diff --git a/lib/ansible/modules/network/cloudengine/ce_vrrp.py b/lib/ansible/modules/network/cloudengine/ce_vrrp.py new file mode 100644 index 0000000000..7802f13b2e --- /dev/null +++ b/lib/ansible/modules/network/cloudengine/ce_vrrp.py @@ -0,0 +1,1402 @@ +#!/usr/bin/python +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . +# + +ANSIBLE_METADATA = {'status': ['preview'], + 'supported_by': 'community', + 'metadata_version': '1.0'} + +DOCUMENTATION = ''' +--- +module: ce_vrrp +version_added: "2.4" +short_description: Manages VRRP interfaces on HUAWEI CloudEngine devices. +description: + - Manages VRRP interface attributes on HUAWEI CloudEngine devices. +author: + - Li Yanfeng (@CloudEngine-Ansible) +options: + interface: + description: + - Name of an interface. The value is a string of 1 to 63 characters. + required: false + default: null + vrid: + description: + - VRRP backup group ID. + The value is an integer ranging from 1 to 255. + required: false + default: present + virtual_ip : + description: + - Virtual IP address. The value is a string of 0 to 255 characters. + required: false + default: null + vrrp_type: + description: + - Type of a VRRP backup group. + required: false + choices: ['normal', 'member', 'admin'] + default: null + admin_ignore_if_down: + description: + - mVRRP ignores an interface Down event. + required: false + default: False + admin_vrid: + description: + - Tracked mVRRP ID. The value is an integer ranging from 1 to 255. + required: false + default: null + admin_interface: + description: + - Tracked mVRRP interface name. The value is a string of 1 to 63 characters. + required: false + default: null + admin_flowdown: + description: + - Disable the flowdown function for service VRRP. + required: false + default: False + priority: + description: + - Configured VRRP priority. + The value ranges from 1 to 254. The default value is 100. A larger value indicates a higher priority. + required: false + default: null + version: + description: + - VRRP version. The default version is v2. + required: false + choices: ['v2','v3'] + default: null + advertise_interval: + description: + - Configured interval between sending advertisements, in milliseconds. + Only the master router sends VRRP advertisements. The default value is 1000 milliseconds. + required: false + default: null + preempt_timer_delay: + description: + - Preemption delay. + The value is an integer ranging from 0 to 3600. The default value is 0. + required: false + default: null + gratuitous_arp_interval: + description: + - Interval at which gratuitous ARP packets are sent, in seconds. + The value ranges from 30 to 1200.The default value is 300. + required: false + default: null + recover_delay: + description: + - Delay in recovering after an interface goes Up. + The delay is used for interface flapping suppression. + The value is an integer ranging from 0 to 3600. + The default value is 0 seconds. + required: false + default: null + holding_multiplier: + description: + - The configured holdMultiplier.The value is an integer ranging from 3 to 10. The default value is 3. + required: false + default: null + auth_mode: + description: + - Authentication type used for VRRP packet exchanges between virtual routers. + The values are noAuthentication, simpleTextPassword, md5Authentication. + The default value is noAuthentication. + required: false + choices: ['simple','md5','none'] + default: null + is_plain: + description: + - Select the display mode of an authentication key. + By default, an authentication key is displayed in ciphertext. + required: false + default: False + auth_key: + description: + - This object is set based on the authentication type. + When noAuthentication is specified, the value is empty. + When simpleTextPassword or md5Authentication is specified, the value is a string of 1 to 8 characters + in plaintext and displayed as a blank text for security. + required: false + default: null + fast_resume: + description: + - mVRRP's fast resume mode. + required: false + choices: ['enable','disable'] + default: null + state: + description: + - Specify desired state of the resource. + required: false + default: present + choices: ['present','absent'] + +''' + +EXAMPLES = ''' +- name: vrrp module test + hosts: cloudengine + connection: local + gather_facts: no + vars: + cli: + host: "{{ inventory_hostname }}" + port: "{{ ansible_ssh_port }}" + username: "{{ username }}" + password: "{{ password }}" + transport: cli + + tasks: + + - name: Set vrrp version + ce_vrrp: + version: v3 + provider: "{{ cli }}" + + - name: Set vrrp gratuitous-arp interval + ce_vrrp: + gratuitous_arp_interval: 40 + mlag_id: 4 + provider: "{{ cli }}" + + - name: Set vrrp recover-delay + ce_vrrp: + recover_delay: 10 + provider: "{{ cli }}" + + - name: Set vrrp vrid virtual-ip + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + virtual_ip: 10.14.2.7 + provider: "{{ cli }}" + + - name: Set vrrp vrid admin + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + vrrp_type: admin + provider: "{{ cli }}" + + - name: Set vrrp vrid fast_resume + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + fast_resume: enable + provider: "{{ cli }}" + + - name: Set vrrp vrid holding-multiplier + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + holding_multiplier: 4 + provider: "{{ cli }}" + + - name: Set vrrp vrid preempt timer delay + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + preempt_timer_delay: 10 + provider: "{{ cli }}" + + - name: Set vrrp vrid admin-vrrp + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + admin_interface: 40GE2/0/9 + admin_vrid: 2 + vrrp_type: member + provider: "{{ cli }}" + + - name: Set vrrp vrid authentication-mode + ce_vrrp: + interface: 40GE2/0/8 + vrid: 1 + is_plain: true + auth_mode: simple + auth_key: aaa + provider: "{{ cli }}" +''' + +RETURN = ''' +changed: + description: check to see if a change was made on the device + returned: always + type: boolean + sample: true +proposed: + description: k/v pairs of parameters passed into module + returned: always + type: dict + sample: { + "auth_key": "aaa", + "auth_mode": "simple", + "interface": "40GE2/0/8", + "is_plain": true, + "state": "present", + "vrid": "1" + } +existing: + description: k/v pairs of existing aaa server + returned: always + type: dict + sample: { + "auth_mode": "none", + "interface": "40GE2/0/8", + "is_plain": "false", + "vrid": "1", + "vrrp_type": "normal" + } +end_state: + description: k/v pairs of aaa params after module execution + returned: always + type: dict + sample: { + "auth_mode": "simple", + "interface": "40GE2/0/8", + "is_plain": "true", + "vrid": "1", + "vrrp_type": "normal" + } +updates: + description: command sent to the device + returned: always + type: list + sample: { "interface 40GE2/0/8", + "vrrp vrid 1 authentication-mode simple plain aaa"} +''' + +from xml.etree import ElementTree +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.ce import get_nc_config, set_nc_config, ce_argument_spec + + +CE_NC_GET_VRRP_GROUP_INFO = """ + + + + + %s + %s + + + + +""" + +CE_NC_SET_VRRP_GROUP_INFO_HEAD = """ + + + + + %s + %s + +""" +CE_NC_SET_VRRP_GROUP_INFO_TAIL = """ + + + + + +""" +CE_NC_GET_VRRP_GLOBAL_INFO = """ + + + + + + + + + + + +""" + +CE_NC_SET_VRRP_GLOBAL_HEAD = """ + + + +""" +CE_NC_SET_VRRP_GLOBAL_TAIL = """ + + + + +""" + +CE_NC_GET_VRRP_VIRTUAL_IP_INFO = """ + + + + + %s + %s + + + + + + + + + + +""" +CE_NC_CREATE_VRRP_VIRTUAL_IP_INFO = """ + + + + + %s + %s + + + %s + + + + + + + +""" +CE_NC_DELETE_VRRP_VIRTUAL_IP_INFO = """ + + + + + %s + %s + + + %s + + + + + + + +""" + + +def is_valid_address(address): + """check ip-address is valid""" + + if address.find('.') != -1: + addr_list = address.split('.') + if len(addr_list) != 4: + return False + for each_num in addr_list: + if not each_num.isdigit(): + return False + if int(each_num) > 255: + return False + return True + + return False + + +def get_interface_type(interface): + """Gets the type of interface, such as 10GE, ETH-TRUNK, VLANIF...""" + + if interface is None: + return None + + iftype = None + + if interface.upper().startswith('GE'): + iftype = 'ge' + elif interface.upper().startswith('10GE'): + iftype = '10ge' + elif interface.upper().startswith('25GE'): + iftype = '25ge' + elif interface.upper().startswith('40GE'): + iftype = '40ge' + elif interface.upper().startswith('100GE'): + iftype = '100ge' + elif interface.upper().startswith('ETH-TRUNK'): + iftype = 'eth-trunk' + elif interface.upper().startswith('NULL'): + iftype = 'null' + elif interface.upper().startswith('VLANIF'): + iftype = 'vlanif' + else: + return None + + return iftype.lower() + + +class Vrrp(object): + """ + Manages Manages vrrp information. + """ + + def __init__(self, argument_spec): + self.spec = argument_spec + self.module = None + self.init_module() + + # module input info + self.interface = self.module.params['interface'] + self.vrid = self.module.params['vrid'] + self.virtual_ip = self.module.params['virtual_ip'] + self.vrrp_type = self.module.params['vrrp_type'] + self.admin_ignore_if_down = self.module.params['admin_ignore_if_down'] + self.admin_vrid = self.module.params['admin_vrid'] + self.admin_interface = self.module.params['admin_interface'] + self.admin_flowdown = self.module.params['admin_flowdown'] + self.priority = self.module.params['priority'] + self.version = self.module.params['version'] + self.advertise_interval = self.module.params['advertise_interval'] + self.preempt_timer_delay = self.module.params['preempt_timer_delay'] + self.gratuitous_arp_interval = self.module.params[ + 'gratuitous_arp_interval'] + self.recover_delay = self.module.params['recover_delay'] + self.holding_multiplier = self.module.params['holding_multiplier'] + self.auth_mode = self.module.params['auth_mode'] + self.is_plain = self.module.params['is_plain'] + self.auth_key = self.module.params['auth_key'] + self.fast_resume = self.module.params['fast_resume'] + self.state = self.module.params['state'] + + # vrrp info + self.vrrp_global_info = None + self.virtual_ip_info = None + self.vrrp_group_info = None + + # state + self.changed = False + self.updates_cmd = list() + self.results = dict() + self.existing = dict() + self.proposed = dict() + self.end_state = dict() + + def init_module(self): + """ init module """ + + self.module = AnsibleModule( + argument_spec=self.spec, supports_check_mode=True) + + def get_virtual_ip_info(self): + """ get vrrp virtual ip info.""" + virtual_ip_info = dict() + conf_str = CE_NC_GET_VRRP_VIRTUAL_IP_INFO % (self.vrid, self.interface) + xml_str = get_nc_config(self.module, conf_str) + if "" in xml_str: + return virtual_ip_info + else: + xml_str = xml_str.replace('\r', '').replace('\n', '').\ + replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\ + replace('xmlns="http://www.huawei.com/netconf/vrp"', "") + virtual_ip_info["vrrpVirtualIpInfos"] = list() + root = ElementTree.fromstring(xml_str) + vrrp_virtual_ip_infos = root.findall( + "data/vrrp/vrrpGroups/vrrpGroup/virtualIps/virtualIp") + if vrrp_virtual_ip_infos: + for vrrp_virtual_ip_info in vrrp_virtual_ip_infos: + virtual_ip_dict = dict() + for ele in vrrp_virtual_ip_info: + if ele.tag in ["virtualIpAddress"]: + virtual_ip_dict[ele.tag] = ele.text + virtual_ip_info["vrrpVirtualIpInfos"].append( + virtual_ip_dict) + return virtual_ip_info + + def get_vrrp_global_info(self): + """ get vrrp global info.""" + + vrrp_global_info = dict() + conf_str = CE_NC_GET_VRRP_GLOBAL_INFO + xml_str = get_nc_config(self.module, conf_str) + if "" in xml_str: + return vrrp_global_info + else: + xml_str = xml_str.replace('\r', '').replace('\n', '').\ + replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\ + replace('xmlns="http://www.huawei.com/netconf/vrp"', "") + + root = ElementTree.fromstring(xml_str) + global_info = root.findall( + "data/vrrp/vrrpGlobalCfg") + + if global_info: + for tmp in global_info: + for site in tmp: + if site.tag in ["gratuitousArpTimeOut", "gratuitousArpFlag", "recoverDelay", "version"]: + vrrp_global_info[site.tag] = site.text + return vrrp_global_info + + def get_vrrp_group_info(self): + """ get vrrp group info.""" + + vrrp_group_info = dict() + conf_str = CE_NC_GET_VRRP_GROUP_INFO % (self.interface, self.vrid) + xml_str = get_nc_config(self.module, conf_str) + if "" in xml_str: + return vrrp_group_info + else: + xml_str = xml_str.replace('\r', '').replace('\n', '').\ + replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\ + replace('xmlns="http://www.huawei.com/netconf/vrp"', "") + + root = ElementTree.fromstring(xml_str) + global_info = root.findall( + "data/vrrp/vrrpGroups/vrrpGroup") + + if global_info: + for tmp in global_info: + for site in tmp: + if site.tag in ["ifName", "vrrpId", "priority", "advertiseInterval", "preemptMode", "delayTime", + "authenticationMode", "authenticationKey", "vrrpType", "adminVrrpId", + "adminIfName", "adminIgnoreIfDown", "isPlain", "unflowdown", "fastResume", + "holdMultiplier"]: + vrrp_group_info[site.tag] = site.text + return vrrp_group_info + + def check_params(self): + """Check all input params""" + + # interface check + if self.interface: + intf_type = get_interface_type(self.interface) + if not intf_type: + self.module.fail_json( + msg='Error: Interface name of %s ' + 'is error.' % self.interface) + + # vrid check + if self.vrid: + if not self.vrid.isdigit(): + self.module.fail_json( + msg='Error: The value of vrid is an integer.') + if int(self.vrid) < 1 or int(self.vrid) > 255: + self.module.fail_json( + msg='Error: The value of vrid ranges from 1 to 255.') + + # virtual_ip check + if self.virtual_ip: + if not is_valid_address(self.virtual_ip): + self.module.fail_json( + msg='Error: The %s is not a valid ip address.' % self.virtual_ip) + + # admin_vrid check + if self.admin_vrid: + if not self.admin_vrid.isdigit(): + self.module.fail_json( + msg='Error: The value of admin_vrid is an integer.') + if int(self.admin_vrid) < 1 or int(self.admin_vrid) > 255: + self.module.fail_json( + msg='Error: The value of admin_vrid ranges from 1 to 255.') + + # admin_interface check + if self.admin_interface: + intf_type = get_interface_type(self.admin_interface) + if not intf_type: + self.module.fail_json( + msg='Error: Admin interface name of %s ' + 'is error.' % self.admin_interface) + + # priority check + if self.priority: + if not self.priority.isdigit(): + self.module.fail_json( + msg='Error: The value of priority is an integer.') + if int(self.priority) < 1 or int(self.priority) > 254: + self.module.fail_json( + msg='Error: The value of priority ranges from 1 to 254. The default value is 100.') + + # advertise_interval check + if self.advertise_interval: + if not self.advertise_interval.isdigit(): + self.module.fail_json( + msg='Error: The value of advertise_interval is an integer.') + if int(self.advertise_interval) < 1 or int(self.advertise_interval) > 255000: + self.module.fail_json( + msg='Error: The value of advertise_interval ranges from 1 to 255000. The default value is 1000.') + + # preempt_timer_delay check + if self.preempt_timer_delay: + if not self.preempt_timer_delay.isdigit(): + self.module.fail_json( + msg='Error: The value of preempt_timer_delay is an integer.') + if int(self.preempt_timer_delay) < 1 or int(self.preempt_timer_delay) > 3600: + self.module.fail_json( + msg='Error: The value of preempt_timer_delay ranges from 1 to 3600. The default value is 0.') + + # holding_multiplier check + if self.holding_multiplier: + if not self.holding_multiplier.isdigit(): + self.module.fail_json( + msg='Error: The value of holding_multiplier is an integer.') + if int(self.holding_multiplier) < 3 or int(self.holding_multiplier) > 10: + self.module.fail_json( + msg='Error: The value of holding_multiplier ranges from 3 to 10. The default value is 3.') + + # auth_key check + if self.auth_key: + if len(self.auth_key) > 16 \ + or len(self.auth_key.replace(' ', '')) < 1: + self.module.fail_json( + msg='Error: The length of auth_key is not in the range from 1 to 16.') + + def is_virtual_ip_change(self): + """whether virtual ip change""" + + if not self.virtual_ip_info: + return True + + for info in self.virtual_ip_info["vrrpVirtualIpInfos"]: + if info["virtualIpAddress"] == self.virtual_ip: + return False + return True + + def is_virtual_ip_exist(self): + """whether virtual ip info exist""" + + if not self.virtual_ip_info: + return False + + for info in self.virtual_ip_info["vrrpVirtualIpInfos"]: + if info["virtualIpAddress"] == self.virtual_ip: + return True + return False + + def is_vrrp_global_info_change(self): + """whether vrrp global attribute info change""" + + if not self.vrrp_global_info: + return True + + if self.gratuitous_arp_interval: + if self.vrrp_global_info["gratuitousArpFlag"] == "false": + self.module.fail_json(msg="Error: gratuitousArpFlag is false.") + if self.vrrp_global_info["gratuitousArpTimeOut"] != self.gratuitous_arp_interval: + return True + if self.recover_delay: + if self.vrrp_global_info["recoverDelay"] != self.recover_delay: + return True + if self.version: + if self.vrrp_global_info["version"] != self.version: + return True + return False + + def is_vrrp_global_info_exist(self): + """whether vrrp global attribute info exist""" + + if self.gratuitous_arp_interval or self.recover_delay or self.version: + if self.gratuitous_arp_interval: + if self.vrrp_global_info["gratuitousArpFlag"] == "false": + self.module.fail_json( + msg="Error: gratuitousArpFlag is false.") + if self.vrrp_global_info["gratuitousArpTimeOut"] != self.gratuitous_arp_interval: + return False + if self.recover_delay: + if self.vrrp_global_info["recoverDelay"] != self.recover_delay: + return False + if self.version: + if self.vrrp_global_info["version"] != self.version: + return False + return True + + return False + + def is_vrrp_group_info_change(self): + """whether vrrp group attribute info change""" + + if self.vrrp_type: + if self.vrrp_group_info["vrrpType"] != self.vrrp_type: + return True + if self.admin_ignore_if_down: + if self.vrrp_group_info["adminIgnoreIfDown"] != self.admin_ignore_if_down: + return True + if self.admin_vrid: + if self.vrrp_group_info["adminVrrpId"] != self.admin_vrid: + return True + if self.admin_interface: + if self.vrrp_group_info["adminIfName"] != self.admin_interface: + return True + if self.admin_flowdown: + if self.vrrp_group_info["unflowdown"] != self.admin_flowdown: + return True + if self.priority: + if self.vrrp_group_info["priority"] != self.priority: + return True + if self.fast_resume: + fast_resume = "false" + if self.fast_resume == "enable": + fast_resume = "true" + if self.vrrp_group_info["fastResume"] != fast_resume: + return True + if self.advertise_interval: + if self.vrrp_group_info["advertiseInterval"] != self.advertise_interval: + return True + if self.preempt_timer_delay: + if self.vrrp_group_info["delayTime"] != self.preempt_timer_delay: + return True + if self.holding_multiplier: + if self.vrrp_group_info["holdMultiplier"] != self.holding_multiplier: + return True + if self.auth_mode: + if self.vrrp_group_info["authenticationMode"] != self.auth_mode: + return True + if self.auth_key: + return True + if self.is_plain: + if self.vrrp_group_info["isPlain"] != self.is_plain: + return True + + return False + + def is_vrrp_group_info_exist(self): + """whether vrrp group attribute info exist""" + + if self.vrrp_type: + if self.vrrp_group_info["vrrpType"] != self.vrrp_type: + return False + if self.admin_ignore_if_down: + if self.vrrp_group_info["adminIgnoreIfDown"] != self.admin_ignore_if_down: + return False + if