1#!/usr/local/bin/python3.8 2# 3# This file is part of Ansible 4# 5# Ansible is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# Ansible is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with Ansible. If not, see <http://www.gnu.org/licenses/>. 17# 18 19from __future__ import (absolute_import, division, print_function) 20__metaclass__ = type 21 22DOCUMENTATION = ''' 23--- 24module: ce_bfd_session 25short_description: Manages BFD session configuration on HUAWEI CloudEngine devices. 26description: 27 - Manages BFD session configuration, creates a BFD session or deletes a specified BFD session 28 on HUAWEI CloudEngine devices. 29author: QijunPan (@QijunPan) 30notes: 31 - This module requires the netconf system service be enabled on the remote device being managed. 32 - Recommended connection is C(netconf). 33 - This module also works with C(local) connections for legacy playbooks. 34options: 35 session_name: 36 description: 37 - Specifies the name of a BFD session. 38 The value is a string of 1 to 15 case-sensitive characters without spaces. 39 required: true 40 create_type: 41 description: 42 - BFD session creation mode, the currently created BFD session 43 only supports static or static auto-negotiation mode. 44 choices: ['static', 'auto'] 45 default: static 46 addr_type: 47 description: 48 - Specifies the peer IP address type. 49 choices: ['ipv4'] 50 out_if_name: 51 description: 52 - Specifies the type and number of the interface bound to the BFD session. 53 dest_addr: 54 description: 55 - Specifies the peer IP address bound to the BFD session. 56 src_addr: 57 description: 58 - Indicates the source IP address carried in BFD packets. 59 local_discr: 60 description: 61 - The BFD session local identifier does not need to be configured when the mode is auto. 62 remote_discr: 63 description: 64 - The BFD session remote identifier does not need to be configured when the mode is auto. 65 vrf_name: 66 description: 67 - Specifies the name of a Virtual Private Network (VPN) instance that is bound to a BFD session. 68 The value is a string of 1 to 31 case-sensitive characters, spaces not supported. 69 When double quotation marks are used around the string, spaces are allowed in the string. 70 The value _public_ is reserved and cannot be used as the VPN instance name. 71 use_default_ip: 72 description: 73 - Indicates the default multicast IP address that is bound to a BFD session. 74 By default, BFD uses the multicast IP address 224.0.0.184. 75 You can set the multicast IP address by running the default-ip-address command. 76 The value is a bool type. 77 type: bool 78 default: 'no' 79 state: 80 description: 81 - Determines whether the config should be present or not on the device. 82 default: present 83 choices: ['present', 'absent'] 84''' 85 86EXAMPLES = ''' 87- name: Bfd session module test 88 hosts: cloudengine 89 connection: local 90 gather_facts: no 91 vars: 92 cli: 93 host: "{{ inventory_hostname }}" 94 port: "{{ ansible_ssh_port }}" 95 username: "{{ username }}" 96 password: "{{ password }}" 97 transport: cli 98 99 tasks: 100 - name: Configuring Single-hop BFD for Detecting Faults on a Layer 2 Link 101 community.network.ce_bfd_session: 102 session_name: bfd_l2link 103 use_default_ip: true 104 out_if_name: 10GE1/0/1 105 local_discr: 163 106 remote_discr: 163 107 provider: '{{ cli }}' 108 109 - name: Configuring Single-Hop BFD on a VLANIF Interface 110 community.network.ce_bfd_session: 111 session_name: bfd_vlanif 112 dest_addr: 10.1.1.6 113 out_if_name: Vlanif100 114 local_discr: 163 115 remote_discr: 163 116 provider: '{{ cli }}' 117 118 - name: Configuring Multi-Hop BFD 119 community.network.ce_bfd_session: 120 session_name: bfd_multi_hop 121 dest_addr: 10.1.1.1 122 local_discr: 163 123 remote_discr: 163 124 provider: '{{ cli }}' 125''' 126 127RETURN = ''' 128proposed: 129 description: k/v pairs of parameters passed into module 130 returned: always 131 type: dict 132 sample: { 133 "addr_type": null, 134 "create_type": null, 135 "dest_addr": null, 136 "out_if_name": "10GE1/0/1", 137 "session_name": "bfd_l2link", 138 "src_addr": null, 139 "state": "present", 140 "use_default_ip": true, 141 "vrf_name": null 142 } 143existing: 144 description: k/v pairs of existing configuration 145 returned: always 146 type: dict 147 sample: { 148 "session": {} 149 } 150end_state: 151 description: k/v pairs of configuration after module execution 152 returned: always 153 type: dict 154 sample: { 155 "session": { 156 "addrType": "IPV4", 157 "createType": "SESS_STATIC", 158 "destAddr": null, 159 "outIfName": "10GE1/0/1", 160 "sessName": "bfd_l2link", 161 "srcAddr": null, 162 "useDefaultIp": "true", 163 "vrfName": null 164 } 165 } 166updates: 167 description: commands sent to the device 168 returned: always 169 type: list 170 sample: [ 171 "bfd bfd_l2link bind peer-ip default-ip interface 10ge1/0/1" 172 ] 173changed: 174 description: check to see if a change was made on the device 175 returned: always 176 type: bool 177 sample: true 178''' 179 180import sys 181import socket 182from xml.etree import ElementTree 183from ansible.module_utils.basic import AnsibleModule 184from ansible_collections.community.network.plugins.module_utils.network.cloudengine.ce import get_nc_config, set_nc_config, ce_argument_spec, check_ip_addr 185 186 187CE_NC_GET_BFD = """ 188 <filter type="subtree"> 189 <bfd xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0"> 190 <bfdSchGlobal> 191 <bfdEnable></bfdEnable> 192 <defaultIp></defaultIp> 193 </bfdSchGlobal> 194 <bfdCfgSessions> 195 <bfdCfgSession> 196 <sessName>%s</sessName> 197 <createType></createType> 198 <addrType></addrType> 199 <outIfName></outIfName> 200 <destAddr></destAddr> 201 <localDiscr></localDiscr> 202 <remoteDiscr></remoteDiscr> 203 <srcAddr></srcAddr> 204 <vrfName></vrfName> 205 <useDefaultIp></useDefaultIp> 206 </bfdCfgSession> 207 </bfdCfgSessions> 208 </bfd> 209 </filter> 210""" 211 212 213def is_valid_ip_vpn(vpname): 214 """check ip vpn""" 215 216 if not vpname: 217 return False 218 219 if vpname == "_public_": 220 return False 221 222 if len(vpname) < 1 or len(vpname) > 31: 223 return False 224 225 return True 226 227 228def check_default_ip(ipaddr): 229 """check the default multicast IP address""" 230 231 # The value ranges from 224.0.0.107 to 224.0.0.250 232 if not check_ip_addr(ipaddr): 233 return False 234 235 if ipaddr.count(".") != 3: 236 return False 237 238 ips = ipaddr.split(".") 239 if ips[0] != "224" or ips[1] != "0" or ips[2] != "0": 240 return False 241 242 if not ips[3].isdigit() or int(ips[3]) < 107 or int(ips[3]) > 250: 243 return False 244 245 return True 246 247 248def get_interface_type(interface): 249 """get the type of interface, such as 10GE, ETH-TRUNK, VLANIF...""" 250 251 if interface is None: 252 return None 253 254 if interface.upper().startswith('GE'): 255 iftype = 'ge' 256 elif interface.upper().startswith('10GE'): 257 iftype = '10ge' 258 elif interface.upper().startswith('25GE'): 259 iftype = '25ge' 260 elif interface.upper().startswith('4X10GE'): 261 iftype = '4x10ge' 262 elif interface.upper().startswith('40GE'): 263 iftype = '40ge' 264 elif interface.upper().startswith('100GE'): 265 iftype = '100ge' 266 elif interface.upper().startswith('VLANIF'): 267 iftype = 'vlanif' 268 elif interface.upper().startswith('LOOPBACK'): 269 iftype = 'loopback' 270 elif interface.upper().startswith('METH'): 271 iftype = 'meth' 272 elif interface.upper().startswith('ETH-TRUNK'): 273 iftype = 'eth-trunk' 274 elif interface.upper().startswith('VBDIF'): 275 iftype = 'vbdif' 276 elif interface.upper().startswith('NVE'): 277 iftype = 'nve' 278 elif interface.upper().startswith('TUNNEL'): 279 iftype = 'tunnel' 280 elif interface.upper().startswith('ETHERNET'): 281 iftype = 'ethernet' 282 elif interface.upper().startswith('FCOE-PORT'): 283 iftype = 'fcoe-port' 284 elif interface.upper().startswith('FABRIC-PORT'): 285 iftype = 'fabric-port' 286 elif interface.upper().startswith('STACK-PORT'): 287 iftype = 'stack-port' 288 elif interface.upper().startswith('NULL'): 289 iftype = 'null' 290 else: 291 return None 292 293 return iftype.lower() 294 295 296class BfdSession(object): 297 """Manages BFD Session""" 298 299 def __init__(self, argument_spec): 300 self.spec = argument_spec 301 self.module = None 302 self.