diff --git a/.gitignore b/.gitignore index eaef097a..beacafca 100644 --- a/.gitignore +++ b/.gitignore @@ -1,120 +1,121 @@ # CML/virl lab cache .virl/ # A collection directory, resulting from the use of the pytest-ansible-units plugin collections/ # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class # C extensions *.so # Distribution / packaging .Python build/ develop-eggs/ dist/ downloads/ eggs/ .eggs/ lib/ lib64/ parts/ sdist/ var/ wheels/ *.egg-info/ .installed.cfg *.egg MANIFEST # PyInstaller # Usually these files are written by a python script from a template # before PyInstaller builds the exe, so as to inject date/other infos into it. *.manifest *.spec # Installer logs pip-log.txt pip-delete-this-directory.txt # Unit test / coverage reports htmlcov/ .tox/ .coverage .coverage.* .cache nosetests.xml coverage.xml *.cover .hypothesis/ .pytest_cache/ # Translations *.mo *.pot # Django stuff: *.log local_settings.py db.sqlite3 # Flask stuff: instance/ .webassets-cache # Scrapy stuff: .scrapy # Sphinx documentation docs/_build/ # PyBuilder target/ # Jupyter Notebook .ipynb_checkpoints # pyenv .python-version # celery beat schedule file celerybeat-schedule # SageMath parsed files *.sage.py # Environments .env .venv env/ venv/ ENV/ env.bak/ venv.bak/ # Spyder project settings .spyderproject .spyproject # Rope project settings .ropeproject # mkdocs documentation /site # mypy .mypy_cache/ # ide *.code-workspace .vscode/ .DS_Store +*.bak changelogs/.plugin-cache.yaml # inventory for testing inventory.network diff --git a/README.md b/README.md index df9d916e..c202e2e0 100644 --- a/README.md +++ b/README.md @@ -1,262 +1,263 @@ # VyOS Collection [![codecov](https://codecov.io/gh/vyos/vyos.vyos/graph/badge.svg?token=J217GFD69W)](https://codecov.io/gh/vyos/vyos.vyos) [![CI](https://github.com/vyos/vyos.vyos/actions/workflows/tests.yml/badge.svg?branch=main&event=schedule)](https://github.com/vyos/vyos.vyos/actions/workflows/tests.yml) The Ansible VyOS collection includes a variety of Ansible content to help automate the management of VyOS network appliances. This collection has been tested against VyOS 1.3.8, 1.4.1 and the current rolling release for 1.5. Where possible, compatibility with older versions of VyOS are maintained but not guaranteed. ## Communication * Join the VyOS forum: * [FAQ](https://forum.vyos.io/faq): find answers to frequently asked questions. * [Guides and How To](https://forum.vyos.io/c/howto-guies/27): find guides and how-to articles. * [News & Announcements](https://forum.vyos.io/c/announcements/6): track project-wide announcements . ## Ansible version compatibility This collection has been tested against the following Ansible versions: **>=2.15.0**. Plugins and modules within a collection may be tested with only specific Ansible versions. A collection may contain metadata that identifies these versions. PEP440 is the schema used to describe the versions of Ansible. ### Supported connections The VyOS collection supports ``network_cli`` connections. ## Included content ### Cliconf plugins Name | Description --- | --- [vyos.vyos.vyos](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_cliconf.rst)|Use vyos cliconf to run command on VyOS platform ### Modules Name | Description --- | --- [vyos.vyos.vyos_banner](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_banner_module.rst)|Manage multiline banners on VyOS devices [vyos.vyos.vyos_bgp_address_family](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_bgp_address_family_module.rst)|BGP Address Family resource module [vyos.vyos.vyos_bgp_global](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_bgp_global_module.rst)|BGP global resource module [vyos.vyos.vyos_command](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_command_module.rst)|Run one or more commands on VyOS devices [vyos.vyos.vyos_config](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_config_module.rst)|Manage VyOS configuration on remote device [vyos.vyos.vyos_facts](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_facts_module.rst)|Get facts about vyos devices. [vyos.vyos.vyos_firewall_global](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_global_module.rst)|Firewall global resource module [vyos.vyos.vyos_firewall_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_interfaces_module.rst)|Firewall interfaces resource module [vyos.vyos.vyos_firewall_rules](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_rules_module.rst)|Firewall rules resource module [vyos.vyos.vyos_hostname](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_hostname_module.rst)|Manages hostname resource module [vyos.vyos.vyos_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_interfaces_module.rst)|Manages interface attributes of VyOS network devices. [vyos.vyos.vyos_l3_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_l3_interfaces_module.rst)|Layer 3 interfaces resource module. [vyos.vyos.vyos_lag_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lag_interfaces_module.rst)|LAG interfaces resource module [vyos.vyos.vyos_lldp_global](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_global_module.rst)|LLDP global resource module [vyos.vyos.vyos_lldp_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_interfaces_module.rst)|LLDP interfaces resource module [vyos.vyos.vyos_logging_global](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_logging_global_module.rst)|Logging resource module [vyos.vyos.vyos_ntp_global](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ntp_global_module.rst)|NTP global resource module [vyos.vyos.vyos_ospf_interfaces](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospf_interfaces_module.rst)|OSPF Interfaces Resource Module. [vyos.vyos.vyos_ospfv2](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv2_module.rst)|OSPFv2 resource module [vyos.vyos.vyos_ospfv3](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv3_module.rst)|OSPFv3 resource module [vyos.vyos.vyos_ping](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ping_module.rst)|Tests reachability using ping from VyOS network devices [vyos.vyos.vyos_prefix_lists](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_prefix_lists_module.rst)|Prefix-Lists resource module for VyOS [vyos.vyos.vyos_route_maps](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_route_maps_module.rst)|Route Map resource module [vyos.vyos.vyos_snmp_server](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_snmp_server_module.rst)|Manages snmp_server resource module [vyos.vyos.vyos_static_routes](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_static_routes_module.rst)|Static routes resource module [vyos.vyos.vyos_system](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_system_module.rst)|Run `set system` commands on VyOS devices [vyos.vyos.vyos_user](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_user_module.rst)|Manage the collection of local users on VyOS device [vyos.vyos.vyos_vlan](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_vlan_module.rst)|Manage VLANs on VyOS network devices +[vyos.vyos.vyos_vrrp](https://github.com/vyos/vyos.vyos/blob/main/docs/vyos.vyos.vyos_vrrp_module.rst)|Manage VRRP and load balancer configuration on VyOS Click the ``Content`` button to see the list of content included in this collection. ## Installing this collection You can install the VyOS collection with the Ansible Galaxy CLI: ansible-galaxy collection install vyos.vyos You can also include it in a `requirements.yml` file and install it with `ansible-galaxy collection install -r requirements.yml`, using the format: ```yaml --- collections: - name: vyos.vyos ``` ## Using this collection This collection includes [network resource modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html). ### Using modules from the VyOS collection in your playbooks You can call modules by their Fully Qualified Collection Namespace (FQCN), such as `vyos.vyos.vyos_static_routes`. The following example task replaces configuration changes in the existing configuration on a VyOS network device, using the FQCN: ```yaml --- - name: Replace device configurations of listed static routes with provided configurations register: result vyos.vyos.vyos_static_routes: &id001 config: - address_families: - afi: ipv4 routes: - dest: 192.0.2.32/28 blackhole_config: distance: 2 next_hops: - forward_router_address: 192.0.2.7 - forward_router_address: 192.0.2.8 - forward_router_address: 192.0.2.9 state: replaced ``` **NOTE**: For Ansible 2.9, you may not see deprecation warnings when you run your playbooks with this collection. Use this documentation to track when a module is deprecated. ### See Also: * [VyOS Platform Options](https://docs.ansible.com/ansible/latest/network/user_guide/platform_vyos.html) * [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. ## Contributing to this collection We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against the [VyOS collection repository](https://github.com/vyos/vyos.vyos). See [Contributing to VyOS](https://vyos.net/contribute/) for complete details. You can also join us on: - Forum - https://forum.vyos.io See the [Contributing to VyOS](https://vyos.net/contribute/) for details on contributing to Ansible. ### Code of Conduct This collection follows the Ansible project's [Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). Please read and familiarize yourself with this document. ### Updating from resource module models Some of our modules were templated using `resource_module_builder`, but some use the newer [`cli_rm_builder`](https://github.com/ansible-network/cli_rm_builder) which tempaltes baed on in-place device information, but also uses a new network parsing engine designed to simplify and standardize the parsing of network configuration. #### Using older *resource_module_builder* modules Last build was with a slightly-modified version of resource_module_builder. This changes the calling parameters for the resources. To update the collection from the resource module models, run the following command: ```bash ansible-playbook -e rm_dest=`pwd` \ -e structure=collection \ -e collection_org=vyos \ -e collection_name=vyos \ -e model=../../../resource_module_models/models/vyos/firewall_rules/vyos_firewall_rules.yaml \ ../../../resource_module_builder/site.yml ``` #### Using *cli_rm_builder* modules The newer `cli_rm_builder` works similarly to the older `resource_module_builder`, but pulls the information directly from the `DOCUMENTATION`, `EXAMPLES` and `RETURN` blocks in the module itself. To update the collection from the `cli_rm_builder` models, run the following command: ```bash ansible-playbook -e rm_dest=`pwd` \ -e collection_org=vyos \ -e collection_name=vyos \ -e resource=bgp_address_family \ ../../../cli_rm_builder/run.yml ``` Unlike the `resource_module_builder`, the `cli_rm_builder` does not require the `model` parameter. Instead, it uses the `resource` parameter to specify the resource to build. ### Testing playbooks You can use `ANSIBLE_COLLECTIONS_PATH` to test the collection locally. For example: ``` ANSIBLE_COLLECTIONS_PATHS=~/my_dev_path ansible-playbook -i inventory.network test.yml ``` ### Integration Tests Integration tests are run using `ansible-test` and require that there be an inventory defined (you can pass this in with `--inventory `) and that the system be configured for access (recommended to use SSH keys). Additionally: - eth0 should be configured for `address dhcp` and should have an assigned address on the local network - eth1 and eth2 should be defined and uncofirgured (they'll be overwritten by the tests) - eth3 and beyond should not be present or interface-related tests will fail - when using VMs for testing, ensure that the interfaces don't use `virtio`, as it will supress some interface configurations. `e1000e` is a good choice for testing. - eth0 is also expected to show `duplex auto` and `speed auto` in the output of `show interfaces`, however others are not due to the fact that they are repeatedly deleted and recreated which causes the default values to be hidden. ## Changelogs Change logs are available [here](https://github.com/vyos/vyos.vyos/blob/main/CHANGELOG.rst). ## Release notes Release notes are available [here](https://github.com/vyos/vyos.vyos/blob/main/CHANGELOG.rst). ## Roadmap Major Version | Ansible Support | VyOS Support | Details --- | --- | --- | --- 4.1.0 | 2.15 | 1.1.2 | Final release for the 4.x series 5.0.0 | 2.16 | 1.1.2 | First relase under VyOS control as a separate collection 6.0.0 | 2.18 | 1.3.8 | *Planned* release for supporting VyOS 1.3.8+ 7.0.0 | x.xx | 1.4.x | *Prospective* release deprecating incompatible 1.3.x modules Note: - Unreleased versions are not guaranteed to be released as described. - Some modules may support a wider variety of versions depending upon the compatibility with prior versions of VyOS. - The roadmap is subject to change based on community feedback and contributions. ## More information VyOS resources - [Contributing to VyOS](https://vyos.net/contribute) - [VyOS documentation](https://docs.vyos.io/en/latest/) - [VyOS forum](https://forum.vyos.io) Ansible Resources - [Ansible network resources](https://docs.ansible.com/ansible/latest/network/getting_started/network_resources.html) - [Ansible Collection overview](https://github.com/ansible-collections/overview) - [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) - [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html) - [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) ## Licensing GNU General Public License v3.0 or later. See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. diff --git a/changelogs/fragments/t6820_vrrp.yml b/changelogs/fragments/t6820_vrrp.yml new file mode 100644 index 00000000..34343bbf --- /dev/null +++ b/changelogs/fragments/t6820_vrrp.yml @@ -0,0 +1,3 @@ +--- +minor_changes: + - vyos_vrrp - Add VRRP (High Availability) support diff --git a/docs/vyos.vyos.vyos_vrrp_module.rst b/docs/vyos.vyos.vyos_vrrp_module.rst new file mode 100644 index 00000000..08d3387a --- /dev/null +++ b/docs/vyos.vyos.vyos_vrrp_module.rst @@ -0,0 +1,2648 @@ +.. _vyos.vyos.vyos_vrrp_module: + + +******************* +vyos.vyos.vyos_vrrp +******************* + +**Manage VRRP and load balancer configuration on VyOS** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module configures VRRP groups, global VRRP parameters, VRRP sync groups, and LVS-style virtual servers on VyOS 1.4+. +- Supports creation, modification, deletion, replacement, rendering, and parsing of VRRP-related configuration. + + + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsComments
+
+ config + +
+ dictionary +
+ 		+ +
Full VRRP and virtual server configuration.
