nuage_vspk - Manage Nuage VSP environments
New in version 2.4.
Synopsis
- Manage or find Nuage VSP entities, this includes create, update, delete, assign, unassign and find, with all supported properties.
Requirements
The below requirements are needed on the host that executes this module.
- Python 2.7
- Supports Nuage VSP 4.0Rx & 5.x.y
- Proper VSPK-Python installed for your Nuage version
- Tested with NuageX https://nuagex.io
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
auth required | Dict with the authentication information required to connect to a Nuage VSP environment. Requires a api_username parameter (example csproot). Requires either a api_password parameter (example csproot) or a api_certificate and api_key parameters, which point to the certificate and key files for certificate based authentication. Requires a api_enterprise parameter (example csp). Requires a api_url parameter (example https://10.0.0.10:8443). Requires a api_version parameter (example v4_0). | |
children | Can be used to specify a set of child entities. A mandatory property of each child is the type. Supported optional properties of each child are id, properties and match_filter. The function of each of these properties is the same as in the general task definition. This can be used recursively Only useable in case state=present. | |
command |
| Specifies a command to be executed. With command=find, if parent_id and parent_type are defined, it will only search within the parent. Otherwise, if allowed, will search in the root object. With command=find, if id is specified, it will only return the single entity matching the id. With command=find, otherwise, if match_filter is define, it will use that filter to search. With command=find, otherwise, if properties are defined, it will do an AND search using all properties. With command=change_password, a password of a user can be changed. Warning - In case the password is the same as the existing, it will throw an error. With command=wait_for_job, the module will wait for a job to either have a status of SUCCESS or ERROR. In case an ERROR status is found, the module will exit with an error. With command=wait_for_job, the job will always be returned, even if the state is ERROR situation. Either state or command needs to be defined, both can not be defined at the same time. |
id | The ID of the entity you want to work on. In combination with command=find, it will only return the single entity. In combination with state, it will either update or delete this entity. Will take precedence over match_filter and properties whenever an entity needs to be found. | |
match_filter | A filter used when looking (both in command and state for entities, in the format the Nuage VSP API expects. If match_filter is defined, it will take precedence over the properties, but not on the id
| |
parent_id | The ID of the parent of the entity you want to work on. When state is specified, the entity will be gathered from this parent, if it exists, unless an id is specified. When command=find is specified, the entity will be searched for in this parent, unless an id is specified. If specified, parent_type also needs to be specified. | |
parent_type | The type of parent the ID is specified for (example Enterprise). This should match the objects CamelCase class name in VSPK-Python. This Class name can be found on https://nuagenetworks.github.io/vspkdoc/index.html. If specified, parent_id also needs to be specified. | |
properties | Properties are the key, value pairs of the different properties an entity has. If no id and no match_filter is specified, these are used to find or determine if the entity exists. | |
state |
| Specifies the desired state of the entity. If state=present, in case the entity already exists, will update the entity if it is needed. If state=present, in case the relationship with the parent is a member relationship, will assign the entity as a member of the parent. If state=absent, in case the relationship with the parent is a member relationship, will unassign the entity as a member of the parent. Either state or command needs to be defined, both can not be defined at the same time. |
type required | The type of entity you want to work on (example Enterprise). This should match the objects CamelCase class name in VSPK-Python. This Class name can be found on https://nuagenetworks.github.io/vspkdoc/index.html. |
Notes
Note
- Check mode is supported, but with some caveats. It will not do any changes, and if possible try to determine if it is able do what is requested.
- In case a parent id is provided from a previous task, it might be empty and if a search is possible on root, it will do so, which can impact performance.
