diff --git a/README.md b/README.md index 67e7a3b..f37e259 100644 --- a/README.md +++ b/README.md @@ -1,171 +1,172 @@ # VyOS Collection [![CI](https://zuul-ci.org/gated.svg)](https://dashboard.zuul.ansible.com/t/ansible/project/github.com/ansible-collections/vyos.vyos) The Ansible VyOS collection includes a variety of Ansible content to help automate the management of VyOS network appliances. This collection has been tested against VyOS 1.1.8 (helium). ## Ansible version compatibility This collection has been tested against following Ansible versions: **>=2.9.10**. Plugins and modules within a collection may be tested with only specific Ansible versions. A collection may contain metadata that identifies these versions. PEP440 is the schema used to describe the versions of Ansible. ### Supported connections The VyOS collection supports ``network_cli`` connections. ## Included content ### Cliconf plugins Name | Description --- | --- [vyos.vyos.vyos](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_cliconf.rst)|Use vyos cliconf to run command on VyOS platform ### Modules Name | Description --- | --- [vyos.vyos.vyos_banner](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_banner_module.rst)|Manage multiline banners on VyOS devices [vyos.vyos.vyos_bgp_address_family](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_bgp_address_family_module.rst)|BGP Address Family Resource Module. [vyos.vyos.vyos_bgp_global](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_bgp_global_module.rst)|BGP Global Resource Module. [vyos.vyos.vyos_command](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_command_module.rst)|Run one or more commands on VyOS devices [vyos.vyos.vyos_config](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_config_module.rst)|Manage VyOS configuration on remote device [vyos.vyos.vyos_facts](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_facts_module.rst)|Get facts about vyos devices. [vyos.vyos.vyos_firewall_global](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_global_module.rst)|FIREWALL global resource module [vyos.vyos.vyos_firewall_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_interfaces_module.rst)|FIREWALL interfaces resource module [vyos.vyos.vyos_firewall_rules](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_firewall_rules_module.rst)|FIREWALL rules resource module [vyos.vyos.vyos_interface](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_interface_module.rst)|(deprecated, removed after 2022-06-01) Manage Interface on VyOS network devices [vyos.vyos.vyos_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_interfaces_module.rst)|Interfaces resource module [vyos.vyos.vyos_l3_interface](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_l3_interface_module.rst)|(deprecated, removed after 2022-06-01) Manage L3 interfaces on VyOS network devices [vyos.vyos.vyos_l3_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_l3_interfaces_module.rst)|L3 interfaces resource module [vyos.vyos.vyos_lag_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lag_interfaces_module.rst)|LAG interfaces resource module [vyos.vyos.vyos_linkagg](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_linkagg_module.rst)|(deprecated, removed after 2022-06-01) Manage link aggregation groups on VyOS network devices [vyos.vyos.vyos_lldp](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_module.rst)|(deprecated, removed after 2022-06-01) Manage LLDP configuration on VyOS network devices [vyos.vyos.vyos_lldp_global](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_global_module.rst)|LLDP global resource module [vyos.vyos.vyos_lldp_interface](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_interface_module.rst)|(deprecated, removed after 2022-06-01) Manage LLDP interfaces configuration on VyOS network devices [vyos.vyos.vyos_lldp_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_lldp_interfaces_module.rst)|LLDP interfaces resource module [vyos.vyos.vyos_logging](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_logging_module.rst)|Manage logging on network devices [vyos.vyos.vyos_logging_global](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_logging_global_module.rst)|Logging resource module [vyos.vyos.vyos_ntp_global](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ntp_global_module.rst)|Manages ntp modules of Vyos network devices [vyos.vyos.vyos_ospf_interfaces](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospf_interfaces_module.rst)|OSPF Interfaces Resource Module. [vyos.vyos.vyos_ospfv2](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv2_module.rst)|OSPFv2 resource module [vyos.vyos.vyos_ospfv3](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ospfv3_module.rst)|OSPFV3 resource module [vyos.vyos.vyos_ping](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_ping_module.rst)|Tests reachability using ping from VyOS network devices [vyos.vyos.vyos_prefix_lists](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_prefix_lists_module.rst)|Prefix-Lists resource module for VyOS [vyos.vyos.vyos_route_maps](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_route_maps_module.rst)|Route Map Resource Module. +[vyos.vyos.vyos_snmp_server](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_snmp_server_module.rst)|Manages snmp_server resource module [vyos.vyos.vyos_static_route](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_static_route_module.rst)|(deprecated, removed after 2022-06-01) Manage static IP routes on Vyatta VyOS network devices [vyos.vyos.vyos_static_routes](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_static_routes_module.rst)|Static routes resource module [vyos.vyos.vyos_system](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_system_module.rst)|Run `set system` commands on VyOS devices [vyos.vyos.vyos_user](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_user_module.rst)|Manage the collection of local users on VyOS device [vyos.vyos.vyos_vlan](https://github.com/ansible-collections/vyos.vyos/blob/main/docs/vyos.vyos.vyos_vlan_module.rst)|Manage VLANs on VyOS network devices Click the ``Content`` button to see the list of content included in this collection. ## Installing this collection You can install the VyOS collection with the Ansible Galaxy CLI: ansible-galaxy collection install vyos.vyos You can also include it in a `requirements.yml` file and install it with `ansible-galaxy collection install -r requirements.yml`, using the format: ```yaml --- collections: - name: vyos.vyos ``` ## Using this collection This collection includes [network resource modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html). ### Using modules from the VyOS collection in your playbooks You can call modules by their Fully Qualified Collection Namespace (FQCN), such as `vyos.vyos.vyos_static_routes`. The following example task replaces configuration changes in the existing configuration on a VyOS network device, using the FQCN: ```yaml --- - name: Replace device configurations of listed static routes with provided configurations register: result vyos.vyos.vyos_static_routes: &id001 config: - address_families: - afi: ipv4 routes: - dest: 192.0.2.32/28 blackhole_config: distance: 2 next_hops: - forward_router_address: 192.0.2.7 - forward_router_address: 192.0.2.8 - forward_router_address: 192.0.2.9 state: replaced ``` **NOTE**: For Ansible 2.9, you may not see deprecation warnings when you run your playbooks with this collection. Use this documentation to track when a module is deprecated. ### See Also: * [VyOS Platform Options](https://docs.ansible.com/ansible/latest/network/user_guide/platform_vyos.html) * [Ansible Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details. ## Contributing to this collection We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against the [VyOS collection repository](https://github.com/ansible-collections/vyos). See [Contributing to Ansible-maintained collections](https://docs.ansible.com/ansible/devel/community/contributing_maintained_collections.html#contributing-maintained-collections) for complete details. You can also join us on: - IRC - the ``#ansible-network`` [irc.libera.chat](https://libera.chat/) channel - Slack - https://ansiblenetwork.slack.com See the [Ansible Community Guide](https://docs.ansible.com/ansible/latest/community/index.html) for details on contributing to Ansible. ### Code of Conduct This collection follows the Ansible project's [Code of Conduct](https://docs.ansible.com/ansible/devel/community/code_of_conduct.html). Please read and familiarize yourself with this document. ## Changelogs ## Release notes Release notes are available [here](https://github.com/ansible-collections/vyos.vyos/blob/main/CHANGELOG.rst). ## Roadmap ## More information - [Ansible network resources](https://docs.ansible.com/ansible/latest/network/getting_started/network_resources.html) - [Ansible Collection overview](https://github.com/ansible-collections/overview) - [Ansible User guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) - [Ansible Developer guide](https://docs.ansible.com/ansible/latest/dev_guide/index.html) - [Ansible Community code of conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html) ## Licensing GNU General Public License v3.0 or later. See [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to see the full text. diff --git a/changelogs/fragments/add_snmp_server_resource_module.yaml b/changelogs/fragments/add_snmp_server_resource_module.yaml new file mode 100644 index 0000000..8a22439 --- /dev/null +++ b/changelogs/fragments/add_snmp_server_resource_module.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: + - Add vyos_snmp_server resource module. diff --git a/docs/vyos.vyos.vyos_snmp_server_module.rst b/docs/vyos.vyos.vyos_snmp_server_module.rst new file mode 100644 index 0000000..dfef282 --- /dev/null +++ b/docs/vyos.vyos.vyos_snmp_server_module.rst @@ -0,0 +1,2139 @@ +.. _vyos.vyos.vyos_snmp_server_module: + + +************************** +vyos.vyos.vyos_snmp_server +************************** + +**Manages snmp_server resource module** + + +Version added: 2.7.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages the snmp server attributes of Vyos network devices + + + + +Parameters +---------- + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterChoices/DefaultsComments
+
+ config + +
+ dictionary +
+ 		+ +
SNMP server configuration.
+
+
+ communities + +
+ list + / elements=dictionary +
+ 		+ +
Community name configuration.
+
+
+ authorization_type + +
+ string +
+ 		+
    Choices: +
  • ro
    • +
  • rw
    • +
+ 		+
Authorization type (rw or ro)
+
+
+ clients + +
+ list + / elements=string +
+ 		+ +
IP address of SNMP client allowed to contact system
+
+
+ name + +
+ string +
+ 		+ +
Community name
+
+
+ networks + +
+ list + / elements=string +
+ 		+ +
Subnet of SNMP client(s) allowed to contact system
+
+
+ contact + +
+ string +
+ 		+ +
Person to contact about the system.
+
+
+ description + +
+ string +
+ 		+ +
Description information
+
+
+ listen_addresses + +
+ list + / elements=dictionary +
+ 		+ +
IP address to listen for incoming SNMP requests
+
+
+ address + +
+ string +
+ 		+ +
IP address to listen for incoming SNMP requests.
+
+
+ port + +
+ integer +
+ 		+ +
Port for SNMP service
+
+
+ location + +
+ string +
+ 		+ +
Location information
+
+
+ smux_peer + +
+ string +
+ 		+ +
Register a subtree for SMUX-based processing.
+
+
+ snmp_v3 + +
+ dictionary +
+ 		+ +
Simple Network Management Protocol (SNMP) v3
+
+
+ engine_id + +
+ string +
+ 		+ +
Specifies the EngineID as a hex value
+
+
+ groups + +
+ list + / elements=dictionary +
+ 		+ +
Specifies the group with name groupname
+
+
+ group + +
+ string +
+ 		+ +
Specifies the group with name groupname
+
+
+ mode + +
+ string +
+ 		+
    Choices: +
  • ro
    • +
  • rw
    • +
+ 		+
Defines the read/write access
+
+
+ seclevel + +
+ string +
+ 		+
    Choices: +
  • auth
    • +
  • priv
    • +
+ 		+
Defines security level
+
+
+ view + +
+ string +
+ 		+ +
Defines the name of view
+
+
+ trap_targets + +
+ list + / elements=dictionary +
+ 		+ +
Defines SNMP target for inform or traps for IP
+
+
+ address + +
+ string +
+ 		+ +
IP/IPv6 address of trap target
+
+
+ authentication + +
+ dictionary +
+ 		+ +
Defines the authentication
+
+
+ encrypted_key + +
+ string +
+ 		+ +
Defines the encrypted password for authentication
+
+
+ plaintext_key + +
+ string +
+ 		+ +
Defines the clear text password for authentication
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • md5
    • +
  • sha
    • +
+ 		+
Defines the protocol using for authentication
+
+
+ engine_id + +
+ string +
+ 		+ +
Defines the engineID.
+
+
+ port + +
+ integer +
+ 		+ +
Specifies the TCP/UDP port of a destination for SNMP traps/informs.
+
+
+ privacy + +
+ dictionary +
+ 		+ +
Defines the privacy
+
+
+ encrypted_key + +
+ string +
+ 		+ +
Defines the encrypted password for privacy
+
+
+ plaintext_key + +
+ string +
+ 		+ +
Defines the clear text password for privacy
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • des
    • +
  • aes
    • +
+ 		+
Defines the protocol using for privacy
+
+
+ protocol + +
+ string +
+ 		+
    Choices: +
  • tcp
    • +
  • udp
    • +
+ 		+
Defines protocol for notification between TCP and UDP
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • inform
    • +
  • trap
    • +
+ 		+
Specifies the type of notification between inform and trap
+
+
+ tsm + +
+ dictionary +
+ 		+ +
Specifies that the snmpd uses encryption
+
+
+ local_key + +
+ string +
+ 		+ +
Defines the server certificate fingerprint or key-file name.
+
+
+ port + +
+ integer +
+ 		+ +
Defines the port for tsm.
+
+
+ users + +
+ list + / elements=dictionary +
+ 		+ +
Defines username for authentication
+
+
+ authentication + +
+ dictionary +
+ 		+ +
Defines the authentication
+
+
+ encrypted_key + +
+ string +
+ 		+ +
Defines the encrypted password for authentication
+
+
+ plaintext_key + +
+ string +
+ 		+ +
Defines the clear text password for authentication
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • md5
    • +
  • sha
    • +
+ 		+
Defines the protocol using for authentication
+
+
+ engine_id + +
+ string +
+ 		+ +
Defines the engineID.
+
+
+ group + +
+ string +
+ 		+ +
Specifies group for user name
+
+
+ mode + +
+ string +
+ 		+
    Choices: +
  • ro
    • +
  • rw
    • +
+ 		+
Specifies the mode for access rights of user, read only or write
+
+
+ privacy + +
+ dictionary +
+ 		+ +
Defines the privacy
+
+
+ encrypted_key + +
+ string +
+ 		+ +
Defines the encrypted password for privacy
+
+
+ plaintext_key + +
+ string +
+ 		+ +
Defines the clear text password for privacy
+
+
+ type + +
+ string +
+ 		+
    Choices: +
  • des
    • +
  • aes
    • +
+ 		+
Defines the protocol using for privacy
+
+
+ tsm_key + +
+ string +
+ 		+ +
Specifies finger print or file name of TSM certificate.
+
+
+ user + +
+ string +
+ 		+ +
Specifies the user with name username
+
+
+ views + +
+ list + / elements=dictionary +
+ 		+ +
Specifies the view with name viewname
+
+
+ exclude + +
+ string +
+ 		+ +
Exclude is optional argument.
