cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Supporting general snmp configurations in Ansible (#63723)

Browse source 
* Supporting general snmp configurations in Ansible

* Modifying SNMP General configurations.

* Fix pycodestyle issues

Signed-off-by: Sara Touqan <sarato@mellanox.com>

* Fix documentation errors

Signed-off-by: Sara Touqan <sarato@mellanox.com>
This commit is contained in:
Sara-Touqan 2019-12-17 08:19:56 +02:00 committed by Ganesh Nalawade
parent 33338decf7
commit 13d0ebd603
3 changed files with 629 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

427
lib/ansible/modules/network/onyx/onyx_snmp.py Normal file
View file

@ -0,0 +1,427 @@
#!/usr/bin/python
#
# Copyright: Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = """
---
module: onyx_snmp
version_added: "2.10"
author: "Sara-Touqan (@sarato)"
short_description: Manages SNMP general configurations on Mellanox ONYX network devices
description:
- This module provides declarative management of SNMP
on Mellanox ONYX network devices.
options:
state_enabled:
description:
- Enables/Disables the state of the SNMP configuration.
type: bool
contact_name:
description:
- Sets the SNMP contact name.
type: str
location:
description:
- Sets the SNMP location.
type: str
communities_enabled:
description:
- Enables/Disables community-based authentication on the system.
type: bool
multi_communities_enabled:
description:
- Enables/Disables multiple communities to be configured.
type: bool
snmp_communities:
type: list
description:
- List of snmp communities
suboptions:
community_name:
description:
- Configures snmp community name.
required: true
type: str
community_type:
description:
- Add this community as either a read-only or read-write community.
choices: ['read-only', 'read-write']
type: str
state:
description:
- Used to decide if you want to delete the given snmp community or not
choices: ['present', 'absent']
type: str
notify_enabled:
description:
- Enables/Disables sending of SNMP notifications (traps and informs) from thee system.
type: bool
notify_port:
description:
- Sets the default port to which notifications are sent.
type: str
notify_community:
description:
- Sets the default community for SNMP v1 and v2c notifications sent to hosts which do not have a community override set.
type: str
notify_send_test:
description:
- Sends a test notification.
type: str
choices: ['yes','no']
notify_event:
description:
- Specifys which events will be sent as SNMP notifications.
type: str
choices: ['asic-chip-down', 'dcbx-pfc-port-oper-state-trap', 'insufficient-power', 'mstp-new-bridge-root',
'ospf-lsdb-approaching-overflow', 'sm-stop', 'user-logout', 'cli-line-executed', 'dcbx-pfc-port-peer-state-trap',
'interface-down', 'mstp-new-root-port', 'ospf-lsdb-overflow', 'snmp-authtrap', 'xstp-new-root-bridge',
'cpu-util-high', 'disk-io-high', 'interface-up', 'mstp-topology-change', 'ospf-nbr-state-change',
'temperature-too-high', 'xstp-root-port-change', 'dcbx-ets-module-state-change', 'disk-space-low',
'internal-bus-error', 'netusage-high', 'paging-high', 'topology_change', 'xstp-topology-change',
'dcbx-ets-port-admin-state-trap', 'entity-state-change', 'internal-link-speed-mismatch', 'new_root',
'power-redundancy-mismatch', 'unexpected-cluster-join', 'dcbx-ets-port-oper-state-trap', 'expected-shutdown',
'liveness-failure', 'ospf-auth-fail', 'process-crash', 'unexpected-cluster-leave', 'dcbx-ets-port-peer-state-trap',
'health-module-status', 'low-power', 'ospf-config-error', 'process-exit', 'unexpected-cluster-size',
'dcbx-pfc-module-state-change', 'insufficient-fans', 'low-power-recover', 'ospf-if-rx-bad-packet',
'sm-restart', 'unexpected-shutdown', 'dcbx-pfc-port-admin-state-trap', 'insufficient-fans-recover', 'memusage-high',
'ospf-if-state-change', 'sm-start', 'user-login']
engine_id_reset:
description:
- Sets SNMPv3 engineID to node unique value.
type: bool
snmp_permissions:
type: list
description:
- Allow SNMPSET requests for items in a MIB.
suboptions:
state_enabled:
description:
- Enables/Disables the request.
required: true
type: bool
permission_type:
description:
- Configures the request type.
choices: ['MELLANOX-CONFIG-DB-MIB', 'MELLANOX-EFM-MIB','MELLANOX-POWER-CYCLE','MELLANOX-SW-UPDATE','RFC1213-MIB']
type: str
"""
EXAMPLES = """
- name: configure SNMP
onyx_snmp:
state_enabled: yes
contact_name: sara
location: Nablus
communities_enabled: no
multi_communities_enabled: no
notify_enabled: yes
notify_port: 1
notify_community: community_1
notify_send_test: yes
notify_event: temperature-too-high
snmp_communities:
- community_name: public
community_type: read-only
state: absent
snmp_permissions:
- state_enabled: yes
permission_type: MELLANOX-CONFIG-DB-MIB
"""
RETURN = """
commands:
description: The list of configuration mode commands to send to the device
returned: always.
type: list
sample:
- snmp-server enable
- no snmp-server enable
- snmp-server location <location_name>
- snmp-server contact <contact_name>
- snmp-server enable communities
- no snmp-server enable communities
- snmp-server enable mult-communities
- no snmp-server enable mult-communities
- snmp-server enable notify
- snmp-server notify port <port_number>
- snmp-server notify community <community_name>
- snmp-server notify send-test
- snmp-server notify event <event_name>
- snmp-server enable set-permission <permission_type>
- no snmp-server enable set-permission <permission_type>
- snmp-server community <community_name> <community_type>
- no snmp-server community <community_name>.
- snmp-server engineID reset.
"""
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.network.onyx.onyx import BaseOnyxModule
from ansible.module_utils.network.onyx.onyx import show_cmd
class OnyxSNMPModule(BaseOnyxModule):
def init_module(self):
""" module initialization
"""
community_spec = dict(community_name=dict(required=True),
community_type=dict(choices=['read-only', 'read-write']),
state=dict(choices=['present', 'absent']))
snmp_permission_spec = dict(state_enabled=dict(type='bool', required=True),
permission_type=dict(choices=['MELLANOX-CONFIG-DB-MIB', 'MELLANOX-EFM-MIB', 'MELLANOX-POWER-CYCLE',
'MELLANOX-SW-UPDATE', 'RFC1213-MIB']))
event_choices = ['asic-chip-down', 'dcbx-pfc-port-oper-state-trap', 'insufficient-power', 'mstp-new-bridge-root',
'ospf-lsdb-approaching-overflow', 'sm-stop', 'user-logout', 'cli-line-executed', 'dcbx-pfc-port-peer-state-trap',
'interface-down', 'mstp-new-root-port', 'ospf-lsdb-overflow', 'snmp-authtrap', 'xstp-new-root-bridge',
'cpu-util-high', 'disk-io-high', 'interface-up', 'mstp-topology-change', 'ospf-nbr-state-change',
'temperature-too-high', 'xstp-root-port-change', 'dcbx-ets-module-state-change', 'disk-space-low',
'internal-bus-error', 'netusage-high', 'paging-high', 'topology_change', 'xstp-topology-change',
'dcbx-ets-port-admin-state-trap', 'entity-state-change', 'internal-link-speed-mismatch', 'new_root',
'power-redundancy-mismatch', 'unexpected-cluster-join', 'dcbx-ets-port-oper-state-trap', 'expected-shutdown',
'liveness-failure', 'ospf-auth-fail', 'process-crash', 'unexpected-cluster-leave', 'dcbx-ets-port-peer-state-trap',
'health-module-status', 'low-power', 'ospf-config-error', 'process-exit', 'unexpected-cluster-size',
'dcbx-pfc-module-state-change', 'insufficient-fans', 'low-power-recover', 'ospf-if-rx-bad-packet',
'sm-restart', 'unexpected-shutdown', 'dcbx-pfc-port-admin-state-trap', 'insufficient-fans-recover', 'memusage-high',
'ospf-if-state-change', 'sm-start', 'user-login']
element_spec = dict(
state_enabled=dict(type='bool'),
contact_name=dict(type='str'),
location=dict(type='str'),
communities_enabled=dict(type='bool'),
multi_communities_enabled=dict(type='bool'),
snmp_communities=dict(type='list', elements='dict', options=community_spec),
notify_enabled=dict(type='bool'),
notify_port=dict(type='str'),
notify_community=dict(type='str'),
notify_send_test=dict(type='str', choices=['yes', 'no']),
notify_event=dict(type='str', choices=event_choices),
engine_id_reset=dict(type='bool'),
