New module bigip_irule
This module can be used to maintain the iRules for both LTM and GTM on a BIG-IP. iRules should be supplied in their string form using normal strings (unlikely), file lookups (likely), or template lookups (likely). Tests for this module can be found here https://github.com/F5Networks/f5-ansible/blob/master/roles/__bigip_irule/tasks/main.yaml Platforms this was tested on are 11.6.1 12.0.0 12.1.0
This commit is contained in:
parent
f25bf01053
commit
3ec172c3ca
1 changed files with 355 additions and 0 deletions
355
network/f5/bigip_irule.py
Normal file
355
network/f5/bigip_irule.py
Normal file
|
@ -0,0 +1,355 @@
|
|||
#!/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
DOCUMENTATION = '''
|
||||
---
|
||||
module: bigip_irule
|
||||
short_description: Manage iRules across different modules on a BIG-IP.
|
||||
description:
|
||||
- Manage iRules across different modules on a BIG-IP.
|
||||
version_added: "2.2"
|
||||
options:
|
||||
content:
|
||||
description:
|
||||
- When used instead of 'src', sets the contents of an iRule directly to
|
||||
the specified value. This is for simple values, but can be used with
|
||||
lookup plugins for anything complex or with formatting. Either one
|
||||
of C(src) or C(content) must be provided.
|
||||
module:
|
||||
description:
|
||||
- The BIG-IP module to add the iRule to.
|
||||
required: true
|
||||
choices:
|
||||
- ltm
|
||||
- gtm
|
||||
partition:
|
||||
description:
|
||||
- The partition to create the iRule on.
|
||||
required: false
|
||||
default: Common
|
||||
name:
|
||||
description:
|
||||
- The name of the iRule.
|
||||
required: true
|
||||
src:
|
||||
description:
|
||||
- The iRule file to interpret and upload to the BIG-IP. Either one
|
||||
of C(src) or C(content) must be provided.
|
||||
required: true
|
||||
state:
|
||||
description:
|
||||
- Whether the iRule should exist or not.
|
||||
required: false
|
||||
default: present
|
||||
choices:
|
||||
- present
|
||||
- absent
|
||||
notes:
|
||||
- Requires the f5-sdk Python package on the host. This is as easy as
|
||||
pip install f5-sdk.
|
||||
extends_documentation_fragment: f5
|
||||
requirements:
|
||||
- f5-sdk
|
||||
author:
|
||||
- Tim Rupp (@caphrim007)
|
||||
'''
|
||||
|
||||
EXAMPLES = '''
|
||||
- name: Add the iRule contained in templated irule.tcl to the LTM module
|
||||
bigip_irule:
|
||||
content: "{{ lookup('template', 'irule-template.tcl') }}"
|
||||
module: "ltm"
|
||||
name: "MyiRule"
|
||||
password: "secret"
|
||||
server: "lb.mydomain.com"
|
||||
state: "present"
|
||||
user: "admin"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Add the iRule contained in static file irule.tcl to the LTM module
|
||||
bigip_irule:
|
||||
module: "ltm"
|
||||
name: "MyiRule"
|
||||
password: "secret"
|
||||
server: "lb.mydomain.com"
|
||||
src: "irule-static.tcl"
|
||||
state: "present"
|
||||
user: "admin"
|
||||
delegate_to: localhost
|
||||
'''
|
||||
|
||||
RETURN = '''
|
||||
full_name:
|
||||
description: Full name of the user
|
||||
returned: changed and success
|
||||
type: string
|
||||
sample: "John Doe"
|
||||
'''
|
||||
|
||||
try:
|
||||
from f5.bigip import ManagementRoot
|
||||
from icontrol.session import iControlUnexpectedHTTPError
|
||||
HAS_F5SDK = True
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
|
||||
MODULES = ['gtm', 'ltm']
|
||||
|
||||
|
||||
class BigIpiRule(object):
|
||||
def __init__(self, *args, **kwargs):
|
||||
if not HAS_F5SDK:
|
||||
raise F5ModuleError("The python f5-sdk module is required")
|
||||
|
||||
if kwargs['state'] != 'absent':
|
||||
if not kwargs['content'] and not kwargs['src']:
|
||||
raise F5ModuleError(
|
||||
"Either 'content' or 'src' must be provided"
|
||||
)
|
||||
|
||||
source = kwargs['src']
|
||||
if source:
|
||||
with open(source) as f:
|
||||
kwargs['content'] = f.read()
|
||||
|
||||
# The params that change in the module
|
||||
self.cparams = dict()
|
||||
|
||||
# Stores the params that are sent to the module
|
||||
self.params = kwargs
|
||||
self.api = ManagementRoot(kwargs['server'],
|
||||
kwargs['user'],
|
||||
kwargs['password'],
|
||||
port=kwargs['server_port'])
|
||||
|
||||
def flush(self):
|
||||
result = dict()
|
||||
state = self.params['state']
|
||||
|
||||
try:
|
||||
if state == "present":
|
||||
changed = self.present()
|
||||
elif state == "absent":
|
||||
changed = self.absent()
|
||||
except iControlUnexpectedHTTPError as e:
|
||||
raise F5ModuleError(str(e))
|
||||
|
||||
result.update(**self.cparams)
|
||||
result.update(dict(changed=changed))
|
||||
return result
|
||||
|
||||
def read(self):
|
||||
"""Read information and transform it
|
||||
|
||||
The values that are returned by BIG-IP in the f5-sdk can have encoding
|
||||
attached to them as well as be completely missing in some cases.
|
||||
|
||||
Therefore, this method will transform the data from the BIG-IP into a
|
||||
format that is more easily consumable by the rest of the class and the
|
||||
parameters that are supported by the module.