+
+
+ disable + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+
Disable all VRRP and L4-LB configuration under this module.
+
+
+ virtual_servers + +
+ list + / elements=dictionary +
+ 		+ +
List of load balancer virtual server (LVS) definitions.
+
+
+ address + +
+ string +
+ 		+ +
Virtual IP address for the server.
+
+
+ algorithm + +
+ string +
+ 		+ +
Load balancing algorithm used for dispatching connections.
+
+
+ alias + +
+ string + / required +
+ 		+ +
Unique identifier for the virtual server.
+
+
+ delay_loop + +
+ integer +
+ 		+ +
Delay loop interval in seconds.
+
+
+ forward_method + +
+ string +
+ 		+
    Choices: +
  • direct
    • +
  • nat
    • +
+ 		+
Forwarding method used by LVS.
+
+
+ fwmark + +
+ string +
+ 		+ +
Firewall mark for LVS traffic classification.
+
+
+ persistence_timeout + +
+ string +
+ 		+ +
Client persistence timeout in seconds.
+
+
+ port + +
+ integer +
+ 		+ +
TCP/UDP port provided by the virtual service.
+
+
+ protocol + +
+ string +
+ 		+
    Choices: +
  • tcp
    • +
  • udp
    • +
+ 		+
Transport protocol for the virtual server.
+
+
+ real_servers + +
+ list + / elements=dictionary +
+ 		+ +
Backend real servers behind the virtual service.
+
+
+ address + +
+ string + / required +
+ 		+ +
Real server IP address.
+
+
+ health_check_script + +
+ string +
+ 		+ +
Path to health check script used for backend validation.
+
+
+ port + +
+ integer +
+ 		+ +
Backend server port.
+
+
+ vrrp + +
+ dictionary +
+ 		+ +
VRRP configuration including groups, global parameters, SNMP settings, and sync-groups.
+
+
+ global_parameters + +
+ dictionary +
+ 		+ +
Global VRRP tuning parameters.
+
+
+ garp + +
+ dictionary +
+ 		+ +
Gratuitous ARP related configuration.
+
+
+ interval + +
+ integer +
+ 		+ +
GARP interval in seconds.
+
+
+ master_delay + +
+ integer +
+ 		+ +
Delay before sending GARP as master.
+
+
+ master_refresh + +
+ integer +
+ 		+ +
Refresh interval for master GARP announcements.
+
+
+ master_refresh_repeat + +
+ integer +
+ 		+ +
Number of times to repeat refresh announcements.
+
+
+ master_repeat + +
+ integer +
+ 		+ +
Number of GARP repeats when transitioning to master.
+
+
+ startup_delay + +
+ integer +
+ 		+ +
Delay before VRRP starts after boot.
+
+
+ version + +
+ string +
+ 		+ +
VRRP protocol version.
+
+
+ groups + +
+ list + / elements=dictionary +
+ 		+ +
VRRP instance configuration groups.
+
+
+ address + +
+ string +
+ 		+ +
Virtual router IP address.
+
+
+ advertise_interval + +
+ integer +
+ 		+ +
VRRP advertisement interval.
+
+
+ authentication + +
+ dictionary +
+ 		+ +
VRRP group authentication options.
+
+
+ password + +
+ string +
+ 		+ +
Authentication password.
+
+
+ type + +
+ string +
+ 		+ +
Authentication type.
+
+
+ description + +
+ string +
+ 		+ +
Text description for the VRRP group.
+
+
+ disable + +
+ boolean +
+ 		+
    Choices: +
  • no ←
    • +
  • yes
    • +
+ 		+
Disable this VRRP group.
+
+
+ excluded_address + +
+ string +
+ 		+ +
IP address excluded from source checks.
+
+
+ garp + +
+ dictionary +
+ 		+ +
GARP-specific settings for this group.
+
+
+ interval + +
+ integer +
+ 		+ +
GARP interval.
+
+
+ master_delay + +
+ integer +
+ 		+ +
GARP master delay.
+
+
+ master_refresh + +
+ integer +
+ 		+ +
GARP master refresh interval.
+
+
+ master_refresh_repeat + +
+ integer +
+ 		+ +
Repeated refresh sends.
+
+
+ master_repeat + +
+ integer +
+ 		+ +
GARP repeat count.
+
+
+ health_check + +
+ dictionary +
+ 		+ +
VRRP group health check options.
+
+
+ failure_count + +
+ integer +
+ 		+ +
Allowed number of failed checks.
+
+
+ interval + +
+ integer +
+ 		+ +
Health check interval.
+
+
+ ping + +
+ string +
+ 		+ +
Host to ping for checks.
+
+
+ script + +
+ string +
+ 		+ +
Script to execute for health checking.
+
+
+ hello_source_address + +
+ string +
+ 		+ +
Source address for VRRP hello packets.
+
+
+ interface + +
+ string +
+ 		+ +
Interface used by the VRRP group.
+
+
+ name + +
+ string + / required +
+ 		+ +
VRRP group name.
+
+
+ no_preempt + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+
Disable preemption.
+
+
+ peer_address + +
+ string +
+ 		+ +
Peer VRRP router address.
+
+
+ preempt_delay + +
+ integer +
+ 		+ +
Delay before taking master role.
+
+
+ priority + +
+ integer +
+ 		+ +
VRRP priority (higher = preferred master).
+
+
+ rfc3768_compatibility + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+
Enable or disable RFC3768 compatibility mode.
+
+
+ track + +
+ dictionary +
+ 		+ +
Track interface and VRRP behaviour.
+
+
+ exclude_vrrp_interface + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+
Exclude VRRP interface from tracking.
+
+
+ interface + +
+ string +
+ 		+ +
Interface to track.
+
+
+ transition_script + +
+ dictionary +
+ 		+ +
Scripts executed during VRRP state transitions.
+
+
+ backup + +
+ string +
+ 		+ +
Path to backup script.
+
+
+ fault + +
+ string +
+ 		+ +
Path to fault script.
+
+
+ master + +
+ string +
+ 		+ +
Path to master script.
+
+
+ stop + +
+ string +
+ 		+ +
Path to stop script.
+
+
+ vrid + +
+ integer + / required +
+ 		+ +
VRRP Virtual Router ID.
+
+
+ snmp + +
+ boolean +
+ 		+
    Choices: +
  • no
    • +
  • yes
    • +
+ 		+
Enable SNMP support for VRRP.
+
+
+ sync_groups + +
+ list + / elements=dictionary +
+ 		+ +
VRRP sync-groups for coordinated failover.
+
+
+ health_check + +
+ dictionary +
+ 		+ +
Health check options for sync group.
+
+
+ failure_count + +
+ integer +
+ 		+ +
Allowed number of failures.
+
+
+ interval + +
+ integer +
+ 		+ +
Health check interval.
+
+
+ ping + +
+ string +
+ 		+ +
Host to ping.
+
+
+ script + +
+ string +
+ 		+ +
Script to run for health checking.
+
+
+ member + +
+ list + / elements=string +
+ 		+ +
List of VRRP groups participating in this sync group.
+
+
+ name + +
+ string + / required +
+ 		+ +
Sync-group name.
+
+
+ transition_script + +
+ dictionary +
+ 		+ +
Transition scripts for sync group events.