snmp_permissions=dict(type='list', elements='dict', options=snmp_permission_spec)
)
argument_spec = dict()
argument_spec.update(element_spec)
self._module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True)
def get_required_config(self):
module_params = self._module.params
self._required_config = dict(module_params)
self.validate_param_values(self._required_config)
def _show_snmp_config(self):
show_cmds = []
cmd = "show snmp"
show_cmds.append(show_cmd(self._module, cmd, json_fmt=True, fail_on_error=False))
cmd = "show running-config | include snmp"
show_cmds.append(show_cmd(self._module, cmd, json_fmt=True, fail_on_error=False))
return show_cmds
def _set_snmp_config(self, all_snmp_config):
ro_communities_list = []
rw_communities_list = []
snmp_config = all_snmp_config[0]
if not snmp_config:
return
if snmp_config.get("SNMP enabled") == 'yes':
self._current_config['state_enabled'] = True
else:
self._current_config['state_enabled'] = False
self._current_config['contact_name'] = snmp_config.get("System contact")
self._current_config['location'] = snmp_config.get("System location")
curr_ro_comm = snmp_config.get("Read-only community")
if curr_ro_comm:
ro_arr = curr_ro_comm.split(' ')
rw_arr = snmp_config.get("Read-write community").split(' ')
ro_communities_list = ro_arr[0]
rw_communities_list = rw_arr[0]
if (len(ro_arr) == 2):
self._current_config['communities_enabled'] = False
else:
self._current_config['communities_enabled'] = True
else:
read_only_communities = all_snmp_config[1]
read_write_communities = all_snmp_config[2]
if not read_only_communities:
return
read_only_comm = read_only_communities.get("Read-only communities")
if read_only_comm:
self._current_config['communities_enabled'] = True
ro_communities_list = read_only_comm[0].get("Lines")
else:
self._current_config['communities_enabled'] = False
ro_comm_disabled = read_only_communities.get("Read-only communities (DISABLED)")
if ro_comm_disabled:
ro_communities_list = ro_comm_disabled[0].get("Lines")
if not read_write_communities:
return
read_write_comm = read_write_communities.get("Read-write communities")
if read_write_comm:
self._current_config['communities_enabled'] = True
rw_communities_list = read_write_comm[0].get("Lines")
else:
self._current_config['communities_enabled'] = False
rw_comm_disabled = read_write_communities.get("Read-write communities (DISABLED)")
if rw_comm_disabled:
rw_communities_list = rw_comm_disabled[0].get("Lines")
self._current_config['ro_communities_list'] = ro_communities_list
self._current_config['rw_communities_list'] = rw_communities_list
def _set_snmp_running_config(self, snmp_running_config):
self._current_config['multi_comm_enabled'] = True
self._current_config['notify_enabled'] = True
curr_config_arr = []
snmp_lines = snmp_running_config.get('Lines')
for runn_config in snmp_lines:
curr_config_arr.append(runn_config.strip())
if 'no snmp-server enable mult-communities' in snmp_lines:
self._current_config['multi_comm_enabled'] = False
if 'no snmp-server enable notify' in snmp_lines:
self._current_config['notify_enabled'] = False
self._current_config['snmp_running_config'] = curr_config_arr
def load_current_config(self):
self._current_config = dict()
snmp_config = self._show_snmp_config()
if snmp_config[0]:
self._set_snmp_config(snmp_config[0])
if snmp_config[1]:
self._set_snmp_running_config(snmp_config[1])
def generate_commands(self):
current_state = self._current_config.get("state_enabled")
state = current_state
req_state = self._required_config.get("state_enabled")
if req_state is not None:
state = req_state
if state is not None:
if current_state != state:
if state is True:
self._commands.append('snmp-server enable')
else:
self._commands.append('no snmp-server enable')
contact_name = self._required_config.get("contact_name")
if contact_name:
current_contact_name = self._current_config.get("contact_name")
if contact_name is not None:
if current_contact_name != contact_name:
self._commands.append('snmp-server contact {0}' .format(contact_name))
location = self._required_config.get("location")
