cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

New module to manage SNMP managers in Pure Storage FlashArray (#59203)

Browse source
This commit is contained in:
Simon Dodsley 2019-08-27 18:32:00 -04:00 committed by John L
parent 8d8f501968
commit 2abbc136b1
1 changed files with 333 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

333
lib/ansible/modules/storage/purestorage/purefa_snmp.py Normal file
View file

@ -0,0 +1,333 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2019, Simon Dodsley (simon@purestorage.com)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: purefa_snmp
version_added: '2.9'
short_description: Configure FlashArray SNMP Managers
description:
- Manage SNMP managers on a Pure Storage FlashArray.
- Changing of a named SNMP managers version is not supported.
- This module is not idempotent and will always modify an
existing SNMP manager due to hidden parameters that cannot
be compared to the play parameters.
author:
- Pure Storage Ansible Team (@sdodsley) <pure-ansible-team@purestorage.com>
options:
name:
description:
- Name of SNMP Manager
required: True
type: str
state:
description:
- Create or delete SNMP manager
type: str
default: present
choices: [ absent, present ]
auth_passphrase:
type: str
description:
- SNMPv3 only. Passphrase of 8 - 32 characters.
auth_protocol:
type: str
description:
- SNMP v3 only. Hash algorithm to use
choices: [ MD5, SHA ]
community:
type: str
description:
- SNMP v2c only. Manager community ID. Between 1 and 32 characters long.
host:
type: str
description:
- IPv4 or IPv6 address or FQDN to send trap messages to.
required: True
user:
type: str
description:
- SNMP v3 only. User ID recognized by the specified SNMP manager.
Must be between 1 and 32 characters.
version:
type: str
description:
- Version of SNMP protocol to use for the manager.
choices: [ v2c, v3 ]
default: v2c
notification:
type: str
description:
- Action to perform on event.
default: trap
choices: [ inform, trap ]
privacy_passphrase:
type: str
description:
- SNMPv3 only. Passphrase to encrypt SNMP messages.
Must be between 8 and 63 non-space ASCII characters.
privacy_protocol:
type: str
description:
- SNMP v3 only. Encryption protocol to use
choices: [ AES, DES ]
extends_documentation_fragment:
- purestorage.fa
'''
EXAMPLES = r'''
- name: Delete exisitng SNMP manager
purefa_snmp:
name: manager1
state: absent
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Create v2c SNMP manager
purefa_snmp:
name: manager1
community: public
host: 10.21.22.23
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Create v3 SNMP manager
purefa_snmp:
name: manager2
version: v3
auth_protocol: MD5
auth_passphrase: password
host: 10.21.22.23
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Update existing SNMP manager
purefa_snmp:
name: manager1
community: private
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
'''
RETURN = r'''
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.pure import get_system, purefa_argument_spec
def update_manager(module, array):
"""Update SNMP Manager"""
changed = True
if not module.check_mode:
try:
mgr = array.get_snmp_manager(module.params['name'])
except Exception:
module.fail_json(msg="Failed to get current configuration for SNMP manager {0}.".format(module.params['name']))
if mgr['version'] != module.params['version']:
module.fail_json(msg="Changing an SNMP managers version is not supported.")
elif module.params['version'] == "v2c":
try:
array.set_snmp_manager(module.params['name'],
community=module.params['community'],
notification=module.params['notification'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to update SNMP manager {0}.".format(module.params['name']))
else:
if module.params['auth_protocol'] and module.params['privacy_protocol']:
try:
array.set_snmp_manager(module.params['name'],
auth_passphrase=module.params['auth_passphrase'],
auth_protocol=module.params['auth_protocol'],
privacy_passphrase=module.params['privacy_passphrase'],
privacy_protocol=module.params['privacy_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to update SNMP manager {0}.".format(module.params['name']))
elif module.params['auth_protocol'] and not module.params['privacy_protocol']:
try:
array.set_snmp_manager(module.params['name'],
version=module.params['version'],
auth_passphrase=module.params['auth_passphrase'],
auth_protocol=module.params['auth_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to update SNMP manager {0}.".format(module.params['name']))
elif not module.params['auth_protocol'] and module.params['privacy_protocol']:
try:
array.set_snmp_manager(module.params['name'],
version=module.params['version'],
privacy_passphrase=module.params['privacy_passphrase'],
