From 513be8923d92f2f1df9904d298659204c402a034 Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Mon, 8 Oct 2018 14:28:29 +0530 Subject: [PATCH] VMware: new module vmware_host_feature_facts (#45966) Signed-off-by: Abhijeet Kasurde --- .../cloud/vmware/vmware_host_feature_facts.py | 141 ++++++++++++++++++ .../targets/vmware_host_feature_facts/aliases | 2 + .../vmware_host_feature_facts/tasks/main.yml | 115 ++++++++++++++ 3 files changed, 258 insertions(+) create mode 100644 lib/ansible/modules/cloud/vmware/vmware_host_feature_facts.py create mode 100644 test/integration/targets/vmware_host_feature_facts/aliases create mode 100644 test/integration/targets/vmware_host_feature_facts/tasks/main.yml diff --git a/lib/ansible/modules/cloud/vmware/vmware_host_feature_facts.py b/lib/ansible/modules/cloud/vmware/vmware_host_feature_facts.py new file mode 100644 index 0000000000..e3c8189dca --- /dev/null +++ b/lib/ansible/modules/cloud/vmware/vmware_host_feature_facts.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# Copyright: (c) 2018, Abhijeet Kasurde +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = { + 'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community' +} + +DOCUMENTATION = r''' +--- +module: vmware_host_feature_facts +short_description: Gathers facts about an ESXi host's feature capability information +description: +- This module can be used to gather facts about an ESXi host's feature capability information when ESXi hostname or Cluster name is given. +version_added: 2.8 +author: +- Abhijeet Kasurde (@Akasurde) +notes: +- Tested on vSphere 6.5 +requirements: +- python >= 2.6 +- PyVmomi +options: + cluster_name: + description: + - Name of the cluster from all host systems to be used for facts gathering. + - If C(esxi_hostname) is not given, this parameter is required. + esxi_hostname: + description: + - ESXi hostname to gather facts from. + - If C(cluster_name) is not given, this parameter is required. +extends_documentation_fragment: vmware.documentation +''' + +EXAMPLES = r''' +- name: Gather feature capability facts about all ESXi Hosts in given Cluster + vmware_host_feature_facts: + hostname: '{{ vcenter_hostname }}' + username: '{{ vcenter_username }}' + password: '{{ vcenter_password }}' + cluster_name: cluster_name + delegate_to: localhost + register: all_cluster_hosts_facts + +- name: Check if ESXi is vulnerable for Speculative Store Bypass Disable (SSBD) vulnerability + vmware_host_feature_facts: + hostname: "{{ vcenter_server }}" + username: "{{ vcenter_user }}" + password: "{{ vcenter_pass }}" + validate_certs: no + esxi_hostname: "{{ esxi_hostname }}" + register: features_set +- set_fact: + ssbd : "{{ item.value }}" + with_items: "{{ features_set.host_feature_facts[esxi_hostname] |json_query(name) }}" + vars: + name: "[?key=='cpuid.SSBD']" +- assert: + that: + - ssbd|int == 1 + when: ssbd is defined +''' + +RETURN = r''' +hosts_feature_facts: + description: metadata about host's feature capability information + returned: always + type: dict + sample: { + "10.76.33.226": [ + { + "feature_name": "cpuid.3DNOW", + "key": "cpuid.3DNOW", + "value": "0" + }, + { + "feature_name": "cpuid.3DNOWPLUS", + "key": "cpuid.3DNOWPLUS", + "value": "0" + }, + ] + } +''' + +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.vmware import vmware_argument_spec, PyVmomi + + +class FeatureCapabilityFactsManager(PyVmomi): + def __init__(self, module): + super(FeatureCapabilityFactsManager, self).