+
+
+ mask + +
+ string +
+ 		+ +
Defines a bit-mask that is indicating which subidentifiers of the associated subtree OID should be regarded as significant.
+
+
+ oid + +
+ string +
+ 		+ +
Specify oid
+
+
+ view + +
+ string +
+ 		+ +
view name
+
+
+ trap_source + +
+ string +
+ 		+ +
SNMP trap source address
+
+
+ trap_target + +
+ dictionary +
+ 		+ +
Address of trap target
+
+
+ address + +
+ string +
+ 		+ +
Address of trap target
+
+
+ community + +
+ string +
+ 		+ +
Community used when sending trap information
+
+
+ port + +
+ integer +
+ 		+ +
Destination port used for trap notification
+
+
+ running_config + +
+ string +
+ 		+ +
The state the configuration should be left in.
+
The states replaced and overridden have identical behaviour for this module.
+
Please refer to examples for more details.
+
+
+ state + +
+ string +
+ 		+
    Choices: +
  • merged ←
    • +
  • replaced
    • +
  • overridden
    • +
  • deleted
    • +
  • gathered
    • +
  • parsed
    • +
  • rendered
    • +
+ 		+
The state the configuration should be left in
+
+
+ + +Notes +----- + +.. note:: + - Tested against vyos 1.1.8 + - This module works with connection ``network_cli``. + - The Configuration defaults of the Vyos network devices are supposed to hinder idempotent behavior of plays + + + +Examples +-------- + +.. code-block:: yaml + + # Using merged + # Before State: + + # vyos@vyos:~$ show configuration commands | grep snmp + # vyos@vyos:~$ + + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + + state: merged + + # After State: + + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges client '1.1.1.1' + # set service snmp community bridges client '12.1.1.10' + # set service snmp community switches authorization 'rw' + # set service snmp contact 'admin2@ex.com' + # set service snmp listen-address 20.1.1.1 + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # vyos@vyos:~$ + # + # Module Execution: + # + # "after": { + # "communities": [ + # { + # "clients": [ + # "1.1.1.1", + # "12.1.1.10" + # ], + # "name": "bridges" + # }, + # { + # "authorization_type": "rw", + # "name": "switches" + # } + # ], + # "contact": "admin2@ex.com", + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # }, + # { + # "address": "20.1.1.1" + # } + # ], + # "snmp_v3": { + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # } + # ] + # } + # }, + # "before": {}, + # "changed": true, + # "commands": [ + # "set service snmp community switches authorization rw", + # "set service snmp community bridges client 1.1.1.1", + # "set service snmp community bridges client 12.1.1.10", + # "set service snmp listen-address 20.1.1.1", + # "set service snmp listen-address 100.1.2.1 port 33", + # "set service snmp v3 user admin_user auth type sha", + # "set service snmp v3 user admin_user auth plaintext-key ********", + # "set service snmp v3 user admin_user privacy type aes", + # "set service snmp v3 user admin_user privacy plaintext-key ********", + # "set service snmp contact admin2@ex.com" + # ], + # + + # using Replaced: + + # Before State + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges client '1.1.1.1' + # set service snmp community bridges client '12.1.1.10' + # set service snmp community switches authorization 'rw' + # set service snmp contact 'admin2@ex.com' + # set service snmp listen-address 20.1.1.1 + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # vyos@vyos:~$ + + - name: Replace + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU, NC" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + groups: + - group: "default" + view: "default" + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + group: "default" + - user: guest_user2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + + state: replaced + + # After State: + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges network '1.1.1.0/24' + # set service snmp community bridges network '12.1.1.0/24' + # set service snmp community switches + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp location 'RDU, NC' + # set service snmp v3 group default view 'default' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user group 'default' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 auth type 'sha' + # set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 privacy type 'aes' + # set service snmp v3 view default oid 1 + # vyos@vyos:~$ + # + # + # Module Execution: + # "after": { + # "communities": [ + # { + # "name": "bridges", + # "networks": [ + # "1.1.1.0/24", + # "12.1.1.0/24" + # ] + # }, + # { + # "name": "switches" + # } + # ], + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # } + # ], + # "location": "RDU, NC", + # "snmp_v3": { + # "groups": [ + # { + # "group": "default", + # "view": "default" + # } + # ], + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "group": "default", + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # }, + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "guest_user2" + # } + # ], + # "views": [ + # { + # "oid": "1", + # "view": "default" + # } + # ] + # } + # }, + # "before": { + # "communities": [ + # { + # "clients": [ + # "1.1.1.1", + # "12.1.1.10" + # ], + # "name": "bridges" + # }, + # { + # "authorization_type": "rw", + # "name": "switches" + # } + # ], + # "contact": "admin2@ex.com", + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # }, + # { + # "address": "20.1.1.1" + # } + # ], + # "snmp_v3": { + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # } + # ] + # } + # }, + # "changed": true, + # "commands": [ + # "delete service snmp contact admin2@ex.com", + # "delete service snmp listen-address 20.1.1.1", + # "delete service snmp community switches authorization rw", + # "delete service snmp community bridges client 12.1.1.10", + # "delete service snmp community bridges client 1.1.1.1", + # "set service snmp community bridges network 1.1.1.0/24", + # "set service snmp community bridges network 12.1.1.0/24", + # "set service snmp v3 group default view default", + # "set service snmp v3 user admin_user group default", + # "set service snmp v3 user guest_user2 auth type sha", + # "set service snmp v3 user guest_user2 auth plaintext-key ********", + # "set service snmp v3 user guest_user2 privacy type aes", + # "set service snmp v3 user guest_user2 privacy plaintext-key ********", + # "set service snmp v3 view default oid 1", + # "set service snmp location 'RDU, NC'" + # ], + + # Using overridden: + # Before State + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges client '1.1.1.1' + # set service snmp community bridges client '12.1.1.10' + # set service snmp community switches authorization 'rw' + # set service snmp contact 'admin2@ex.com' + # set service snmp listen-address 20.1.1.1 + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # vyos@vyos:~$ + + - name: Override config + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU, NC" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + groups: + - group: "default" + view: "default" + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + group: "default" + - user: guest_user2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + + state: overridden + + # After State: + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges network '1.1.1.0/24' + # set service snmp community bridges network '12.1.1.0/24' + # set service snmp community switches + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp location 'RDU, NC' + # set service snmp v3 group default view 'default' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user group 'default' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 auth type 'sha' + # set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 privacy type 'aes' + # set service snmp v3 view default oid 1 + # vyos@vyos:~$ + # + # + # Module Execution: + # "after": { + # "communities": [ + # { + # "name": "bridges", + # "networks": [ + # "1.1.1.0/24", + # "12.1.1.0/24" + # ] + # }, + # { + # "name": "switches" + # } + # ], + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # } + # ], + # "location": "RDU, NC", + # "snmp_v3": { + # "groups": [ + # { + # "group": "default", + # "view": "default" + # } + # ], + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "group": "default", + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # }, + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "guest_user2" + # } + # ], + # "views": [ + # { + # "oid": "1", + # "view": "default" + # } + # ] + # } + # }, + # "before": { + # "communities": [ + # { + # "clients": [ + # "1.1.1.1", + # "12.1.1.10" + # ], + # "name": "bridges" + # }, + # { + # "authorization_type": "rw", + # "name": "switches" + # } + # ], + # "contact": "admin2@ex.com", + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # }, + # { + # "address": "20.1.1.1" + # } + # ], + # "snmp_v3": { + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # } + # ] + # } + # }, + # "changed": true, + # "commands": [ + # "delete service snmp contact admin2@ex.com", + # "delete service snmp listen-address 20.1.1.1", + # "delete service snmp community switches authorization rw", + # "delete service snmp community bridges client 12.1.1.10", + # "delete service snmp community bridges client 1.1.1.1", + # "set service snmp community bridges network 1.1.1.0/24", + # "set service snmp community bridges network 12.1.1.0/24", + # "set service snmp v3 group default view default", + # "set service snmp v3 user admin_user group default", + # "set service snmp v3 user guest_user2 auth type sha", + # "set service snmp v3 user guest_user2 auth plaintext-key ********", + # "set service snmp v3 user guest_user2 privacy type aes", + # "set service snmp v3 user guest_user2 privacy plaintext-key ********", + # "set service snmp v3 view default oid 1", + # "set service snmp location 'RDU, NC'" + # ], + + # Using deleted: + + # Before State: + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges network '1.1.1.0/24' + # set service snmp community bridges network '12.1.1.0/24' + # set service snmp community switches + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp location 'RDU, NC' + # set service snmp v3 group default view 'default' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user group 'default' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 auth type 'sha' + # set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' + # set service snmp v3 user guest_user2 privacy type 'aes' + # set service snmp v3 view default oid 1 + # vyos@vyos:~$ + + - name: Delete Config + vyos.vyos.vyos_snmp_server: + state: deleted + + # After State: + # vyos@vyos:~$ show configuration commands | grep snmp + # vyos@vyos:~$ + # + # Module Execution: + # "after": {}, + # "before": { + # "communities": [ + # { + # "name": "bridges", + # "networks": [ + # "1.1.1.0/24", + # "12.1.1.0/24" + # ] + # }, + # { + # "name": "switches" + # } + # ], + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # } + # ], + # "location": "RDU, NC", + # "snmp_v3": { + # "groups": [ + # { + # "group": "default", + # "view": "default" + # } + # ], + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "group": "default", + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # }, + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "guest_user2" + # } + # ], + # "views": [ + # { + # "oid": "1", + # "view": "default" + # } + # ] + # } + # }, + # "changed": true, + # "commands": [ + # "delete service snmp" + # ], + + # Using rendered: + - name: Render provided configuration + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + + state: rendered + + # Module Execution: + # "rendered": [ + # "set service snmp community switches authorization rw", + # "set service snmp community bridges client 1.1.1.1", + # "set service snmp community bridges client 12.1.1.10", + # "set service snmp listen-address 20.1.1.1", + # "set service snmp listen-address 100.1.2.1 port 33", + # "set service snmp v3 user admin_user auth type sha", + # "set service snmp v3 user admin_user auth plaintext-key ********", + # "set service snmp v3 user admin_user privacy type aes", + # "set service snmp v3 user admin_user privacy plaintext-key ********", + # "set service snmp contact admin2@ex.com" + # ] + # + + # Using Gathered: + # Before State: + + # vyos@vyos:~$ show configuration commands | grep snmp + # set service snmp community bridges client '1.1.1.1' + # set service snmp community bridges client '12.1.1.10' + # set service snmp community switches authorization 'rw' + # set service snmp contact 'admin2@ex.com' + # set service snmp listen-address 20.1.1.1 + # set service snmp listen-address 100.1.2.1 port '33' + # set service snmp v3 user admin_user auth plaintext-key 'abc1234567' + # set service snmp v3 user admin_user auth type 'sha' + # set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' + # set service snmp v3 user admin_user privacy type 'aes' + # vyos@vyos:~$ + + - name: gather configs + vyos.vyos.vyos_snmp_server: + state: gathered + + # Module Execution: + # "gathered": { + # "communities": [ + # { + # "clients": [ + # "1.1.1.1", + # "12.1.1.10" + # ], + # "name": "bridges" + # }, + # { + # "authorization_type": "rw", + # "name": "switches" + # } + # ], + # "contact": "admin2@ex.com", + # "listen_addresses": [ + # { + # "address": "100.1.2.1", + # "port": 33 + # }, + # { + # "address": "20.1.1.1" + # } + # ], + # "snmp_v3": { + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "admin_user" + # } + # ] + # } + # }, + + # Using parsed: + + # _parsed_snmp.cfg + # set service snmp community routers authorization 'ro' + # set service snmp community routers client '203.0.113.10' + # set service snmp community routers client '203.0.113.20' + # set service snmp community routers network '192.0.2.0/24' + # set service snmp community routers network '2001::/64' + # set service snmp contact 'admin@example.com' + # set service snmp listen-address 172.16.254.36 port '161' + # set service snmp listen-address 2001::1 + # set service snmp location 'UK, London' + # set service snmp trap-target 203.0.113.10 + # set service snmp v3 engineid '000000000000000000000002' + # set service snmp v3 group default mode 'ro' + # set service snmp v3 group default view 'default' + # set service snmp v3 user vyos auth plaintext-key 'vyos12345678' + # set service snmp v3 user vyos auth type 'sha' + # set service snmp v3 user vyos group 'default' + # set service snmp v3 user vyos privacy plaintext-key 'vyos12345678' + # set service snmp v3 user vyos privacy type 'aes' + # set service snmp v3 view default oid 1 + + - name: parse configs + vyos.vyos.vyos_snmp_server: + running_config: "{{ lookup('file', './_parsed_snmp.cfg') }}" + state: parsed + + # Module Execution: + # "parsed": { + # "communities": [ + # { + # "authorization_type": "ro", + # "clients": [ + # "203.0.113.10", + # "203.0.113.20" + # ], + # "name": "routers", + # "networks": [ + # "192.0.2.0/24", + # "2001::/64" + # ] + # } + # ], + # "contact": "admin@example.com", + # "listen_addresses": [ + # { + # "address": "172.16.254.36", + # "port": 161 + # }, + # { + # "address": "2001::1" + # } + # ], + # "location": "UK, London", + # "snmp_v3": { + # "engine_id": "000000000000000000000002", + # "groups": [ + # { + # "group": "default", + # "mode": "ro", + # "view": "default" + # } + # ], + # "users": [ + # { + # "authentication": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "sha" + # }, + # "group": "default", + # "privacy": { + # "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", + # "type": "aes" + # }, + # "user": "vyos" + # } + # ], + # "views": [ + # { + # "oid": "1", + # "view": "default" + # } + # ] + # }, + # "trap_target": { + # "address": "203.0.113.10" + # } + # } + # + + + +Return Values +------------- +Common return values are documented `here `_, the following are the fields unique to this module: + +.. raw:: html + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
KeyReturnedDescription
+
+ after + +
+ dictionary +
+ 		when changed +
The resulting configuration after module execution.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ before + +
+ dictionary +
+ 		when state is merged, replaced, overridden, deleted or purged +
The configuration prior to the module execution.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ commands + +
+ list +
+ 		when state is merged, replaced, overridden, deleted or purged +
The set of commands pushed to the remote device.