if location:
current_location = self._current_config.get("location")
if location is not None:
if current_location != location:
self._commands.append('snmp-server location {0}' .format(location))
communities_enabled = self._required_config.get("communities_enabled")
if communities_enabled is not None:
current_communities_enabled = self._current_config.get("communities_enabled")
if communities_enabled is not None:
if current_communities_enabled != communities_enabled:
if communities_enabled is True:
self._commands.append('snmp-server enable communities')
else:
self._commands.append('no snmp-server enable communities')
ro_communities = self._current_config.get("ro_communities_list")
rw_communities = self._current_config.get("rw_communities_list")
snmp_communities = self._required_config.get("snmp_communities")
if snmp_communities:
if snmp_communities is not None:
for community in snmp_communities:
community_name = community.get("community_name")
state = community.get("state")
if state:
if state == 'absent':
self._commands.append('no snmp-server community {0}' .format(community_name))
continue
community_type = community.get("community_type")
if community_type:
if community_type == 'read-only':
if community_name not in ro_communities:
self._commands.append('snmp-server community {0} ro' .format(community_name))
else:
if community_name not in rw_communities:
self._commands.append('snmp-server community {0} rw' .format(community_name))
else:
if community_name not in ro_communities:
self._commands.append('snmp-server community {0}' .format(community_name))
engine_id_reset = self._required_config.get("engine_id_reset")
if engine_id_reset is not None:
if engine_id_reset:
self._commands.append('snmp-server engineID reset')
current_multi_comm_state = self._current_config.get("multi_comm_enabled")
multi_communities_enabled = self._required_config.get("multi_communities_enabled")
if multi_communities_enabled is not None:
if current_multi_comm_state != multi_communities_enabled:
if multi_communities_enabled is True:
self._commands.append('snmp-server enable mult-communities')
else:
self._commands.append('no snmp-server enable mult-communities')
notify_enabled = self._required_config.get("notify_enabled")
if notify_enabled is not None:
current_notify_state = self._current_config.get("notify_enabled")
if current_notify_state != notify_enabled:
if notify_enabled is True:
self._commands.append('snmp-server enable notify')
else:
self._commands.append('no snmp-server enable notify')
snmp_permissions = self._required_config.get("snmp_permissions")
if snmp_permissions is not None:
for permission in snmp_permissions:
permission_type = permission.get('permission_type')
if permission.get('state_enabled') is True:
self._commands.append('snmp-server enable set-permission {0}' .format(permission_type))
else:
self._commands.append('no snmp-server enable set-permission {0}' .format(permission_type))
snmp_running_config = self._current_config.get("snmp_running_config")
notify_port = self._required_config.get("notify_port")
if notify_port is not None:
notified_cmd = 'snmp-server notify port {0}' .format(notify_port)
if notified_cmd not in snmp_running_config:
self._commands.append('snmp-server notify port {0}' .format(notify_port))
notify_community = self._required_config.get("notify_community")
if notify_community is not None:
notified_cmd = 'snmp-server notify community {0}' .format(notify_community)
if notified_cmd not in snmp_running_config:
self._commands.append('snmp-server notify community {0}' .format(notify_community))
notify_send_test = self._required_config.get("notify_send_test")
if notify_send_test is not None:
if notify_send_test == 'yes':
self._commands.append('snmp-server notify send-test')
notify_event = self._required_config.get("notify_event")
if notify_event is not None:
self._commands.append('snmp-server notify event {0}' .format(notify_event))
def main():
""" main entry point for module execution
"""
OnyxSNMPModule.main()
if __name__ == '__main__':
main()