+
+
+ backup + +
+ string +
+ 		+ +
Backup state script.
+
+
+ fault + +
+ string +
+ 		+ +
Fault state script.
+
+
+ master + +
+ string +
+ 		+ +
Master state script.
+
+
+ stop + +
+ string +
+ 		+ +
Stop state script.
+
+
+ running_config + +
+ string +
+ 		+ +
Used only when state=parsed. Must contain the output of show configuration commands | grep high-availability.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • deleted
    • +
  • merged ←
    • +
  • purged
    • +
  • replaced
    • +
  • gathered
    • +
  • rendered
    • +
  • parsed
    • +
+ 		+
Desired end state of the VRRP configuration.
+
+
+ + + + +Examples +-------- + +.. code-block:: yaml + + # Using merged + # Before state + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # vyos@vyos:~$ + + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + aggregate_address: + - prefix: "203.0.113.0/24" + as_set: true + - prefix: "192.0.2.0/24" + summary_only: true + network: + - address: "192.1.13.0/24" + backdoor: true + redistribute: + - protocol: "kernel" + metric: 45 + - protocol: "connected" + route_map: "map01" + maximum_paths: + - path: "ebgp" + count: 20 + - path: "ibgp" + count: 55 + timers: + keepalive: 35 + bgp_params: + bestpath: + as_path: "confed" + compare_routerid: true + default: + no_ipv4_unicast: true + router_id: "192.1.2.9" + confederation: + - peers: 20 + - peers: 55 + - identifier: 66 + neighbor: + - address: "192.0.2.25" + disable_connected_check: true + timers: + holdtime: 30 + keepalive: 10 + - address: "203.0.113.5" + attribute_unchanged: + as_path: true + med: true + ebgp_multihop: 2 + remote_as: 101 + update_source: "192.0.2.25" + - address: "5001::64" + maximum_prefix: 34 + distribute_list: + - acl: 20 + action: "export" + - acl: 40 + action: "import" + state: merged + + # After State + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp aggregate-address 192.0.2.0/24 'summary-only' + # set protocols bgp aggregate-address 203.0.113.0/24 'as-set' + # set protocols bgp maximum-paths ebgp '20' + # set protocols bgp maximum-paths ibgp '55' + # set protocols bgp neighbor 192.0.2.25 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.25 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.25 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'as-path' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'med' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'next-hop' + # set protocols bgp neighbor 203.0.113.5 ebgp-multihop '2' + # set protocols bgp neighbor 203.0.113.5 remote-as '101' + # set protocols bgp neighbor 203.0.113.5 update-source '192.0.2.25' + # set protocols bgp neighbor 5001::64 distribute-list export '20' + # set protocols bgp neighbor 5001::64 distribute-list import '40' + # set protocols bgp neighbor 5001::64 maximum-prefix '34' + # set protocols bgp network 192.1.13.0/24 'backdoor' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters confederation identifier '66' + # set protocols bgp parameters confederation peers '20' + # set protocols bgp parameters confederation peers '55' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters router-id '192.1.2.9' + # set protocols bgp redistribute connected route-map 'map01' + # set protocols bgp redistribute kernel metric '45' + # set protocols bgp timers keepalive '35' + # vyos@vyos:~$ + # + # # Module Execution: + # + # "after": { + # "aggregate_address": [ + # { + # "prefix": "192.0.2.0/24", + # "summary_only": true + # }, + # { + # "prefix": "203.0.113.0/24", + # "as_set": true + # } + # ], + # "as_number": 65536, + # "bgp_params": { + # "bestpath": { + # "as_path": "confed", + # "compare_routerid": true + # }, + # "confederation": [ + # { + # "identifier": 66 + # }, + # { + # "peers": 20 + # }, + # { + # "peers": 55 + # } + # ], + # "default": { + # "no_ipv4_unicast": true + # }, + # "router_id": "192.1.2.9" + # }, + # "maximum_paths": [ + # { + # "count": 20, + # "path": "ebgp" + # }, + # { + # "count": 55, + # "path": "ibgp" + # } + # ], + # "neighbor": [ + # { + # "address": "192.0.2.25", + # "disable_connected_check": true, + # "timers": { + # "holdtime": 30, + # "keepalive": 10 + # } + # }, + # { + # "address": "203.0.113.5", + # "attribute_unchanged": { + # "as_path": true, + # "med": true, + # "next_hop": true + # }, + # "ebgp_multihop": 2, + # "remote_as": 101, + # "update_source": "192.0.2.25" + # }, + # { + # "address": "5001::64", + # "distribute_list": [ + # { + # "acl": 20, + # "action": "export" + # }, + # { + # "acl": 40, + # "action": "import" + # } + # ], + # "maximum_prefix": 34 + # } + # ], + # "network": [ + # { + # "address": "192.1.13.0/24", + # "backdoor": true + # } + # ], + # "redistribute": [ + # { + # "protocol": "connected", + # "route_map": "map01" + # }, + # { + # "metric": 45, + # "protocol": "kernel" + # } + # ], + # "timers": { + # "keepalive": 35 + # } + # }, + # "before": {}, + # "changed": true, + # "commands": [ + # "set protocols bgp neighbor 192.0.2.25 disable-connected-check", + # "set protocols bgp neighbor 192.0.2.25 timers holdtime 30", + # "set protocols bgp neighbor 192.0.2.25 timers keepalive 10", + # "set protocols bgp neighbor 203.0.113.5 attribute-unchanged as-path", + # "set protocols bgp neighbor 203.0.113.5 attribute-unchanged med", + # "set protocols bgp neighbor 203.0.113.5 attribute-unchanged next-hop", + # "set protocols bgp neighbor 203.0.113.5 ebgp-multihop 2", + # "set protocols bgp neighbor 203.0.113.5 remote-as 101", + # "set protocols bgp neighbor 203.0.113.5 update-source 192.0.2.25", + # "set protocols bgp neighbor 5001::64 maximum-prefix 34", + # "set protocols bgp neighbor 5001::64 distribute-list export 20", + # "set protocols bgp neighbor 5001::64 distribute-list import 40", + # "set protocols bgp redistribute kernel metric 45", + # "set protocols bgp redistribute connected route-map map01", + # "set protocols bgp network 192.1.13.0/24 backdoor", + # "set protocols bgp aggregate-address 203.0.113.0/24 as-set", + # "set protocols bgp aggregate-address 192.0.2.0/24 summary-only", + # "set protocols bgp parameters bestpath as-path confed", + # "set protocols bgp parameters bestpath compare-routerid", + # "set protocols bgp parameters default no-ipv4-unicast", + # "set protocols bgp parameters router-id 192.1.2.9", + # "set protocols bgp parameters confederation peers 20", + # "set protocols bgp parameters confederation peers 55", + # "set protocols bgp parameters confederation identifier 66", + # "set protocols bgp maximum-paths ebgp 20", + # "set protocols bgp maximum-paths ibgp 55", + # "set protocols bgp timers keepalive 35" + # ], + + # Using replaced: + # -------------- + + # Before state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp aggregate-address 192.0.2.0/24 'summary-only' + # set protocols bgp aggregate-address 203.0.113.0/24 'as-set' + # set protocols bgp maximum-paths ebgp '20' + # set protocols bgp maximum-paths ibgp '55' + # set protocols bgp neighbor 192.0.2.25 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.25 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.25 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'as-path' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'med' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'next-hop' + # set protocols bgp neighbor 203.0.113.5 ebgp-multihop '2' + # set protocols bgp neighbor 203.0.113.5 remote-as '101' + # set protocols bgp neighbor 203.0.113.5 update-source '192.0.2.25' + # set protocols bgp neighbor 5001::64 distribute-list export '20' + # set protocols bgp neighbor 5001::64 distribute-list import '40' + # set protocols bgp neighbor 5001::64 maximum-prefix '34' + # set protocols bgp network 192.1.13.0/24 'backdoor' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters confederation identifier '66' + # set protocols bgp parameters confederation peers '20' + # set protocols bgp parameters confederation peers '55' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters router-id '192.1.2.9' + # set protocols bgp redistribute connected route-map 'map01' + # set protocols bgp redistribute kernel metric '45' + # set protocols bgp timers keepalive '35' + # vyos@vyos:~$ + + - name: Replace + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + network: + - address: "203.0.113.0/24" + route_map: map01 + redistribute: + - protocol: "static" + route_map: "map01" + neighbor: + - address: "192.0.2.40" + advertisement_interval: 72 + capability: + orf: "receive" + bgp_params: + bestpath: + as_path: "confed" + state: replaced + # After state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp neighbor 192.0.2.40 advertisement-interval '72' + # set protocols bgp neighbor 192.0.2.40 capability orf prefix-list 'receive' + # set protocols bgp network 203.0.113.0/24 route-map 'map01' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp redistribute static route-map 'map01' + # vyos@vyos:~$ + # + # + # Module Execution: + # + # "after": { + # "as_number": 65536, + # "bgp_params": { + # "bestpath": { + # "as_path": "confed" + # } + # }, + # "neighbor": [ + # { + # "address": "192.0.2.40", + # "advertisement_interval": 72, + # "capability": { + # "orf": "receive" + # } + # } + # ], + # "network": [ + # { + # "address": "203.0.113.0/24", + # "route_map": "map01" + # } + # ], + # "redistribute": [ + # { + # "protocol": "static", + # "route_map": "map01" + # } + # ] + # }, + # "before": { + # "aggregate_address": [ + # { + # "prefix": "192.0.2.0/24", + # "summary_only": true + # }, + # { + # "prefix": "203.0.113.0/24", + # "as_set": true + # } + # ], + # "as_number": 65536, + # "bgp_params": { + # "bestpath": { + # "as_path": "confed", + # "compare_routerid": true + # }, + # "confederation": [ + # { + # "identifier": 66 + # }, + # { + # "peers": 20 + # }, + # { + # "peers": 55 + # } + # ], + # "default": { + # "no_ipv4_unicast": true + # }, + # "router_id": "192.1.2.9" + # }, + # "maximum_paths": [ + # { + # "count": 20, + # "path": "ebgp" + # }, + # { + # "count": 55, + # "path": "ibgp" + # } + # ], + # "neighbor": [ + # { + # "address": "192.0.2.25", + # "disable_connected_check": true, + # "timers": { + # "holdtime": 30, + # "keepalive": 10 + # } + # }, + # { + # "address": "203.0.113.5", + # "attribute_unchanged": { + # "as_path": true, + # "med": true, + # "next_hop": true + # }, + # "ebgp_multihop": 2, + # "remote_as": 101, + # "update_source": "192.0.2.25" + # }, + # { + # "address": "5001::64", + # "distribute_list": [ + # { + # "acl": 20, + # "action": "export" + # }, + # { + # "acl": 40, + # "action": "import" + # } + # ], + # "maximum_prefix": 34 + # } + # ], + # "network": [ + # { + # "address": "192.1.13.0/24", + # "backdoor": true + # } + # ], + # "redistribute": [ + # { + # "protocol": "connected", + # "route_map": "map01" + # }, + # { + # "metric": 45, + # "protocol": "kernel" + # } + # ], + # "timers": { + # "keepalive": 35 + # } + # }, + # "changed": true, + # "commands": [ + # "delete protocols bgp timers", + # "delete protocols bgp maximum-paths ", + # "delete protocols bgp maximum-paths ", + # "delete protocols bgp parameters router-id 192.1.2.9", + # "delete protocols bgp parameters default", + # "delete protocols bgp parameters confederation", + # "delete protocols bgp parameters bestpath compare-routerid", + # "delete protocols bgp aggregate-address", + # "delete protocols bgp network 192.1.13.0/24", + # "delete protocols bgp redistribute kernel", + # "delete protocols bgp redistribute kernel", + # "delete protocols bgp redistribute connected", + # "delete protocols bgp redistribute connected", + # "delete protocols bgp neighbor 5001::64", + # "delete protocols bgp neighbor 203.0.113.5", + # "delete protocols bgp neighbor 192.0.2.25", + # "set protocols bgp neighbor 192.0.2.40 advertisement-interval 72", + # "set protocols bgp neighbor 192.0.2.40 capability orf prefix-list receive", + # "set protocols bgp redistribute static route-map map01", + # "set protocols bgp network 203.0.113.0/24 route-map map01" + # ], + + # Using deleted: + # ------------- + + # Before state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp neighbor 192.0.2.40 advertisement-interval '72' + # set protocols bgp neighbor 192.0.2.40 capability orf prefix-list 'receive' + # set protocols bgp network 203.0.113.0/24 route-map 'map01' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp redistribute static route-map 'map01' + # vyos@vyos:~$ + + - name: Delete configuration + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + state: deleted + + # After state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp '65536' + # vyos@vyos:~$ + # + # + # Module Execution: + # + # "after": { + # "as_number": 65536 + # }, + # "before": { + # "as_number": 65536, + # "bgp_params": { + # "bestpath": { + # "as_path": "confed" + # } + # }, + # "neighbor": [ + # { + # "address": "192.0.2.40", + # "advertisement_interval": 72, + # "capability": { + # "orf": "receive" + # } + # } + # ], + # "network": [ + # { + # "address": "203.0.113.0/24", + # "route_map": "map01" + # } + # ], + # "redistribute": [ + # { + # "protocol": "static", + # "route_map": "map01" + # } + # ] + # }, + # "changed": true, + # "commands": [ + # "delete protocols bgp neighbor 192.0.2.40", + # "delete protocols bgp redistribute", + # "delete protocols bgp network", + # "delete protocols bgp parameters" + # ], + + # Using purged: + + # Before state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp aggregate-address 192.0.2.0/24 'summary-only' + # set protocols bgp aggregate-address 203.0.113.0/24 'as-set' + # set protocols bgp maximum-paths ebgp '20' + # set protocols bgp maximum-paths ibgp '55' + # set protocols bgp neighbor 192.0.2.25 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.25 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.25 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'as-path' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'med' + # set protocols bgp neighbor 203.0.113.5 attribute-unchanged 'next-hop' + # set protocols bgp neighbor 203.0.113.5 ebgp-multihop '2' + # set protocols bgp neighbor 203.0.113.5 remote-as '101' + # set protocols bgp neighbor 203.0.113.5 update-source '192.0.2.25' + # set protocols bgp neighbor 5001::64 distribute-list export '20' + # set protocols bgp neighbor 5001::64 distribute-list import '40' + # set protocols bgp neighbor 5001::64 maximum-prefix '34' + # set protocols bgp network 192.1.13.0/24 'backdoor' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters confederation identifier '66' + # set protocols bgp parameters confederation peers '20' + # set protocols bgp parameters confederation peers '55' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters router-id '192.1.2.9' + # set protocols bgp redistribute connected route-map 'map01' + # set protocols bgp redistribute kernel metric '45' + # set protocols bgp timers keepalive '35' + # vyos@vyos:~$ + + + - name: Purge configuration + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + state: purged + + # After state: + + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # vyos@vyos:~$ + # + # Module Execution: + # + # "after": {}, + # "before": { + # "aggregate_address": [ + # { + # "prefix": "192.0.2.0/24", + # "summary_only": true + # }, + # { + # "prefix": "203.0.113.0/24", + # "as_set": true + # } + # ], + # "as_number": 65536, + # "bgp_params": { + # "bestpath": { + # "as_path": "confed", + # "compare_routerid": true + # }, + # "confederation": [ + # { + # "identifier": 66 + # }, + # { + # "peers": 20 + # }, + # { + # "peers": 55 + # } + # ], + # "default": { + # "no_ipv4_unicast": true + # }, + # "router_id": "192.1.2.9" + # }, + # "maximum_paths": [ + # { + # "count": 20, + # "path": "ebgp" + # }, + # { + # "count": 55, + # "path": "ibgp" + # } + # ], + # "neighbor": [ + # { + # "address": "192.0.2.25", + # "disable_connected_check": true, + # "timers": { + # "holdtime": 30, + # "keepalive": 10 + # } + # }, + # { + # "address": "203.0.113.5", + # "attribute_unchanged": { + # "as_path": true, + # "med": true, + # "next_hop": true + # }, + # "ebgp_multihop": 2, + # "remote_as": 101, + # "update_source": "192.0.2.25" + # }, + # { + # "address": "5001::64", + # "distribute_list": [ + # { + # "acl": 20, + # "action": "export" + # }, + # { + # "acl": 40, + # "action": "import" + # } + # ], + # "maximum_prefix": 34 + # } + # ], + # "network": [ + # { + # "address": "192.1.13.0/24", + # "backdoor": true + # } + # ], + # "redistribute": [ + # { + # "protocol": "connected", + # "route_map": "map01" + # }, + # { + # "metric": 45, + # "protocol": "kernel" + # } + # ], + # "timers": { + # "keepalive": 35 + # } + # }, + # "changed": true, + # "commands": [ + # "delete protocols bgp 65536" + # ], + + + # Deleted in presence of address family under neighbors: + + # Before state: + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp neighbor 192.0.2.43 advertisement-interval '72' + # set protocols bgp neighbor 192.0.2.43 capability 'dynamic' + # set protocols bgp neighbor 192.0.2.43 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.43 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.43 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.0 address-family 'ipv6-unicast' + # set protocols bgp neighbor 203.0.113.0 capability orf prefix-list 'receive' + # set protocols bgp network 203.0.113.0/24 route-map 'map01' + # set protocols bgp parameters 'always-compare-med' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters dampening half-life '33' + # set protocols bgp parameters dampening max-suppress-time '20' + # set protocols bgp parameters dampening re-use '60' + # set protocols bgp parameters dampening start-suppress-time '5' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters distance global external '66' + # set protocols bgp parameters distance global internal '20' + # set protocols bgp parameters distance global local '10' + # set protocols bgp redistribute static route-map 'map01' + # vyos@vyos:~$ ^C + # vyos@vyos:~$ + + - name: Delete configuration + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + state: deleted + + # Module Execution: + # + # "changed": false, + # "invocation": { + # "module_args": { + # "config": { + # "aggregate_address": null, + # "as_number": 65536, + # "bgp_params": null, + # "maximum_paths": null, + # "neighbor": null, + # "network": null, + # "redistribute": null, + # "timers": null + # }, + # "running_config": null, + # "state": "deleted" + # } + # }, + # "msg": "Use the _bgp_address_family module to delete the address_family under neighbor 203.0.113.0, before replacing/deleting the neighbor." + # } + + # using gathered: + # -------------- + + # Before state: + # vyos@vyos:~$ show configuration commands | match "set protocols bgp" + # set protocols bgp system-as 65536 + # set protocols bgp neighbor 192.0.2.43 advertisement-interval '72' + # set protocols bgp neighbor 192.0.2.43 capability 'dynamic' + # set protocols bgp neighbor 192.0.2.43 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.43 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.43 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.0 address-family 'ipv6-unicast' + # set protocols bgp neighbor 203.0.113.0 capability orf prefix-list 'receive' + # set protocols bgp network 203.0.113.0/24 route-map 'map01' + # set protocols bgp parameters 'always-compare-med' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters dampening half-life '33' + # set protocols bgp parameters dampening max-suppress-time '20' + # set protocols bgp parameters dampening re-use '60' + # set protocols bgp parameters dampening start-suppress-time '5' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters distance global external '66' + # set protocols bgp parameters distance global internal '20' + # set protocols bgp parameters distance global local '10' + # set protocols bgp redistribute static route-map 'map01' + # vyos@vyos:~$ ^C + + - name: gather configs + vyos.vyos.vyos_vrrp: + state: gathered + + # Module Execution: + # "gathered": { + # "as_number": 65536, + # "bgp_params": { + # "always_compare_med": true, + # "bestpath": { + # "as_path": "confed", + # "compare_routerid": true + # }, + # "default": { + # "no_ipv4_unicast": true + # }, + # "distance": [ + # { + # "type": "external", + # "value": 66 + # }, + # { + # "type": "internal", + # "value": 