+
+
Sample:
+
set service snmp community routers authorization 'ro' set service snmp community routers client '203.0.113.10' set service snmp community routers client '203.0.113.20' set service snmp community routers network '192.0.2.0/24'
+
+
+ gathered + +
+ list +
+ 		when state is gathered +
Facts about the network resource gathered from the remote device as structured data.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ parsed + +
+ list +
+ 		when state is parsed +
The device native config provided in running_config option parsed into structured data as per module argspec.
+
+
Sample:
+
This output will always be in the same format as the module argspec.
+
+
+ rendered + +
+ list +
+ 		when state is rendered +
The provided configuration in the task rendered in device-native format (offline).
+
+
Sample:
+
set service snmp community routers authorization 'ro' set service snmp community routers client '203.0.113.10' set service snmp community routers client '203.0.113.20' set service snmp community routers network '192.0.2.0/24'
+
+

+ + +Status +------ + + +Authors +~~~~~~~ + +- Gomathi Selvi Srinivasan (@GomathiselviS) diff --git a/meta/runtime.yml b/meta/runtime.yml index 35dbf50..73ba6a2 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,246 +1,252 @@ --- requires_ansible: ">=2.9.10" plugin_routing: action: vyos_banner: redirect: vyos.vyos.vyos banner: redirect: vyos.vyos.vyos vyos_bgp_global: redirect: vyos.vyos.vyos bgp_global: redirect: vyos.vyos.vyos vyos_bgp_address_family: redirect: vyos.vyos.vyos bgp_address_family: redirect: vyos.vyos.vyos vyos_command: redirect: vyos.vyos.vyos command: redirect: vyos.vyos.vyos vyos_config: redirect: vyos.vyos.vyos config: redirect: vyos.vyos.vyos vyos_facts: redirect: vyos.vyos.vyos facts: redirect: vyos.vyos.vyos vyos_firewall_global: redirect: vyos.vyos.vyos firewall_global: redirect: vyos.vyos.vyos vyos_firewall_interfaces: redirect: vyos.vyos.vyos firewall_interfaces: redirect: vyos.vyos.vyos vyos_firewall_rules: redirect: vyos.vyos.vyos firewall_rules: redirect: vyos.vyos.vyos vyos_interface: redirect: vyos.vyos.vyos interface: redirect: vyos.vyos.vyos vyos_interfaces: redirect: vyos.vyos.vyos interfaces: redirect: vyos.vyos.vyos vyos_l3_interface: redirect: vyos.vyos.vyos l3_interface: redirect: vyos.vyos.vyos vyos_l3_interfaces: redirect: vyos.vyos.vyos l3_interfaces: redirect: vyos.vyos.vyos vyos_lag_interfaces: redirect: vyos.vyos.vyos lag_interfaces: redirect: vyos.vyos.vyos vyos_linkagg: redirect: vyos.vyos.vyos linkagg: redirect: vyos.vyos.vyos vyos_lldp: redirect: vyos.vyos.vyos lldp: redirect: vyos.vyos.vyos vyos_lldp_global: redirect: vyos.vyos.vyos lldp_global: redirect: vyos.vyos.vyos vyos_lldp_interface: redirect: vyos.vyos.vyos lldp_interface: redirect: vyos.vyos.vyos vyos_lldp_interfaces: redirect: vyos.vyos.vyos lldp_interfaces: redirect: vyos.vyos.vyos vyos_logging: redirect: vyos.vyos.vyos vyos_logging_global: redirect: vyos.vyos.vyos logging_global: redirect: vyos.vyos.vyos logging: redirect: vyos.vyos.vyos vyos_ntp_global: redirect: vyos.vyos.vyos ntp_global: redirect: vyos.vyos.vyos vyos_ospfv2: redirect: vyos.vyos.vyos ospfv2: redirect: vyos.vyos.vyos vyos_ospfv3: redirect: vyos.vyos.vyos ospfv3: redirect: vyos.vyos.vyos vyos_ospf_interfaces: redirect: vyos.vyos.vyos ospf_interfaces: redirect: vyos.vyos.vyos vyos_ping: redirect: vyos.vyos.vyos ping: redirect: vyos.vyos.vyos vyos_prefix_lists: redirect: vyos.vyos.vyos prefix_lists: redirect: vyos.vyos.vyos + vyos_snmp_server: + redirect: vyos.vyos.vyos + snmp_server: + redirect: vyos.vyos.vyos vyos_static_route: redirect: vyos.vyos.vyos static_route: redirect: vyos.vyos.vyos vyos_static_routes: redirect: vyos.vyos.vyos static_routes: redirect: vyos.vyos.vyos vyos_system: redirect: vyos.vyos.vyos system: redirect: vyos.vyos.vyos vyos_user: redirect: vyos.vyos.vyos user: redirect: vyos.vyos.vyos vyos_vlan: redirect: vyos.vyos.vyos vlan: redirect: vyos.vyos.vyos modules: banner: redirect: vyos.vyos.vyos_banner bgp_global: redirect: vyos.vyos.vyos_bgp_global bgp_address_family: redirect: vyos.vyos.vyos_bgp_address_family command: redirect: vyos.vyos.vyos_command config: redirect: vyos.vyos.vyos_config facts: redirect: vyos.vyos.vyos_facts firewall_global: redirect: vyos.vyos.vyos_firewall_global firewall_interfaces: redirect: vyos.vyos.vyos_firewall_interfaces firewall_rules: redirect: vyos.vyos.vyos_firewall_rules interface: redirect: vyos.vyos.vyos_interface deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_interface: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details interfaces: redirect: vyos.vyos.vyos_interfaces l3_interface: redirect: vyos.vyos.vyos_l3_interface deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_l3_interface: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details l3_interfaces: redirect: vyos.vyos.vyos_l3_interfaces lag_interfaces: redirect: vyos.vyos.vyos_lag_interfaces linkagg: redirect: vyos.vyos.vyos_linkagg deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_linkagg: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details lldp: redirect: vyos.vyos.vyos_lldp deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_lldp: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details lldp_global: redirect: vyos.vyos.vyos_lldp_global lldp_interface: redirect: vyos.vyos.vyos_lldp_interface deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_lldp_interface: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details lldp_interfaces: redirect: vyos.vyos.vyos_lldp_interfaces logging: redirect: vyos.vyos.vyos_logging deprecation: removal_date: '2023-08-01' warning_text: See the plugin documentation for more details vyos_logging: deprecation: removal_date: '2023-08-01' warning_text: See the plugin documentation for more details logging_global: redirect: vyos.vyos.vyos_logging_global ntp_global: redirect: vyos.vyos.vyos_ntp_global ospfv2: redirect: vyos.vyos.vyos_ospfv2 ospfv3: redirect: vyos.vyos.vyos_ospfv3 ospf_interfaces: redirect: vyos.vyos.vyos_ospf_interfaces ping: redirect: vyos.vyos.vyos_ping prefix_lists: redirect: vyos.vyos.vyos_prefix_lists + snmp_server: + redirect: vyos.vyos.vyos_snmp_servers static_route: redirect: vyos.vyos.vyos_static_route deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details vyos_static_route: deprecation: removal_date: "2022-06-01" warning_text: See the plugin documentation for more details static_routes: redirect: vyos.vyos.vyos_static_routes system: redirect: vyos.vyos.vyos_system user: redirect: vyos.vyos.vyos_user vlan: redirect: vyos.vyos.vyos_vlan diff --git a/plugins/module_utils/network/vyos/argspec/snmp_server/__init__.py b/plugins/module_utils/network/vyos/argspec/snmp_server/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/plugins/module_utils/network/vyos/argspec/snmp_server/snmp_server.py b/plugins/module_utils/network/vyos/argspec/snmp_server/snmp_server.py new file mode 100644 index 0000000..2b10a51 --- /dev/null +++ b/plugins/module_utils/network/vyos/argspec/snmp_server/snmp_server.py @@ -0,0 +1,225 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +############################################# +# WARNING # +############################################# +# +# This file is auto generated by the +# cli_rm_builder. +# +# Manually editing this file is not advised. +# +# To update the argspec make the desired changes +# in the module docstring and re-run +# cli_rm_builder. +# +############################################# + +""" +The arg spec for the vyos_snmp_server module +""" + + +class Snmp_serverArgs(object): # pylint: disable=R0903 + """The arg spec for the vyos_snmp_server module""" + + argument_spec = { + "config": { + "type": "dict", + "options": { + "communities": { + "type": "list", + "elements": "dict", + "options": { + "name": {"type": "str"}, + "clients": {"type": "list", "elements": "str"}, + "networks": {"type": "list", "elements": "str"}, + "authorization_type": { + "type": "str", + "choices": ["ro", "rw"], + }, + }, + }, + "contact": {"type": "str"}, + "description": {"type": "str"}, + "listen_addresses": { + "type": "list", + "elements": "dict", + "options": { + "address": {"type": "str"}, + "port": {"type": "int"}, + }, + }, + "location": {"type": "str"}, + "smux_peer": {"type": "str"}, + "trap_source": {"type": "str"}, + "trap_target": { + "type": "dict", + "options": { + "address": {"type": "str"}, + "community": {"type": "str"}, + "port": {"type": "int"}, + }, + }, + "snmp_v3": { + "type": "dict", + "options": { + "engine_id": {"type": "str"}, + "groups": { + "type": "list", + "elements": "dict", + "options": { + "group": {"type": "str"}, + "mode": { + "type": "str", + "choices": ["ro", "rw"], + }, + "seclevel": { + "type": "str", + "choices": ["auth", "priv"], + }, + "view": {"type": "str"}, + }, + }, + "trap_targets": { + "type": "list", + "elements": "dict", + "options": { + "address": {"type": "str"}, + "authentication": { + "type": "dict", + "options": { + "type": { + "type": "str", + "choices": ["md5", "sha"], + }, + "encrypted_key": { + "type": "str", + "no_log": True, + }, + "plaintext_key": { + "type": "str", + "no_log": True, + }, + }, + }, + "engine_id": {"type": "str"}, + "port": {"type": "int"}, + "privacy": { + "type": "dict", + "options": { + "type": { + "type": "str", + "choices": ["des", "aes"], + }, + "encrypted_key": { + "type": "str", + "no_log": True, + }, + "plaintext_key": { + "type": "str", + "no_log": True, + }, + }, + }, + "protocol": { + "type": "str", + "choices": ["tcp", "udp"], + }, + "type": { + "type": "str", + "choices": ["inform", "trap"], + }, + }, + }, + "tsm": { + "type": "dict", + "options": { + "local_key": {"type": "str", "no_log": True}, + "port": {"type": "int"}, + }, + }, + "users": { + "type": "list", + "elements": "dict", + "options": { + "user": {"type": "str"}, + "authentication": { + "type": "dict", + "options": { + "type": { + "type": "str", + "choices": ["md5", "sha"], + }, + "encrypted_key": { + "type": "str", + "no_log": True, + }, + "plaintext_key": { + "type": "str", + "no_log": True, + }, + }, + }, + "engine_id": {"type": "str"}, + "group": {"type": "str"}, + "mode": { + "type": "str", + "choices": ["ro", "rw"], + }, + "privacy": { + "type": "dict", + "options": { + "type": { + "type": "str", + "choices": ["des", "aes"], + }, + "encrypted_key": { + "type": "str", + "no_log": True, + }, + "plaintext_key": { + "type": "str", + "no_log": True, + }, + }, + }, + "tsm_key": {"type": "str", "no_log": True}, + }, + }, + "views": { + "type": "list", + "elements": "dict", + "options": { + "view": {"type": "str"}, + "oid": {"type": "str"}, + "exclude": {"type": "str"}, + "mask": {"type": "str"}, + }, + }, + }, + }, + }, + }, + "running_config": {"type": "str"}, + "state": { + "choices": [ + "merged", + "replaced", + "overridden", + "deleted", + "gathered", + "parsed", + "rendered", + ], + "default": "merged", + "type": "str", + }, + } # pylint: disable=C0301 diff --git a/plugins/module_utils/network/vyos/config/snmp_server/__init__.py b/plugins/module_utils/network/vyos/config/snmp_server/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/plugins/module_utils/network/vyos/config/snmp_server/snmp_server.py b/plugins/module_utils/network/vyos/config/snmp_server/snmp_server.py new file mode 100644 index 0000000..5ddd429 --- /dev/null +++ b/plugins/module_utils/network/vyos/config/snmp_server/snmp_server.py @@ -0,0 +1,317 @@ +# +# -*- coding: utf-8 -*- +# Copyright 2022 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) +# + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +""" +The vyos_snmp_server config file. +It is in this file where the current configuration (as dict) +is compared to the provided configuration (as dict) and the command set +necessary to bring the current configuration to its desired end-state is +created. +""" + +from ansible.module_utils.six import iteritems +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.utils import ( + dict_merge, +) +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module import ( + ResourceModule, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.facts import ( + Facts, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.snmp_server import ( + Snmp_serverTemplate, +) +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.utils import ( + get_from_dict, +) +import re + + +class Snmp_server(ResourceModule): + """ + The vyos_snmp_server config class + """ + + def __init__(self, module): + super(Snmp_server, self).__init__( + empty_fact_val={}, + facts_module=Facts(module), + module=module, + resource="snmp_server", + tmplt=Snmp_serverTemplate(), + ) + self.parsers = [ + "contact", + "description", + "location", + "smux_peer", + "trap_source", + "trap_target", + ] + + def execute_module(self): + """Execute the module + + :rtype: A dictionary + :returns: The result from module execution + """ + if self.state not in ["parsed", "gathered"]: + self.generate_commands() + self.run_commands() + return self.result + + def generate_commands(self): + """Generate configuration commands to send based on + want, have and desired state. + """ + wantd = self._snmp_server_list_to_dict(self.want) + haved = self._snmp_server_list_to_dict(self.have) + + # if state is merged, merge want onto have and then compare + if self.state == "merged": + wantd = dict_merge(haved, wantd) + + # if state is deleted, empty out wantd and set haved to wantd + if self.state == "deleted": + if haved: + self.commands.append("delete service snmp") + + if self.state != "deleted": + self._compare(want=wantd, have=haved) + + if self.state not in ["merged", "deleted"]: + self._move_negate_commands() + + def _move_negate_commands(self): + command_set = [] + for cmd in self.commands: + if re.search("delete service snmp", cmd): + command_set.insert(0, cmd) + else: + command_set.append(cmd) + self.commands = command_set + + def _compare(self, want, have): + """Leverages the base class `compare()` method and + populates the list of commands to be run by comparing + the `want` and `have` data with the `parsers` defined + for the Snmp_server network resource. + """ + self._compare_lists(want, have) + self._compare_snmp_v3(want, have) + for key, value in iteritems(want): + self.compare( + parsers=self.parsers, + want={key: value}, + have={key: have.pop(key, "")}, + ) + for key, entry in iteritems(have): + if entry: + self.compare(parsers=self.parsers, want={}, have={key: entry}) + + def _compare_lists(self, want, have): + parsers = [ + "communities", + "listen_addresses", + ] + for attrib in parsers: + wdict = get_from_dict(want, attrib) or {} + hdict = get_from_dict(have, attrib) or {} + for key, entry in iteritems(wdict): + # self.addcmd(entry, attrib, False) + if attrib == "communities": + for k, v in iteritems(entry): + if k in ["clients", "networks"]: + v.sort() + h = {} + if k != "name": + if hdict.get(key): + h = { + "communities": { + k: hdict[key].pop(k, ""), + "name": key, + } + } + self.compare( + parsers="communities", + want={"communities": {k: v, "name": key}}, + have=h, + ) + else: + self.compare( + parsers="listen_addresses", + want={"listen_addresses": entry}, + have={"listen_addresses": hdict.pop(key, {})}, + ) + have.pop(attrib, {}) + # remove remaining items in have for replaced + for key, entry in iteritems(hdict): + if attrib == "communities": + for k, v in iteritems(entry): + if k != "name": + self.compare( + parsers="communities", + have={"communities": {k: v, "name": key}}, + want={}, + ) + else: + self.compare( + parsers=parsers, want={}, have={attrib: entry} + ) + + def _compare_snmp_v3(self, want, have): + parsers = [ + "snmp_v3.groups", + "snmp_v3.trap_targets.port", + "snmp_v3.trap_targets.protocol", + "snmp_v3.trap_targets.type", + "snmp_v3.trap_targets.user", + "snmp_v3.users.group", + "snmp_v3.users.mode", + "snmp_v3.views", + "snmp_v3.engine_id", + ] + attribute_dict = { + "groups": "group", + "trap_targets": "address", + "users": "user", + "views": "view", + } + wdict = get_from_dict(want, "snmp_v3") or {} + hdict = get_from_dict(have, "snmp_v3") or {} + for attrib in attribute_dict.keys(): + wattrib = get_from_dict(wdict, attrib) or {} + hattrib = get_from_dict(hdict, attrib) or {} + for key, entry in iteritems(wattrib): + self._compare_snmp_v3_auth_privacy( + entry, hattrib.get(key, {}), attrib + ) + for k, v in iteritems(entry): + if k != attribute_dict[attrib]: + h = {} + if hattrib.get(key): + h = { + "snmp_v3": { + attrib: { + k: hattrib[key].pop(k, ""), + attribute_dict[attrib]: hattrib[key][ + attribute_dict[attrib] + ], + } + } + } + self.compare( + parsers=parsers, + want={ + "snmp_v3": { + attrib: { + k: v, + attribute_dict[attrib]: entry[ + attribute_dict[attrib] + ], + } + } + }, + have=h, + ) + # remove remaining items in have for replaced + for key, entry in iteritems(hattrib): + self._compare_snmp_v3_auth_privacy({}, entry, attrib) + self.compare( + parsers=parsers, want={}, have={"snmp_v3": {attrib: entry}} + ) + hdict.pop(attrib, {}) + for key, entry in iteritems(wdict): + # self.addcmd(entry, attrib, False) + self.compare( + parsers="snmp_v3.engine_id", + want={"snmp_v3": {key: entry}}, + have={"snmp_v3": {key: hdict.pop(key, {})}}, + ) + # remove remaining items in have for replaced + for key, entry in iteritems(hdict): + self.compare( + parsers=parsers, want={}, have={"snmp_v3": {key: entry}} + ) + + def _compare_snmp_v3_auth_privacy(self, wattrib, hattrib, attrib): + parsers = [ + "snmp_v3.trap_targets.authentication", + "snmp_v3.trap_targets.privacy", + "snmp_v3.users.authentication", + "snmp_v3.users.privacy", + ] + if attrib in ["trap_targets", "users"]: + if attrib == "users": + primary_key = "user" + else: + primary_key = "address" + for key, entry in iteritems(wattrib): + if key != primary_key and key in ["authentication", "privacy"]: + self.compare( + parsers=parsers, + want={ + "snmp_v3": { + attrib: { + key: entry, + primary_key: wattrib[primary_key], + } + } + }, + have={ + "snmp_v3": { + attrib: { + key: hattrib.pop(key, {}), + primary_key: wattrib[primary_key], + } + } + }, + ) + for key, entry in iteritems(hattrib): + if key != primary_key and key in ["authentication", "privacy"]: + self.compare( + parsers=parsers, + want={}, + have={ + "snmp_v3": { + attrib: { + key: entry, + primary_key: hattrib[primary_key], + } + } + }, + ) + + def _snmp_server_list_to_dict(self, entry): + param_dict = { + "communities": "name", + "listen_addresses": "address", + } + v3_param_dict = { + "groups": "group", + "users": "user", + "views": "view", + "trap_targets": "address", + } + for k, v in iteritems(param_dict): + if k in entry: + a_dict = {} + for el in entry[k]: + a_dict.update({el[v]: el}) + entry[k] = a_dict + for k, v in iteritems(v3_param_dict): + if entry.get("snmp_v3") and k in entry.get("snmp_v3"): + a_dict = {} + for el in entry["snmp_v3"][k]: + a_dict.update({el[v]: el}) + entry["snmp_v3"][k] = a_dict + return entry diff --git a/plugins/module_utils/network/vyos/facts/facts.py b/plugins/module_utils/network/vyos/facts/facts.py index e560a48..76cfd90 100644 --- a/plugins/module_utils/network/vyos/facts/facts.py +++ b/plugins/module_utils/network/vyos/facts/facts.py @@ -1,127 +1,131 @@ # Copyright 2019 Red Hat # GNU General Public License v3.0+ # (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) """ The facts class for vyos this file validates each subset of facts and selectively calls the appropriate facts gathering function """ from __future__ import absolute_import, division, print_function __metaclass__ = type from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.facts.facts import ( FactsBase, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.interfaces.interfaces import ( InterfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.l3_interfaces.l3_interfaces import ( L3_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lag_interfaces.lag_interfaces import ( Lag_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lldp_global.lldp_global import ( Lldp_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.lldp_interfaces.lldp_interfaces import ( Lldp_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_rules.firewall_rules import ( Firewall_rulesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.static_routes.static_routes import ( Static_routesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_global.firewall_global import ( Firewall_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.firewall_interfaces.firewall_interfaces import ( Firewall_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospfv3.ospfv3 import ( Ospfv3Facts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospfv2.ospfv2 import ( Ospfv2Facts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ospf_interfaces.ospf_interfaces import ( Ospf_interfacesFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.bgp_global.bgp_global import ( Bgp_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.bgp_address_family.bgp_address_family import ( Bgp_address_familyFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.route_maps.route_maps import ( Route_mapsFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.prefix_lists.prefix_lists import ( Prefix_listsFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.logging_global.logging_global import ( Logging_globalFacts, ) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.ntp_global.ntp_global import ( Ntp_globalFacts, ) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.snmp_server.snmp_server import ( + Snmp_serverFacts, +) from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.legacy.base import ( Default, Neighbors, Config, ) FACT_LEGACY_SUBSETS = dict(default=Default, neighbors=Neighbors, config=Config) FACT_RESOURCE_SUBSETS = dict( interfaces=InterfacesFacts, l3_interfaces=L3_interfacesFacts, lag_interfaces=Lag_interfacesFacts, lldp_global=Lldp_globalFacts, lldp_interfaces=Lldp_interfacesFacts, static_routes=Static_routesFacts, firewall_rules=Firewall_rulesFacts, firewall_global=Firewall_globalFacts, firewall_interfaces=Firewall_interfacesFacts, ospfv3=Ospfv3Facts, ospfv2=Ospfv2Facts, ospf_interfaces=Ospf_interfacesFacts, bgp_global=Bgp_globalFacts, bgp_address_family=Bgp_address_familyFacts, route_maps=Route_mapsFacts, prefix_lists=Prefix_listsFacts, logging_global=Logging_globalFacts, ntp_global=Ntp_globalFacts, + snmp_server=Snmp_serverFacts, ) class Facts(FactsBase): """The fact class for vyos""" VALID_LEGACY_GATHER_SUBSETS = frozenset(FACT_LEGACY_SUBSETS.keys()) VALID_RESOURCE_SUBSETS = frozenset(FACT_RESOURCE_SUBSETS.keys()) def __init__(self, module): super(Facts, self).__init__(module) def get_facts( self, legacy_facts_type=None, resource_facts_type=None, data=None ): """Collect the facts for vyos :param legacy_facts_type: List of legacy facts types :param resource_facts_type: List of resource fact types :param data: previously collected conf :rtype: dict :return: the facts gathered """ if self.VALID_RESOURCE_SUBSETS: self.get_network_resources_facts( FACT_RESOURCE_SUBSETS, resource_facts_type, data ) if self.VALID_LEGACY_GATHER_SUBSETS: self.get_network_legacy_facts( FACT_LEGACY_SUBSETS, legacy_facts_type ) return self.ansible_facts, self._warnings diff --git a/plugins/module_utils/network/vyos/facts/snmp_server/__init__.py b/plugins/module_utils/network/vyos/facts/snmp_server/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/plugins/module_utils/network/vyos/facts/snmp_server/snmp_server.py b/plugins/module_utils/network/vyos/facts/snmp_server/snmp_server.py new file mode 100644 index 0000000..2a9ba48 --- /dev/null +++ b/plugins/module_utils/network/vyos/facts/snmp_server/snmp_server.py @@ -0,0 +1,117 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +""" +The vyos snmp_server fact class +It is in this file the configuration is collected from the device +for a given resource, parsed, and the facts tree is populated +based on the configuration. +""" + +from ansible.module_utils.six import iteritems +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import ( + utils, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.rm_templates.snmp_server import ( + Snmp_serverTemplate, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.argspec.snmp_server.snmp_server import ( + Snmp_serverArgs, +) +import re + + +class Snmp_serverFacts(object): + """The vyos snmp_server facts class""" + + def __init__(self, module, subspec="config", options="options"): + self._module = module + self.argument_spec = Snmp_serverArgs.argument_spec + + def get_config(self, connection): + return connection.get("show configuration commands | grep snmp") + + def populate_facts(self, connection, ansible_facts, data=None): + """Populate the facts for Snmp_server network resource + + :param connection: the device connection + :param ansible_facts: Facts dictionary + :param data: previously collected conf + + :rtype: dictionary + :returns: facts + """ + facts = {} + objs = [] + config_lines = [] + + if not data: + data = self.get_config(connection) + for resource in data.splitlines(): + config_lines.append(re.sub("'", "", resource)) + + # parse native config using the Snmp_server template + snmp_server_parser = Snmp_serverTemplate( + lines=config_lines, module=self._module + ) + objs = snmp_server_parser.parse() + if objs: + if "communities" in objs: + for k in objs["communities"].values(): + for param, val in iteritems(k): + if param in ["clients", "networks"]: + if None in val: + val.remove(None) + val.sort() + + objs["communities"] = sorted( + list(objs["communities"].values()), + key=lambda k, sk="name": k[sk], + ) + if "listen_addresses" in objs: + objs["listen_addresses"] = sorted( + list(objs["listen_addresses"].values()), + key=lambda k, sk="address": k[sk], + ) + if "snmp_v3" in objs: + if "groups" in objs["snmp_v3"]: + objs["snmp_v3"]["groups"] = sorted( + list(objs["snmp_v3"]["groups"].values()), + key=lambda k, sk="group": k[sk], + ) + if "trap_targets" in objs["snmp_v3"]: + objs["snmp_v3"]["trap_targets"] = sorted( + list(objs["snmp_v3"]["trap_targets"].values()), + key=lambda k, sk="address": k[sk], + ) + if "users" in objs["snmp_v3"]: + objs["snmp_v3"]["users"] = sorted( + list(objs["snmp_v3"]["users"].values()), + key=lambda k, sk="user": k[sk], + ) + if "views" in objs["snmp_v3"]: + objs["snmp_v3"]["views"] = sorted( + list(objs["snmp_v3"]["views"].values()), + key=lambda k, sk="view": k[sk], + ) + else: + objs = {} + + ansible_facts["ansible_network_resources"].pop("snmp_server", None) + + params = utils.remove_empties( + snmp_server_parser.validate_config( + self.argument_spec, {"config": objs}, redact=True + ) + ) + + facts["snmp_server"] = params.get("config", {}) + ansible_facts["ansible_network_resources"].update(facts) + + return ansible_facts diff --git a/plugins/module_utils/network/vyos/rm_templates/snmp_server.py b/plugins/module_utils/network/vyos/rm_templates/snmp_server.py new file mode 100644 index 0000000..c1e385a --- /dev/null +++ b/plugins/module_utils/network/vyos/rm_templates/snmp_server.py @@ -0,0 +1,594 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +""" +The Snmp_server parser templates file. This contains +a list of parser definitions and associated functions that +facilitates both facts gathering and native command generation for +the given network resource. +""" + +import re +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.network_template import ( + NetworkTemplate, +) + + +def _tmplt_snmp_server_communities(config_data): + config_data = config_data["communities"] + command = [] + cmd = "service snmp community {name}".format(**config_data) + if "authorization_type" in config_data: + auth_cmd = cmd + " authorization {authorization_type}".format( + **config_data + ) + command.append(auth_cmd) + if "clients" in config_data: + for c in config_data["clients"]: + client_cmd = cmd + " client " + c + command.append(client_cmd) + if "networks" in config_data: + for n in config_data["networks"]: + network_command = cmd + " network " + n + command.append(network_command) + if not command: + command.append(cmd) + return command + + +def _tmplt_snmp_server_trap_target(config_data): + config_data = config_data["trap_target"] + command = "service snmp trap-target {address}".format(**config_data) + if "authorization_type" in config_data: + command += " authorization {authorization_type}".format(**config_data) + if "client" in config_data: + command += " client {client}".format(**config_data) + if "network" in config_data: + command += " network {network}".format(**config_data) + return command + + +def _tmplt_snmp_server_v3_groups(config_data): + config_data = config_data["snmp_v3"]["groups"] + command = [] + cmd = "service snmp v3 group {group}".format(**config_data) + if "mode" in config_data: + mode_cmd = cmd + " mode {mode}".format(**config_data) + command.append(mode_cmd) + if "seclevel" in config_data: + sec_cmd = cmd + " seclevel {seclevel}".format(**config_data) + command.append(sec_cmd) + if "view" in config_data: + view_cmd = cmd + " view {view}".format(**config_data) + command.append(view_cmd) + return command + + +def _tmplt_snmp_server_v3_trap_target(config_data): + config_data = config_data["snmp_v3"]["trap_targets"] + command = "service snmp v3 trap-target {address} ".format(**config_data) + if "authentication" in config_data: + command += " auth" + config_data = config_data["authentication"] + if "privacy" in config_data: + command += " privacy" + config_data = config_data["privacy"] + if "type" in config_data: + command += " type {mode}".format(**config_data) + if "encrypted_key" in config_data: + command += " encrypted-key {encrypted_key}".format(**config_data) + if "plaintext_key" in config_data: + command += " plaintext-key {plaintext_key}".format(**config_data) + return command + + +def _tmplt_snmp_server_v3_user(config_data): + config_data = config_data["snmp_v3"]["users"] + command = [] + cmd = "service snmp v3 user {user}".format(**config_data) + for k in ["authentication", "privacy"]: + if config_data.get(k): + config = config_data[k] + if k == "authentication": + val = " auth" + else: + val = " privacy" + if "type" in config: + type_cmd = cmd + val + " type {type}".format(**config) + command.append(type_cmd) + if "encrypted_key" in config: + enc_cmd = ( + cmd + + val + + " encrypted-key {encrypted_key}".format(**config) + ) + command.append(enc_cmd) + if "plaintext_key" in config: + plain_cmd = ( + cmd + + val + + " plaintext-key {plaintext_key}".format(**config) + ) + command.append(plain_cmd) + return command + + +def _tmplt_snmp_server_v3_views(config_data): + config_data = config_data["snmp_v3"]["views"] + command = "service snmp v3 view {view} oid {oid}".format(**config_data) + if "exclude" in config_data: + command += " exclude {exclude}".format(**config_data) + if "mask" in config_data: + command += " mask {mask}".format(**config_data) + return command + + +class Snmp_serverTemplate(NetworkTemplate): + def __init__(self, lines=None, module=None): + prefix = {"set": "set", "remove": "delete"} + super(Snmp_serverTemplate, self).