#!/usr/bin/python # -*- coding: utf-8 -*- # Copyright: (c) 2016, Ted Elhourani # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # Ansible module to manage Big Monitoring Fabric service chains from __future__ import absolute_import, division, print_function __metaclass__ = type ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ['preview'], 'supported_by': 'community'} DOCUMENTATION = ''' --- module: bigmon_chain author: "Ted (@tedelhourani)" short_description: Create and remove a bigmon inline service chain. description: - Create and remove a bigmon inline service chain. options: name: description: - The name of the chain. required: true state: description: - Whether the service chain should be present or absent. default: present choices: ['present', 'absent'] controller: description: - The controller IP address. required: true validate_certs: description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled devices using self-signed certificates. required: false default: true type: bool access_token: description: - Bigmon access token. If this isn't set, the environment variable C(BIGSWITCH_ACCESS_TOKEN) is used. ''' EXAMPLES = ''' - name: bigmon inline service chain bigmon_chain: name: MyChain controller: '{{ inventory_hostname }}' state: present validate_certs: false ''' RETURN = ''' # ''' import os import traceback from ansible.module_utils.basic import AnsibleModule from ansible_collections.community.general.plugins.module_utils.network.bigswitch.bigswitch import Rest from ansible.module_utils._text import to_native def chain(module): try: access_token = module.params['access_token'] or os.environ['BIGSWITCH_ACCESS_TOKEN'] except KeyError as e: module.fail_json(msg='Unable to load %s' % e.message, exception=traceback.format_exc()) name = module.params['name'] state = module.params['state'] controller = module.params['controller'] rest = Rest(module, {'content-type': 'application/json', 'Cookie': 'session_cookie=' + access_token}, 'https://' + controller + ':8443/api/v1/data/controller/applications/bigchain') if None in (name, state, controller): module.fail_json(msg='parameter `name` is missing') response = rest.get('chain?config=true', data={}) if response.status_code != 200: module.fail_json(msg="failed to obtain existing chain config: {0}".format(response.json['description'])) config_present = False matching = [chain for chain in response.json if chain['name'] == name] if matching: config_present = True if state in ('present') and config_present: module.exit_json(changed=False) if state in ('absent') and not config_present: module.exit_json(changed=False) if state in ('present'): response = rest.put('chain[name="%s"]' % name, data={'name': name}) if response.status_code == 204: module.exit_json(changed=True) else: module.fail_json(msg="error creating chain '{0}': {1}".format(name, response.json['description'])) if state in ('absent'): response = rest.delete('chain[name="%s"]' % name, data={}) if response.status_code == 204: module.exit_json(changed=True) else: module.fail_json(msg="error deleting chain '{0}': {1}".format(name, response.json['description'])) def main(): module = AnsibleModule( argument_spec=dict( name=dict(type='str', required=True), controller=dict(type='str', required=True), state=dict(choices=['present', 'absent'], default='present'), validate_certs=dict(type='bool', default='True'), access_token=dict(type='str', no_log=True) ) ) try: chain(module) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc()) if __name__ == '__main__': main()