|
||||
"""
|
||||
p = dict()
|
||||
name = self.params['name']
|
||||
partition = self.params['partition']
|
||||
module = self.params['module']
|
||||
|
||||
if module == 'ltm':
|
||||
r = self.api.tm.ltm.rules.rule.load(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
elif module == 'gtm':
|
||||
r = self.api.tm.gtm.rules.rule.load(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
|
||||
if hasattr(r, 'apiAnonymous'):
|
||||
p['content'] = str(r.apiAnonymous)
|
||||
p['name'] = name
|
||||
return p
|
||||
|
||||
def delete(self):
|
||||
params = dict()
|
||||
check_mode = self.params['check_mode']
|
||||
module = self.params['module']
|
||||
|
||||
params['name'] = self.params['name']
|
||||
params['partition'] = self.params['partition']
|
||||
|
||||
self.cparams = camel_dict_to_snake_dict(params)
|
||||
if check_mode:
|
||||
return True
|
||||
|
||||
if module == 'ltm':
|
||||
r = self.api.tm.ltm.rules.rule.load(**params)
|
||||
r.delete()
|
||||
elif module == 'gtm':
|
||||
r = self.api.tm.gtm.rules.rule.load(**params)
|
||||
r.delete()
|
||||
|
||||
if self.exists():
|
||||
raise F5ModuleError("Failed to delete the iRule")
|
||||
return True
|
||||
|
||||
def exists(self):
|
||||
name = self.params['name']
|
||||
partition = self.params['partition']
|
||||
module = self.params['module']
|
||||
|
||||
if module == 'ltm':
|
||||
return self.api.tm.ltm.rules.rule.exists(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
elif module == 'gtm':
|
||||
return self.api.tm.gtm.rules.rule.exists(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
|
||||
def present(self):
|
||||
changed = False
|
||||
|
||||
if self.exists():
|
||||
changed = self.update()
|
||||
else:
|
||||
changed = self.create()
|
||||
|
||||
return changed
|
||||
|
||||
def update(self):
|
||||
params = dict()
|
||||
current = self.read()
|
||||
changed = False
|
||||
|
||||
check_mode = self.params['check_mode']
|
||||
content = self.params['content']
|
||||
name = self.params['name']
|
||||
partition = self.params['partition']
|
||||
module = self.params['module']
|
||||
|
||||
if content is not None:
|
||||
if 'content' in current:
|
||||
if content != current['content']:
|
||||
params['apiAnonymous'] = content
|
||||
else:
|
||||
params['apiAnonymous'] = content
|
||||
|
||||
if params:
|
||||
changed = True
|
||||
params['name'] = name
|
||||
params['partition'] = partition
|
||||
if check_mode:
|
||||
return changed
|
||||
self.cparams = camel_dict_to_snake_dict(params)
|
||||
else:
|
||||
return changed
|
||||
|
||||
if module == 'ltm':
|
||||
d = self.api.tm.ltm.rules.rule.load(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
d.update(**params)
|
||||
d.refresh()
|
||||
elif module == 'gtm':
|
||||
d = self.api.tm.gtm.rules.rule.load(
|
||||
name=name,
|
||||
partition=partition
|
||||
)
|
||||
d.update(**params)
|
||||
d.refresh()
|
||||
|
||||
return True
|
||||
|
||||
def create(self):
|
||||
params = dict()
|
||||
|
||||
check_mode = self.params['check_mode']
|
||||
content = self.params['content']
|
||||
name = self.params['name']
|
||||
partition = self.params['partition']
|
||||
module = self.params['module']
|
||||
|
||||
if check_mode:
|
||||
return True
|
||||
|
||||
if content is not None:
|
||||
params['apiAnonymous'] = content
|
||||
|
||||
params['name'] = name
|
||||
params['partition'] = partition
|
||||
|
||||
self.cparams = camel_dict_to_snake_dict(params)
|
||||
if check_mode:
|
||||
return True
|
||||
|
||||
if module == 'ltm':
|
||||
d = self.api.tm.ltm.rules.rule
|
||||
d.create(**params)
|
||||
elif module == 'gtm':
|
||||
d = self.api.tm.gtm.rules.rule
|
||||
d.create(**params)
|
||||
|
||||
if not self.exists():
|
||||
raise F5ModuleError("Failed to create the iRule")
|
||||
return True
|
||||
|
||||
def absent(self):
|
||||
changed = False
|
||||
|
||||
if self.exists():
|
||||
changed = self.delete()
|
||||
|
||||
return changed
|
||||
|
||||
|
||||
def main():
|
||||
argument_spec = f5_argument_spec()
|
||||
|
||||
meta_args = dict(
|
||||
content=dict(required=False, default=None),
|
||||
src=dict(required=False, default=None),
|
||||
name=dict(required=True),
|
||||
module=dict(required=True, choices=MODULES)
|
||||
)
|
||||
argument_spec.update(meta_args)
|
||||
|
||||
module = AnsibleModule(
|
||||
argument_spec=argument_spec,
|
||||
supports_check_mode=True,
|
||||
mutually_exclusive=[
|
||||
['content', 'src']
|
||||
]
|
||||
)
|
||||
|
||||
try:
|
||||
obj = BigIpiRule(check_mode=module.check_mode, **module.params)
|
||||
result = obj.flush()
|
||||
|
||||
module.exit_json(**result)
|
||||
except F5ModuleError as e:
|
||||
module.fail_json(msg=str(e))
|
||||
|
||||
from ansible.module_utils.basic import *
|
||||
from ansible.module_utils.ec2 import camel_dict_to_snake_dict
|
||||
from ansible.module_utils.f5 import *
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
Loading…
Reference in a new issue