self.admin_vrid: + if self.vrrp_group_info["adminVrrpId"] != self.admin_vrid: + return False + if self.admin_interface: + if self.vrrp_group_info["adminIfName"] != self.admin_interface: + return False + if self.admin_flowdown: + if self.vrrp_group_info["unflowdown"] != self.admin_flowdown: + return False + if self.priority: + if self.vrrp_group_info["priority"] != self.priority: + return False + if self.fast_resume: + fast_resume = "false" + if self.fast_resume == "enable": + fast_resume = "true" + if self.vrrp_group_info["fastResume"] != fast_resume: + return False + if self.advertise_interval: + if self.vrrp_group_info["advertiseInterval"] != self.advertise_interval: + return False + if self.preempt_timer_delay: + if self.vrrp_group_info["delayTime"] != self.preempt_timer_delay: + return False + if self.holding_multiplier: + if self.vrrp_group_info["holdMultiplier"] != self.holding_multiplier: + return False + if self.auth_mode: + if self.vrrp_group_info["authenticationMode"] != self.auth_mode: + return False + if self.is_plain: + if self.vrrp_group_info["isPlain"] != self.is_plain: + return False + return True + + def create_virtual_ip(self): + """create virtual ip info""" + + if self.is_virtual_ip_change(): + conf_str = CE_NC_CREATE_VRRP_VIRTUAL_IP_INFO % ( + self.vrid, self.interface, self.virtual_ip) + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: create virtual ip info failed.') + + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s virtual-ip %s" % (self.vrid, self.virtual_ip)) + self.changed = True + + def delete_virtual_ip(self): + """delete virtual ip info""" + + if self.is_virtual_ip_exist(): + conf_str = CE_NC_DELETE_VRRP_VIRTUAL_IP_INFO % ( + self.vrid, self.interface, self.virtual_ip) + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: delete virtual ip info failed.') + + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s virtual-ip %s " % (self.vrid, self.virtual_ip)) + self.changed = True + + def set_vrrp_global(self): + """set vrrp global attribute info""" + + if self.is_vrrp_global_info_change(): + conf_str = CE_NC_SET_VRRP_GLOBAL_HEAD + if self.gratuitous_arp_interval: + conf_str += "%s" % self.gratuitous_arp_interval + if self.recover_delay: + conf_str += "%s" % self.recover_delay + if self.version: + conf_str += "%s" % self.version + conf_str += CE_NC_SET_VRRP_GLOBAL_TAIL + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: set vrrp global atrribute info failed.') + + if self.gratuitous_arp_interval: + self.updates_cmd.append( + "vrrp gratuitous-arp interval %s" % self.gratuitous_arp_interval) + + if self.recover_delay: + self.updates_cmd.append( + "vrrp recover-delay %s" % self.recover_delay) + + if self.version: + version = "3" + if self.version == "v2": + version = "2" + self.updates_cmd.append("vrrp version %s" % version) + self.changed = True + + def delete_vrrp_global(self): + """delete vrrp global attribute info""" + + if self.is_vrrp_global_info_exist(): + conf_str = CE_NC_SET_VRRP_GLOBAL_HEAD + if self.gratuitous_arp_interval: + if self.gratuitous_arp_interval == "120": + self.module.fail_json( + msg='Error: The default value of gratuitous_arp_interval is 120.') + gratuitous_arp_interval = "120" + conf_str += "%s" % gratuitous_arp_interval + if self.recover_delay: + if self.recover_delay == "0": + self.module.fail_json( + msg='Error: The default value of recover_delay is 0.') + recover_delay = "0" + conf_str += "%s" % recover_delay + if self.version: + if self.version == "v2": + self.module.fail_json( + msg='Error: The default value of version is v2.') + version = "v2" + conf_str += "%s" % version + conf_str += CE_NC_SET_VRRP_GLOBAL_TAIL + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: set vrrp global atrribute info failed.') + if self.gratuitous_arp_interval: + self.updates_cmd.append("undo vrrp gratuitous-arp interval") + + if self.recover_delay: + self.updates_cmd.append("undo vrrp recover-delay") + + if self.version == "v3": + self.updates_cmd.append("undo vrrp version") + self.changed = True + + def set_vrrp_group(self): + """set vrrp group attribute info""" + + if self.is_vrrp_group_info_change(): + conf_str = CE_NC_SET_VRRP_GROUP_INFO_HEAD % ( + self.interface, self.vrid) + if self.vrrp_type: + conf_str += "%s" % self.vrrp_type + if self.admin_vrid: + conf_str += "%s" % self.admin_vrid + if self.admin_interface: + conf_str += "%s" % self.admin_interface + if self.admin_flowdown is True or self.admin_flowdown is False: + admin_flowdown = "false" + if self.admin_flowdown is True: + admin_flowdown = "true" + conf_str += "%s" % admin_flowdown + if self.priority: + conf_str += "%s" % self.priority + if self.vrrp_type == "admin": + if self.admin_ignore_if_down is True or self.admin_ignore_if_down is False: + admin_ignore_if_down = "false" + if self.admin_ignore_if_down is True: + admin_ignore_if_down = "true" + conf_str += "%s" % admin_ignore_if_down + if self.fast_resume: + fast_resume = "false" + if self.fast_resume == "enable": + fast_resume = "true" + conf_str += "%s" % fast_resume + if self.advertise_interval: + conf_str += "%s" % self.advertise_interval + if self.preempt_timer_delay: + conf_str += "%s" % self.preempt_timer_delay + if self.holding_multiplier: + conf_str += "%s" % self.holding_multiplier + if self.auth_mode: + conf_str += "%s" % self.auth_mode + if self.auth_key: + conf_str += "%s" % self.auth_key + if self.auth_mode == "simple": + is_plain = "false" + if self.is_plain is True: + is_plain = "true" + conf_str += "%s" % is_plain + + conf_str += CE_NC_SET_VRRP_GROUP_INFO_TAIL + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: set vrrp group atrribute info failed.') + + if self.interface and self.vrid: + if self.vrrp_type == "admin": + if self.admin_ignore_if_down is True: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s admin ignore-if-down" % self.vrid) + else: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s admin" % self.vrid) + + if self.priority: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s priority %s" % (self.vrid, self.priority)) + + if self.fast_resume == "enable": + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s fast-resume" % self.vrid) + if self.fast_resume == "disable": + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s fast-resume" % self.vrid) + + if self.advertise_interval: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s timer advertise %s" % ( + self.vrid, self.advertise_interval)) + + if self.preempt_timer_delay: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s preempt timer delay %s" % (self.vrid, + self.preempt_timer_delay)) + + if self.holding_multiplier: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s holding-multiplier %s" % (self.vrid, self.holding_multiplier)) + + if self.admin_vrid and self.admin_interface: + if self.admin_flowdown is True: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s track admin-vrrp interface %s vrid %s unflowdown" % + (self.vrid, self.admin_interface, self.admin_vrid)) + else: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s track admin-vrrp interface %s vrid %s" % + (self.vrid, self.admin_interface, self.admin_vrid)) + + if self.auth_mode and self.auth_key: + if self.auth_mode == "simple": + if self.is_plain is True: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s authentication-mode simple plain %s" % + (self.vrid, self.auth_key)) + else: + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append("vrrp vrid %s authentication-mode simple cipher %s" % + (self.vrid, self.auth_key)) + if self.auth_mode == "md5": + self.updates_cmd.append( + "interface %s" % self.interface) + self.updates_cmd.append( + "vrrp vrid %s authentication-mode md5 %s" % (self.vrid, self.auth_key)) + self.changed = True + + def delete_vrrp_group(self): + """delete vrrp group attribute info""" + + if self.is_vrrp_group_info_exist(): + conf_str = CE_NC_SET_VRRP_GROUP_INFO_HEAD % ( + self.interface, self.vrid) + if self.vrrp_type: + vrrp_type = self.vrrp_type + if self.vrrp_type == "admin": + vrrp_type = "normal" + if self.vrrp_type == "member" and self.admin_vrid and self.admin_interface: + vrrp_type = "normal" + conf_str += "%s" % vrrp_type + if self.priority: + if self.priority == "100": + self.module.fail_json( + msg='Error: The default value of priority is 100.') + priority = "100" + conf_str += "%s" % priority + + if self.fast_resume: + fast_resume = "false" + if self.fast_resume == "enable": + fast_resume = "true" + conf_str += "%s" % fast_resume + if self.advertise_interval: + if self.advertise_interval == "1000": + self.module.fail_json( + msg='Error: The default value of advertise_interval is 1000.') + advertise_interval = "1000" + conf_str += "%s" % advertise_interval + if self.preempt_timer_delay: + if self.preempt_timer_delay == "0": + self.module.fail_json( + msg='Error: The default value of preempt_timer_delay is 0.') + preempt_timer_delay = "0" + conf_str += "%s" % preempt_timer_delay + if self.holding_multiplier: + if self.holding_multiplier == "0": + self.module.fail_json( + msg='Error: The default value of holding_multiplier is 3.') + holding_multiplier = "3" + conf_str += "%s" % holding_multiplier + if self.auth_mode: + auth_mode = self.auth_mode + if self.auth_mode == "md5" or self.auth_mode == "simple": + auth_mode = "none" + conf_str += "%s" % auth_mode + + conf_str += CE_NC_SET_VRRP_GROUP_INFO_TAIL + recv_xml = set_nc_config(self.module, conf_str) + if "" not in recv_xml: + self.module.fail_json( + msg='Error: set vrrp global atrribute info failed.') + if self.interface and self.vrid: + if self.vrrp_type == "admin": + self.updates_cmd.append( + "undo vrrp vrid %s admin" % self.vrid) + + if self.priority: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s priority" % self.vrid) + + if