__init_module__() 303 304 # module input info 305 self.session_name = self.module.params['session_name'] 306 self.create_type = self.module.params['create_type'] 307 self.addr_type = self.module.params['addr_type'] 308 self.out_if_name = self.module.params['out_if_name'] 309 self.dest_addr = self.module.params['dest_addr'] 310 self.src_addr = self.module.params['src_addr'] 311 self.vrf_name = self.module.params['vrf_name'] 312 self.use_default_ip = self.module.params['use_default_ip'] 313 self.state = self.module.params['state'] 314 self.local_discr = self.module.params['local_discr'] 315 self.remote_discr = self.module.params['remote_discr'] 316 # host info 317 self.host = self.module.params['host'] 318 self.username = self.module.params['username'] 319 self.port = self.module.params['port'] 320 321 # state 322 self.changed = False 323 self.bfd_dict = dict() 324 self.updates_cmd = list() 325 self.commands = list() 326 self.results = dict() 327 self.proposed = dict() 328 self.existing = dict() 329 self.end_state = dict() 330 331 def __init_module__(self): 332 """init module""" 333 334 mutually_exclusive = [('use_default_ip', 'dest_addr')] 335 self.module = AnsibleModule(argument_spec=self.spec, 336 mutually_exclusive=mutually_exclusive, 337 supports_check_mode=True) 338 339 def get_bfd_dict(self): 340 """bfd config dict""" 341 342 bfd_dict = dict() 343 bfd_dict["global"] = dict() 344 bfd_dict["session"] = dict() 345 conf_str = CE_NC_GET_BFD % self.session_name 346 347 xml_str = get_nc_config(self.module, conf_str) 348 if "<data/>" in xml_str: 349 return bfd_dict 350 351 xml_str = xml_str.replace('\r', '').replace('\n', '').\ 352 replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\ 353 replace('xmlns="http://www.huawei.com/netconf/vrp"', "") 354 root = ElementTree.fromstring(xml_str) 355 356 # get bfd global info 357 glb = root.find("bfd/bfdSchGlobal") 358 if glb: 359 for attr in glb: 360 bfd_dict["global"][attr.tag] = attr.text 361 362 # get bfd session info 363 sess = root.find("bfd/bfdCfgSessions/bfdCfgSession") 364 if sess: 365 for attr in sess: 366 bfd_dict["session"][attr.tag] = attr.text 367 368 return bfd_dict 369 370 def is_session_match(self): 371 """is bfd session match""" 372 373 if not self.bfd_dict["session"] or not self.session_name: 374 return False 375 376 session = self.bfd_dict["session"] 377 if self.session_name != session.get("sessName", ""): 378 return False 379 380 if self.create_type and self.create_type.upper() not in session.get("createType", "").upper(): 381 return False 382 383 if self.addr_type and self.addr_type != session.get("addrType").lower(): 384 return False 385 386 if self.dest_addr and self.dest_addr != session.get("destAddr"): 387 return False 388 389 if self.src_addr and self.src_addr != session.get("srcAddr"): 390 return False 391 392 if self.out_if_name: 393 if not session.get("outIfName"): 394 return False 395 if self.out_if_name.replace(" ", "").lower() != session.get("outIfName").replace(" ", "").lower(): 396 return False 397 398 if self.vrf_name and self.vrf_name != session.get("vrfName"): 399 return False 400 401 if str(self.use_default_ip).lower() != session.get("useDefaultIp"): 402 return False 403 404 if self.create_type == "static" and self.state == "present": 405 if str(self.local_discr).lower() != session.get("localDiscr", ""): 406 return False 407 if str(self.remote_discr).lower() != session.get("remoteDiscr", ""): 408 return False 409 410 return True 411 412 def config_session(self): 413 """configures bfd session""" 414 415 xml_str = "" 416 cmd_list = list() 417 discr = list() 418 419 if not self.session_name: 420 return xml_str 421 422 if self.bfd_dict["global"].get("bfdEnable", "false") != "true": 423 self.module.fail_json(msg="Error: Please enable BFD globally first.") 