20 + # }, + # { + # "type": "local", + # "value": 10 + # } + # ] + # }, + # "neighbor": [ + # { + # "address": "192.0.2.43", + # "advertisement_interval": 72, + # "capability": { + # "dynamic": true + # }, + # "disable_connected_check": true, + # "timers": { + # "holdtime": 30, + # "keepalive": 10 + # } + # }, + # { + # "address": "203.0.113.0", + # "capability": { + # "orf": "receive" + # } + # } + # ], + # "network": [ + # { + # "address": "203.0.113.0/24", + # "route_map": "map01" + # } + # ], + # "redistribute": [ + # { + # "protocol": "static", + # "route_map": "map01" + # } + # ] + # }, + # + + # Using parsed: + # ------------ + + # parsed.cfg + + # set protocols bgp neighbor 192.0.2.43 advertisement-interval '72' + # set protocols bgp neighbor 192.0.2.43 capability 'dynamic' + # set protocols bgp neighbor 192.0.2.43 'disable-connected-check' + # set protocols bgp neighbor 192.0.2.43 timers holdtime '30' + # set protocols bgp neighbor 192.0.2.43 timers keepalive '10' + # set protocols bgp neighbor 203.0.113.0 address-family 'ipv6-unicast' + # set protocols bgp neighbor 203.0.113.0 capability orf prefix-list 'receive' + # set protocols bgp network 203.0.113.0/24 route-map 'map01' + # set protocols bgp parameters 'always-compare-med' + # set protocols bgp parameters bestpath as-path 'confed' + # set protocols bgp parameters bestpath 'compare-routerid' + # set protocols bgp parameters dampening half-life '33' + # set protocols bgp parameters dampening max-suppress-time '20' + # set protocols bgp parameters dampening re-use '60' + # set protocols bgp parameters dampening start-suppress-time '5' + # set protocols bgp parameters default 'no-ipv4-unicast' + # set protocols bgp parameters distance global external '66' + # set protocols bgp parameters distance global internal '20' + # set protocols bgp parameters distance global local '10' + # set protocols bgp redistribute static route-map 'map01' + + - name: parse configs + vyos.vyos.vyos_vrrp: + running_config: "{{ lookup('file', './parsed.cfg') }}" + state: parsed + tags: + - parsed + + # Module execution: + # "parsed": { + # "as_number": 65536, + # "bgp_params": { + # "always_compare_med": true, + # "bestpath": { + # "as_path": "confed", + # "compare_routerid": true + # }, + # "default": { + # "no_ipv4_unicast": true + # }, + # "distance": [ + # { + # "type": "external", + # "value": 66 + # }, + # { + # "type": "internal", + # "value": 20 + # }, + # { + # "type": "local", + # "value": 10 + # } + # ] + # }, + # "neighbor": [ + # { + # "address": "192.0.2.43", + # "advertisement_interval": 72, + # "capability": { + # "dynamic": true + # }, + # "disable_connected_check": true, + # "timers": { + # "holdtime": 30, + # "keepalive": 10 + # } + # }, + # { + # "address": "203.0.113.0", + # "capability": { + # "orf": "receive" + # } + # } + # ], + # "network": [ + # { + # "address": "203.0.113.0/24", + # "route_map": "map01" + # } + # ], + # "redistribute": [ + # { + # "protocol": "static", + # "route_map": "map01" + # } + # ] + # } + # + + # Using rendered: + # -------------- + + - name: Render + vyos.vyos.vyos_vrrp: + config: + as_number: "65536" + network: + - address: "203.0.113.0/24" + route_map: map01 + redistribute: + - protocol: "static" + route_map: "map01" + bgp_params: + always_compare_med: true + dampening: + start_suppress_time: 5 + max_suppress_time: 20 + half_life: 33 + re_use: 60 + distance: + - type: "internal" + value: 20 + - type: "local" + value: 10 + - type: "external" + value: 66 + bestpath: + as_path: "confed" + compare_routerid: true + default: + no_ipv4_unicast: true + neighbor: + - address: "192.0.2.43" + disable_connected_check: true + advertisement_interval: 72 + capability: + dynamic: true + timers: + holdtime: 30 + keepalive: 10 + - address: "203.0.113.0" + capability: + orf: "receive" + state: rendered + + # Module Execution: + # "rendered": [ + # "set protocols bgp neighbor 192.0.2.43 disable-connected-check", + # "set protocols bgp neighbor 192.0.2.43 advertisement-interval 72", + # "set protocols bgp neighbor 192.0.2.43 capability dynamic", + # "set protocols bgp neighbor 192.0.2.43 timers holdtime 30", + # "set protocols bgp neighbor 192.0.2.43 timers keepalive 10", + # "set protocols bgp neighbor 203.0.113.0 capability orf prefix-list receive", + # "set protocols bgp redistribute static route-map map01", + # "set protocols bgp network 203.0.113.0/24 route-map map01", + # "set protocols bgp parameters always-compare-med", + # "set protocols bgp parameters dampening half-life 33", + # "set protocols bgp parameters dampening max-suppress-time 20", + # "set protocols bgp parameters dampening re-use 60", + # "set protocols bgp parameters dampening start-suppress-time 5", + # "set protocols bgp parameters distance global internal 20", + # "set protocols bgp parameters distance global local 10", + # "set protocols bgp parameters distance global external 66", + # "set protocols bgp parameters bestpath as-path confed", + # "set protocols bgp parameters bestpath compare-routerid", + # "set protocols bgp parameters default no-ipv4-unicast" + # ] + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ after + +
+ dictionary +
+ 		when changed +
The resulting configuration after module execution.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ before + +
+ dictionary +
+ 		when state is merged, replaced, overridden, deleted or purged +
The configuration prior to the module execution.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ commands + +
+ list +
+ 		when state is merged, replaced, overridden, deleted or purged +
The set of commands pushed to the remote device.
+
+
Sample:
+
['set protocols bgp redistribute static route-map map01', 'set protocols bgp network 203.0.113.0/24 route-map map01', 'set protocols bgp parameters always-compare-med']
+
+
+ gathered + +
+ list +
+ 		when state is gathered +
Facts about the network resource gathered from the remote device as structured data.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ parsed + +
+ list +
+ 		when state is parsed +
The device native config provided in running_config option parsed into structured data as per module argspec.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ rendered + +
+ list +
+ 		when state is rendered +
The provided configuration in the task rendered in device-native format (offline).
+
+
Sample:
+
['set protocols bgp redistribute static route-map map01', 'set protocols bgp network 203.0.113.0/24 route-map map01', 'set protocols bgp parameters always-compare-med']
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Evgeny Molotkov (@omnom62) diff --git a/plugins/action/vyos_vrrp.py b/plugins/action/vyos_vrrp.py new file mode 120000 index 00000000..331a791f --- /dev/null +++ b/plugins/action/vyos_vrrp.py @@ -0,0 +1 @@ +vyos.py \ No newline at end of file diff --git a/plugins/module_utils/network/vyos/argspec/vrrp/__init__.py b/plugins/module_utils/network/vyos/argspec/vrrp/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/module_utils/network/vyos/argspec/vrrp/vrrp.py b/plugins/module_utils/network/vyos/argspec/vrrp/vrrp.py new file mode 100644 index 00000000..7e00a2f8 --- /dev/null +++ b/plugins/module_utils/network/vyos/argspec/vrrp/vrrp.py @@ -0,0 +1,191 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +############################################# +# WARNING # +############################################# +# +# This file is auto generated by the +# cli_rm_builder. +# +# Manually editing this file is not advised. +# +# To update the argspec make the desired changes +# in the module docstring and re-run +# cli_rm_builder. +# +############################################# + +""" +The arg spec for the vyos_vrrp module +""" + + +class VrrpArgs(object): # pylint: disable=R0903 + """The arg spec for the vyos_vrrp module""" + + argument_spec = { + "config": { + "type": "dict", + "required": False, + "options": { + "disable": {"type": "bool", "default": False}, + "virtual_servers": { + "type": "list", + "elements": "dict", + "options": { + "alias": {"type": "str", "required": True}, + "address": {"type": "str"}, + "algorithm": {"type": "str"}, + "delay_loop": {"type": "int"}, + "forward_method": {"type": "str", "choices": ["direct", "nat"]}, + "fwmark": {"type": "str"}, + "persistence_timeout": {"type": "str"}, + "port": {"type": "int"}, + "protocol": {"type": "str", "choices": ["tcp", "udp"]}, + "real_servers": { + "type": "list", + "elements": "dict", + "options": { + "address": {"type": "str", "required": True}, + "port": {"type": "int"}, + "health_check_script": {"type": "str"}, + }, + }, + }, + }, + "vrrp": { + "type": "dict", + "options": { + "global_parameters": { + "type": "dict", + "options": { + "garp": { + "type": "dict", + "options": { + "interval": {"type": "int"}, + "master_delay": {"type": "int"}, + "master_refresh": {"type": "int"}, + "master_refresh_repeat": {"type": "int"}, + "master_repeat": {"type": "int"}, + }, + }, + "startup_delay": {"type": "int"}, + "version": {"type": "str"}, + }, + }, + "groups": { + "type": "list", + "elements": "dict", + "options": { + "name": {"type": "str", "required": True}, + "address": {"type": "str"}, + "advertise_interval": {"type": "int"}, + "authentication": { + "type": "dict", + "options": { + "password": {"type": "str", "no_log": True}, + "type": {"type": "str"}, + }, + }, + "description": {"type": "str"}, + "disable": {"type": "bool", "default": False}, + "excluded_address": {"type": "str"}, + "garp": { + "type": "dict", + "options": { + "interval": {"type": "int"}, + "master_delay": {"type": "int"}, + "master_refresh": {"type": "int"}, + "master_refresh_repeat": {"type": "int"}, + "master_repeat": {"type": "int"}, + }, + }, + "health_check": { + "type": "dict", + "options": { + "failure_count": {"type": "int"}, + "interval": {"type": "int"}, + "ping": {"type": "str"}, + "script": {"type": "str"}, + }, + }, + "hello_source_address": {"type": "str"}, + "interface": {"type": "str"}, + "no_preempt": {"type": "bool"}, + "peer_address": {"type": "str"}, + "preempt_delay": {"type": "int"}, + "priority": {"type": "int"}, + "rfc3768_compatibility": {"type": "bool"}, + "track": { + "type": "dict", + "options": { + "exclude_vrrp_interface": {"type": "bool"}, + "interface": {"type": "str"}, + }, + }, + "transition_script": { + "type": "dict", + "options": { + "backup": {"type": "str"}, + "fault": {"type": "str"}, + "master": {"type": "str"}, + "stop": {"type": "str"}, + }, + }, + "vrid": {"type": "int", "required": True}, + }, + }, + "snmp": {"type": "bool"}, + "sync_groups": { + "type": "list", + "elements": "dict", + "options": { + "name": {"type": "str", "required": True}, + "health_check": { + "type": "dict", + "options": { + "failure_count": {"type": "int"}, + "interval": {"type": "int"}, + "ping": {"type": "str"}, + "script": {"type": "str"}, + }, + }, + "member": {"type": "list", "elements": "str"}, + "transition_script": { + "type": "dict", + "options": { + "backup": {"type": "str"}, + "fault": {"type": "str"}, + "master": {"type": "str"}, + "stop": {"type": "str"}, + }, + }, + }, + }, + }, + }, + }, + }, + "state": { + "type": "str", + "choices": [ + "deleted", + "merged", + "purged", + "replaced", + "gathered", + "rendered", + "parsed", + ], + "default": "merged", + }, + "running_config": {"type": "str"}, + } # pylint: disable=C0301 diff --git a/plugins/module_utils/network/vyos/config/vrrp/__init__.py b/plugins/module_utils/network/vyos/config/vrrp/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/module_utils/network/vyos/config/vrrp/vrrp.py b/plugins/module_utils/network/vyos/config/vrrp/vrrp.py new file mode 100644 index 00000000..c4af82ea --- /dev/null +++ b/plugins/module_utils/network/vyos/config/vrrp/vrrp.py @@ -0,0 +1,281 @@ +# +# -*- coding: utf-8 -*- +# Copyright 2021 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +# + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +""" +The vyos_vrrp config file. +It is in this file where the current configuration (as dict) +is compared to the provided configuration (as dict) and the command set +necessary to bring the current configuration to its desired end-state is +created. +""" + +from copy import deepcopy + +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module import ( + ResourceModule, +) + +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.facts import Facts +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.vrrp import ( + VrrpTemplate, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.utils.utils import combine +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.utils.version import ( + LooseVersion, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.vyos import get_os_version + + +# from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.utils import ( +# dict_merge, +# ) + + +class Vrrp(ResourceModule): + """ + The vyos_vrrp config class + """ + + def __init__(self, module): + super(Vrrp, self).__init__( + empty_fact_val={}, + facts_module=Facts(module), + module=module, + resource="vrrp", + tmplt=VrrpTemplate(), + ) + self.parsers = [ + "disable", + ] + + def _validate_template(self): + version = get_os_version(self._module) + if LooseVersion(version) >= LooseVersion("1.4"): + self._tmplt = VrrpTemplate() + else: + self._module.fail_json(msg="VRRP is not supported in this version of VyOS") + + def parse(self): + """override parse to check template""" + self._validate_template() + return super().parse() + + def get_parser(self, name): + """get_parsers""" + self._validate_template() + return super().get_parser(name) + + def execute_module(self): + """Execute the module + + :rtype: A dictionary + :returns: The result from module execution + """ + if self.state not in ["parsed", "gathered"]: + self.generate_commands() + self.run_commands() + + return self.result + + def generate_commands(self): + """Generate configuration commands to send based on + want, have and desired state. + """ + wantd = {} + haved = {} + wantd = deepcopy(self.want) + haved = deepcopy(self.have) + + for entry in wantd, haved: + # self._module.fail_json(msg="Before normalize_vrrp_groups - entry: " + str(entry)) + self._vrrp_groups_list_to_dict(entry) + self._virtual_servers_list_to_dict(entry) + + # self._module.fail_json(msg="Normalise - want: " + str(wantd) + " (((()))) have: " + str(haved)) + + # if state is merged, merge want onto have and then compare + if self.state in ["merged"]: + wantd = combine(haved, wantd, recursive=True) + # self._module.fail_json(msg="Want: " + str(wantd) + "**** H: " + str(haved)) + + # if state is deleted, delete and empty out wantd + # if self.state == "deleted": + # w = deepcopy(wantd) + # if w == {} and haved != {}: + # self.commands = ["delete vrrp"] + # return + # for k, want in w.items(): + # if not (k in haved and haved[k]): + # del wantd[k] + # else: + # if isinstance(want, list): + # for entry in want: + # wname = entry.get("name") + # haved["instances"] = [ + # i for i in haved.get("instances", []) if i.get("name") != wname + # ] + # self.commands.append("delete vrrp name {}".format(wname)) + # else: + # self.commands.append("delete vrrp {}".format(k.replace("_", "-"))) + # del wantd[k] + # + # if self.state == "overridden": + # w = deepcopy(wantd) + # h = deepcopy(haved) + # for k, want in w.items(): + # if k in haved anzd haved[k] != want: + # if isinstance(want, list): + # for entry in want: + # wname = entry.get("name") + # hdict = next( + # (inst for inst in haved["instances"] if inst["name"] == wname), + # None, + # ) + # if entry != hdict: + # # self._module.fail_json(msg="Want: " + str(entry) + "**** H: " + str(hdict)) + # haved["instances"] = [ + # i for i in haved.get("instances", []) if i.get("name") != wname + # ] + # self.commands.append("delete vrrp name {}".format(wname)) + # self.commands.append("commit") + # + for k, want in wantd.items(): + if k == "vrrp": + self._compare_vrrp(want, haved.get(k, {})) + if k == "virtual_servers": + # self._module.fail_json(msg="VSERVERS: " + str(want) + " ---- " + str(haved.get(k, {}))) + self._compare_vsrvs(want, haved.get(k, {})) + # if isinstance(want, list): + # self._module.fail_json(msg=str(want) + " +++ " + str(haved.pop(k, {}))) + self.compare( + parsers=self.parsers, + want={k: want}, + have={k: haved.pop(k, {})}, + ) + self._module.fail_json(msg=self.commands) + + def _compare_vsrvs(self, want, have): + """Compare virtual servers of VRRP.py""" + vs_parsers = [ + "virtual_servers", + # "virtual_servers.real_servers", + ] + # self._module.fail_json(msg="want: " + str(want) + "**** have: " + str(have)) + + self.compare( + parsers=vs_parsers, + want={"virtual_servers": want}, + have={"virtual_servers": have}, + ) + + def _compare_vrrp(self, want, have): + """Compare the instances of VRRP""" + vrrp_parsers = [ + "vrrp.snmp", + # "vrrp.sync_groups.member", + # "vrrp.sync_groups.health_check", + # "vrrp.sync_groups.transition_script", + "vrrp.global_parameters.garp", + "vrrp.global_parameters", + "vrrp.groups.garp", + "vrrp.groups", + # "vrrp.group.aunthentication", + # "vrrp.group.transition_script", + # "vrrp.groups.health_check", + # "vrrp.group.track", + # "vrrp.group.transition_script", + ] + + # self._module.fail_json(msg="Conf: " + str(want) + " <*****************> " + str(have)) + + want = { + "vrrp": { + "groups": { + "name": "g2", + "interface": "eth1", + "address": "2.2.2.2", + "disable": False, + "no_preempt": False, + "vrid": 11, + "garp": { + "interval": 21, + "master_delay": 6, + "master_refresh": 51, + "master_refresh_repeat": 101, + "master_repeat": 4, + }, + }, + }, + } + have = {"vrrp": {"groups": {}}} + self.compare(parsers=vrrp_parsers, want=want, have=have) + + # self.compare(parsers=vrrp_parsers, want={"vrrp": want}, have={"vrrp": have}) + + def _vrrp_groups_list_to_dict(self, data): + + vrrp = data.get("vrrp", {}) + groups = vrrp.get("groups") + + # Nothing to do + if not groups: + return data + + # Already dict-based + if isinstance(groups, dict): + return data + + # Must be list → convert it + if isinstance(groups, list): + new_groups = {} + for item in groups: + name = item.get("name") + if not name: + continue + new_groups[name] = item + + data["vrrp"]["groups"] = new_groups + return data + + # Unexpected shape → leave as-is + return data + + def _virtual_servers_list_to_dict(self, data): + + vss = data.get("virtual_servers") + if not vss: + return data + + # Already normalized dict → return untouched + if isinstance(vss, dict): + return data + + # List → convert + if isinstance(vss, list): + new_vss = {} + + for item in vss: + # Skip non-dict items + if not isinstance(item, dict): + continue + + alias = item.get("alias") + if not alias: + continue + + new_vss[alias] = item + + data["virtual_servers"] = new_vss + return data + + # Anything else → leave unchanged + return data diff --git a/plugins/module_utils/network/vyos/facts/facts.py b/plugins/module_utils/network/vyos/facts/facts.py index 74bbda74..8cd7cbce 100644 --- a/plugins/module_utils/network/vyos/facts/facts.py +++ b/plugins/module_utils/network/vyos/facts/facts.py @@ -1,131 +1,135 @@ # Copyright 2019 Red Hat # GNU General Public License v3.0+ # (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) """ The facts class for vyos this file validates each subset of facts and selectively calls the appropriate facts gathering function """ from __future__ import absolute_import, division, print_function __metaclass__ = type from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.facts.facts import ( FactsBase, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.bgp_address_family.bgp_address_family import ( Bgp_address_familyFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.bgp_global.bgp_global import ( Bgp_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_global.firewall_global import ( Firewall_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_interfaces.firewall_interfaces import ( Firewall_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_rules.firewall_rules import ( Firewall_rulesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.hostname.hostname import ( HostnameFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.interfaces.interfaces import ( InterfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.l3_interfaces.l3_interfaces