__init__(module) + cluster_name = self.params.get('cluster_name', None) + esxi_host_name = self.params.get('esxi_hostname', None) + self.hosts = self.get_all_host_objs(cluster_name=cluster_name, esxi_host_name=esxi_host_name) + + def gather_host_feature_facts(self): + host_feature_facts = dict() + for host in self.hosts: + host_feature_capabilities = host.config.featureCapability + capability = [] + for fc in host_feature_capabilities: + temp_dict = { + 'key': fc.key, + 'feature_name': fc.featureName, + 'value': fc.value, + } + capability.append(temp_dict) + + host_feature_facts[host.name] = capability + + return host_feature_facts + + +def main(): + argument_spec = vmware_argument_spec() + argument_spec.update( + cluster_name=dict(type='str', required=False), + esxi_hostname=dict(type='str', required=False), + ) + + module = AnsibleModule( + argument_spec=argument_spec, + required_one_of=[ + ['cluster_name', 'esxi_hostname'], + ], + supports_check_mode=True, + ) + + host_capability_manager = FeatureCapabilityFactsManager(module) + module.exit_json(changed=False, + hosts_feature_facts=host_capability_manager.gather_host_feature_facts()) + + +if __name__ == "__main__": + main() diff --git a/test/integration/targets/vmware_host_feature_facts/aliases b/test/integration/targets/vmware_host_feature_facts/aliases new file mode 100644 index 0000000000..845e8a6dad --- /dev/null +++ b/test/integration/targets/vmware_host_feature_facts/aliases @@ -0,0 +1,2 @@ +cloud/vcenter +unsupported diff --git a/test/integration/targets/vmware_host_feature_facts/tasks/main.yml b/test/integration/targets/vmware_host_feature_facts/tasks/main.yml new file mode 100644 index 0000000000..39450580b1 --- /dev/null +++ b/test/integration/targets/vmware_host_feature_facts/tasks/main.yml @@ -0,0 +1,115 @@ +# Test code for the vmware_host_feature_facts module. +# Copyright: (c) 2018, Abhijeet Kasurde +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +# TODO: vcsim does not support host feature capabilities + +- name: store the vcenter container ip + set_fact: + vcsim: "{{ lookup('env', 'vcenter_host') }}" + +- debug: var=vcsim + +- name: Wait for Flask controller to come up online + wait_for: + host: "{{ vcsim }}" + port: 5000 + state: started + +- name: kill vcsim + uri: + url: http://{{ vcsim }}:5000/killall + +- name: start vcsim + uri: + url: http://{{ vcsim }}:5000/spawn?cluster=2 + register: vcsim_instance + +- debug: + var: vcsim_instance + +- name: Wait for vcsim server to come up online + wait_for: + host: "{{ vcsim }}" + port: 443 + state: started + +- name: get a list of Cluster from vcsim + uri: + url: http://{{ vcsim }}:5000/govc_find?filter=CCR + register: clusters + +- name: get a cluster + set_fact: + ccr1: "{{ clusters.json[0] | basename }}" + +- name: get a list of hosts from vcsim + uri: + url: http://{{ vcsim }}:5000/govc_find?filter=H + register: hosts + +- name: get a host + set_fact: + host1: "{{ hosts.json[0] | basename }}" + +- debug: var=ccr1 +- debug: var=host1 + +- name: Gather feature capability facts for all ESXi host from given cluster + vmware_host_feature_facts: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + cluster_name: "{{ ccr1 }}" + register: capability_0001_results + +- assert: + that: + - "not capability_0001_results.changed" + - "capability_0001_results.hosts_feature_facts is defined" + +- name: Gather feature capability facts for all ESXi host from given cluster in check mode + vmware_host_feature_facts: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + cluster_name: "{{ ccr1 }}" + register: capability_0001_results + check_mode: yes + +- assert: + that: + - "not capability_0001_results.changed" + - "capability_0001_results.hosts_feature_facts is defined" + +- name: Gather feature capability facts for ESXi host + vmware_host_feature_facts: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + esxi_hostname: "{{ host1 }}" + register: capability_0002_results + +- assert: + that: + - "not capability_0002_results.changed" + - "capability_0002_results.hosts_feature_facts is defined" + + +- name: Gather feature capability facts for ESXi host in check mode + vmware_host_feature_facts: + hostname: "{{ vcsim }}" + username: "{{ vcsim_instance.json.username }}" + password: "{{ vcsim_instance.json.password }}" + validate_certs: no + esxi_hostname: "{{ host1 }}" + register: capability_0002_results + check_mode: yes + +- assert: + that: + - "not capability_0002_results.changed" + - "capability_0002_results.hosts_feature_facts is defined"