424 425 xml_str = "<sessName>%s</sessName>" % self.session_name 426 cmd_session = "bfd %s" % self.session_name 427 428 if self.state == "present": 429 if not self.bfd_dict["session"]: 430 # Parameter check 431 if not self.dest_addr and not self.use_default_ip: 432 self.module.fail_json( 433 msg="Error: dest_addr or use_default_ip must be set when bfd session is creating.") 434 435 # Creates a BFD session 436 if self.create_type == "auto": 437 xml_str += "<createType>SESS_%s</createType>" % self.create_type.upper() 438 else: 439 xml_str += "<createType>SESS_STATIC</createType>" 440 xml_str += "<linkType>IP</linkType>" 441 cmd_session += " bind" 442 if self.addr_type: 443 xml_str += "<addrType>%s</addrType>" % self.addr_type.upper() 444 else: 445 xml_str += "<addrType>IPV4</addrType>" 446 if self.dest_addr: 447 xml_str += "<destAddr>%s</destAddr>" % self.dest_addr 448 cmd_session += " peer-%s %s" % ("ipv6" if self.addr_type == "ipv6" else "ip", self.dest_addr) 449 if self.use_default_ip: 450 xml_str += "<useDefaultIp>%s</useDefaultIp>" % str(self.use_default_ip).lower() 451 cmd_session += " peer-ip default-ip" 452 if self.vrf_name: 453 xml_str += "<vrfName>%s</vrfName>" % self.vrf_name 454 cmd_session += " vpn-instance %s" % self.vrf_name 455 if self.out_if_name: 456 xml_str += "<outIfName>%s</outIfName>" % self.out_if_name 457 cmd_session += " interface %s" % self.out_if_name.lower() 458 if self.src_addr: 459 xml_str += "<srcAddr>%s</srcAddr>" % self.src_addr 460 cmd_session += " source-%s %s" % ("ipv6" if self.addr_type == "ipv6" else "ip", self.src_addr) 461 462 if self.create_type == "auto": 463 cmd_session += " auto" 464 else: 465 xml_str += "<localDiscr>%s</localDiscr>" % self.local_discr 466 discr.append("discriminator local %s" % self.local_discr) 467 xml_str += "<remoteDiscr>%s</remoteDiscr>" % self.remote_discr 468 discr.append("discriminator remote %s" % self.remote_discr) 469 470 elif not self.is_session_match(): 471 # Bfd session is not match 472 self.module.fail_json(msg="Error: The specified BFD configuration view has been created.") 473 else: 474 pass 475 else: # absent 476 if not self.bfd_dict["session"]: 477 self.module.fail_json(msg="Error: BFD session is not exist.") 478 if not self.is_session_match(): 479 self.module.fail_json(msg="Error: BFD session parameter is invalid.") 480 481 if self.state == "present": 482 if xml_str.endswith("</sessName>"): 483 # no config update 484 return "" 485 else: 486 cmd_list.insert(0, cmd_session) 487 cmd_list.extend(discr) 488 self.updates_cmd.extend(cmd_list) 489 return '<bfdCfgSessions><bfdCfgSession operation="merge">' + xml_str\ 490 + '</bfdCfgSession></bfdCfgSessions>' 491 else: # absent 492 cmd_list.append("undo " + cmd_session) 493 self.updates_cmd.extend(cmd_list) 494 return '<bfdCfgSessions><bfdCfgSession operation="delete">' + xml_str\ 495 + '</bfdCfgSession></bfdCfgSessions>' 496 497 def netconf_load_config(self, xml_str): 498 """load bfd config by netconf""" 499 500 if not xml_str: 501 return 502 503 xml_cfg = """ 504 <config> 505 <bfd xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0"> 506 %s 507 </bfd> 508 </config>""" % xml_str 509 set_nc_config(self.module, xml_cfg) 510 self.changed = True 511 512 def check_params(self): 513 """Check all input params""" 514 515 # check session_name 516 if not self.session_name: 517 self.module.fail_json(msg="Error: Missing required arguments: session_name.") 518 519 if self.session_name: 520 if len(self.session_name) < 1 or len(self.session_name) > 15: 521 self.module.fail_json(msg="Error: Session name is invalid.") 522 523 # check local_discr 524 # check remote_discr 525 526 if self.local_discr: 527 if self.local_discr < 1 or self.local_discr > 16384: 528 self.module.fail_json(msg="Error: Session local_discr is not ranges from 1 to 16384.") 529 if self.remote_discr: 530 if self.remote_discr < 1 or self.remote_discr > 4294967295: 531 self.module.fail_json(msg="Error: Session remote_discr is not ranges from 1 to 4294967295.") 