import ( L3_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lag_interfaces.lag_interfaces import ( Lag_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.legacy.base import ( Config, Default, Neighbors, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lldp_global.lldp_global import ( Lldp_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lldp_interfaces.lldp_interfaces import ( Lldp_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.logging_global.logging_global import ( Logging_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ntp_global.ntp_global import ( Ntp_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospf_interfaces.ospf_interfaces import ( Ospf_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospfv2.ospfv2 import ( Ospfv2Facts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospfv3.ospfv3 import ( Ospfv3Facts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.prefix_lists.prefix_lists import ( Prefix_listsFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.route_maps.route_maps import ( Route_mapsFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.snmp_server.snmp_server import ( Snmp_serverFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.static_routes.static_routes import ( Static_routesFacts, ) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.vrrp.vrrp import ( + VrrpFacts, +) FACT_LEGACY_SUBSETS = dict(default=Default, neighbors=Neighbors, config=Config) FACT_RESOURCE_SUBSETS = dict( interfaces=InterfacesFacts, l3_interfaces=L3_interfacesFacts, lag_interfaces=Lag_interfacesFacts, lldp_global=Lldp_globalFacts, lldp_interfaces=Lldp_interfacesFacts, static_routes=Static_routesFacts, firewall_rules=Firewall_rulesFacts, firewall_global=Firewall_globalFacts, firewall_interfaces=Firewall_interfacesFacts, ospfv3=Ospfv3Facts, ospfv2=Ospfv2Facts, ospf_interfaces=Ospf_interfacesFacts, bgp_global=Bgp_globalFacts, bgp_address_family=Bgp_address_familyFacts, route_maps=Route_mapsFacts, prefix_lists=Prefix_listsFacts, logging_global=Logging_globalFacts, ntp_global=Ntp_globalFacts, snmp_server=Snmp_serverFacts, hostname=HostnameFacts, + vrrp=VrrpFacts, ) class Facts(FactsBase): """The fact class for vyos""" VALID_LEGACY_GATHER_SUBSETS = frozenset(FACT_LEGACY_SUBSETS.keys()) VALID_RESOURCE_SUBSETS = frozenset(FACT_RESOURCE_SUBSETS.keys()) def __init__(self, module): super(Facts, self).__init__(module) def get_facts(self, legacy_facts_type=None, resource_facts_type=None, data=None): """Collect the facts for vyos :param legacy_facts_type: List of legacy facts types :param resource_facts_type: List of resource fact types :param data: previously collected conf :rtype: dict :return: the facts gathered """ if self.VALID_RESOURCE_SUBSETS: self.get_network_resources_facts(FACT_RESOURCE_SUBSETS, resource_facts_type, data) if self.VALID_LEGACY_GATHER_SUBSETS: self.get_network_legacy_facts(FACT_LEGACY_SUBSETS, legacy_facts_type) return self.ansible_facts, self._warnings diff --git a/plugins/module_utils/network/vyos/facts/vrrp/__init__.py b/plugins/module_utils/network/vyos/facts/vrrp/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/plugins/module_utils/network/vyos/facts/vrrp/vrrp.py b/plugins/module_utils/network/vyos/facts/vrrp/vrrp.py new file mode 100644 index 00000000..96e1fc9d --- /dev/null +++ b/plugins/module_utils/network/vyos/facts/vrrp/vrrp.py @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +# Copyright 2021 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +""" +The vyos vrrp fact class +It is in this file the configuration is collected from the device +for a given resource, parsed, and the facts tree is populated +based on the configuration. +""" + +import re + +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import utils + +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.argspec.vrrp.vrrp import ( + VrrpArgs, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.vrrp import ( + VrrpTemplate, +) + + +class VrrpFacts(object): + """The vyos vrrp facts class""" + + def __init__(self, module, subspec="config", options="options"): + self._module = module + self.argument_spec = VrrpArgs.argument_spec + + def get_device_data(self, connection): + return connection.get('show configuration commands | match "set high-availability"') + + def get_config_set(self, data, connection): + """To classify the configurations beased on vrrp""" + config_dict = {} + for config_line in data.splitlines(): + vrrp_grp = re.search(r"set high-availability vrrp group (\S+).*", config_line) + vrrp_gp = re.search( + r"set high-availability vrrp global-parameters (\S+).*", + config_line, + ) + vrrp_sg = re.search(r"set high-availability vrrp sync-group (\S+).*", config_line) + vrrp_vsrv = re.search(r"set high-availability virtual-server (\S+).*", config_line) + vrrp_disable = re.search(r"set high-availability disable", config_line) + vrrp_snmp = re.search(r"set high-availability vrrp snmp", config_line) + + if vrrp_disable: + config_dict["disable"] = config_dict.get("disable", "") + config_line + "\n" + if vrrp_snmp: + config_dict.setdefault("vrrp", []).append(config_line) + if vrrp_gp: + config_dict.setdefault("global_parameters", []).append(config_line) + if vrrp_vsrv: + config_dict.setdefault(vrrp_vsrv.group(1), []).append(config_line) + if vrrp_sg: + config_dict.setdefault(vrrp_sg.group(1), []).append(config_line) + if vrrp_grp: + config_dict.setdefault(vrrp_grp.group(1), []).append(config_line) + return list(config_dict.values()) + + def deep_merge(self, dest, src): + for key, value in src.items(): + if key in dest and isinstance(dest[key], dict) and isinstance(value, dict): + self.deep_merge(dest[key], value) + else: + dest[key] = value + return dest + + def populate_facts(self, connection, ansible_facts, data=None): + """Populate the facts for vrrp network resource + + :param connection: the device connection + :param ansible_facts: Facts dictionary + :param data: previously collected conf + + :rtype: dictionary + :returns: facts + """ + facts = {} + objs = {} + config_lines = [] + + if not data: + data = self.get_device_data(connection) + # self._module.fail_json(msg="Data: " + str(data)) + resources = self.get_config_set(data, connection) + # self._module.fail_json(msg="Resources: " + str(resources)) + vrrp_facts = {"disable": False, "virtual_servers": {}, "vrrp": {}} + for resource in resources: + vrrp_parser = VrrpTemplate( + lines=resource, + module=self._module, + ) + objs = vrrp_parser.parse() + # self._module.fail_json(msg="VRRP Objs: " + str(objs)) + if "disable" in objs: + vrrp_facts["disable"] = objs["disable"] + + for section in ("virtual_servers", "vrrp"): + if section in objs: + # self._module.fail_json(msg="Section: " + str(section) + " Objs[section]: " + str(objs[section])) + for name, data in objs[section].items(): + if not isinstance(data, dict): + vrrp_facts[section][name] = data + continue + existing = vrrp_facts[section].get(name, {}) + vrrp_facts[section][name] = self.deep_merge(existing, data) + + ansible_facts["ansible_network_resources"].pop("vrrp", None) + # + vrrp_facts = self.normalize_config(vrrp_facts) + # + # self._module.fail_json(msg="VRRP_Facts: " + str(vrrp_facts)) + validate_parser = VrrpTemplate(lines=[], module=self._module) + params = utils.remove_empties( + validate_parser.validate_config( + self.argument_spec, + {"config": vrrp_facts}, + redact=True, + ), + ) + + facts["vrrp"] = params.get("config", []) + ansible_facts["ansible_network_resources"].update(facts) + # self._module.fail_json(msg='Facts - ' + str(ansible_facts)) + return ansible_facts + + def normalize_config(self, config): + if not config: + return config + + # Normalize virtual_servers + if isinstance(config.get("virtual_servers"), dict): + config["virtual_servers"] = list(config["virtual_servers"].values()) + + # Normalize vrrp + vrrp = config.get("vrrp", {}) + # self._module.fail_json(msg=config.get("vrrp", {})) + + if isinstance(vrrp.get("groups"), dict): + vrrp["groups"] = list(vrrp["groups"].values()) + # self._module.fail_json(msg="Groups: " + str(vrrp["groups"])) + + if isinstance(vrrp.get("sync_groups"), dict): + vrrp["sync_groups"] = list(vrrp["sync_groups"].values()) + self._module.fail_json(msg="SGroups: " + str(vrrp["sync_groups"])) + + # Normalize real_server inside each virtual_server + for vs in config.get("virtual_servers", []): + if isinstance(vs.get("real_servers"), dict): + vs["real_servers"] = list(vs["real_servers"].values()) + + return config diff --git a/plugins/module_utils/network/vyos/rm_templates/vrrp.py b/plugins/module_utils/network/vyos/rm_templates/vrrp.py new file mode 100644 index 00000000..483a470e --- /dev/null +++ b/plugins/module_utils/network/vyos/rm_templates/vrrp.py @@ -0,0 +1,754 @@ +# -*- coding: utf-8 -*- +# Copyright 2021 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + + +__metaclass__ = type + +""" +The Bgp_global parser templates file. This contains +a list of parser definitions and associated functions that +facilitates both facts gathering and native command generation for +the given network resource. +""" + +import re + +# from ansible.module_utils.six import iteritems +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.network_template import ( + NetworkTemplate, +) + + +# def _tmplt_vsrvs(config_data): +# config_data = config_data["virtual_servers"] +# command = [] +# cmd = "high-availability virtual-server".format(**config_data) +# command = [str(cmd)] +# # if "mode" in config_data: +# # mode_cmd = cmd + " mode {mode}".format(**config_data) +# # command.append(mode_cmd) +# # if "seclevel" in config_data: +# # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) +# # command.append(sec_cmd) +# # if "view" in config_data: +# # view_cmd = cmd + " view {view}".format(**config_data) +# # command.append(view_cmd) +# return command + + +def _tmplt_vsrvs(config_data): + vs = config_data["virtual_servers"] + command = [] + + for alias, item in vs.items(): + + cmd = f"set high-availability virtual-server {alias}" + + for key, value in item.items(): + + if key == "alias" or isinstance(value, list) or value is None: + continue + + command.append(f"{cmd} {key.replace('_', '-')} {value}") + + return command + + +def _tmplt_vsrvs_rsrv(config_data): + config_data = config_data["virtual_servers"]["real_servers"] + command = [] + # cmd = "service snmp v3 group {group}".format(**config_data) + # if "mode" in config_data: + # mode_cmd = cmd + " mode {mode}".format(**config_data) + # command.append(mode_cmd) + # if "seclevel" in config_data: + # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + # command.append(sec_cmd) + # if "view" in config_data: + # view_cmd = cmd + " view {view}".format(**config_data) + # command.append(view_cmd) + return command + + +def _tmplt_sgroup_hc(config_data): + config_data = config_data["sync-group"]["health-check"] + command = [] + cmd = "high-availability vrrp sync-group health-check {health_check}".format(**config_data) + if "failure_count" in config_data: + failure_count_cmd = cmd + " failure-count {failure_count}".format(**config_data) + command.append(failure_count_cmd) + if "interval" in config_data: + interval_cmd = cmd + " interval {interval}".format(**config_data) + command.append(interval_cmd) + if "ping" in config_data: + ping_cmd = cmd + " ping {ping}".format(**config_data) + command.append(ping_cmd) + if "script" in config_data: + script_cmd = cmd + " script {script}".format(**config_data) + command.append(script_cmd) + return command + + +def _tmplt_sgroup_ts(config_data): + config_data = config_data["sync-group"]["transition-script"] + command = [] + cmd = "high-availability vrrp sync-group transition-script {transition_script}".format( + **config_data, + ) + if "backup" in config_data: + backup_cmd = cmd + " backup {backup}".format(**config_data) + command.append(backup_cmd) + if "fault" in config_data: + fault_cmd = cmd + " fault {fault}".format(**config_data) + command.append(fault_cmd) + if "master" in config_data: + master_cmd = cmd + " master {master}".format(**config_data) + command.append(master_cmd) + if "stop" in config_data: + stop_cmd = cmd + " stop {stop}".format(**config_data) + command.append(stop_cmd) + return command + + +def _tmplt_vrrp_gp(config_data): + config_data = config_data["vrrp"]["global_parameters"] + command = [] + cmd = "high-availability vrrp global-parameters" + if "version" in config_data: + version_cmd = cmd + " version {version}".format(**config_data) + command.append(version_cmd) + if "startup_delay" in config_data: + startup_delay_cmd = cmd + " startup-delay {startup_delay}".format(**config_data) + command.append(startup_delay_cmd) + return command + + +def _tmplt_vrrp_gp_garp(config_data): + config_data = config_data["vrrp"]["global_parameters"]["garp"] + command = [] + cmd = "high-availability vrrp global-parameters garp" + if "interval" in config_data: + interval_cmd = cmd + " interval {interval}".format(**config_data) + command.append(interval_cmd) + if "master_delay" in config_data: + master_delay_cmd = cmd + " master-delay {master_delay}".format(**config_data) + command.append(master_delay_cmd) + if "master_refresh" in config_data: + master_refresh_cmd = cmd + " master-refresh {master_refresh}".format(**config_data) + command.append(master_refresh_cmd) + if "master_refresh_repeat" in config_data: + master_refresh_repeat_cmd = cmd + " master-refresh-repeat {master_refresh_repeat}".format( + **config_data, + ) + command.append(master_refresh_repeat_cmd) + if "master_repeat" in config_data: + master_repeat_cmd = cmd + " master-repeat {master_repeat}".format(**config_data) + command.append(master_repeat_cmd) + return command + + +def _tmplt_vrrp_group(config_data): + config_data = config_data["vrrp"]["groups"] + command = [] + cmd = "high-availability vrrp group {name}".format(**config_data) + + for key, value in config_data.items(): + + if key == "name" or isinstance(value, dict) or value is None: + continue + + if isinstance(value, bool) and value is not None: + command.append(f"{cmd} {key.replace('_', '-')}") + + command.append(f"{cmd} {key.replace('_', '-')} {value}") + return command + + +def _tmplt_vrrp_group_garp(config_data): + config_data = config_data["vrrp"]["groups"] + command = [] + cmd = "high-availability vrrp group {name}".format(**config_data) + config_data = config_data["garp"] + for key, value in config_data.items(): + if value is not None: + command.append(cmd + " garp " + f"{key.replace('_', '-')} {value}") + return command + + +def _tmplt_vrrp_group_track(config_data): + config_data = config_data["vrrp"]["group"]["track"] + command = [] + # cmd = "service snmp v3 group {group}".format(**config_data) + # if "mode" in config_data: + # mode_cmd = cmd + " mode {mode}".format(**config_data) + # command.append(mode_cmd) + # if "seclevel" in config_data: + # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + # command.append(sec_cmd) + # if "view" in config_data: + # view_cmd = cmd + " view {view}".format(**config_data) + # command.append(view_cmd) + return command + + +def _tmplt_vrrp_group_hc(config_data): + config_data = config_data["vrrp"]["group"]["health-check"] + command = [] + # cmd = "service snmp v3 group {group}".format(**config_data) + # if "mode" in config_data: + # mode_cmd = cmd + " mode {mode}".format(**config_data) + # command.append(mode_cmd) + # if "seclevel" in config_data: + # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + # command.append(sec_cmd) + # if "view" in config_data: + # view_cmd = cmd + " view {view}".format(**config_data) + # command.append(view_cmd) + return command + + +def _tmplt_vrrp_group_ts(config_data): + config_data = config_data["vrrp"]["group"]["transcription-script"] + command = [] + # cmd = "service snmp v3 group {group}".format(**config_data) + # if "mode" in config_data: + # mode_cmd = cmd + " mode {mode}".format(**config_data) + # command.append(mode_cmd) + # if "seclevel" in config_data: + # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + # command.append(sec_cmd) + # if "view" in config_data: + # view_cmd = cmd + " view {view}".format(**config_data) + # command.append(view_cmd) + return command + + +def _tmplt_vrrp_group_auth(config_data): + config_data = config_data["vrrp"]["group"]["authentication"] + command = [] + # cmd = "service snmp v3 group {group}".format(**config_data) + # if "mode" in config_data: + # mode_cmd = cmd + " mode {mode}".format(**config_data) + # command.append(mode_cmd) + # if "seclevel" in config_data: + # sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + # command.append(sec_cmd) + # if "view" in config_data: + # view_cmd = cmd + " view {view}".format(**config_data) + # command.append(view_cmd) + return command + + +class VrrpTemplate(NetworkTemplate): + def __init__(self, lines=None, module=None): + prefix = {"set": "set", "remove": "delete"} + super(VrrpTemplate, self).__init__( + lines=lines, + tmplt=self, + prefix=prefix, + module=module, + ) + + # fmt: off + PARSERS = [ + { + "name": "disable", + "getval": re.compile( + r""" + ^set + \shigh-availability + \s(?Pdisable) + $""", + re.VERBOSE, + ), + "setval": "high-availability disable", + "result": { + "disable": "{{ True if disable is defined }}", + }, + }, + { + "name": "virtual_servers", + "getval": re.compile( + r""" + ^set\shigh-availability\svirtual-server + \s+(?P\S+) + (?:\s+address\s+(?P
\S+))? + (?:\s+algorithm\s+(?P\S+))? + (?:\s+delay-loop\s+(?P\S+))? + (?:\s+forward-method\s+(?P\S+))? + (?:\s+fwmark\s+(?P\S+))? + (?:\s+persistence-timeout\s+(?P\S+))? + (?:\s+port\s+(?P\S+))? + (?:\s+protocol\s+(?P\S+))? + $ + """, + re.VERBOSE, + ), + "setval": _tmplt_vsrvs, + # "setval": "virtual-server", + "result": { + "virtual_servers": { + "{{ alias }}": { + "alias": "{{ alias }}", + "address": "{{ address if address is defined else None }}", + "algorithm": "{{ algorithm if algorithm is defined else None }}", + "delay_loop": "{{ delay_loop if delay_loop is defined else None }}", + "forward_method": "{{ forward_method if forward_method is defined else None }}", + "fwmark": "{{ fwmark if fwmark is defined else None }}", + "persistence_timeout": "{{ persistence_timeout if persistence_timeout is defined else None }}", + "port": "{{ port if port is defined else None }}", + "protocol": "{{ protocol if protocol is defined else None }}", + }, + }, + }, + }, + { + "name": "virtual_servers.real_servers", + "getval": re.compile( + r""" + ^set\shigh-availability\svirtual-server + \s+(?P\S+) + \sreal-server + \s+(?P
\S+) + (?:\s+port\s+(?P\S+))? + (?:\s+health-check\sscript\s+(?P\S+))? + (?:\s+connection-timeout\s+(?P\S+))? + $ + """, + re.VERBOSE, + ), + "setval": _tmplt_vsrvs_rsrv, + # "compval": "global_parameters.garp.master_refersh_repeat", + "result": { + "virtual_servers": { + "{{ alias }}": { + "alias": "{{ alias }}", + "real_servers": { + "{{ address }}": { + "address": "{{ address }}", + "port": "{{ port if port is defined else None }}", + "health_check_script": "{{ hcscript if hcscript is defined else None }}", + "connection_timeout": "{{ cont if cont is defined else None }}", + }, + }, + }, + }, + }, + }, + # { + # "name": "vrrp.sync_groups.member", + # "getval": re.compile( + # r""" + # ^set\shigh-availability\svrrp\ssync-group + # \s+(?P\S+) + # \smember + # \s+(?P\S+) + # $ + # """, + # re.VERBOSE, + # ), + # "setval": "set high-availability vrrp sync-group {{sgname}} member {{member}}", + # "result": { + # "vrrp": { + # "sync_groups": { + # "{{ sgname }}": { + # "name": "{{ sgname }}", + # "member": [ + # "{{ member }}" + # ], + # }, + # }, + # }, + # }, + # }, + # { + # "name": "vrrp.sync_groups.member", + # "getval": re.compile( + # r""" + # ^set\shigh-availability\svrrp\ssync-group + # \s+(?P\S+) + # \smember + # \s+(?P\S+) + # $ + # """, + # re.VERBOSE, + # ), + # "setval": "set high-availability vrrp sync-group {{sgname}} member {{member}}", + # "result": { + # "vrrp": { + # "sync_groups": [ + # { + # "name": "{{ sgname }}", + # "member": ["{{ member }}"], + # }, + # ], + # }, + # }, + # }, + { + "name": "vrrp.sync_groups.health_check", + "getval": re.compile( + r""" + ^set\shigh-availability\svrrp\ssync-group + \s+(?P\S+) + \shealth-check + (?:\s+failure-count\s+(?P\S+)) + ?(?:\s+interval\s+(?P\S+)) + ?(?:\s+ping\s+(?P\S+)) + ?(?:\s+script\s+(?P