ansible  2.9.27
About: Ansible is an IT Configuration Management, Deployment \
About: Ansible (2.x) is an IT Configuration Management, Deployment & Orchestration tool.
ansible download page.
  Fossies Dox: ansible-2.9.27.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

aci_epg.py
Go to the documentation of this file.
1#!/usr/bin/python
2# -*- coding: utf-8 -*-
3
4# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
5
6from __future__ import absolute_import, division, print_function
7__metaclass__ = type
8
9ANSIBLE_METADATA = {'metadata_version': '1.1',
10 'status': ['preview'],
11 'supported_by': 'certified'}
12
13DOCUMENTATION = r'''
14---
15module: aci_epg
16short_description: Manage End Point Groups (EPG) objects (fv:AEPg)
17description:
18- Manage End Point Groups (EPG) on Cisco ACI fabrics.
19version_added: '2.4'
20options:
21 tenant:
22 description:
23 - Name of an existing tenant.
24 type: str
25 aliases: [ tenant_name ]
26 ap:
27 description:
28 - Name of an existing application network profile, that will contain the EPGs.
29 type: str
30 required: yes
31 aliases: [ app_profile, app_profile_name ]
32 epg:
33 description:
34 - Name of the end point group.
35 type: str
36 required: yes
37 aliases: [ epg_name, name ]
38 bd:
39 description:
40 - Name of the bridge domain being associated with the EPG.
41 type: str
42 aliases: [ bd_name, bridge_domain ]
43 priority:
44 description:
45 - The QoS class.
46 - The APIC defaults to C(unspecified) when unset during creation.
47 type: str
48 choices: [ level1, level2, level3, unspecified ]
49 intra_epg_isolation:
50 description:
51 - The Intra EPG Isolation.
52 - The APIC defaults to C(unenforced) when unset during creation.
53 type: str
54 choices: [ enforced, unenforced ]
55 description:
56 description:
57 - Description for the EPG.
58 type: str
59 aliases: [ descr ]
60 fwd_control:
61 description:
62 - The forwarding control used by the EPG.
63 - The APIC defaults to C(none) when unset during creation.
64 type: str
65 choices: [ none, proxy-arp ]
66 preferred_group:
67 description:
68 - Whether ot not the EPG is part of the Preferred Group and can communicate without contracts.
69 - This is very convenient for migration scenarios, or when ACI is used for network automation but not for policy.
70 - The APIC defaults to C(no) when unset during creation.
71 type: bool
72 version_added: '2.5'
73 state:
74 description:
75 - Use C(present) or C(absent) for adding or removing.
76 - Use C(query) for listing an object or multiple objects.
77 type: str
78 choices: [ absent, present, query ]
79 default: present
80extends_documentation_fragment: aci
81notes:
82- The C(tenant) and C(app_profile) used must exist before using this module in your playbook.
83 The M(aci_tenant) and M(aci_ap) modules can be used for this.
84seealso:
85- module: aci_tenant
86- module: aci_ap
87- name: APIC Management Information Model reference
88 description: More information about the internal APIC class B(fv:AEPg).
89 link: https://developer.cisco.com/docs/apic-mim-ref/
90author:
91- Swetha Chunduri (@schunduri)
92'''
93
94EXAMPLES = r'''
95- name: Add a new EPG
96 aci_epg:
97 host: apic
98 username: admin
99 password: SomeSecretPassword
100 tenant: production
101 ap: intranet
102 epg: web_epg
103 description: Web Intranet EPG
104 bd: prod_bd
105 preferred_group: yes
106 state: present
107 delegate_to: localhost
108
109- aci_epg:
110 host: apic
111 username: admin
112 password: SomeSecretPassword
113 tenant: production
114 ap: ticketing
115 epg: "{{ item.epg }}"
116 description: Ticketing EPG
117 bd: "{{ item.bd }}"
118 priority: unspecified
119 intra_epg_isolation: unenforced
120 state: present
121 delegate_to: localhost
122 with_items:
123 - epg: web
124 bd: web_bd
125 - epg: database
126 bd: database_bd
127
128- name: Remove an EPG
129 aci_epg:
130 host: apic
131 username: admin
132 password: SomeSecretPassword
133 validate_certs: no
134 tenant: production
135 app_profile: intranet
136 epg: web_epg
137 state: absent
138 delegate_to: localhost
139
140- name: Query an EPG
141 aci_epg:
142 host: apic
143 username: admin
144 password: SomeSecretPassword
145 tenant: production
146 ap: ticketing
147 epg: web_epg
148 state: query
149 delegate_to: localhost
150 register: query_result
151
152- name: Query all EPGs
153 aci_epg:
154 host: apic
155 username: admin
156 password: SomeSecretPassword
157 state: query
158 delegate_to: localhost
159 register: query_result
160
161- name: Query all EPGs with a Specific Name
162 aci_epg:
163 host: apic
164 username: admin
165 password: SomeSecretPassword
166 validate_certs: no
167 epg: web_epg
168 state: query
169 delegate_to: localhost
170 register: query_result
171
172- name: Query all EPGs of an App Profile
173 aci_epg:
174 host: apic
175 username: admin
176 password: SomeSecretPassword
177 validate_certs: no
178 ap: ticketing
179 state: query
180 delegate_to: localhost
181 register: query_result
182'''
183
184RETURN = r'''
185current:
186 description: The existing configuration from the APIC after the module has finished
187 returned: success
188 type: list
189 sample:
190 [
191 {
192 "fvTenant": {
193 "attributes": {
194 "descr": "Production environment",
195 "dn": "uni/tn-production",
196 "name": "production",
197 "nameAlias": "",
198 "ownerKey": "",
199 "ownerTag": ""
200 }
201 }
202 }
203 ]
204error:
205 description: The error information as returned from the APIC
206 returned: failure
207 type: dict
208 sample:
209 {
210 "code": "122",
211 "text": "unknown managed object class foo"
212 }
213raw:
214 description: The raw output returned by the APIC REST API (xml or json)
215 returned: parse error
216 type: str
217 sample: '<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>'
218sent:
219 description: The actual/minimal configuration pushed to the APIC
220 returned: info
221 type: list
222 sample:
223 {
224 "fvTenant": {
225 "attributes": {
226 "descr": "Production environment"
227 }
228 }
229 }
230previous:
231 description: The original configuration from the APIC before the module has started
232 returned: info
233 type: list
234 sample:
235 [
236 {
237 "fvTenant": {
238 "attributes": {
239 "descr": "Production",
240 "dn": "uni/tn-production",
241 "name": "production",
242 "nameAlias": "",
243 "ownerKey": "",
244 "ownerTag": ""
245 }
246 }
247 }
248 ]
249proposed:
250 description: The assembled configuration from the user-provided parameters
251 returned: info
252 type: dict
253 sample:
254 {
255 "fvTenant": {
256 "attributes": {
257 "descr": "Production environment",
258 "name": "production"
259 }
260 }
261 }
262filter_string:
263 description: The filter string used for the request
264 returned: failure or debug
265 type: str
266 sample: ?rsp-prop-include=config-only
267method:
268 description: The HTTP method used for the request to the APIC
269 returned: failure or debug
270 type: str
271 sample: POST
272response:
273 description: The HTTP response from the APIC
274 returned: failure or debug
275 type: str
276 sample: OK (30 bytes)
277status:
278 description: The HTTP status from the APIC
279 returned: failure or debug
280 type: int
281 sample: 200
282url:
283 description: The HTTP url used for the request to the APIC
284 returned: failure or debug
285 type: str
286 sample: https://10.11.12.13/api/mo/uni/tn-production.json
287'''
288
289from ansible.module_utils.basic import AnsibleModule
290from ansible.module_utils.network.aci.aci import ACIModule, aci_argument_spec
291
292
293def main():
294 argument_spec = aci_argument_spec()
295 argument_spec.update(
296 epg=dict(type='str', aliases=['epg_name', 'name']), # Not required for querying all objects
297 bd=dict(type='str', aliases=['bd_name', 'bridge_domain']),
298 ap=dict(type='str', aliases=['app_profile', 'app_profile_name']), # Not required for querying all objects
299 tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
300 description=dict(type='str', aliases=['descr']),
301 priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']),
302 intra_epg_isolation=dict(choices=['enforced', 'unenforced']),
303 fwd_control=dict(type='str', choices=['none', 'proxy-arp']),
304 preferred_group=dict(type='bool'),
305 state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
306 )
307
308 module = AnsibleModule(
309 argument_spec=argument_spec,
310 supports_check_mode=True,
311 required_if=[
312 ['state', 'absent', ['ap', 'epg', 'tenant']],
313 ['state', 'present', ['ap', 'epg', 'tenant']],
314 ],
315 )
316
317 aci = ACIModule(module)
318
319 epg = module.params['epg']
320 bd = module.params['bd']
321 description = module.params['description']
322 priority = module.params['priority']
323 intra_epg_isolation = module.params['intra_epg_isolation']
324 fwd_control = module.params['fwd_control']
325 preferred_group = aci.boolean(module.params['preferred_group'], 'include', 'exclude')
326 state = module.params['state']
327 tenant = module.params['tenant']
328 ap = module.params['ap']
329
330 aci.construct_url(
331 root_class=dict(
332 aci_class='fvTenant',
333 aci_rn='tn-{0}'.format(tenant),
334 module_object=tenant,
335 target_filter={'name': tenant},
336 ),
337 subclass_1=dict(
338 aci_class='fvAp',
339 aci_rn='ap-{0}'.format(ap),
340 module_object=ap,
341 target_filter={'name': ap},
342 ),
343 subclass_2=dict(
344 aci_class='fvAEPg',
345 aci_rn='epg-{0}'.format(epg),
346 module_object=epg,
347 target_filter={'name': epg},
348 ),
349 child_classes=['fvRsBd'],
350 )
351
352 aci.get_existing()
353
354 if state == 'present':
355 aci.payload(
356 aci_class='fvAEPg',
357 class_config=dict(
358 name=epg,
359 descr=description,
360 prio=priority,
361 pcEnfPref=intra_epg_isolation,
362 fwdCtrl=fwd_control,
363 prefGrMemb=preferred_group,
364 ),
365 child_configs=[dict(
366 fvRsBd=dict(
367 attributes=dict(
368 tnFvBDName=bd,
369 ),
370 ),
371 )],
372 )
373
374 aci.get_diff(aci_class='fvAEPg')
375
376 aci.post_config()
377
378 elif state == 'absent':
379 aci.delete_config()
380
381 aci.exit_json()
382
383
384if __name__ == "__main__":
385 main()