"Fossies" - the Fresh Open Source Software Archive

Member "ansible-2.9.27/lib/ansible/modules/network/aci/aci_bd.py" (11 Oct 2021, 15040 Bytes) of package /linux/misc/ansible-2.9.27.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "aci_bd.py" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 2.9.24_vs_4.3.0.

    1 #!/usr/bin/python
    2 # -*- coding: utf-8 -*-
    3 
    4 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
    5 
    6 from __future__ import absolute_import, division, print_function
    7 __metaclass__ = type
    8 
    9 ANSIBLE_METADATA = {'metadata_version': '1.1',
   10                     'status': ['preview'],
   11                     'supported_by': 'certified'}
   12 
   13 DOCUMENTATION = r'''
   14 ---
   15 module: aci_bd
   16 short_description: Manage Bridge Domains (BD) objects (fv:BD)
   17 description:
   18 - Manages Bridge Domains (BD) on Cisco ACI fabrics.
   19 version_added: '2.4'
   20 options:
   21   arp_flooding:
   22     description:
   23     - Determines if the Bridge Domain should flood ARP traffic.
   24     - The APIC defaults to C(no) when unset during creation.
   25     type: bool
   26   bd:
   27     description:
   28     - The name of the Bridge Domain.
   29     type: str
   30     aliases: [ bd_name, name ]
   31   bd_type:
   32     description:
   33     - The type of traffic on the Bridge Domain.
   34     - The APIC defaults to C(ethernet) when unset during creation.
   35     type: str
   36     choices: [ ethernet, fc ]
   37   description:
   38     description:
   39     - Description for the Bridge Domain.
   40     type: str
   41   enable_multicast:
   42     description:
   43     - Determines if PIM is enabled.
   44     - The APIC defaults to C(no) when unset during creation.
   45     type: bool
   46   enable_routing:
   47     description:
   48     - Determines if IP forwarding should be allowed.
   49     - The APIC defaults to C(yes) when unset during creation.
   50     type: bool
   51   endpoint_clear:
   52     description:
   53     - Clears all End Points in all Leaves when C(yes).
   54     - The value is not reset to disabled once End Points have been cleared; that requires a second task.
   55     - The APIC defaults to C(no) when unset during creation.
   56     type: bool
   57   endpoint_move_detect:
   58     description:
   59     - Determines if GARP should be enabled to detect when End Points move.
   60     - The APIC defaults to C(garp) when unset during creation.
   61     type: str
   62     choices: [ default, garp ]
   63   endpoint_retention_action:
   64     description:
   65     - Determines if the Bridge Domain should inherit or resolve the End Point Retention Policy.
   66     - The APIC defaults to C(resolve) when unset during creation.
   67     type: str
   68     choices: [ inherit, resolve ]
   69   endpoint_retention_policy:
   70     description:
   71     - The name of the End Point Retention Policy the Bridge Domain should use when
   72       overriding the default End Point Retention Policy.
   73     type: str
   74   igmp_snoop_policy:
   75     description:
   76     - The name of the IGMP Snooping Policy the Bridge Domain should use when
   77       overriding the default IGMP Snooping Policy.
   78     type: str
   79   ip_learning:
   80     description:
   81     - Determines if the Bridge Domain should learn End Point IPs.
   82     - The APIC defaults to C(yes) when unset during creation.
   83     type: bool
   84   ipv6_nd_policy:
   85     description:
   86     - The name of the IPv6 Neighbor Discovery Policy the Bridge Domain should use when
   87       overridding the default IPV6 ND Policy.
   88     type: str
   89   l2_unknown_unicast:
   90     description:
   91     - Determines what forwarding method to use for unknown l2 destinations.
   92     - The APIC defaults to C(proxy) when unset during creation.
   93     type: str
   94     choices: [ proxy, flood ]
   95   l3_unknown_multicast:
   96     description:
   97     - Determines the forwarding method to use for unknown multicast destinations.
   98     - The APIC defaults to C(flood) when unset during creation.
   99     type: str
  100     choices: [ flood, opt-flood ]
  101   limit_ip_learn:
  102     description:
  103     - Determines if the BD should limit IP learning to only subnets owned by the Bridge Domain.
  104     - The APIC defaults to C(yes) when unset during creation.