privacy_protocol=module.params['privacy_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to update SNMP manager {0}.".format(module.params['name']))
elif not module.params['auth_protocol'] and not module.params['privacy_protocol']:
try:
array.set_snmp_manager(module.params['name'],
version=module.params['version'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to update SNMP manager {0}.".format(module.params['name']))
else:
module.fail_json(msg="Invalid parameters selected in update. Please raise issue in Ansible GitHub")
module.exit_json(changed=changed)
def delete_manager(module, array):
"""Delete SNMP Manager"""
changed = True
if not module.check_mode:
try:
array.delete_snmp_manager(module.params['name'])
except Exception:
module.fail_json(msg='Delete SNMP manager {0} failed'.format(module.params['name']))
module.exit_json(changed=changed)
def create_manager(module, array):
"""Create SNMP Manager"""
changed = True
if not module.check_mode:
if module.params['version'] == "v2c":
try:
array.create_snmp_manager(module.params['name'],
version=module.params['version'],
community=module.params['community'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to create SNMP manager {0}.".format(module.params['name']))
else:
if module.params['auth_protocol'] and module.params['privacy_protocol']:
try:
array.create_snmp_manager(module.params['name'],
version=module.params['version'],
auth_passphrase=module.params['auth_passphrase'],
auth_protocol=module.params['auth_protocol'],
privacy_passphrase=module.params['privacy_passphrase'],
privacy_protocol=module.params['privacy_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to create SNMP manager {0}.".format(module.params['name']))
elif module.params['auth_protocol'] and not module.params['privacy_protocol']:
try:
array.create_snmp_manager(module.params['name'],
version=module.params['version'],
auth_passphrase=module.params['auth_passphrase'],
auth_protocol=module.params['auth_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to create SNMP manager {0}.".format(module.params['name']))
elif not module.params['auth_protocol'] and module.params['privacy_protocol']:
try:
array.create_snmp_manager(module.params['name'],
version=module.params['version'],
privacy_passphrase=module.params['privacy_passphrase'],
privacy_protocol=module.params['privacy_protocol'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to create SNMP manager {0}.".format(module.params['name']))
elif not module.params['auth_protocol'] and not module.params['privacy_protocol']:
try:
array.create_snmp_manager(module.params['name'],
version=module.params['version'],
notification=module.params['notification'],
user=module.params['user'],
host=module.params['host']
)
except Exception:
module.fail_json(msg="Failed to create SNMP manager {0}.".format(module.params['name']))
else:
module.fail_json(msg="Invalid parameters selected in create. Please raise issue in Ansible GitHub")
module.exit_json(changed=changed)
def main():
argument_spec = purefa_argument_spec()
argument_spec.update(dict(
name=dict(type='str', required=True),
host=dict(type='str', required=True),
state=dict(type='str', default='present', choices=['absent', 'present']),
user=dict(type='str'),
notification=dict(type='str', choices=['inform', 'trap'], default='trap'),
auth_passphrase=dict(type='str', no_log=True),
auth_protocol=dict(type='str', choices=['MD5', 'SHA']),
privacy_passphrase=dict(type='str', no_log=True),
privacy_protocol=dict(type='str', choices=['AES', 'DES']),
version=dict(type='str', default='v2c', choices=['v2c', 'v3']),
community=dict(type='str'),
))
required_together = [['auth_passphrase', 'auth_protocol'],
['privacy_passphrase', 'privacy_protocol']]
required_if = [['version', 'v2c', ['community', 'host']],
['version', 'v3', ['host', 'user']]]
module = AnsibleModule(argument_spec,
required_together=required_together,
required_if=required_if,
supports_check_mode=True)
state = module.params['state']
array = get_system(module)
mgr_configured = False
mgrs = array.list_snmp_managers()
for mgr in range(0, len(mgrs)):
if mgrs[mgr]['name'] == module.params['name']:
mgr_configured = True
break
if module.params['version'] == "v3":
if module.params['auth_passphrase'] and (8 > len(module.params['auth_passphrase']) > 32):
module.fail_json(msg="auth_password must be between 8 and 32 characters")
if module.params['privacy_passphrase'] and 8 > len(module.params['privacy_passphrase']) > 63:
module.fail_json(msg="privacy_password must be between 8 and 63 characters")
if state == 'absent' and mgr_configured:
delete_manager(module, array)
elif mgr_configured and state == 'present':
update_manager(module, array)
elif not mgr_configured and state == 'present':
create_manager(module, array)
else:
module.exit_json(changed=False)
if __name__ == '__main__':
main()