interface_type")
vmi_fqname = json.loads(response.text).get(
"virtual-machine-interface").get("fq_name")
vmis.append({
"uuid": vmi_uuid,
"interfaceType": vmi_service_interface_type,
"fq_name": vmi_fqname
})
port_tuples[i]["vmis"] = vmis
if state == 'present':
js["service-instance"]["port_tuples"] = port_tuples
if state == 'absent':
userData = {"port_tuples": port_tuples}
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid,
userData=userData)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str', required=False, default='present', choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False, default='default-project'),
virtual_network=dict(type='str', required=False),
mac_address=dict(type='str', required=False),
disable_policy=dict(type='bool', required=False),
allowed_address_pair=dict(type='bool', required=False)
)
result = dict(
changed=False,
message=''
)
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True
)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
virtual_network = module.params.get("virtual_network")
uuid = module.params.get("uuid")
mac_address = module.params.get("mac_address")
allowed_address_pair = module.params.get("allowed_address_pair")
disable_policy = module.params.get("disable_policy")
if module.check_mode:
module.exit_json(**result)
obj_type='virtual-machine-interface'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type, controller_ip, username, password, state, domain=domain, project=project)
config_api_url = 'http://' + controller_ip + ':8082/'
if update and state == 'present':
pass
else:
## create payload and call API
js=json.loads (
'''
{ "virtual-machine-interface":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name)
)
## begin: object specific
if not disable_policy == None:
js["virtual-machine-interface"]["virtual_machine_interface_disable_policy"]=disable_policy
if not update and mac_address:
js["virtual-machine-interface"]["virtual_machine_interface_mac_addresses"]={"mac_address": [mac_address]}
if not update and js["virtual-machine-interface"].get("virtual_network_refs") == None:
vn_fqname = [domain, project, virtual_network]
js["virtual-machine-interface"]["virtual_network_refs"]=[{"to": vn_fqname}]
##
# virtual_machine_refs' attr and href need to be removed, to make webui logic work ..
##
if not js["virtual-machine-interface"].get("virtual_machine_refs") == None:
del js["virtual-machine-interface"]["virtual_machine_refs"][0]["attr"]
del js["virtual-machine-interface"]["virtual_machine_refs"][0]["href"]
## end: object specific
payload=json.dumps(js)
failed = crud (web_api, controller_ip, update, state, result, payload=payload, obj_type=obj_type, uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str',
required=False,
default='admin'),
password=dict(type='str',
required=False,
default='contrail123'),
state=dict(type='str',
required=False,
default='present',
choices=['absent', 'present']),
uuid=dict(type='str', required=False),
domain=dict(type='str',
required=False,
default='default-domain'),
project=dict(type='str',
required=False,
default='default-project'))
result = dict(changed=False, message='')
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
if module.check_mode:
module.exit_json(**result)
obj_type = 'host-based-service'
(web_api, update, uuid, js) = login_and_check_id(module,
name,
obj_type,
controller_ip,
username,
password,
state,
domain=domain,
project=project)
if update and state == 'present':
pass
else:
## create payload and call API
js = json.loads('''
{ "host-based-service":
{
"fq_name": ["%s", "%s", "%s"],
"parent_type": "project"
}
}
''' % (domain, project, name))
## begin: object specific
## end: object specific
payload = json.dumps(js)
failed = crud(web_api,
controller_ip,
update,
state,
result,
payload=payload,
obj_type=obj_type,
uuid=uuid)
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
def run_module():
module_args = dict(
name=dict(type='str', required=True),
controller_ip=dict(type='str', required=True),
username=dict(type='str', required=False, default='admin'),
password=dict(type='str', required=False, default='contrail123'),
state=dict(type='str', required=False, default='present', choices=['absent', 'present']),
domain=dict(type='str', required=False, default='default-domain'),
project=dict(type='str', required=False, default='admin'),
dict_device_role=dict(type='dict', required=False, default='root')
)
result = dict(
changed=False,
message=''
)
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True
)
name = module.params.get("name")
controller_ip = module.params.get("controller_ip")
username = module.params.get("username")
password = module.params.get("password")
state = module.params.get("state")
domain = module.params.get("domain")
project = module.params.get("project")
dict_device_role = module.params.get("dict_device_role")
if module.check_mode:
module.exit_json(**result)
obj_type='fabric'
(web_api, update, uuid, js) = login_and_check_id(module, name, obj_type, controller_ip, username, password, state, domain=domain, project=project)
## begin: object specific
failed=False
config_api_url = 'http://' + controller_ip + ':8082/'
if update:
role_assignment_list=[]
for device_name in dict_device_role:
role = dict_device_role[device_name]
role_assignment_list.append ({"device_fq_name": ["default-global-system-config", device_name], "physical_role": role[0], "routing_bridging_roles": role[1]})
job_input = {'fabric_fq_name': ["default-global-system-config", name],
'role_assignments': role_assignment_list
}
payload = {'job_template_fq_name': ['default-global-system-config', 'role_assignment_template'], "input": job_input}
response = requests.post(config_api_url + 'execute-job', data=json.dumps(payload), headers=vnc_api_headers)
if not response.status_code == 200:
failed = True
result["message"] = response.text
## TODO: wait_for for this job
else:
result["message"]="fabric {} doesn't exist".format(name)
## end: object specific
if failed:
module.fail_json(msg='failure message', **result)
module.exit_json(**result)
