From 1bec0e575320c1a8f77ad74187c539a88ecd79fe Mon Sep 17 00:00:00 2001 From: Jacob McGill Date: Fri, 25 Aug 2017 02:33:27 -0400 Subject: [PATCH] ACI BD: Update module to use new URL Method (#28625) * ACI BD: Update module to use new URL Method * fix docstring errors --- lib/ansible/modules/network/aci/aci_bd.py | 189 +++++++++++++--------- 1 file changed, 117 insertions(+), 72 deletions(-) diff --git a/lib/ansible/modules/network/aci/aci_bd.py b/lib/ansible/modules/network/aci/aci_bd.py index 7ff172c8a6..fb1614a2ce 100644 --- a/lib/ansible/modules/network/aci/aci_bd.py +++ b/lib/ansible/modules/network/aci/aci_bd.py @@ -32,8 +32,9 @@ options: arp_flooding: description: - Determines if the Bridge Domain should flood ARP traffic. - - The APIC defaults new Bridge Domains to "no". + - The APIC defaults new Bridge Domains to C(no). choices: [ no, yes ] + default: no bd: description: - The name of the Bridge Domain. @@ -41,41 +42,47 @@ options: bd_type: description: - The type of traffic on the Bridge Domain. - - The APIC defaults new Bridge Domains to Ethernet. + - The APIC defaults new Bridge Domains to C(ethernet). choices: [ ethernet, fc ] + default: ethernet description: description: - Description for the Bridge Domain. enable_multicast: description: - Determines if PIM is enabled - - The APIC defaults new Bridge Domains to disabled. + - The APIC defaults new Bridge Domains to C(no). choices: [ no, yes ] + default: no enable_routing: description: - Determines if IP forwarding should be allowed. - - The APIC defaults new Bridge Domains to IP forwarding enabled. + - The APIC defaults new Bridge Domains to C(yes). choices: [ no, yes ] + default: yes endpoint_clear: description: - - Clears all End Points in all Leaves when enabled. - - The APIC defaults new Bridge Domains to disabled. + - Clears all End Points in all Leaves when C(yes). + - The APIC defaults new Bridge Domains to C(no). - The value is not reset to disabled once End Points have been cleared; that requires a second task. choices: [ no, yes ] + default: no endpoint_move_detect: description: - Determines if GARP should be enabled to detect when End Points move. - - The APIC defaults new Bridge Domains to not use GARP. + - The APIC defaults new Bridge Domains to C(garp). choices: [ default, garp ] + default: garp endpoint_retention_action: description: - Determines if the Bridge Domain should inherit or resolve the End Point Retention Policy. - - The APIC defaults new Bridge Domain to End Point Retention Policies to resolve the policy. + - The APIC defaults new Bridge Domain to End Point Retention Policies to C(resolve). + choices: [ inherit, resolve ] + default: resolve endpoint_retention_policy: description: - The name of the End Point Retention Policy the Bridge Domain should use when overriding the default End Point Retention Policy. - choices: [ inherit, resolve ] igmp_snoop_policy: description: - The name of the IGMP Snooping Policy the Bridge Domain should use when @@ -83,32 +90,36 @@ options: ip_learning: description: - Determines if the Bridge Domain should learn End Point IPs. - - The APIC defaults new Bridge Domains to enable IP learning. + - The APIC defaults new Bridge Domains to C(yes). choices: [ no, yes ] ipv6_nd_policy: description: - The name of the IPv6 Neighbor Discovery Policy the Bridge Domain should use when - overridding teh default IPV6 ND Policy. + overridding the default IPV6 ND Policy. l2_unknown_unicast: description: - Determines what forwarding method to use for unknown l2 destinations. - - The APIC defaults new Bridge domains to use Hardware Proxy. + - The