  105     type: bool
  106   mac_address:
  107     description:
  108     - The MAC Address to assign to the C(bd) instead of using the default.
  109     - The APIC defaults to C(00:22:BD:F8:19:FF) when unset during creation.
  110     type: str
  111     aliases: [ mac ]
  112     version_added: '2.5'
  113   multi_dest:
  114     description:
  115     - Determines the forwarding method for L2 multicast, broadcast, and link layer traffic.
  116     - The APIC defaults to C(bd-flood) when unset during creation.
  117     type: str
  118     choices: [ bd-flood, drop, encap-flood ]
  119   state:
  120     description:
  121     - Use C(present) or C(absent) for adding or removing.
  122     - Use C(query) for listing an object or multiple objects.
  123     type: str
  124     choices: [ absent, present, query ]
  125     default: present
  126   tenant:
  127     description:
  128     - The name of the Tenant.
  129     type: str
  130     aliases: [ tenant_name ]
  131   vrf:
  132     description:
  133     - The name of the VRF.
  134     type: str
  135     aliases: [ vrf_name ]
  136 extends_documentation_fragment: aci
  137 notes:
  138 - The C(tenant) used must exist before using this module in your playbook.
  139   The M(aci_tenant) module can be used for this.
  140 seealso:
  141 - module: aci_tenant
  142 - name: APIC Management Information Model reference
  143   description: More information about the internal APIC class B(fv:BD).
  144   link: https://developer.cisco.com/docs/apic-mim-ref/
  145 author:
  146 - Jacob McGill (@jmcgill298)
  147 '''
  148 
  149 EXAMPLES = r'''
  150 - name: Add Bridge Domain
  151   aci_bd:
  152     host: "{{ inventory_hostname }}"
  153     username: "{{ username }}"
  154     password: "{{ password }}"
  155     validate_certs: no
  156     tenant: prod
  157     bd: web_servers
  158     mac_address: 00:22:BD:F8:19:FE
  159     vrf: prod_vrf
  160     state: present
  161   delegate_to: localhost
  162 
  163 - name: Add an FC Bridge Domain
  164   aci_bd:
  165     host: "{{ inventory_hostname }}"
  166     username: "{{ username }}"
  167     password: "{{ password }}"
  168     validate_certs: no
  169     tenant: prod
  170     bd: storage
  171     bd_type: fc
  172     vrf: fc_vrf
  173     enable_routing: no
  174     state: present
  175   delegate_to: localhost
  176 
  177 - name: Modify a Bridge Domain
  178   aci_bd:
  179     host: "{{ inventory_hostname }}"
  180     username: "{{ username }}"
  181     password: "{{ password }}"
  182     validate_certs: yes
  183     tenant: prod
  184     bd: web_servers
  185     arp_flooding: yes
  186     l2_unknown_unicast: flood
  187     state: present
  188   delegate_to: localhost
  189 
  190 - name: Query All Bridge Domains
  191   aci_bd:
  192     host: "{{ inventory_hostname }}"
  193     username: "{{ username }}"
  194     password: "{{ password }}"
  195     validate_certs: yes
  196     state: query
  197   delegate_to: localhost
  198   register: query_result
  199 
  200 - name: Query a Bridge Domain
  201   aci_bd:
  202     host: "{{ inventory_hostname }}"
  203     username: "{{ username }}"
  204     password: "{{ password }}"
  205     validate_certs: yes
  206     tenant: prod
  207     bd: web_servers
  208     state: query
  209   delegate_to: localhost
  210   register: query_result
  211 
  212 - name: Delete a Bridge Domain
  213   aci_bd:
  214     host: "{{ inventory_hostname }}"
  215     username: "{{ username }}"
  216     password: "{{ password }}"
  217     validate_certs: yes
  218     tenant: prod
  219     bd: web_servers
  220     state: absent
  221   delegate_to: localhost
  222 '''
  223 
  224 RETURN = r'''
  225 current:
  226   description: The existing configuration from the APIC after the module has finished
  227   returned: success
  228   type: list
  229   sample:
  230     [
  231         {
  232             "fvTenant": {
  233                 "attributes": {
  234                     "descr": "Production environment",
  235                     "dn": "uni/tn-production",
  236                     "name": "production",
  237                     "nameAlias": "",
  238                     "ownerKey": "",
  239                     "ownerTag": ""
  240                 }
  241             }
  242         }
  243     ]
  244 error:
  245   description: The error information as returned from the APIC
  246   returned: failure
  247   type: dict