532 533 if self.state == "present" and self.create_type == "static": 534 if not self.local_discr: 535 self.module.fail_json(msg="Error: Missing required arguments: local_discr.") 536 if not self.remote_discr: 537 self.module.fail_json(msg="Error: Missing required arguments: remote_discr.") 538 539 # check out_if_name 540 if self.out_if_name: 541 if not get_interface_type(self.out_if_name): 542 self.module.fail_json(msg="Error: Session out_if_name is invalid.") 543 544 # check dest_addr 545 if self.dest_addr: 546 if not check_ip_addr(self.dest_addr): 547 self.module.fail_json(msg="Error: Session dest_addr is invalid.") 548 549 # check src_addr 550 if self.src_addr: 551 if not check_ip_addr(self.src_addr): 552 self.module.fail_json(msg="Error: Session src_addr is invalid.") 553 554 # check vrf_name 555 if self.vrf_name: 556 if not is_valid_ip_vpn(self.vrf_name): 557 self.module.fail_json(msg="Error: Session vrf_name is invalid.") 558 if not self.dest_addr: 559 self.module.fail_json(msg="Error: vrf_name and dest_addr must set at the same time.") 560 561 # check use_default_ip 562 if self.use_default_ip and not self.out_if_name: 563 self.module.fail_json(msg="Error: use_default_ip and out_if_name must set at the same time.") 564 565 def get_proposed(self): 566 """get proposed info""" 567 568 # base config 569 self.proposed["session_name"] = self.session_name 570 self.proposed["create_type"] = self.create_type 571 self.proposed["addr_type"] = self.addr_type 572 self.proposed["out_if_name"] = self.out_if_name 573 self.proposed["dest_addr"] = self.dest_addr 574 self.proposed["src_addr"] = self.src_addr 575 self.proposed["vrf_name"] = self.vrf_name 576 self.proposed["use_default_ip"] = self.use_default_ip 577 self.proposed["state"] = self.state 578 self.proposed["local_discr"] = self.local_discr 579 self.proposed["remote_discr"] = self.remote_discr 580 581 def get_existing(self): 582 """get existing info""" 583 584 if not self.bfd_dict: 585 return 586 587 self.existing["session"] = self.bfd_dict.get("session") 588 589 def get_end_state(self): 590 """get end state info""" 591 592 bfd_dict = self.get_bfd_dict() 593 if not bfd_dict: 594 return 595 596 self.end_state["session"] = bfd_dict.get("session") 597 if self.end_state == self.existing: 598 self.changed = False 599 600 def work(self): 601 """worker""" 602 603 self.check_params() 604 self.bfd_dict = self.get_bfd_dict() 605 self.get_existing() 606 self.get_proposed() 607 608 # deal present or absent 609 xml_str = '' 610 if self.session_name: 611 xml_str += self.config_session() 612 613 # update to device 614 if xml_str: 615 self.netconf_load_config(xml_str) 616 self.changed = True 617 618 self.get_end_state() 619 self.results['changed'] = self.changed 620 self.results['proposed'] = self.proposed 621 self.results['existing'] = self.existing 622 self.results['end_state'] = self.end_state 623 if self.changed: 624 self.results['updates'] = self.updates_cmd 625 else: 626 self.results['updates'] = list() 627 628 self.module.exit_json(**self.results) 629 630 631def main(): 632 """Module main""" 633 634 argument_spec = dict( 635 session_name=dict(required=True, type='str'), 636 create_type=dict(required=False, default='static', type='str', choices=['static', 'auto']), 637 addr_type=dict(required=False, type='str', choices=['ipv4']), 638 out_if_name=dict(required=False, type='str'), 639 dest_addr=dict(required=False, type='str'), 640 src_addr=dict(required=False, type='str'), 641 vrf_name=dict(required=False, type='str'), 642 use_default_ip=dict(required=False, type='bool', default=False), 643 state=dict(required=False, default='present', choices=['present', 'absent']), 644 local_discr=dict(required=False, type='int'), 645 remote_discr=dict(required=False, type='int') 646 ) 647 648 argument_spec.update(ce_argument_spec) 649 module = BfdSession(argument_spec) 650 module.work() 651 652 653if __name__ == '__main__': 654 main() 655