APIC defaults new Bridge domains to C(proxy). choices: [ proxy, flood ] + default: proxy l3_unknown_multicast: description: - Determines the forwarding method to use for unknown multicast destinations. - - The APCI defaults new Bridge Domains to use normal flooding. + - The APCI defaults new Bridge Domains to C(flood). choices: [ flood, opt-flood ] + default: flood limit_ip_learn: description: - Determines if the BD should limit IP learning to only subnets owned by the Bridge Domain. - - The APIC defaults new Bridge Domains to learn all IP addresses. + - The APIC defaults new Bridge Domains to C(yes). choices: [ no, yes ] + default: yes multi_dest: description: - Determines the forwarding method for L2 multicast, broadcast, and link layer traffic. - - The APIC defaults new Bridge Domains to use bd-flood. + - The APIC defaults new Bridge Domains to C(bd-flood). choices: [ bd-flood, drop, encap-flood ] + default: bd-flood state: description: - Use C(present) or C(absent) for adding or removing. @@ -128,21 +139,67 @@ options: EXAMPLES = r''' - name: Add Bridge Domain aci_bd: - action: "{{ action }}" - tenant: "{{ tenant }}" - bd: "{{ bd }}" - vrf: "{{ vrf }}" - arp_flooding: "{{ arp_flooding }}" - l2_unknown_unicast: "{{ l2_unknown_unicast }}" - l3_unknown_multicast: "{{ l3_unknown_multicast }}" - multi_dest: "{{ multi_dest }}" - gateway_ip: "{{ gateway_ip }}" - subnet_mask: "{{ subnet_mask }}" - scope: "{{ scope }}" host: "{{ inventory_hostname }}" username: "{{ username }}" password: "{{ password }}" - protocol: "{{ protocol }}" + validate_certs: false + state: present + tenant: prod + bd: web_servers + vrf: prod_vrf + +- name: Add an FC Bridge Domain + aci_bd: + host: "{{ inventory_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: false + state: present + tenant: prod + bd: storage + bd_type: fc + vrf: fc_vrf + enable_routing: no + +- name: Modify a Bridge Domain + aci_bd: + host: "{{ inventory_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: true + state: present + tenant: prod + bd: web_servers + arp_flooding: yes + l2_unknown_unicast: flood + +- name: Query All Bridge Domains + aci_bd: + host: "{{ inventory_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: true + state: query + +- name: Query a Bridge Domain + aci_bd: + host: "{{ inventory_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: true + state: query + tenant: prod + bd: web_servers + +- name: Delete a Bridge Domain + aci_bd: + host: "{{ inventory_hostname }}" + username: "{{ username }}" + password: "{{ password }}" + validate_certs: true + state: absent + tenant: prod + bd: web_servers ''' RETURN = r''' # ''' @@ -177,18 +234,18 @@ def main(): gateway_ip=dict(type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 method=dict(type='str', choices=['delete', 'get', 'post'], aliases=['action'], removed_in_version='2.6'), # Deprecated starting from v2.6 scope=dict(type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 - subnet_mask=dict(type='str', removed_in_version='2.4') # Deprecated starting from v2.4 + subnet_mask=dict(type='str', removed_in_version='2.4'), # Deprecated starting from v2.4 ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, - required_if=[['state', 'absent', ['bd', 'tenant']], - ['state', 'present', ['bd', 'tenant']]] + required_if=[ + ['state', 'absent', ['bd', 'tenant']], + ['state', 'present', ['bd', 'tenant']], + ], ) - l2_unknown_unicast = module.params['l2_unknown_unicast'] - l3_unknown_multicast = module.params['l3_unknown_multicast'] arp_flooding = module.params['arp_flooding'] bd = module.params['bd'] bd_type = module.params['bd_type'] @@ -208,10 +265,11 @@ def main(): igmp_snoop_policy = module.params['igmp_snoop_policy'] ip_learning = module.params['ip_learning'] ipv6_nd_policy = module.params['ipv6_nd_policy'] + l2_unknown_unicast = module.params['l2_unknown_unicast'] + l3_unknown_multicast = module.params['l3_unknown_multicast'] limit_ip_learn = module.params['limit_ip_learn'] multi_dest = module.params['multi_dest'] state = module.params['state'] - tenant = module.params['tenant'] vrf = module.params['vrf'] # Give warning when fvSubnet parameters are passed as those have been moved to the aci_subnet module @@ -219,49 +277,36 @@ def main(): module._warnings = ["The support for managing Subnets has been moved to its own module, aci_subnet. \ The new modules still supports 'gateway_ip' and 'subnet_mask' along with more features"] - if bd is not None: - if tenant is not None: - path = 'api/mo/uni/tn-%(tenant)s/BD-%(bd)s.json' % module.params - filter_string = '?rsp-subtree=full&rsp-subtree-class=fvRsCtx,fvRsIgmpsn,fvRsBDToNdP,fvRsBdToEpRet&rsp-prop-include=config-only' - else: - path = 'api/class/fvBD.json' - filter_string = ('?query-target-filter=eq(fvBD.name, \"%(bd)s\")&rsp-subtree=children' - '&rsp-subtree-class=fvRsCtx,fvRsIgmpsn,fvRsBDToNdP,fvRsBdToEpRet') % module.params - elif tenant is not None: - path = 'api/mo/uni/tn-%(tenant)s.json' % module.params - filter_string = '?rsp-subtree=full&rsp-subtree-class=fvBD,fvRsCtx,fvRsIgmpsn,fvRsBDToNdP,fvRsBdToEpRet' - else: - path = 'api/class/fvBD.json' - filter_string = "?rsp-subtree=full&rsp-subtree-class=fvBD,fvRsCtx,fvRsIgmpsn,fvRsBDToNdP,fvRsBdToEpRet" - aci = ACIModule(module) - - aci.result['url'] = '%(protocol)s://%(hostname)s/' % aci.params + path - - aci.get_existing(filter_string=filter_string) + aci.construct_url(root_class="tenant", subclass_1="bd", child_classes=['fvRsCtx', 'fvRsIgmpsn', 'fvRsBDToNdP', 'fvRsBdToEpRet']) + aci.get_existing() if state == 'present': # Filter out module params with null values - aci.payload(aci_class='fvBD', - class_config=dict(arpFlood=arp_flooding, - descr=description, - epClear=endpoint_clear, - epMoveDetectMode=endpoint_move_detect, - ipLearning=ip_learning, - limitIpLearnToSubnets=limit_ip_learn, - mcastAllow=enable_multicast, - multiDstPktAct=multi_dest, - name=bd, - type=bd_type, - unicastRoute=enable_routing, - unkMacUcastAct=l2_unknown_unicast, - unkMcastAct=l3_unknown_multicast), - child_configs=[{'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}}, - {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}}, - {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}}, - {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, - 'tnFvEpRetPolName': endpoint_retention_policy}}}] - ) + aci.payload( + aci_class='fvBD', + class_config=dict( + arpFlood=arp_flooding, + descr=description, + epClear=endpoint_clear, + epMoveDetectMode=endpoint_move_detect, + ipLearning=ip_learning, + limitIpLearnToSubnets=limit_ip_learn, + mcastAllow=enable_multicast, + multiDstPktAct=multi_dest, + name=bd, + type=bd_type, + unicastRoute=enable_routing, + unkMacUcastAct=l2_unknown_unicast, + unkMcastAct=l3_unknown_multicast, + ), + child_configs=[ + {'fvRsCtx': {'attributes': {'tnFvCtxName': vrf}}}, + {'fvRsIgmpsn': {'attributes': {'tnIgmpSnoopPolName': igmp_snoop_policy}}}, + {'fvRsBDToNdP': {'attributes': {'tnNdIfPolName': ipv6_nd_policy}}}, + {'fvRsBdToEpRet': {'attributes': {'resolveAct': endpoint_retention_action, 'tnFvEpRetPolName': endpoint_retention_policy}}}, + ], + ) # generate config diff which will be used as POST request body aci.get_diff(aci_class='fvBD')