  248   sample:
  249     {
  250         "code": "122",
  251         "text": "unknown managed object class foo"
  252     }
  253 raw:
  254   description: The raw output returned by the APIC REST API (xml or json)
  255   returned: parse error
  256   type: str
  257   sample: '<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>'
  258 sent:
  259   description: The actual/minimal configuration pushed to the APIC
  260   returned: info
  261   type: list
  262   sample:
  263     {
  264         "fvTenant": {
  265             "attributes": {
  266                 "descr": "Production environment"
  267             }
  268         }
  269     }
  270 previous:
  271   description: The original configuration from the APIC before the module has started
  272   returned: info
  273   type: list
  274   sample:
  275     [
  276         {
  277             "fvTenant": {
  278                 "attributes": {
  279                     "descr": "Production",
  280                     "dn": "uni/tn-production",
  281                     "name": "production",
  282                     "nameAlias": "",
  283                     "ownerKey": "",
  284                     "ownerTag": ""
  285                 }
  286             }
  287         }
  288     ]
  289 proposed:
  290   description: The assembled configuration from the user-provided parameters
  291   returned: info
  292   type: dict
  293   sample:
  294     {
  295         "fvTenant": {
  296             "attributes": {
  297                 "descr": "Production environment",
  298                 "name": "production"
  299             }
  300         }
  301     }
  302 filter_string:
  303   description: The filter string used for the request
  304   returned: failure or debug
  305   type: str
  306   sample: ?rsp-prop-include=config-only
  307 method:
  308   description: The HTTP method used for the request to the APIC
  309   returned: failure or debug
  310   type: str
  311   sample: POST
  312 response:
  313   description: The HTTP response from the APIC
  314   returned: failure or debug
  315   type: str
  316   sample: OK (30 bytes)
  317 status:
  318   description: The HTTP status from the APIC
  319   returned: failure or debug
  320   type: int
  321   sample: 200
  322 url:
  323   description: The HTTP url used for the request to the APIC
  324   returned: failure or debug
  325   type: str
  326   sample: https://10.11.12.13/api/mo/uni/tn-production.json
  327 '''
  328 
  329 from ansible.module_utils.basic import AnsibleModule
  330 from ansible.module_utils.network.aci.aci import ACIModule, aci_argument_spec
  331 
  332 
  333 def main():
  334     argument_spec = aci_argument_spec()
  335     argument_spec.update(
  336         arp_flooding=dict(type='bool'),
  337         bd=dict(type='str', aliases=['bd_name', 'name']),  # Not required for querying all objects
  338         bd_type=dict(type='str', choices=['ethernet', 'fc']),
  339         description=dict(type='str'),
  340         enable_multicast=dict(type='bool'),
  341         enable_routing=dict(type='bool'),
  342         endpoint_clear=dict(type='bool'),
  343         endpoint_move_detect=dict(type='str', choices=['default', 'garp']),
  344         endpoint_retention_action=dict(type='str', choices=['inherit', 'resolve']),
  345         endpoint_retention_policy=dict(type='str'),
  346         igmp_snoop_policy=dict(type='str'),
  347         ip_learning=dict(type='bool'),
  348         ipv6_nd_policy=dict(type='str'),
  349         l2_unknown_unicast=dict(type='str', choices=['proxy', 'flood']),
  350         l3_unknown_multicast=dict(type='str', choices=['flood', 'opt-flood']),
  351         limit_ip_learn=dict(type='bool'),
  352         mac_address=dict(type='str', aliases=['mac']),
  353         multi_dest=dict(type='str', choices=['bd-flood', 'drop', 'encap-flood']),
  354         state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
  355         tenant=dict(type='str', aliases=['tenant_name']),  # Not required for querying all objects
  356         vrf=dict(type='str', aliases=['vrf_name']),
  357         gateway_ip=dict(type='str', removed_in_version='2.4'),  # Deprecated starting from v2.4
  358         scope=dict(type='str', removed_in_version='2.4'),  # Deprecated starting from v2.4
  359         subnet_mask=dict(type='str', removed_in_version='2.4'),  # Deprecated starting from v2.4
  360     )
  361 
  362     module = AnsibleModule(