Examples
# This can be executed as a single role, with the following vars # vars: # auth: # api_username: csproot # api_password: csproot # api_enterprise: csp # api_url: https://10.0.0.10:8443 # api_version: v5_0 # enterprise_name: Ansible-Enterprise # enterprise_new_name: Ansible-Updated-Enterprise # # or, for certificate based authentication # vars: # auth: # api_username: csproot # api_certificate: /path/to/user-certificate.pem # api_key: /path/to/user-Key.pem # api_enterprise: csp # api_url: https://10.0.0.10:8443 # api_version: v5_0 # enterprise_name: Ansible-Enterprise # enterprise_new_name: Ansible-Updated-Enterprise # Creating a new enterprise - name: Create Enterprise connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Enterprise state: present properties: name: "{{ enterprise_name }}-basic" register: nuage_enterprise # Checking if an Enterprise with the new name already exists - name: Check if an Enterprise exists with the new name connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Enterprise command: find properties: name: "{{ enterprise_new_name }}-basic" ignore_errors: yes register: nuage_check_enterprise # Updating an enterprise's name - name: Update Enterprise name connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Enterprise id: "{{ nuage_enterprise.id }}" state: present properties: name: "{{ enterprise_new_name }}-basic" when: nuage_check_enterprise is failed # Creating a User in an Enterprise - name: Create admin user connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: User parent_id: "{{ nuage_enterprise.id }}" parent_type: Enterprise state: present match_filter: "userName == 'ansible-admin'" properties: email: "[email protected]" first_name: "Ansible" last_name: "Admin" password: "ansible-password" user_name: "ansible-admin" register: nuage_user # Updating password for User - name: Update admin password connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: User id: "{{ nuage_user.id }}" command: change_password properties: password: "ansible-new-password" ignore_errors: yes # Finding a group in an enterprise - name: Find Administrators group in Enterprise connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Group parent_id: "{{ nuage_enterprise.id }}" parent_type: Enterprise command: find properties: name: "Administrators" register: nuage_group # Assign the user to the group - name: Assign admin user to administrators connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: User id: "{{ nuage_user.id }}" parent_id: "{{ nuage_group.id }}" parent_type: Group state: present # Creating multiple DomainTemplates - name: Create multiple DomainTemplates connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: DomainTemplate parent_id: "{{ nuage_enterprise.id }}" parent_type: Enterprise state: present properties: name: "{{ item }}" description: "Created by Ansible" with_items: - "Template-1" - "Template-2" # Finding all DomainTemplates - name: Fetching all DomainTemplates connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: DomainTemplate parent_id: "{{ nuage_enterprise.id }}" parent_type: Enterprise command: find register: nuage_domain_templates # Deleting all DomainTemplates - name: Deleting all found DomainTemplates connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: DomainTemplate state: absent id: "{{ item.ID }}" with_items: "{{ nuage_domain_templates.entities }}" when: nuage_domain_templates.entities is defined # Unassign user from group - name: Unassign admin user to administrators connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: User id: "{{ nuage_user.id }}" parent_id: "{{ nuage_group.id }}" parent_type: Group state: absent # Deleting an enterprise - name: Delete Enterprise connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Enterprise id: "{{ nuage_enterprise.id }}" state: absent # Setup an enterprise with Children - name: Setup Enterprise and domain structure connection: local nuage_vspk: auth: "{{ nuage_auth }}" type: Enterprise state: present properties: name: "Child-based-Enterprise" children: - type: L2DomainTemplate properties: name: "Unmanaged-Template" children: - type: EgressACLTemplate match_filter: "name == 'Allow All'" properties: name: "Allow All" active: true default_allow_ip: true default_allow_non_ip: true default_install_acl_implicit_rules: true description: "Created by Ansible" priority_type: "TOP" - type: IngressACLTemplate match_filter: "name == 'Allow All'" properties: name: "Allow All" active: true default_allow_ip: true default_allow_non_ip: true description: "Created by Ansible" priority_type: "TOP"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
entities list | On state=present and find, with only one element in case of state=present or find=one. | A list of entities handled. Each element is the to_dict() of the entity. Sample: [{'ID': 'acabc435-3946-4117-a719-b8895a335830"', 'assocEntityType': 'DOMAIN', 'command': 'BEGIN_POLICY_CHANGES', 'creationDate': 1487515656000, 'entityScope': 'ENTERPRISE', 'externalID': None, 'lastUpdatedBy': '8a6f0e20-a4db-4878-ad84-9cc61756cd5e', 'lastUpdatedDate': 1487515656000, 'owner': '8a6f0e20-a4db-4878-ad84-9cc61756cd5e', 'parameters': None, 'parentID': 'a22fddb9-3da4-4945-bd2e-9d27fe3d62e0', 'parentType': 'domain', 'progress': 0.0, 'result': None, 'status': 'RUNNING'}] |
id string | On state=present and command=find in case one entity was found. | The id of the entity that was found, created, updated or assigned. Sample: bae07d8d-d29c-4e2b-b6ba-621b4807a333 |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Philippe Dellaert (@pdellaert)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/nuage_vspk_module.html