mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
243 lines
9.3 KiB
Python
243 lines
9.3 KiB
Python
|
#!/usr/bin/python
|
||
|
#
|
||
|
# Copyright: Ansible Project
|
||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||
|
|
||
|
from __future__ import absolute_import, division, print_function
|
||
|
__metaclass__ = type
|
||
|
|
||
|
ANSIBLE_METADATA = {'metadata_version': '1.1',
|
||
|
'status': ['preview'],
|
||
|
'supported_by': 'community'}
|
||
|
|
||
|
DOCUMENTATION = '''
|
||
|
---
|
||
|
module: onyx_ntp
|
||
|
author: "Sara-Touqan (@sarato)"
|
||
|
short_description: Manage NTP general configurations and ntp keys configurations on Mellanox ONYX network devices
|
||
|
description:
|
||
|
- This module provides declarative management of NTP & NTP Keys
|
||
|
on Mellanox ONYX network devices.
|
||
|
options:
|
||
|
state:
|
||
|
description:
|
||
|
- State of the NTP configuration.
|
||
|
choices: ['enabled', 'disabled']
|
||
|
type: str
|
||
|
authenticate_state:
|
||
|
description:
|
||
|
- State of the NTP authentication configuration.
|
||
|
choices: ['enabled', 'disabled']
|
||
|
type: str
|
||
|
ntp_authentication_keys:
|
||
|
type: list
|
||
|
description:
|
||
|
- List of ntp authentication keys
|
||
|
suboptions:
|
||
|
auth_key_id:
|
||
|
description:
|
||
|
- Configures ntp key-id, range 1-65534
|
||
|
required: true
|
||
|
type: int
|
||
|
auth_key_encrypt_type:
|
||
|
description:
|
||
|
- encryption type used to configure ntp authentication key.
|
||
|
required: true
|
||
|
choices: ['md5', 'sha1']
|
||
|
type: str
|
||
|
auth_key_password:
|
||
|
description:
|
||
|
- password used for ntp authentication key.
|
||
|
required: true
|
||
|
type: str
|
||
|
auth_key_state:
|
||
|
description:
|
||
|
- Used to decide if you want to delete given ntp key or not
|
||
|
choices: ['present', 'absent']
|
||
|
type: str
|
||
|
trusted_keys:
|
||
|
type: list
|
||
|
description:
|
||
|
- List of ntp trusted keys
|
||
|
'''
|
||
|
|
||
|
EXAMPLES = """
|
||
|
- name: configure NTP
|
||
|
onyx_ntp:
|
||
|
state: enabled
|
||
|
authenticate_state: enabled
|
||
|
ntp_authentication_keys:
|
||
|
- auth_key_id: 1
|
||
|
auth_key_encrypt_type: md5
|
||
|
auth_key_password: 12345
|
||
|
auth_key_state: absent
|
||
|
trusted_keys: 1,2,3
|
||
|
"""
|
||
|
|
||
|
RETURN = """
|
||
|
commands:
|
||
|
description: The list of configuration mode commands to send to the device
|
||
|
returned: always.
|
||
|
type: list
|
||
|
sample:
|
||
|
- ntp enable
|
||
|
- ntp disable
|
||
|
- ntp authenticate
|
||
|
- no ntp authenticate
|
||
|
- ntp authentication-key 1 md5 12345
|
||
|
- no ntp authentication-key 1
|
||
|
- ntp trusted-key 1,2,3
|
||
|
"""
|
||
|
|
||
|
|
||
|
from ansible.module_utils.basic import AnsibleModule
|
||
|
|
||
|
from ansible_collections.community.general.plugins.module_utils.network.onyx.onyx import BaseOnyxModule
|
||
|
from ansible_collections.community.general.plugins.module_utils.network.onyx.onyx import show_cmd
|
||
|
|
||
|
|
||
|
class OnyxNTPModule(BaseOnyxModule):
|
||
|
|
||
|
def init_module(self):
|
||
|
""" module initialization
|
||
|
"""
|
||
|
ntp_authentication_key_spec = dict(auth_key_id=dict(type='int', required=True),
|
||
|
auth_key_encrypt_type=dict(required=True, choices=['md5', 'sha1']),
|
||
|
auth_key_password=dict(required=True),
|
||
|
auth_key_state=dict(choices=['present', 'absent']))
|
||
|
element_spec = dict(
|
||
|
state=dict(choices=['enabled', 'disabled']),
|
||
|
authenticate_state=dict(choices=['enabled', 'disabled']),
|
||
|
ntp_authentication_keys=dict(type='list', elements='dict', options=ntp_authentication_key_spec),
|
||
|
trusted_keys=dict(type='list', elements='int')
|
||
|
)
|
||
|
argument_spec = dict()
|
||
|
argument_spec.update(element_spec)
|
||
|
self._module = AnsibleModule(
|
||
|
argument_spec=argument_spec,
|
||
|
supports_check_mode=True)
|
||
|
|
||
|
def _validate_key_id(self):
|
||
|
keys_id_list = self._required_config.get("ntp_authentication_keys")
|
||
|
if keys_id_list:
|
||
|
for key_item in keys_id_list:
|
||
|
key_id = key_item.get("auth_key_id")
|
||
|
if (key_id < 1) or (key_id > 65534):
|
||
|
self._module.fail_json(
|
||
|
msg='Invalid Key value, value should be in the range 1-65534')
