diff --git a/lib/ansible/modules/network/aci/aci_interface_policy_ospf.py b/lib/ansible/modules/network/aci/aci_interface_policy_ospf.py new file mode 100644 index 00000000000..e8cfd2d2445 --- /dev/null +++ b/lib/ansible/modules/network/aci/aci_interface_policy_ospf.py @@ -0,0 +1,379 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2018, Dag Wieers (dagwieers) +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + +DOCUMENTATION = r''' +--- +module: aci_interface_policy_ospf +short_description: Manage OSPF interface policies (ospf:IfPol) +description: +- Manage OSPF interface policies on Cisco ACI fabrics. +notes: +- More information about the internal APIC class B(ospf:IfPol) from + L(the APIC Management Information Model reference,https://developer.cisco.com/docs/apic-mim-ref/). +author: +- Dag Wieers (@dagwieers) +version_added: '2.7' +options: + tenant: + description: + - The name of the Tenant the OSPF interface policy should belong to. + required: yes + aliases: [ tenant_name ] + ospf: + description: + - The OSPF interface policy name. + - This name can be between 1 and 64 alphanumeric characters. + - Note that you cannot change this name after the object has been saved. + required: yes + aliases: [ ospf_interface, name ] + description: + description: + - The description for the OSPF interface. + aliases: [ descr ] + network_type: + description: + - The OSPF interface policy network type. + - OSPF supports broadcast and point-to-point. + - The APIC defaults to C(unspecified) when unset during creation. + choices: [ bcast, p2p ] + cost: + description: + - The OSPF cost of the interface. + - The cost (also called metric) of an interface in OSPF is an indication of + the overhead required to send packets across a certain interface. The + cost of an interface is inversely proportional to the bandwidth of that + interface. A higher bandwidth indicates a lower cost. There is more + overhead (higher cost) and time delays involved in crossing a 56k serial + line than crossing a 10M ethernet line. The formula used to calculate the + cost is C(cost= 10000 0000/bandwith in bps) For example, it will cost + 10 EXP8/10 EXP7 = 10 to cross a 10M Ethernet line and will cost + 10 EXP8/1544000 = 64 to cross a T1 line. + - By default, the cost of an interface is calculated based on the bandwidth; + you can force the cost of an interface with the ip ospf cost value + interface subconfiguration mode command. + - Accepted values range between C(1) and C(450). + - The APIC defaults to C(0) when unset during creation. + controls: + description: + - The interface policy controls. + - 'This is a list of one or more of the following controls:' + - C(advert-subnet) -- Advertise IP subnet instead of a host mask in the router LSA. + - C(bfd) -- Bidirectional Forwarding Detection + - C(mtu-ignore) -- Disables MTU mismatch detection on an interface. + - C(passive) -- The interface does not participate in the OSPF protocol and + will not establish adjacencies or send routing updates. However the + interface is announced as part of the routing network. + choices: [ advert-subnet, bfd, mtu-ignore, passive ] + dead_interval: + description: + - The interval between hello packets from a neighbor before the router + declares the neighbor as down. + - This value must be the same for all networking devices on a specific network. + - Specifying a smaller dead interval (seconds) will give faster detection + of a neighbor being down and improve convergence, but might cause more + routing instability. + - Accepted values range between C(1) and C(65535). + - The APIC defaults to C(40) when unset during creation. + hello_interval: + description: + - The interval between hello packets that OSPF sends on the interface. + - Note that the smaller the hello interval, the faster topological changes will be detected, but more routing traffic will ensue. + - This value must be the same for all routers and access servers on a specific network. + - Accepted values range between C(1) and C(65535). + - The APIC defaults to C(10) when unset during creation. + prefix_suppression: + description: + - Whether prefix suppressions is enabled or disabled. + - The APIC defaults to C(inherit) when unset during creation. + type: bool + priority: + description: + - The priority for the OSPF interface profile. + - Accepted values ranges between C(0) and C(255). + - The APIC defaults to C(1) when unset during creation. + retransmit_interval: + description: + - The interval between LSA retransmissions. + - The retransmit interval occurs while the router is waiting for an acknowledgement from the neighbor router that it received the LSA. + - If