__init__( + lines=lines, tmplt=self, prefix=prefix, module=module + ) + + # fmt: off + PARSERS = [ + # service snmp community <> + { + "name": "communities", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\scommunity + \s+(?P\S+) + \s*(?Pauthorization\srw|authorization\sro)* + \s*(client\s(?P\S+))* + \s*(network\s(?P\S+))* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_communities, + "result": { + "communities": { + "{{ name }}": { + "name": "{{ name }}", + "clients": ['{{ client if client is defined else "None" }}'], + "networks": ['{{ network if network is defined else "None" }}'], + "authorization_type": '{{ auth.split(" ")[1] if auth is defined else None }}' + } + } + } + }, + # service snmp contact <> + { + "name": "contact", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\scontact + \s+(?P\S+) + *$""", + re.VERBOSE), + "setval": "service snmp contact {{ contact }}", + "result": { + "contact": "{{ name }}" + } + }, + # service snmp description <> + { + "name": "description", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sdescription + \s+(?P\S+) + *$""", + re.VERBOSE), + "setval": "service snmp description {{ description }}", + "result": { + "description": "{{ name }}" + } + }, + # service snmp listen-address <> port <> + { + "name": "listen_addresses", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\slisten-address + \s+(?P\S+) + \s*(port)* + \s*(?P\d+)* + $""", + re.VERBOSE), + "setval": "service snmp listen-address {{ listen_addresses.address }}" + "{{ (' port ' + listen_addresses.port|string) if listen_addresses.port is defined else '' }}", + "result": { + "listen_addresses": { + "{{ addr }}": { + "address": "{{ addr }}", + "port": "{{ port }}" + } + } + } + }, + # service snmp location <> + { + "name": "location", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\slocation + \s(?P.*) + $""", + re.VERBOSE), + "setval": "service snmp location {{ '\\'' + location + '\\''}}", + "result": { + "location": "{{ name }}" + } + }, + # service snmp smux-peer <> + { + "name": "smux_peer", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\ssmux-peer + \s+(?P\S+) + *$""", + re.VERBOSE), + "setval": "service snmp smux-peer {{ smux_peer }}", + "result": { + "smux_peer": "{{ name }}" + } + }, + # service snmp trap-source <> + { + "name": "trap_source", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\strap-source + \s+(?P\S+) + *$""", + re.VERBOSE), + "setval": "service snmp trap-source {{ trap_source }}", + "result": { + "trap_source": "{{ name }}" + } + }, + # service snmp trap-target <> + { + "name": "trap_target", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\strap-target + \s+(?P\S+) + \s*(?Pcommunity\s\S+)* + \s*(?Pport\s\d+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_trap_target, + "result": { + "trap_target": { + "address": "{{ name }}", + "community": "{{ comm.split(" ")[1] if comm is defined else None }}", + "port": "{{ port.split(" ")[1] if port is defined else None }}", + } + } + }, + # service snmp v3 engineid <> + { + "name": "snmp_v3.engine_id", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\sengineid + \s+(?P\S+) + *$""", + re.VERBOSE), + "setval": "service snmp v3 engineid {{ snmp_v3.engine_id }}", + "result": { + "snmp_v3": { + "engine_id": "{{ name }}", + } + } + }, + # service snmp v3 group <> + { + "name": "snmp_v3.groups", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\sgroup + \s+(?P\S+) + \s*(?Pmode\s\S+)* + \s*(?Pseclevel\s\S+)* + \s*(?Pview\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_groups, + "result": { + "snmp_v3": { + "groups": { + "{{ name }}": { + "group": "{{ name }}", + "mode": '{{ mode.split(" ")[1] if mode is defined else None }}', + "seclevel": '{{ sec.split(" ")[1] if sec is defined else None }}', + "view": '{{ view.split(" ")[1] if view is defined else None }}', + } + } + } + } + }, + # service snmp v3 trap-target <> auth <> + { + "name": "snmp_v3.trap_targets.authentication", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+auth + \s*(?Pencrypted-key\s\S+)* + \s*(?Pplaintext-key\s\S+)* + \s*(?Ptype\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_trap_target, + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "authentication": { + "encrypted_key": '{{ enc.split(" ")[1] if enc is defined else None }}', + "plaintext_key": '{{ plain.split(" ")[1] if plain is defined else None }}', + "type": '{{ type.split(" ")[1] if type is defined else None }}', + } + } + } + } + } + }, + # service snmp v3 trap-target <> port <> + { + "name": "snmp_v3.trap_targets.port", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+(?Pport\s\d+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 trap-target port {{ snmp_v3.trap_targets.port }}", + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "port": "{{ port }}" + } + } + } + } + }, + # service snmp v3 trap-target <> protocol <> + { + "name": "snmp_v3.trap_targets.protocol", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+(?Pprotocol\s\S+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 trap-target protocol {{ snmp_v3.trap_targets.protocol }}", + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "protocol": "{{ protocol }}" + } + } + } + } + }, + # service snmp v3 trap-target <> type <> + { + "name": "snmp_v3.trap_targets.type", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+(?Ptype\s\S+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 trap-target type {{ snmp_v3.trap_targets.type }}", + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "type": "{{ type }}" + } + } + } + } + }, + # service snmp v3 trap-target <> user <> + { + "name": "snmp_v3.trap_targets.user", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+(?Puser\s\S+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 trap-target user {{ snmp_v3.trap_targets.user }}", + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "user": "{{ user }}" + } + } + } + } + }, + # service snmp v3 trap-target <> privacy <> + { + "name": "snmp_v3.trap_targets.privacy", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\strap-target + \s+(?P\S+) + \s+privacy + \s*(?Pencrypted-key\s\S+)* + \s*(?Pplaintext-key\s\S+)* + \s*(?Ptype\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_trap_target, + "result": { + "snmp_v3": { + "trap_targets": { + "{{ name }}": { + "address": "{{ name }}", + "privacy": { + "encrypted_key": '{{ enc.split(" ")[1] if enc is defined else None }}', + "plaintext_key": '{{ plain.split(" ")[1] if plain is defined else None }}', + "type": '{{ type.split(" ")[1] if type is defined else None }}', + } + } + } + } + } + }, + # service snmp v3 user <> auth <> + { + "name": "snmp_v3.users.authentication", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\suser + \s+(?P\S+) + \s+auth + \s*(?Pencrypted-key\s\S+)* + \s*(?Pplaintext-key\s\S+)* + \s*(?Ptype\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_user, + "result": { + "snmp_v3": { + "users": { + "{{ name }}": { + "user": "{{ name }}", + "authentication": { + "encrypted_key": '{{ enc.split(" ")[1] if enc is defined else None }}', + "plaintext_key": '{{ plain.split(" ")[1] if plain is defined else None }}', + "type": '{{ type.split(" ")[1] if type is defined else None }}', + } + } + } + } + } + }, + # service snmp v3 user <> privacy <> + { + "name": "snmp_v3.users.privacy", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\suser + \s+(?P\S+) + \s+privacy + \s*(?Pencrypted-key\s\S+)* + \s*(?Pplaintext-key\s\S+)* + \s*(?Ptype\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_user, + "result": { + "snmp_v3": { + "users": { + "{{ name }}": { + "user": "{{ name }}", + "privacy": { + "encrypted_key": '{{ enc.split(" ")[1] if enc is defined else None }}', + "plaintext_key": '{{ plain.split(" ")[1] if plain is defined else None }}', + "type": '{{ type.split(" ")[1] if type is defined else None }}', + } + } + } + } + } + }, + # service snmp v3 user <> group <> + { + "name": "snmp_v3.users.group", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\suser + \s+(?P\S+) + \s+(?Pgroup\s.+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 user {{ snmp_v3.users.user }} group {{ snmp_v3.users.group }}", + "result": { + "snmp_v3": { + "users": { + "{{ name }}": { + "user": "{{ name }}", + "group": "{{ group.split(" ")[1] if group is defined else None }}" + } + } + } + } + }, + # service snmp v3 user <> mode <> + { + "name": "snmp_v3.users.mode", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\suser + \s+(?P\S+) + \s+(?Pmode\s\S+)* + $""", + re.VERBOSE), + "setval": "service snmp v3 user {{ snmp_v3.users.user }} mode {{ snmp_v3.users.mode }}", + "result": { + "snmp_v3": { + "users": { + "{{ name }}": { + "user": "{{ name }}", + "mode": "{{ mode }}" + } + } + } + } + }, + # service snmp v3 view <> + { + "name": "snmp_v3.views", + "getval": re.compile( + r""" + ^set\sservice\ssnmp\sv3\sview + \s+(?P\S+) + \s+(?Poid\s\S+) + \s*(?Pexclude\s\S+)* + \s*(?Pmask\s\S+)* + $""", + re.VERBOSE), + "setval": _tmplt_snmp_server_v3_views, + "result": { + "snmp_v3": { + "views": { + "{{ name }}": { + "view": "{{ name }}", + "oid": '{{ oid.split(" ")[1] if oid is defined else None }}', + "exclude": '{{ ex.split(" ")[1] if ex is defined else None }}', + "mask": '{{ mask.split(" ")[1] if mask is defined else None }}', + } + } + } + } + }, + ] + # fmt: on diff --git a/plugins/modules/vyos_snmp_server.py b/plugins/modules/vyos_snmp_server.py new file mode 100644 index 0000000..1651226 --- /dev/null +++ b/plugins/modules/vyos_snmp_server.py @@ -0,0 +1,1128 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# Copyright 2022 Red Hat +# GNU General Public License v3.0+ +# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +""" +The module file for vyos_snmp_server +""" + +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +DOCUMENTATION = """ +module: vyos_snmp_server +version_added: 2.7.0 +short_description: Manages snmp_server resource module +description: This module manages the snmp server attributes of Vyos network devices +author: Gomathi Selvi Srinivasan (@GomathiselviS) +notes: + - Tested against vyos 1.1.8 + - This module works with connection C(network_cli). + - The Configuration defaults of the Vyos network devices + are supposed to hinder idempotent behavior of plays +options: + config: + description: SNMP server configuration. + type: dict + suboptions: + communities: + description: Community name configuration. + type: list + elements: dict + suboptions: + name: + description: Community name + type: str + clients: + description: IP address of SNMP client allowed to contact system + type: list + elements: str + networks: + description: Subnet of SNMP client(s) allowed to contact system + type: list + elements: str + authorization_type: + description: Authorization type (rw or ro) + type: str + choices: ['ro', 'rw'] + contact: + description: Person to contact about the system. + type: str + description: + description: Description information + type: str + listen_addresses: + description: IP address to listen for incoming SNMP requests + type: list + elements: dict + suboptions: + address: + description: IP address to listen for incoming SNMP requests. + type: str + port: + description: Port for SNMP service + type: int + location: + description: Location information + type: str + smux_peer: + description: Register a subtree for SMUX-based processing. + type: str + trap_source: + description: SNMP trap source address + type: str + trap_target: + description: Address of trap target + type: dict + suboptions: + address: + description: Address of trap target + type: str + community: + description: Community used when sending trap information + type: str + port: + description: Destination port used for trap notification + type: int + snmp_v3: + description: Simple Network Management Protocol (SNMP) v3 + type: dict + suboptions: + engine_id: + description: Specifies the EngineID as a hex value + type: str + groups: + description: Specifies the group with name groupname + type: list + elements: dict + suboptions: + group: + description: Specifies the group with name groupname + type: str + mode: + description: Defines the read/write access + type: str + choices: ['ro', 'rw'] + seclevel: + description: Defines security level + type: str + choices: ['auth', 'priv'] + view: + description: Defines the name of view + type: str + trap_targets: + description: Defines SNMP target for inform or traps for IP + type: list + elements: dict + suboptions: + address: + description: IP/IPv6 address of trap target + type: str + authentication: + description: Defines the authentication + type: dict + suboptions: + type: + description: Defines the protocol using for authentication + type: str + choices: ['md5', 'sha'] + encrypted_key: + description: Defines the encrypted password for authentication + type: str + plaintext_key: + description: Defines the clear text password for authentication + type: str + engine_id: + description: Defines the engineID. + type: str + port: + description: Specifies the TCP/UDP port of a destination for SNMP traps/informs. + type: int + privacy: + description: Defines the privacy + type: dict + suboptions: + type: + description: Defines the protocol using for privacy + type: str + choices: ['des', 'aes'] + encrypted_key: + description: Defines the encrypted password for privacy + type: str + plaintext_key: + description: Defines the clear text password for privacy + type: str + protocol: + description: Defines protocol for notification between TCP and UDP + type: str + choices: ['tcp', 'udp'] + type: + description: Specifies the type of notification between inform and trap + type: str + choices: ['inform', 'trap'] + tsm: + description: Specifies that the snmpd uses encryption + type: dict + suboptions: + local_key: + description: Defines the server certificate fingerprint or key-file name. + type: str + port: + description: Defines the port for tsm. + type: int + users: + description: Defines username for authentication + type: list + elements: dict + suboptions: + user: + description: Specifies the user with name username + type: str + authentication: + description: Defines the authentication + type: dict + suboptions: + type: + description: Defines the protocol using for authentication + type: str + choices: ['md5', 'sha'] + encrypted_key: + description: Defines the encrypted password for authentication + type: str + plaintext_key: + description: Defines the clear text password for authentication + type: str + engine_id: + description: Defines the engineID. + type: str + group: + description: Specifies group for user name + type: str + mode: + description: Specifies the mode for access rights of user, read only or write + type: str + choices: ['ro', 'rw'] + privacy: + description: Defines the privacy + type: dict + suboptions: + type: + description: Defines the protocol using for privacy + type: str + choices: ['des', 'aes'] + encrypted_key: + description: Defines the encrypted password for privacy + type: str + plaintext_key: + description: Defines the clear text password for privacy + type: str + tsm_key: + description: Specifies finger print or file name of TSM certificate. + type: str + views: + description: Specifies the view with name viewname + type: list + elements: dict + suboptions: + view: + description: view name + type: str + oid: + description: Specify oid + type: str + exclude: + description: Exclude is optional argument. + type: str + mask: + description: Defines a bit-mask that is indicating which subidentifiers of the associated subtree OID should be regarded as significant. + type: str + running_config: + description: + - The state the configuration should be left in. + - The states I(replaced) and I(overridden) have identical + behaviour for this module. + - Please refer to examples for more details. + type: str + state: + choices: + - merged + - replaced + - overridden + - deleted + - gathered + - parsed + - rendered + default: merged + description: + - The state the configuration should be left in + type: str +""" +EXAMPLES = """ + +# Using merged +# Before State: + +# vyos@vyos:~$ show configuration commands | grep snmp +# vyos@vyos:~$ + + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + + state: merged + +# After State: + +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges client '1.1.1.1' +# set service snmp community bridges client '12.1.1.10' +# set service snmp community switches authorization 'rw' +# set service snmp contact 'admin2@ex.com' +# set service snmp listen-address 20.1.1.1 +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# vyos@vyos:~$ +# +# Module Execution: +# +# "after": { +# "communities": [ +# { +# "clients": [ +# "1.1.1.1", +# "12.1.1.10" +# ], +# "name": "bridges" +# }, +# { +# "authorization_type": "rw", +# "name": "switches" +# } +# ], +# "contact": "admin2@ex.com", +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# }, +# { +# "address": "20.1.1.1" +# } +# ], +# "snmp_v3": { +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# } +# ] +# } +# }, +# "before": {}, +# "changed": true, +# "commands": [ +# "set service snmp community switches authorization rw", +# "set service snmp community bridges client 1.1.1.1", +# "set service snmp community bridges client 12.1.1.10", +# "set service snmp listen-address 20.1.1.1", +# "set service snmp listen-address 100.1.2.1 port 33", +# "set service snmp v3 user admin_user auth type sha", +# "set service snmp v3 user admin_user auth plaintext-key ********", +# "set service snmp v3 user admin_user privacy type aes", +# "set service snmp v3 user admin_user privacy plaintext-key ********", +# "set service snmp contact admin2@ex.com" +# ], +# + +# using Replaced: + +# Before State +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges client '1.1.1.1' +# set service snmp community bridges client '12.1.1.10' +# set service snmp community switches authorization 'rw' +# set service snmp contact 'admin2@ex.com' +# set service snmp listen-address 20.1.1.1 +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# vyos@vyos:~$ + + - name: Replace + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU, NC" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + groups: + - group: "default" + view: "default" + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + group: "default" + - user: guest_user2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + + state: replaced + +# After State: +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges network '1.1.1.0/24' +# set service snmp community bridges network '12.1.1.0/24' +# set service snmp community switches +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp location 'RDU, NC' +# set service snmp v3 group default view 'default' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user group 'default' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 auth type 'sha' +# set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 privacy type 'aes' +# set service snmp v3 view default oid 1 +# vyos@vyos:~$ +# +# +# Module Execution: +# "after": { +# "communities": [ +# { +# "name": "bridges", +# "networks": [ +# "1.1.1.0/24", +# "12.1.1.0/24" +# ] +# }, +# { +# "name": "switches" +# } +# ], +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# } +# ], +# "location": "RDU, NC", +# "snmp_v3": { +# "groups": [ +# { +# "group": "default", +# "view": "default" +# } +# ], +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "group": "default", +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# }, +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "guest_user2" +# } +# ], +# "views": [ +# { +# "oid": "1", +# "view": "default" +# } +# ] +# } +# }, +# "before": { +# "communities": [ +# { +# "clients": [ +# "1.1.1.1", +# "12.1.1.10" +# ], +# "name": "bridges" +# }, +# { +# "authorization_type": "rw", +# "name": "switches" +# } +# ], +# "contact": "admin2@ex.com", +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# }, +# { +# "address": "20.1.1.1" +# } +# ], +# "snmp_v3": { +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# } +# ] +# } +# }, +# "changed": true, +# "commands": [ +# "delete service snmp contact admin2@ex.com", +# "delete service snmp listen-address 20.1.1.1", +# "delete service snmp community switches authorization rw", +# "delete service snmp community bridges client 12.1.1.10", +# "delete service snmp community bridges client 1.1.1.1", +# "set service snmp community bridges network 1.1.1.0/24", +# "set service snmp community bridges network 12.1.1.0/24", +# "set service snmp v3 group default view default", +# "set service snmp v3 user admin_user group default", +# "set service snmp v3 user guest_user2 auth type sha", +# "set service snmp v3 user guest_user2 auth plaintext-key ********", +# "set service snmp v3 user guest_user2 privacy type aes", +# "set service snmp v3 user guest_user2 privacy plaintext-key ********", +# "set service snmp v3 view default oid 1", +# "set service snmp location 'RDU, NC'" +# ], + +# Using overridden: +# Before State +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges client '1.1.1.1' +# set service snmp community bridges client '12.1.1.10' +# set service snmp community switches authorization 'rw' +# set service snmp contact 'admin2@ex.com' +# set service snmp listen-address 20.1.1.1 +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# vyos@vyos:~$ + + - name: Override config + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU, NC" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + groups: + - group: "default" + view: "default" + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + group: "default" + - user: guest_user2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + + state: overridden + +# After State: +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges network '1.1.1.0/24' +# set service snmp community bridges network '12.1.1.0/24' +# set service snmp community switches +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp location 'RDU, NC' +# set service snmp v3 group default view 'default' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user group 'default' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 auth type 'sha' +# set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 privacy type 'aes' +# set service snmp v3 view default oid 1 +# vyos@vyos:~$ +# +# +# Module Execution: +# "after": { +# "communities": [ +# { +# "name": "bridges", +# "networks": [ +# "1.1.1.0/24", +# "12.1.1.0/24" +# ] +# }, +# { +# "name": "switches" +# } +# ], +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# } +# ], +# "location": "RDU, NC", +# "snmp_v3": { +# "groups": [ +# { +# "group": "default", +# "view": "default" +# } +# ], +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "group": "default", +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# }, +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "guest_user2" +# } +# ], +# "views": [ +# { +# "oid": "1", +# "view": "default" +# } +# ] +# } +# }, +# "before": { +# "communities": [ +# { +# "clients": [ +# "1.1.1.1", +# "12.1.1.10" +# ], +# "name": "bridges" +# }, +# { +# "authorization_type": "rw", +# "name": "switches" +# } +# ], +# "contact": "admin2@ex.com", +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# }, +# { +# "address": "20.1.1.1" +# } +# ], +# "snmp_v3": { +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# } +# ] +# } +# }, +# "changed": true, +# "commands": [ +# "delete service snmp contact admin2@ex.com", +# "delete service snmp listen-address 20.1.1.1", +# "delete service snmp community switches authorization rw", +# "delete service snmp community bridges client 12.1.1.10", +# "delete service snmp community bridges client 1.1.1.1", +# "set service snmp community bridges network 1.1.1.0/24", +# "set service snmp community bridges network 12.1.1.0/24", +# "set service snmp v3 group default view default", +# "set service snmp v3 user admin_user group default", +# "set service snmp v3 user guest_user2 auth type sha", +# "set service snmp v3 user guest_user2 auth plaintext-key ********", +# "set service snmp v3 user guest_user2 privacy type aes", +# "set service snmp v3 user guest_user2 privacy plaintext-key ********", +# "set service snmp v3 view default oid 1", +# "set service snmp location 'RDU, NC'" +# ], + +# Using deleted: + +# Before State: +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges network '1.1.1.0/24' +# set service snmp community bridges network '12.1.1.0/24' +# set service snmp community switches +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp location 'RDU, NC' +# set service snmp v3 group default view 'default' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user group 'default' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# set service snmp v3 user guest_user2 auth plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 auth type 'sha' +# set service snmp v3 user guest_user2 privacy plaintext-key 'opq1234567' +# set service snmp v3 user guest_user2 privacy type 'aes' +# set service snmp v3 view default oid 1 +# vyos@vyos:~$ + + - name: Delete Config + vyos.vyos.vyos_snmp_server: + state: deleted + +# After State: +# vyos@vyos:~$ show configuration commands | grep snmp +# vyos@vyos:~$ +# +# Module Execution: +# "after": {}, +# "before": { +# "communities": [ +# { +# "name": "bridges", +# "networks": [ +# "1.1.1.0/24", +# "12.1.1.0/24" +# ] +# }, +# { +# "name": "switches" +# } +# ], +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# } +# ], +# "location": "RDU, NC", +# "snmp_v3": { +# "groups": [ +# { +# "group": "default", +# "view": "default" +# } +# ], +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "group": "default", +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# }, +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "guest_user2" +# } +# ], +# "views": [ +# { +# "oid": "1", +# "view": "default" +# } +# ] +# } +# }, +# "changed": true, +# "commands": [ +# "delete service snmp" +# ], + +# Using rendered: + - name: Render provided configuration + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: admin_user + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + + state: rendered + +# Module Execution: +# "rendered": [ +# "set service snmp community switches authorization rw", +# "set service snmp community bridges client 1.1.1.1", +# "set service snmp community bridges client 12.1.1.10", +# "set service snmp listen-address 20.1.1.1", +# "set service snmp listen-address 100.1.2.1 port 33", +# "set service snmp v3 user admin_user auth type sha", +# "set service snmp v3 user admin_user auth plaintext-key ********", +# "set service snmp v3 user admin_user privacy type aes", +# "set service snmp v3 user admin_user privacy plaintext-key ********", +# "set service snmp contact admin2@ex.com" +# ] +# + +# Using Gathered: +# Before State: + +# vyos@vyos:~$ show configuration commands | grep snmp +# set service snmp community bridges client '1.1.1.1' +# set service snmp community bridges client '12.1.1.10' +# set service snmp community switches authorization 'rw' +# set service snmp contact 'admin2@ex.com' +# set service snmp listen-address 20.1.1.1 +# set service snmp listen-address 100.1.2.1 port '33' +# set service snmp v3 user admin_user auth plaintext-key 'abc1234567' +# set service snmp v3 user admin_user auth type 'sha' +# set service snmp v3 user admin_user privacy plaintext-key 'abc1234567' +# set service snmp v3 user admin_user privacy type 'aes' +# vyos@vyos:~$ + + - name: gather configs + vyos.vyos.vyos_snmp_server: + state: gathered + +# Module Execution: +# "gathered": { +# "communities": [ +# { +# "clients": [ +# "1.1.1.1", +# "12.1.1.10" +# ], +# "name": "bridges" +# }, +# { +# "authorization_type": "rw", +# "name": "switches" +# } +# ], +# "contact": "admin2@ex.com", +# "listen_addresses": [ +# { +# "address": "100.1.2.1", +# "port": 33 +# }, +# { +# "address": "20.1.1.1" +# } +# ], +# "snmp_v3": { +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "admin_user" +# } +# ] +# } +# }, + +# Using parsed: + +# _parsed_snmp.cfg +# set service snmp community routers authorization 'ro' +# set service snmp community routers client '203.0.113.10' +# set service snmp community routers client '203.0.113.20' +# set service snmp community routers network '192.0.2.0/24' +# set service snmp community routers network '2001::/64' +# set service snmp contact 'admin@example.com' +# set service snmp listen-address 172.16.254.36 port '161' +# set service snmp listen-address 2001::1 +# set service snmp location 'UK, London' +# set service snmp trap-target 203.0.113.10 +# set service snmp v3 engineid '000000000000000000000002' +# set service snmp v3 group default mode 'ro' +# set service snmp v3 group default view 'default' +# set service snmp v3 user vyos auth plaintext-key 'vyos12345678' +# set service snmp v3 user vyos auth type 'sha' +# set service snmp v3 user vyos group 'default' +# set service snmp v3 user vyos privacy plaintext-key 'vyos12345678' +# set service snmp v3 user vyos privacy type 'aes' +# set service snmp v3 view default oid 1 + + - name: parse configs + vyos.vyos.vyos_snmp_server: + running_config: "{{ lookup('file', './_parsed_snmp.cfg') }}" + state: parsed + +# Module Execution: +# "parsed": { +# "communities": [ +# { +# "authorization_type": "ro", +# "clients": [ +# "203.0.113.10", +# "203.0.113.20" +# ], +# "name": "routers", +# "networks": [ +# "192.0.2.0/24", +# "2001::/64" +# ] +# } +# ], +# "contact": "admin@example.com", +# "listen_addresses": [ +# { +# "address": "172.16.254.36", +# "port": 161 +# }, +# { +# "address": "2001::1" +# } +# ], +# "location": "UK, London", +# "snmp_v3": { +# "engine_id": "000000000000000000000002", +# "groups": [ +# { +# "group": "default", +# "mode": "ro", +# "view": "default" +# } +# ], +# "users": [ +# { +# "authentication": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "sha" +# }, +# "group": "default", +# "privacy": { +# "plaintext_key": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", +# "type": "aes" +# }, +# "user": "vyos" +# } +# ], +# "views": [ +# { +# "oid": "1", +# "view": "default" +# } +# ] +# }, +# "trap_target": { +# "address": "203.0.113.10" +# } +# } +# +""" + +RETURN = """ +before: + description: The configuration prior to the module execution. + returned: when I(state) is C(merged), C(replaced), C(overridden), C(deleted) or C(purged) + type: dict + sample: > + This output will always be in the same format as the + module argspec. +after: + description: The resulting configuration after module execution. + returned: when changed + type: dict + sample: > + This output will always be in the same format as the + module argspec. +commands: + description: The set of commands pushed to the remote device. + returned: when I(state) is C(merged), C(replaced), C(overridden), C(deleted) or C(purged) + type: list + sample: + set service snmp community routers authorization 'ro' + set service snmp community routers client '203.0.113.10' + set service snmp community routers client '203.0.113.20' + set service snmp community routers network '192.0.2.0/24' +rendered: + description: The provided configuration in the task rendered in device-native format (offline). + returned: when I(state) is C(rendered) + type: list + sample: + set service snmp community routers authorization 'ro' + set service snmp community routers client '203.0.113.10' + set service snmp community routers client '203.0.113.20' + set service snmp community routers network '192.0.2.0/24' +gathered: + description: Facts about the network resource gathered from the remote device as structured data. + returned: when I(state) is C(gathered) + type: list + sample: > + This output will always be in the same format as the + module argspec. +parsed: + description: The device native config provided in I(running_config) option parsed into structured data as per module argspec. + returned: when I(state) is C(parsed) + type: list + sample: > + This output will always be in the same format as the + module argspec. +""" + +from ansible.module_utils.basic import AnsibleModule +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.argspec.snmp_server.snmp_server import ( + Snmp_serverArgs, +) +from ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.config.snmp_server.snmp_server import ( + Snmp_server, +) + + +def main(): + """ + Main entry point for module execution + + :returns: the result form module invocation + """ + module = AnsibleModule( + argument_spec=Snmp_serverArgs.argument_spec, + mutually_exclusive=[["config", "running_config"]], + required_if=[ + ["state", "merged", ["config"]], + ["state", "replaced", ["config"]], + ["state", "overridden", ["config"]], + ["state", "rendered", ["config"]], + ["state", "parsed", ["running_config"]], + ], + supports_check_mode=True, + ) + + result = Snmp_server(module).execute_module() + module.exit_json(**result) + + +if __name__ == "__main__": + main() diff --git a/test-requirements.txt b/test-requirements.txt index d897a57..aa3427d 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,7 +1,7 @@ -black ; python_version > '3.5' +black==21.12b0 ; python_version > '3.5' flake8 mock pexpect pytest-xdist yamllint coverage==4.5.4 diff --git a/tests/integration/targets/vyos_snmp_server/defaults/main.yaml b/tests/integration/targets/vyos_snmp_server/defaults/main.yaml new file mode 100644 index 0000000..852a6be --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +testcase: '[^_].*' +test_items: [] diff --git a/tests/integration/targets/vyos_snmp_server/meta/main.yaml b/tests/integration/targets/vyos_snmp_server/meta/main.yaml new file mode 100644 index 0000000..91da2a7 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/meta/main.yaml @@ -0,0 +1,2 @@ +--- +... diff --git a/tests/integration/targets/vyos_snmp_server/tasks/cli.yaml b/tests/integration/targets/vyos_snmp_server/tasks/cli.yaml new file mode 100644 index 0000000..93eb2fe --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tasks/cli.yaml @@ -0,0 +1,19 @@ +--- +- name: Collect all cli test cases + find: + paths: '{{ role_path }}/tests/cli' + patterns: '{{ testcase }}.yaml' + use_regex: true + register: test_cases + delegate_to: localhost + +- name: Set test_items + set_fact: test_items="{{ test_cases.files | map(attribute='path') | list }}" + +- name: Run test case (connection=ansible.netcommon.network_cli) + include: '{{ test_case_to_run }}' + vars: + ansible_connection: ansible.netcommon.network_cli + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run diff --git a/tests/integration/targets/vyos_snmp_server/tasks/main.yaml b/tests/integration/targets/vyos_snmp_server/tasks/main.yaml new file mode 100644 index 0000000..b957d2f --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include: cli.yaml + tags: + - network_cli diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/_parsed.cfg b/tests/integration/targets/vyos_snmp_server/tests/cli/_parsed.cfg new file mode 100644 index 0000000..9750253 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/_parsed.cfg @@ -0,0 +1,19 @@ +set service snmp community routers authorization 'ro' +set service snmp community routers client '203.0.113.10' +set service snmp community routers client '203.0.113.20' +set service snmp community routers network '192.0.2.0/24' +set service snmp community routers network '2001::/64' +set service snmp contact 'admin@example.com' +set service snmp listen-address 172.16.254.36 port '161' +set service snmp listen-address 2001::1 +set service snmp location 'UK, London' +set service snmp trap-target 203.0.113.10 +set service snmp v3 engineid '000000000000000000000002' +set service snmp v3 group default mode 'ro' +set service snmp v3 group default view 'default' +set service snmp v3 user vyos auth plaintext-key 'vyos12345678' +set service snmp v3 user vyos auth type 'sha' +set service snmp v3 user vyos group 'default' +set service snmp v3 user vyos privacy plaintext-key 'vyos12345678' +set service snmp v3 user vyos privacy type 'aes' +set service snmp v3 view default oid 1 diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/_populate_config.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/_populate_config.yaml new file mode 100644 index 0000000..f4d89f5 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/_populate_config.yaml @@ -0,0 +1,18 @@ +--- +- name: setup + vyos.vyos.vyos_config: + lines: + - set service snmp community switches authorization rw + - set service snmp community bridges client 1.1.1.1 + - set service snmp community bridges client 12.1.1.10 + - set service snmp listen-address 20.1.1.1 + - set service snmp listen-address 100.1.2.1 port 33 + - set service snmp v3 user adminuser engineid 33 + - set service snmp v3 user adminuser auth type sha + - set service snmp v3 user adminuser auth plaintext-key abc1234567 + - set service snmp v3 user adminuser privacy type aes + - set service snmp v3 user adminuser privacy plaintext-key abc1234567 + - set service snmp contact admin2@ex.com + ignore_errors: true + vars: + ansible_connection: ansible.netcommon.network_cli diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/_remove_config.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/_remove_config.yaml new file mode 100644 index 0000000..12cfb75 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/_remove_config.yaml @@ -0,0 +1,8 @@ +--- +- name: Remove pre-existing snmp_server config + vyos.vyos.vyos_snmp_server: + config: + state: deleted + ignore_errors: true + vars: + ansible_connection: ansible.netcommon.network_cli diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/deleted.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/deleted.yaml new file mode 100644 index 0000000..1fa32c5 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/deleted.yaml @@ -0,0 +1,40 @@ +--- +- debug: + msg: START vyos_snmp_server deleted integration tests on connection={{ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Delete the provided configuration + register: result + vyos.vyos.vyos_snmp_server: &id001 + config: + state: deleted + + - name: Assert that before dicts were correctly generated + assert: + that: + - result.changed == true + - result.commands == deleted.commands + + - name: Assert that the after dicts were correctly generated + assert: + that: + - result.after == {} + + - name: Delete the existing configuration with the provided running configuration + (IDEMPOTENT) + register: result + vyos.vyos.vyos_snmp_server: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/empty_config.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/empty_config.yaml new file mode 100644 index 0000000..558b53f --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/empty_config.yaml @@ -0,0 +1,60 @@ +--- +- debug: + msg: START vyos_snmp_server empty_config integration tests on connection={{ + ansible_connection }} + +- name: Merged with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_snmp_server: + config: + state: merged + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state merged' + +- name: Replaced with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_snmp_server: + config: + state: replaced + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state replaced' + +- name: Overridden with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_snmp_server: + config: + state: overridden + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state overridden' + +- name: Parsed with empty running_config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_snmp_server: + running_config: + state: parsed + +- assert: + that: + - result.msg == 'value of running_config parameter must not be empty for state + parsed' + +- name: Rendered with empty config should give appropriate error message + register: result + ignore_errors: true + vyos.vyos.vyos_snmp_server: + config: + state: rendered + +- assert: + that: + - result.msg == 'value of config parameter must not be empty for state rendered' diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/gathered.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/gathered.yaml new file mode 100644 index 0000000..184faa5 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/gathered.yaml @@ -0,0 +1,24 @@ +--- +- debug: + msg: START vyos_snmp_server gathered integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Gather config from the device in structured format. + register: result + vyos.vyos.vyos_snmp_server: + state: gathered + + - vyos.vyos.vyos_facts: + gather_network_resources: snmp_server + + - name: Assert that facts are correctly generated + assert: + that: + - result.changed == false + - result.gathered == ansible_facts['network_resources']['snmp_server'] diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/merged.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/merged.yaml new file mode 100644 index 0000000..e372166 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/merged.yaml @@ -0,0 +1,63 @@ +--- +- debug: + msg: START vyos_snmp_server merged integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + - name: Merge the provided configuration with the existing running configuration + register: result + vyos.vyos.vyos_snmp_server: &id001 + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: adminuser + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + state: merged + + - vyos.vyos.vyos_facts: + gather_network_resources: snmp_server + + - assert: + that: + - result.commands|length == 10 + - result.changed == true + - result.commands|symmetric_difference(merged.commands) == [] + - result.after == ansible_facts['network_resources']['snmp_server'] + - result.after == merged.after + + + - name: Assert that before dicts were correctly generated + assert: + that: + - result.before == {} + + - name: + Merge the provided configuration with the existing running configuration + (IDEMPOTENT) + register: result + vyos.vyos.vyos_snmp_server: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/overridden.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/overridden.yaml new file mode 100644 index 0000000..5f3d9c9 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/overridden.yaml @@ -0,0 +1,67 @@ +--- +- debug: + msg: START vyos_snmp_server overridden integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Override the existing configuration with the provided running configuration + register: result + vyos.vyos.vyos_snmp_server: &id001 + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: adminuser + engine_id: "33" + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + - user: guestuser2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + state: overridden + + - vyos.vyos.vyos_facts: + gather_network_resources: snmp_server + + - assert: + that: + - result.changed == true + - result.after == ansible_facts['network_resources']['snmp_server'] + - result.commands|length == 13 + + + - name: Override the existing configuration with the provided running configuration + (IDEMPOTENT) + register: result + vyos.vyos.vyos_snmp_server: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/parsed.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/parsed.yaml new file mode 100644 index 0000000..e189134 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/parsed.yaml @@ -0,0 +1,17 @@ +--- +- debug: + msg: START vyos_snmp_server parsed integration tests on connection={{ ansible_connection + }} + +- name: Provide the running configuration for parsing (config to be parsed) + register: result + vyos.vyos.vyos_snmp_server: + running_config: "{{ lookup('file', '_parsed.cfg') }}" + state: parsed + + +- name: Assert that config was correctly parsed + assert: + that: + - result.changed == false + - result.parsed == parsed.after diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/rendered.