|
||
|
|
||
|
def get_required_config(self):
|
||
|
module_params = self._module.params
|
||
|
self._required_config = dict(module_params)
|
||
|
self.validate_param_values(self._required_config)
|
||
|
self._validate_key_id()
|
||
|
|
||
|
def _show_ntp_config(self):
|
||
|
show_cmds = []
|
||
|
cmd = "show ntp"
|
||
|
show_cmds.append(show_cmd(self._module, cmd, json_fmt=True, fail_on_error=False))
|
||
|
cmd = "show ntp keys"
|
||
|
show_cmds.append(show_cmd(self._module, cmd, json_fmt=True, fail_on_error=False))
|
||
|
return show_cmds
|
||
|
|
||
|
def _set_ntp_keys_config(self, ntp_config):
|
||
|
if not ntp_config:
|
||
|
return
|
||
|
for req_ntp_auth_key in ntp_config:
|
||
|
ecryption_type = req_ntp_auth_key.get("Encryption Type")
|
||
|
self._current_config[req_ntp_auth_key.get("header")] = ecryption_type
|
||
|
|
||
|
def _set_ntp_config(self, ntp_config):
|
||
|
ntp_config = ntp_config[0]
|
||
|
if not ntp_config:
|
||
|
return
|
||
|
self._current_config['state'] = ntp_config.get("NTP is administratively")
|
||
|
self._current_config['authenticate_state'] = ntp_config.get("NTP Authentication administratively")
|
||
|
|
||
|
def load_current_config(self):
|
||
|
self._current_config = dict()
|
||
|
ntp_config = self._show_ntp_config()
|
||
|
if ntp_config:
|
||
|
if ntp_config[0]:
|
||
|
self._set_ntp_config(ntp_config[0])
|
||
|
if ntp_config[1]:
|
||
|
self._set_ntp_keys_config(ntp_config[1])
|
||
|
|
||
|
def generate_commands(self):
|
||
|
current_state = self._current_config.get("state")
|
||
|
state = self._required_config.get("state")
|
||
|
if state is None:
|
||
|
state = current_state
|
||
|
if state is not None:
|
||
|
if current_state != state:
|
||
|
if state == 'enabled':
|
||
|
self._commands.append('ntp enable')
|
||
|
else:
|
||
|
self._commands.append('no ntp enable')
|
||
|
authenticate_state = self._required_config.get("authenticate_state")
|
||
|
if authenticate_state:
|
||
|
current_authenticate_state = self._current_config.get("authenticate_state")
|
||
|
if authenticate_state is not None:
|
||
|
if current_authenticate_state != authenticate_state:
|
||
|
if authenticate_state == 'enabled':
|
||
|
self._commands.append('ntp authenticate')
|
||
|
else:
|
||
|
self._commands.append('no ntp authenticate')
|
||
|
req_ntp_auth_keys = self._required_config.get('ntp_authentication_keys')
|
||
|
if req_ntp_auth_keys:
|
||
|
if req_ntp_auth_keys is not None:
|
||
|
for req_ntp_auth_key in req_ntp_auth_keys:
|
||
|
req_key_id = req_ntp_auth_key.get('auth_key_id')
|
||
|
req_key = 'NTP Key ' + str(req_key_id)
|
||
|
current_req_key = self._current_config.get(req_key)
|
||
|
auth_key_state = req_ntp_auth_key.get('auth_key_state')
|
||
|
req_encrypt_type = req_ntp_auth_key.get('auth_key_encrypt_type')
|
||
|
req_password = req_ntp_auth_key.get('auth_key_password')
|
||
|
if current_req_key:
|
||
|
if req_encrypt_type == current_req_key:
|
||
|
if auth_key_state:
|
||
|
if auth_key_state == 'absent':
|
||
|
self._commands.append('no ntp authentication-key {0}' .format(req_key_id))
|
||
|
else:
|
||
|
continue
|
||
|
else:
|
||
|
if auth_key_state:
|
||
|
if auth_key_state == 'present':
|
||
|
self._commands.append('ntp authentication-key {0} {1} {2}'
|
||
|
.format(req_key_id,
|
||
|
req_encrypt_type,
|
||
|
req_password))
|
||
|
else:
|
||
|
self._commands.append('ntp authentication-key {0} {1} {2}'
|
||
|
.format(req_key_id,
|
||
|
req_encrypt_type,
|
||
|
req_password))
|
||
|
|
||
|
else:
|
||
|
if auth_key_state:
|
||
|
if auth_key_state == 'present':
|
||
|
self._commands.append('ntp authentication-key {0} {1} {2}'
|
||
|
.format(req_key_id,
|
||
|
req_encrypt_type,
|
||
|
req_password))
|
||
|
else:
|
||
|
self._commands.append('ntp authentication-key {0} {1} {2}'
|
||
|
.format(req_key_id,
|
||
|
req_encrypt_type,
|
||
|
req_password))
|
||
|
|
||
|
req_trusted_keys = self._required_config.get('trusted_keys')
|
||
|
if req_trusted_keys:
|
||
|
for key in req_trusted_keys:
|
||
|
self._commands.append('ntp trusted-key {0}' .format(key))
|
||
|
|
||
|
|
||
|
def main():
|
||
|
""" main entry point for module execution
|
||
|
"""
|
||
|
OnyxNTPModule.main()
|
||
|
|
||
|
|
||
|
if __name__ == '__main__':
|
||
|
main()
|