no acknowlegment is received at the end of the interval, then the LSA is resent. + - Accepted values range between C(1) and C(65535). + - The APIC defaults to C(5) when unset during creation. + transmit_delay: + description: + - The delay time needed to send an LSA update packet. + - OSPF increments the LSA age time by the transmit delay amount before transmitting the LSA update. + - You should take into account the transmission and propagation delays for the interface when you set this value. + - Accepted values range between C(1) and C(450). + - The APIC defaults to C(1) when unset during creation. + state: + description: + - Use C(present) or C(absent) for adding or removing. + - Use C(query) for listing an object or multiple objects. + choices: [ absent, present, query ] + default: present +extends_documentation_fragment: aci +''' + +EXAMPLES = r''' +- name: Ensure ospf interface policy exists + aci_interface_policy_ospf: + host: apic + username: admin + password: SomeSecretPassword + tenant: production + ospf: ospf1 + state: present + +- name: Ensure ospf interface policy does not exist + aci_interface_policy_ospf: + host: apic + username: admin + password: SomeSecretPassword + tenant: production + ospf: ospf1 + state: present + +- name: Query an ospf interface policy + aci_interface_policy_ospf: + host: apic + username: admin + password: SomeSecretPassword + tenant: production + ospf: ospf1 + state: query + +- name: Query all ospf interface policies in tenant production + aci_interface_policy_ospf: + host: apic + username: admin + password: SomeSecretPassword + tenant: production + state: query +''' + +RETURN = r''' +current: + description: The existing configuration from the APIC after the module has finished + returned: success + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] +error: + description: The error information as returned from the APIC + returned: failure + type: dict + sample: + { + "code": "122", + "text": "unknown managed object class foo" + } +raw: + description: The raw output returned by the APIC REST API (xml or json) + returned: parse error + type: string + sample: '' +sent: + description: The actual/minimal configuration pushed to the APIC + returned: info + type: list + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment" + } + } + } +previous: + description: The original configuration from the APIC before the module has started + returned: info + type: list + sample: + [ + { + "fvTenant": { + "attributes": { + "descr": "Production", + "dn": "uni/tn-production", + "name": "production", + "nameAlias": "", + "ownerKey": "", + "ownerTag": "" + } + } + } + ] +proposed: + description: The assembled configuration from the user-provided parameters + returned: info + type: dict + sample: + { + "fvTenant": { + "attributes": { + "descr": "Production environment", + "name": "production" + } + } + } +filter_string: + description: The filter string used for the request + returned: failure or debug + type: string + sample: ?rsp-prop-include=config-only +method: + description: The HTTP method used for the request to the APIC + returned: failure or debug + type: string + sample: POST +response: + description: The HTTP response from the APIC + returned: failure or debug + type: string + sample: OK (30 bytes) +status: + description: The HTTP status from the APIC + returned: failure or debug + type: int + sample: 200 +url: + description: The HTTP url used for the request to the APIC + returned: failure or debug + type: string + sample: https://10.11.12.13/api/mo/uni/tn-production.json +''' + +from ansible.module_utils.network.aci.aci import ACIModule, aci_argument_spec +from ansible.module_utils.basic import AnsibleModule + + +def main(): + argument_spec = aci_argument_spec() + argument_spec.update( + tenant=dict(type='str', required=False, aliases=['tenant_name']), # Not required for querying all objects + ospf=dict(type='str', required=False, aliases=['ospf_interface', 'name']), # Not required for querying all objects + description=dict(type='str', aliases=['descr']), + network_type=dict(type='str', choices=['bcast', 'p2p']), + cost=dict(type='int'), + controls=dict(type='list', choices=['advert-subnet', 'bfd', 'mtu-ignore', 'passive']), + dead_interval=dict(type='int'), + hello_interval=dict(type='int'), + prefix_suppression=dict(type='bool'), + priority=dict(type='int'), + retransmit_interval=dict(type='int'), + transmit_delay=dict(type='int'), + state=dict(type='str', default='present', choices=['absent', 'present', 'query']), + ) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + required_if=[ + ['state', 'absent', ['ospf', 'tenant']], + ['state', 