52
test/units/modules/network/onyx/fixtures/onyx_snmp_show.cfg Normal file
View file

@ -0,0 +1,52 @@
[
[
{
"SNMP port": "161",
"System contact": "sara",
"System location": "Jordan",
"SNMP enabled": "yes"
},
{
"Read-only communities": [
{
"Lines": [
"community_1",
"public"
]
}
]
},
{
"Read-write communities": [
{
"Lines": [
"community_2"
]
}
]
},
{
"Interface listen enabled": "yes"
},
{
"Listen Interfaces": [
{
"Lines": [
"No Listen Interfaces."
]
}
]
}
],
{
"Lines": [
" snmp-server community community_1 ro",
" snmp-server community community_2 rw",
" snmp-server contact sara",
" snmp-server location Jordan",
" snmp-server notify port 1",
" snmp-server notify community community_1"
]
}
]

150
test/units/modules/network/onyx/test_onyx_snmp.py Normal file
View file

@ -0,0 +1,150 @@
#
# Copyright: Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# Make coding more python3-ish
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
from units.compat.mock import patch
from ansible.modules.network.onyx import onyx_snmp
from units.modules.utils import set_module_args
from .onyx_module import TestOnyxModule, load_fixture
class TestOnyxSNMPModule(TestOnyxModule):
module = onyx_snmp
enabled = False
def setUp(self):
self.enabled = False
super(TestOnyxSNMPModule, self).setUp()
self.mock_get_config = patch.object(
onyx_snmp.OnyxSNMPModule, "_show_snmp_config")
self.get_config = self.mock_get_config.start()
self.mock_load_config = patch(
'ansible.module_utils.network.onyx.onyx.load_config')
self.load_config = self.mock_load_config.start()
def tearDown(self):
super(TestOnyxSNMPModule, self).tearDown()
self.mock_get_config.stop()
self.mock_load_config.stop()
def load_fixtures(self, commands=None, transport='cli'):
config_file = 'onyx_snmp_show.cfg'
data = load_fixture(config_file)
self.get_config.return_value = data
self.load_config.return_value = None
def test_snmp_state_no_change(self):
set_module_args(dict(state_enabled=True))
self.execute_module(changed=False)
def test_snmp_state_with_change(self):
set_module_args(dict(state_enabled=False))
commands = ['no snmp-server enable']
self.execute_module(changed=True, commands=commands)
def test_snmp_contact_no_change(self):
set_module_args(dict(contact_name='sara'))
self.execute_module(changed=False)
def test_snmp_contact_with_change(self):
set_module_args(dict(contact_name='Omar'))
commands = ['snmp-server contact Omar']
self.execute_module(changed=True, commands=commands)
def test_snmp_location_no_change(self):
set_module_args(dict(location='Jordan'))
self.execute_module(changed=False)
def test_snmp_location_with_change(self):
set_module_args(dict(location='London'))
commands = ['snmp-server location London']
self.execute_module(changed=True, commands=commands)
def test_snmp_communities_state_no_change(self):
set_module_args(dict(communities_enabled=True))
self.execute_module(changed=False)
def test_snmp_communities_state_with_change(self):
set_module_args(dict(communities_enabled=False))
commands = ['no snmp-server enable communities']
self.execute_module(changed=True, commands=commands)
def test_snmp_multi_communities_state_with_no_change(self):
set_module_args(dict(multi_communities_enabled=True))
self.execute_module(changed=False)
def test_snmp_multi_communities_state_with_change(self):
set_module_args(dict(multi_communities_enabled=False))
commands = ['no snmp-server enable mult-communities']
self.execute_module(changed=True, commands=commands)
def test_snmp_communities_no_change(self):
set_module_args(dict(snmp_communities=[dict(community_name='community_2',
community_type='read-write')]))
self.execute_module(changed=False)
def test_snmp_communities_with_change(self):
set_module_args(dict(snmp_communities=[dict(community_name='community_2',
community_type='read-only')]))
commands = ['snmp-server community community_2 ro']
self.execute_module(changed=True, commands=commands)
def test_snmp_communities_delete_with_change(self):
set_module_args(dict(snmp_communities=[dict(community_name='community_1',
state='absent')]))
commands = ['no snmp-server community community_1']
self.execute_module(changed=True, commands=commands)
def test_snmp_notify_state_no_change(self):
set_module_args(dict(notify_enabled=True))
self.execute_module(changed=False)
def test_snmp_notify_state_with_change(self):
set_module_args(dict(notify_enabled=False))
commands = ['no snmp-server enable notify']
self.execute_module(changed=True, commands=commands)
def test_snmp_notify_port_no_change(self):
set_module_args(dict(notify_port='1'))
self.execute_module(changed=False)
def test_snmp_notify_port_with_change(self):
set_module_args(dict(notify_port='2'))
commands = ['snmp-server notify port 2']
self.execute_module(changed=True, commands=commands)
def test_snmp_notify_community_no_change(self):
set_module_args(dict(notify_community='community_1'))
self.execute_module(changed=False)
def test_snmp_notify_community_with_change(self):
set_module_args(dict(notify_community='community_2'))
commands = ['snmp-server notify community community_2']
self.execute_module(changed=True, commands=commands)
def test_snmp_notify_send_test_with_change(self):
set_module_args(dict(notify_send_test='yes'))
commands = ['snmp-server notify send-test']
self.execute_module(changed=True, commands=commands)
def test_snmp_notify_event_with_change(self):
set_module_args(dict(notify_event='interface-up'))
commands = ['snmp-server notify event interface-up']
self.execute_module(changed=True, commands=commands)
def test_snmp_permissions_with_change(self):
set_module_args(dict(snmp_permissions=[dict(state_enabled=True,
permission_type='RFC1213-MIB')]))
commands = ['snmp-server enable set-permission RFC1213-MIB']
self.execute_module(changed=True, commands=commands)
def test_snmp_engine_id_reset_with_change(self):
set_module_args(dict(engine_id_reset='yes'))
commands = ['snmp-server engineID reset']
self.execute_module(changed=True, commands=commands)