self.fast_resume: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s fast-resume" % self.vrid) + + if self.advertise_interval: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s timer advertise" % self.vrid) + + if self.preempt_timer_delay: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s preempt timer delay" % self.vrid) + + if self.holding_multiplier: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s holding-multiplier" % self.vrid) + + if self.admin_vrid and self.admin_interface: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s track admin-vrrp" % self.vrid) + + if self.auth_mode: + self.updates_cmd.append("interface %s" % self.interface) + self.updates_cmd.append( + "undo vrrp vrid %s authentication-mode" % self.vrid) + self.changed = True + + def get_proposed(self): + """get proposed info""" + + if self.interface: + self.proposed["interface"] = self.interface + if self.vrid: + self.proposed["vrid"] = self.vrid + if self.virtual_ip: + self.proposed["virtual_ip"] = self.virtual_ip + if self.vrrp_type: + self.proposed["vrrp_type"] = self.vrrp_type + if self.admin_vrid: + self.proposed["admin_vrid"] = self.admin_vrid + if self.admin_interface: + self.proposed["admin_interface"] = self.admin_interface + if self.admin_flowdown: + self.proposed["unflowdown"] = self.admin_flowdown + if self.admin_ignore_if_down: + self.proposed["admin_ignore_if_down"] = self.admin_ignore_if_down + if self.priority: + self.proposed["priority"] = self.priority + if self.version: + self.proposed["version"] = self.version + if self.advertise_interval: + self.proposed["advertise_interval"] = self.advertise_interval + if self.preempt_timer_delay: + self.proposed["preempt_timer_delay"] = self.preempt_timer_delay + if self.gratuitous_arp_interval: + self.proposed[ + "gratuitous_arp_interval"] = self.gratuitous_arp_interval + if self.recover_delay: + self.proposed["recover_delay"] = self.recover_delay + if self.holding_multiplier: + self.proposed["holding_multiplier"] = self.holding_multiplier + if self.auth_mode: + self.proposed["auth_mode"] = self.auth_mode + if self.is_plain: + self.proposed["is_plain"] = self.is_plain + if self.auth_key: + self.proposed["auth_key"] = self.auth_key + if self.fast_resume: + self.proposed["fast_resume"] = self.fast_resume + if self.state: + self.proposed["state"] = self.state + + def get_existing(self): + """get existing info""" + + if self.gratuitous_arp_interval: + self.existing["gratuitous_arp_interval"] = self.vrrp_global_info[ + "gratuitousArpTimeOut"] + if self.version: + self.existing["version"] = self.vrrp_global_info["version"] + if self.recover_delay: + self.existing["recover_delay"] = self.vrrp_global_info[ + "recoverDelay"] + + if self.virtual_ip: + if self.virtual_ip_info: + self.existing["interface"] = self.interface + self.existing["vrid"] = self.vrid + self.existing["virtual_ip_info"] = self.virtual_ip_info[ + "vrrpVirtualIpInfos"] + + if self.vrrp_group_info: + self.existing["interface"] = self.vrrp_group_info["ifName"] + self.existing["vrid"] = self.vrrp_group_info["vrrpId"] + self.existing["vrrp_type"] = self.vrrp_group_info["vrrpType"] + if self.vrrp_type == "admin": + self.existing["admin_ignore_if_down"] = self.vrrp_group_info[ + "authenticationMode"] + if self.admin_vrid and self.admin_interface: + self.existing["admin_vrid"] = self.vrrp_group_info[ + "adminVrrpId"] + self.existing["admin_interface"] = self.vrrp_group_info[ + "adminIfName"] + self.existing["admin_flowdown"] = self.vrrp_group_info[ + "unflowdown"] + if self.priority: + self.existing["priority"] = self.vrrp_group_info["priority"] + if self.advertise_interval: + self.existing["advertise_interval"] = self.vrrp_group_info[ + "advertiseInterval"] + if self.preempt_timer_delay: + self.existing["preempt_timer_delay"] = self.vrrp_group_info[ + "delayTime"] + if self.holding_multiplier: + self.existing["holding_multiplier"] = self.vrrp_group_info[ + "holdMultiplier"] + if self.fast_resume: + fast_resume_exist = "disable" + fast_resume = self.vrrp_group_info["fastResume"] + if fast_resume == "true": + fast_resume_exist = "enable" + self.existing["fast_resume"] = fast_resume_exist + if self.auth_mode: + self.existing["auth_mode"] = self.vrrp_group_info[ + "authenticationMode"] + self.existing["is_plain"] = self.vrrp_group_info["isPlain"] + + def get_end_state(self): + """get end state info""" + + if self.gratuitous_arp_interval or self.version or self.recover_delay: + self.vrrp_global_info = self.get_vrrp_global_info() + if self.interface and self.vrid: + if self.virtual_ip: + self.virtual_ip_info = self.get_virtual_ip_info() + if self.virtual_ip_info: + self.vrrp_group_info = self.get_vrrp_group_info() + + if self.gratuitous_arp_interval: + self.end_state["gratuitous_arp_interval"] = self.vrrp_global_info[ + "gratuitousArpTimeOut"] + if self.version: + self.end_state["version"] = self.vrrp_global_info["version"] + if self.recover_delay: + self.end_state["recover_delay"] = self.vrrp_global_info[ + "recoverDelay"] + + if self.virtual_ip: + if self.virtual_ip_info: + self.end_state["interface"] = self.interface + self.end_state["vrid"] = self.vrid + self.end_state["virtual_ip_info"] = self.virtual_ip_info[ + "vrrpVirtualIpInfos"] + + if self.vrrp_group_info: + self.end_state["interface"] = self.vrrp_group_info["ifName"] + self.end_state["vrid"] = self.vrrp_group_info["vrrpId"] + self.end_state["vrrp_type"] = self.vrrp_group_info["vrrpType"] + if self.vrrp_type == "admin": + self.end_state["admin_ignore_if_down"] = self.vrrp_group_info[ + "authenticationMode"] + if self.admin_vrid and self.admin_interface: + self.existing["admin_vrid"] = self.vrrp_group_info[ + "adminVrrpId"] + self.end_state["admin_interface"] = self.vrrp_group_info[ + "adminIfName"] + self.end_state["admin_flowdown"] = self.vrrp_group_info[ + "unflowdown"] + if self.priority: + self.end_state["priority"] = self.vrrp_group_info["priority"] + if self.advertise_interval: + self.end_state["advertise_interval"] = self.vrrp_group_info[ + "advertiseInterval"] + if self.preempt_timer_delay: + self.end_state["preempt_timer_delay"] = self.vrrp_group_info[ + "delayTime"] + if self.holding_multiplier: + self.end_state["holding_multiplier"] = self.vrrp_group_info[ + "holdMultiplier"] + if self.fast_resume: + fast_resume_end = "disable" + fast_resume = self.vrrp_group_info["fastResume"] + if fast_resume == "true": + fast_resume_end = "enable" + self.end_state["fast_resume"] = fast_resume_end + if self.auth_mode: + self.end_state["auth_mode"] = self.vrrp_group_info[ + "authenticationMode"] + self.end_state["is_plain"] = self.vrrp_group_info["isPlain"] + + def work(self): + """worker""" + + self.check_params() + if self.gratuitous_arp_interval or self.version or self.recover_delay: + self.vrrp_global_info = self.get_vrrp_global_info() + if self.interface and self.vrid: + self.virtual_ip_info = self.get_virtual_ip_info() + if self.virtual_ip_info: + self.vrrp_group_info = self.get_vrrp_group_info() + self.get_proposed() + self.get_existing() + + if self.gratuitous_arp_interval or self.version or self.recover_delay: + if self.state == "present": + self.set_vrrp_global() + else: + self.delete_vrrp_global() + else: + if not self.interface or not self.vrid: + self.module.fail_json( + msg='Error: interface, vrid must be config at the same time.') + + if self.interface and self.vrid: + if self.virtual_ip: + if self.state == "present": + self.create_virtual_ip() + else: + self.delete_virtual_ip() + else: + if not self.vrrp_group_info: + self.module.fail_json( + msg='Error: The VRRP group does not exist.') + if self.admin_ignore_if_down is True: + if self.vrrp_type != "admin": + self.module.fail_json( + msg='Error: vrrpType must be admin when admin_ignore_if_down is true.') + if self.admin_interface or self.admin_vrid: + if self.vrrp_type != "member": + self.module.fail_json( + msg='Error: it binds a VRRP group to an mVRRP group, vrrp_type must be "member".') + if not self.vrrp_type or not self.interface or not self.vrid: + self.module.fail_json( + msg='Error: admin_interface admin_vrid vrrp_type interface vrid must ' + 'be config at the same time.') + if self.auth_mode == "md5" and self.is_plain is True: + self.module.fail_json( + msg='Error: is_plain can not be True when auth_mode is md5.') + + if self.state == "present": + self.set_vrrp_group() + else: + self.delete_vrrp_group() + + self.get_end_state() + self.results['changed'] = self.changed + self.results['proposed'] = self.proposed + self.results['existing'] = self.existing + self.results['end_state'] = self.end_state + if self.changed: + self.results['updates'] = self.updates_cmd + else: + self.results['updates'] = list() + + self.module.exit_json(**self.results) + + +def main(): + """ Module main """ + + argument_spec = dict( + interface=dict(type='str'), + vrid=dict(type='str'), + virtual_ip=dict(type='str'), + vrrp_type=dict(type='str', choices=['normal', 'member', 'admin']), + admin_ignore_if_down=dict(type='bool', default=False), + admin_vrid=dict(type='str'), + admin_interface=dict(type='str'), + admin_flowdown=dict(type='bool', default=False), + priority=dict(type='str'), + version=dict(type='str', choices=['v2', 'v3']), + advertise_interval=dict(type='str'), + preempt_timer_delay=dict(type='str'), + gratuitous_arp_interval=dict(type='str'), + recover_delay=dict(type='str'), + holding_multiplier=dict(type='str'), + auth_mode=dict(type='str', choices=['simple', 'md5', 'none']), + is_plain=dict(type='bool', default=False), + auth_key=dict(type='str'), + fast_resume=dict(type='str', choices=['enable', 'disable']), + state=dict(type='str', default='present', + choices=['present', 'absent']) + ) + + argument_spec.update(ce_argument_spec) + module = Vrrp(argument_spec=argument_spec) + module.work() + + +if __name__ == '__main__': + main()