'present', ['ospf', 'tenant']], + ], + ) + + aci = ACIModule(module) + + tenant = module.params['tenant'] + ospf = module.params['ospf'] + description = module.params['description'] + + if module.params['controls'] is None: + controls = None + else: + controls = ','.join(module.params['controls']) + + cost = module.params['cost'] + if cost is not None and cost not in range(1, 451): + module.fail_json(msg="Parameter 'cost' is only valid in range between 1 and 450.") + + dead_interval = module.params['dead_interval'] + if dead_interval is not None and dead_interval not in range(1, 65536): + module.fail_json(msg="Parameter 'dead_interval' is only valid in range between 1 and 65536.") + + hello_interval = module.params['hello_interval'] + if hello_interval is not None and hello_interval not in range(1, 65536): + module.fail_json(msg="Parameter 'hello_interval' is only valid in range between 1 and 65536.") + + network_type = module.params['network_type'] + prefix_suppression = aci.boolean(module.params['prefix_suppression'], 'enabled', 'disabled') + priority = module.params['priority'] + if priority is not None and priority not in range(0, 256): + module.fail_json(msg="Parameter 'priority' is only valid in range between 1 and 255.") + + retransmit_interval = module.params['retransmit_interval'] + if retransmit_interval is not None and retransmit_interval not in range(1, 65536): + module.fail_json(msg="Parameter 'retransmit_interval' is only valid in range between 1 and 65536.") + + transmit_delay = module.params['transmit_delay'] + if transmit_delay is not None and transmit_delay not in range(1, 451): + module.fail_json(msg="Parameter 'transmit_delay' is only valid in range between 1 and 450.") + + state = module.params['state'] + + aci.construct_url( + root_class=dict( + aci_class='ospfIfPol', + aci_rn='tn-{0}/ospfIfPol-{1}'.format(tenant, ospf), + filter_target='eq(ospfIfPol.name, "{0}")'.format(ospf), + module_object=ospf, + ), + ) + + aci.get_existing() + + if state == 'present': + aci.payload( + aci_class='ospfIfPol', + class_config=dict( + name=ospf, + descr=description, + cost=cost, + ctrl=controls, + deadIntvl=dead_interval, + helloIntvl=hello_interval, + nwT=network_type, + pfxSuppress=prefix_suppression, + prio=priority, + rexmitIntvl=retransmit_interval, + xmitDelay=transmit_delay, + ), + ) + + aci.get_diff(aci_class='ospfIfPol') + + aci.post_config() + + elif state == 'absent': + aci.delete_config() + + aci.exit_json() + + +if __name__ == "__main__": + main() diff --git a/test/integration/targets/aci_interface_policy_ospf/aliases b/test/integration/targets/aci_interface_policy_ospf/aliases new file mode 100644 index 00000000000..e69de29bb2d diff --git a/test/integration/targets/aci_interface_policy_ospf/tasks/main.yml b/test/integration/targets/aci_interface_policy_ospf/tasks/main.yml new file mode 100644 index 00000000000..7ca2d92fec7 --- /dev/null +++ b/test/integration/targets/aci_interface_policy_ospf/tasks/main.yml @@ -0,0 +1,218 @@ +# Test code for the ACI modules +# Copyright: (c) 2017, Dag Wieers (dagwieers) + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +- name: Test that we have an ACI APIC host, ACI username and ACI password + fail: + msg: 'Please define the following variables: aci_hostname, aci_username and aci_password.' + when: aci_hostname is not defined or aci_username is not defined or aci_password is not defined + + +# CLEAN ENVIRONMENT +- name: Ensure tenant exists for tests to kick off + aci_tenant: &aci_tenant_present + host: "{{ aci_hostname }}" + username: "{{ aci_username }}" + password: "{{ aci_password }}" + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + output_level: debug + tenant: anstest + state: present + register: tenant_present + +- name: Remove OSPF interface policy + aci_interface_policy_ospf: &interface_policy_ospf_absent + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + tenant: anstest + ospf: ansible_ospf + state: absent + + +# ADD OSPF INTERFACE POLICY +- name: Add ospf interface policy (check_mode) + aci_interface_policy_ospf: &interface_policy_ospf_present + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + tenant: anstest + ospf: ansible_ospf + state: present + check_mode: yes + register: cm_add_ospf_interface_policy + +- name: Add ospf interface policy (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_present + register: nm_add_ospf_interface_policy + +- name: Add ospf interface policy again (check_mode) + aci_interface_policy_ospf: *interface_policy_ospf_present + check_mode: yes + register: cm_add_ospf_interface_policy_again + +- name: Add ospf interface policy again (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_present + register: nm_add_ospf_interface_policy_again + +- name: Verify add_ospf_interface_policy + assert: + that: + - cm_add_ospf_interface_policy.changed == nm_add_ospf_interface_policy.changed == true + - cm_add_ospf_interface_policy_again.changed == nm_add_ospf_interface_policy_again.changed == false + + +# CHANGE OSPF INTERFACE POLICY +- name: Change description of ospf interface policy (check_mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_present + description: Ansible test ospf interface policy + check_mode: yes + register: cm_add_ospf_descr + +- name: Change description of ospf interface policy (normal mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_present + description: Ansible test ospf interface policy + register: nm_add_ospf_descr + +- name: Change description of ospf interface policy again (check_mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_present + description: Ansible test ospf interface policy + check_mode: yes + register: cm_add_ospf_descr_again + +- name: Change description of ospf interface policy again (normal mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_present + description: Ansible test ospf interface policy + register: nm_add_ospf_descr_again + +- name: Verify add_ospf_descr + assert: + that: + - cm_add_ospf_descr.changed == nm_add_ospf_descr.changed == true + - cm_add_ospf_descr_again.changed == nm_add_ospf_descr_again.changed == false + + +# ADD OSPF INTERFACE POLICY AGAIN +- name: Add ospf interface policy again with no description (check_mode) + aci_interface_policy_ospf: *interface_policy_ospf_present + check_mode: yes + register: cm_add_ospf_again_no_descr + +- name: Add ospf interface policy again with no description (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_present + register: nm_add_ospf_again_no_descr + +- name: Verify add_ospf_again_no_descr + assert: + that: + - cm_add_ospf_again_no_descr.changed == nm_add_ospf_again_no_descr.changed == false + + +# QUERY ALL OSPF INTERFACE POLICIES +- name: Query all ospf interface policies (check_mode) + aci_interface_policy_ospf: &interface_policy_ospf_query + host: '{{ aci_hostname }}' + username: '{{ aci_username }}' + password: '{{ aci_password }}' + validate_certs: '{{ aci_validate_certs | default(false) }}' + use_ssl: '{{ aci_use_ssl | default(true) }}' + use_proxy: '{{ aci_use_proxy | default(true) }}' + tenant: anstest + state: query + check_mode: yes + register: cm_query_all_ospfs + +- name: Query all ospfs (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_query + register: nm_query_all_ospfs + +- name: Verify query_all_ospfs + assert: + that: + - cm_query_all_ospfs.changed == nm_query_all_ospfs.changed == false + # NOTE: Order of ospfs is not stable between calls + #- cm_query_all_ospfs == nm_query_all_ospfs + + +# QUERY A OSPF INTERFACE POLICY +- name: Query our ospf + aci_interface_policy_ospf: + <<: *interface_policy_ospf_query + tenant: anstest + ospf: ansible_ospf + check_mode: yes + register: cm_query_ospf + +- name: Query our ospf + aci_interface_policy_ospf: + <<: *interface_policy_ospf_query + tenant: anstest + ospf: ansible_ospf + register: nm_query_ospf + +- name: Verify query_ospf + assert: + that: + - cm_query_ospf.changed == nm_query_ospf.changed == false + - cm_query_ospf == nm_query_ospf + + +# REMOVE OSPF INTERFACE POLICY +- name: Remove ospf (check_mode) + aci_interface_policy_ospf: *interface_policy_ospf_absent + check_mode: yes + register: cm_remove_ospf + +- name: Remove ospf (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_absent + register: nm_remove_ospf + +- name: Remove ospf again (check_mode) + aci_interface_policy_ospf: *interface_policy_ospf_absent + check_mode: yes + register: cm_remove_ospf_again + +- name: Remove ospf again (normal mode) + aci_interface_policy_ospf: *interface_policy_ospf_absent + register: nm_remove_ospf_again + +- name: Verify remove_ospf + assert: + that: + - cm_remove_ospf.changed == nm_remove_ospf.changed == true + - cm_remove_ospf_again.changed == nm_remove_ospf_again.changed == false + + +# QUERY NON-EXISTING OSPF INTERFACE POLICY +- name: Query non-existing ospf (check_mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_query + ospf: ansible_ospf + check_mode: yes + register: cm_query_non_ospf + +- name: Query non-existing ospf (normal mode) + aci_interface_policy_ospf: + <<: *interface_policy_ospf_query + ospf: ansible_ospf + register: nm_query_non_ospf + +# TODO: Implement more tests +- name: Verify query_non_ospf + assert: + that: + - cm_query_non_ospf.changed == nm_query_non_ospf.changed == false + - cm_query_non_ospf == nm_query_non_ospf