  363         argument_spec=argument_spec,
  364         supports_check_mode=True,
  365         required_if=[
  366             ['state', 'absent', ['bd', 'tenant']],
  367             ['state', 'present', ['bd', 'tenant']],
  368         ],
  369     )
  370 
  371     aci = ACIModule(module)
  372 
  373     arp_flooding = aci.boolean(module.params['arp_flooding'])
  374     bd = module.params['bd']
  375     bd_type = module.params['bd_type']
  376     if bd_type == 'ethernet':
  377         # ethernet type is represented as regular, but that is not clear to the users
  378         bd_type = 'regular'
  379     description = module.params['description']
  380     enable_multicast = aci.boolean(module.params['enable_multicast'])
  381     enable_routing = aci.boolean(module.params['enable_routing'])
  382     endpoint_clear = aci.boolean(module.params['endpoint_clear'])
  383     endpoint_move_detect = module.params['endpoint_move_detect']
  384     if endpoint_move_detect == 'default':
  385         # the ACI default setting is an empty string, but that is not a good input value
  386         endpoint_move_detect = ''
  387     endpoint_retention_action = module.params['endpoint_retention_action']
  388     endpoint_retention_policy = module.params['endpoint_retention_policy']
  389     igmp_snoop_policy = module.params['igmp_snoop_policy']
  390     ip_learning = aci.boolean(module.params['ip_learning'])
  391     ipv6_nd_policy = module.params['ipv6_nd_policy']
  392     l2_unknown_unicast = module.params['l2_unknown_unicast']
  393     l3_unknown_multicast = module.params['l3_unknown_multicast']
  394     limit_ip_learn = aci.boolean(module.params['limit_ip_learn'])
  395     mac_address = module.params['mac_address']
  396     multi_dest = module.params['multi_dest']
  397     state = module.params['state']
  398     tenant = module.params['tenant']
  399     vrf = module.params['vrf']
  400 
  401     # Give warning when fvSubnet parameters are passed as those have been moved to the aci_subnet module
  402     if module.params['gateway_ip'] or module.params['subnet_mask'] or module.params['scope']:
  403         module._warnings = ["The support for managing Subnets has been moved to its own module, aci_subnet. \
  404                             The new modules still supports 'gateway_ip' and 'subnet_mask' along with more features"]
  405 
  406     aci.construct_url(
  407         root_class=dict(
  408             aci_class='fvTenant',
  409             aci_rn='tn-{0}'.format(tenant),
  410             module_object=tenant,
  411             target_filter={'name': tenant},
  412         ),
  413         subclass_1=dict(
  414             aci_class='fvBD',
  415             aci_rn='BD-{0}'.format(bd),
  416             module_object=bd,
  417             target_filter={'name': bd},
  418         ),
  419         child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet'],
  420     )
  421 
  422     aci.get_existing()
  423 
  424     if state == 'present':
  425         aci.payload(
  426             aci_class='fvBD',
  427             class_config=dict(
  428                 arpFlood=arp_flooding,
  429                 descr=description,
  430                 epClear=endpoint_clear,
  431                 epMoveDetectMode=endpoint_move_detect,
  432                 ipLearning=ip_learning,
  433                 limitIpLearnToSubnets=limit_ip_learn,
  434                 mac=mac_address,
  435                 mcastAllow=enable_multicast,
  436                 multiDstPktAct=multi_dest,
  437                 name=bd,
  438                 type=bd_type,
  439                 unicastRoute=enable_routing,
  440                 unkMacUcastAct=l2_unknown_unicast,
  441                 unkMcastAct=l3_unknown_multicast,
  442             ),
  443             child_configs=[
  444                 {'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}},
  445                 {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}},
  446                 {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}},
  447                 {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}},
  448             ],
  449         )
  450 
  451         aci.get_diff(aci_class='fvBD')
  452 
  453         aci.post_config()
  454 
  455     elif state == 'absent':
  456         aci.delete_config()
  457 
  458     aci.exit_json()
  459 
  460 
  461 if __name__ == "__main__":
  462     main()