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/rendered.yaml new file mode 100644 index 0000000..e238827 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/rendered.yaml @@ -0,0 +1,39 @@ +--- +- debug: + msg: START vyos_snmp_server rendered integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- block: + - name: Render the given configuration in the form of native commands + register: result + vyos.vyos.vyos_snmp_server: + config: + communities: + - name: "switches" + authorization_type: "rw" + - name: "bridges" + clients: ["1.1.1.1", "12.1.1.10"] + contact: "admin2@ex.com" + listen_addresses: + - address: "20.1.1.1" + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: adminuser + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + state: rendered + + - assert: + that: + - result.changed == false + - result.rendered|symmetric_difference(merged.commands) == [] + always: + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_snmp_server/tests/cli/replaced.yaml b/tests/integration/targets/vyos_snmp_server/tests/cli/replaced.yaml new file mode 100644 index 0000000..0b5a564 --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/tests/cli/replaced.yaml @@ -0,0 +1,67 @@ +--- +- debug: + msg: START vyos_snmp_server replaced integration tests on connection={{ + ansible_connection }} + +- include_tasks: _remove_config.yaml + +- include_tasks: _populate_config.yaml + +- block: + + - name: Replace the existing configuration with the provided running configuration + register: result + vyos.vyos.vyos_snmp_server: &id001 + config: + communities: + - name: "bridges" + networks: ["1.1.1.0/24", "12.1.1.0/24"] + location: "RDU" + listen_addresses: + - address: "100.1.2.1" + port: 33 + snmp_v3: + users: + - user: adminuser + engine_id: "33" + authentication: + plaintext_key: "abc1234567" + type: "sha" + privacy: + plaintext_key: "abc1234567" + type: "aes" + - user: guestuser2 + authentication: + plaintext_key: "opq1234567" + type: "sha" + privacy: + plaintext_key: "opq1234567" + type: "aes" + views: + - view: "default" + oid: 1 + state: replaced + + - vyos.vyos.vyos_facts: + gather_network_resources: snmp_server + + - assert: + that: + - result.changed == true + - result.after == ansible_facts['network_resources']['snmp_server'] + - result.commands|length == 13 + + + - name: Replace the existing configuration with the provided running configuration + (IDEMPOTENT) + register: result + vyos.vyos.vyos_snmp_server: *id001 + + - name: Assert that the previous task was idempotent + assert: + that: + - result['changed'] == false + + always: + + - include_tasks: _remove_config.yaml diff --git a/tests/integration/targets/vyos_snmp_server/vars/main.yaml b/tests/integration/targets/vyos_snmp_server/vars/main.yaml new file mode 100644 index 0000000..060421b --- /dev/null +++ b/tests/integration/targets/vyos_snmp_server/vars/main.yaml @@ -0,0 +1,126 @@ +--- +merged: + before: {} + commands: + - set service snmp community switches authorization rw + - set service snmp community bridges client 1.1.1.1 + - set service snmp community bridges client 12.1.1.10 + - set service snmp listen-address 20.1.1.1 + - set service snmp listen-address 100.1.2.1 port 33 + - set service snmp v3 user adminuser auth type sha + - set service snmp v3 user adminuser auth plaintext-key ******** + - set service snmp v3 user adminuser privacy type aes + - set service snmp v3 user adminuser privacy plaintext-key ******** + - set service snmp contact admin2@ex.com + after: + communities: + - clients: + - 1.1.1.1 + - 12.1.1.10 + name: "bridges" + - authorization_type: "rw" + name: "switches" + contact: "admin2@ex.com" + listen_addresses: + - address: "100.1.2.1" + port: 33 + - address: "20.1.1.1" + snmp_v3: + users: + - authentication: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "sha" + privacy: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "aes" + user: "adminuser" + +overridden: + commands: + - delete service snmp contact admin2@ex.com + - delete service snmp listen-address 20.1.1.1 + - delete service snmp community switches authorization rw + - delete service snmp community bridges client 12.1.1.10 + - delete service snmp community bridges client 1.1.1.1 + - set service snmp community bridges network 1.1.1.0/24 + - set service snmp community bridges network 12.1.1.0/24 + - set service snmp v3 user guestuser2 auth type sha + - set service snmp v3 user guestuser2 auth plaintext-key ******** + - set service snmp v3 user guestuser2 privacy type aes + - set service snmp v3 user guestuser2 privacy plaintext-key ******** + - set service snmp v3 view default oid 1 + - set service snmp location \'RDU\' + + after: + communities: + - name: "bridges" + networks: + - "1.1.1.0/24" + - "12.1.1.0/24" + - name: "switches" + listen_addresses: + - address: "100.1.2.1" + port: 33 + location: "RDU, NC" + snmp_v3: + users: + - authentication: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "sha" + privacy: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "aes" + user: "adminuser" + - authentication: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "sha" + privacy: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "aes" + user: "guestuser2" + views: + - oid: 1 + view: "default" + +deleted: + commands: + - delete service snmp + after: {} + +parsed: + after: + communities: + - authorization_type: "ro" + clients: + - 203.0.113.10 + - 203.0.113.20 + name: "routers" + networks: + - 192.0.2.0/24 + - 2001::/64 + contact: "admin@example.com" + listen_addresses: + - address: "172.16.254.36" + port: 161 + - address: "2001::1" + location: "UK, London" + snmp_v3: + engine_id: "000000000000000000000002" + groups: + - group: "default" + mode: "ro" + view: "default" + users: + - authentication: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "sha" + group: "default" + privacy: + plaintext_key: "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" + type: "aes" + user: "vyos" + views: + - oid: "1" + view: "default" + trap_target: + address: "203.0.113.10" diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_snmp_server_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_snmp_server_config.cfg new file mode 100644 index 0000000..689b18e --- /dev/null +++ b/tests/unit/modules/network/vyos/fixtures/vyos_snmp_server_config.cfg @@ -0,0 +1,12 @@ +set service snmp community bridges network 1.1.1.0/24 +set service snmp community bridges network 12.1.1.0/24 +set service snmp listen-address 100.1.2.1 port 33 +set service snmp location RDU, NC +set service snmp v3 user admin_user auth plaintext-key abc1234567 +set service snmp v3 user admin_user auth type sha +set service snmp v3 user admin_user privacy plaintext-key abc1234567 +set service snmp v3 user admin_user privacy type aes +set service snmp v3 user guest_user auth plaintext-key opq1234567 +set service snmp v3 user guest_user auth type sha +set service snmp v3 user guest_user privacy plaintext-key opq1234567 +set service snmp v3 user guest_user privacy type aes diff --git a/tests/unit/modules/network/vyos/test_vyos_snmp_server.py b/tests/unit/modules/network/vyos/test_vyos_snmp_server.py new file mode 100644 index 0000000..613960f --- /dev/null +++ b/tests/unit/modules/network/vyos/test_vyos_snmp_server.py @@ -0,0 +1,571 @@ +# (c) 2021 Red Hat Inc. +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + +from ansible_collections.vyos.vyos.tests.unit.compat.mock import patch +from ansible_collections.vyos.vyos.plugins.modules import vyos_snmp_server +from ansible_collections.vyos.vyos.tests.unit.modules.utils import ( + set_module_args, +) +from .vyos_module import TestVyosModule, load_fixture + + +class TestVyosSnmpServerModule(TestVyosModule): + + module = vyos_snmp_server + + def setUp(self): + super(TestVyosSnmpServerModule, self).setUp() + + self.mock_get_resource_connection_config = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.rm_base.resource_module_base.get_resource_connection" + ) + self.get_resource_connection_config = ( + self.mock_get_resource_connection_config.start() + ) + + self.mock_get_resource_connection_facts = patch( + "ansible_collections.ansible.netcommon.plugins.module_utils.network.common.facts.facts.get_resource_connection" + ) + self.get_resource_connection_facts = ( + self.mock_get_resource_connection_facts.start() + ) + + self.mock_execute_show_command = patch( + "ansible_collections.vyos.vyos.plugins.module_utils.network.vyos.facts.snmp_server.snmp_server.Snmp_serverFacts.get_config" + ) + + self.execute_show_command = self.mock_execute_show_command.start() + + def tearDown(self): + super(TestVyosSnmpServerModule, self).tearDown() + self.mock_get_resource_connection_config.stop() + self.mock_get_resource_connection_facts.stop() + self.mock_execute_show_command.stop() + + def load_fixtures(self, commands=None, transport="cli", filename=None): + if filename is None: + filename = "vyos_snmp_server_config.cfg" + + def load_from_file(*args, **kwargs): + output = load_fixture(filename) + return output + + self.execute_show_command.side_effect = load_from_file + + def test_snmp_server_merged_idempotent(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="bridges", + networks=["12.1.1.0/24", "1.1.1.0/24"], + ) + ], + listen_addresses=[ + dict(address="100.1.2.1", port=33), + ], + location="RDU, NC", + snmp_v3=dict( + users=[ + dict( + user="admin_user", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + dict( + user="guest_user", + authentication=dict( + type="sha", plaintext_key="opq1234567" + ), + privacy=dict( + type="aes", plaintext_key="opq1234567" + ), + ), + ] + ), + ), + state="merged", + ) + ) + self.execute_module(changed=False, commands=[]) + + def test_snmp_server_replaced_idempotent(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="bridges", + networks=["12.1.1.0/24", "1.1.1.0/24"], + ) + ], + listen_addresses=[ + dict(address="100.1.2.1", port=33), + ], + location="RDU, NC", + snmp_v3=dict( + users=[ + dict( + user="admin_user", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + dict( + user="guest_user", + authentication=dict( + type="sha", plaintext_key="opq1234567" + ), + privacy=dict( + type="aes", plaintext_key="opq1234567" + ), + ), + ] + ), + ), + state="replaced", + ) + ) + self.execute_module(changed=False, commands=[]) + + def test_snmp_server_overridden_idempotent(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="bridges", + networks=["12.1.1.0/24", "1.1.1.0/24"], + ) + ], + listen_addresses=[ + dict(address="100.1.2.1", port=33), + ], + location="RDU, NC", + snmp_v3=dict( + users=[ + dict( + user="admin_user", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + dict( + user="guest_user", + authentication=dict( + type="sha", plaintext_key="opq1234567" + ), + privacy=dict( + type="aes", plaintext_key="opq1234567" + ), + ), + ] + ), + ), + state="overridden", + ) + ) + self.execute_module(changed=False, commands=[]) + + def test_snmp_server_merged(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="routers", + clients=["12.1.1.0/24", "1.1.1.0/24"], + authorization_type="rw", + ), + dict(name="switches", authorization_type="ro"), + ], + contact="admin@example.com", + description="snmp_config", + smux_peer="peer1", + trap_source="1.1.1.1", + trap_target=dict( + address="10.10.1.1", community="switches", port="80" + ), + snmp_v3=dict( + engine_id="34", + groups=[ + dict( + group="default", + mode="rw", + seclevel="priv", + view="view1", + ) + ], + trap_targets=[ + dict( + address="20.12.1.1", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + ], + ), + ), + state="merged", + ) + ) + commands = [ + "set service snmp community routers client 1.1.1.0/24", + "set service snmp community routers client 12.1.1.0/24", + "set service snmp community routers authorization rw", + "set service snmp community switches authorization ro", + "set service snmp v3 group default mode rw", + "set service snmp v3 group default seclevel priv", + "set service snmp v3 group default view view1", + "set service snmp v3 engineid 34", + "set service snmp contact admin@example.com", + "set service snmp description snmp_config", + "set service snmp smux-peer peer1", + "set service snmp trap-source 1.1.1.1", + "set service snmp trap-target 10.10.1.1", + ] + self.execute_module(changed=True, commands=commands) + + def test_snmp_server_replaced(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="routers", + clients=["12.1.1.0/24", "1.1.1.0/24"], + authorization_type="rw", + ), + dict(name="switches", authorization_type="ro"), + ], + contact="admin@example.com", + description="snmp_config", + smux_peer="peer1", + trap_source="1.1.1.1", + trap_target=dict( + address="10.10.1.1", community="switches", port="80" + ), + snmp_v3=dict( + engine_id="34", + groups=[ + dict( + group="default", + mode="rw", + seclevel="priv", + view="view1", + ) + ], + trap_targets=[ + dict( + address="20.12.1.1", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + ], + ), + ), + state="replaced", + ) + ) + commands = [ + "set service snmp community routers client 1.1.1.0/24", + "set service snmp community routers client 12.1.1.0/24", + "set service snmp community routers authorization rw", + "set service snmp community switches authorization ro", + "delete service snmp community bridges network 1.1.1.0/24", + "delete service snmp community bridges network 12.1.1.0/24", + "delete service snmp listen-address 100.1.2.1 port 33", + "set service snmp v3 group default mode rw", + "set service snmp v3 group default seclevel priv", + "set service snmp v3 group default view view1", + "delete service snmp v3 user admin_user auth type sha", + "delete service snmp v3 user admin_user auth plaintext-key abc1234567", + "delete service snmp v3 user admin_user privacy type aes", + "delete service snmp v3 user admin_user privacy plaintext-key abc1234567", + "delete service snmp v3 user guest_user auth type sha", + "delete service snmp v3 user guest_user auth plaintext-key opq1234567", + "delete service snmp v3 user guest_user privacy type aes", + "delete service snmp v3 user guest_user privacy plaintext-key opq1234567", + "set service snmp v3 engineid 34", + "set service snmp contact admin@example.com", + "set service snmp description snmp_config", + "set service snmp smux-peer peer1", + "set service snmp trap-source 1.1.1.1", + "set service snmp trap-target 10.10.1.1", + "delete service snmp location 'RDU, NC'", + ] + + self.execute_module(changed=True, commands=commands) + + def test_snmp_server_overridden(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="routers", + clients=["12.1.1.0/24", "1.1.1.0/24"], + authorization_type="rw", + ), + dict(name="switches", authorization_type="ro"), + ], + contact="admin@example.com", + description="snmp_config", + smux_peer="peer1", + trap_source="1.1.1.1", + trap_target=dict( + address="10.10.1.1", community="switches", port="80" + ), + snmp_v3=dict( + engine_id="34", + groups=[ + dict( + group="default", + mode="rw", + seclevel="priv", + view="view1", + ) + ], + trap_targets=[ + dict( + address="20.12.1.1", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + ], + ), + ), + state="overridden", + ) + ) + commands = [ + "set service snmp community routers client 1.1.1.0/24", + "set service snmp community routers client 12.1.1.0/24", + "set service snmp community routers authorization rw", + "set service snmp community switches authorization ro", + "delete service snmp community bridges network 1.1.1.0/24", + "delete service snmp community bridges network 12.1.1.0/24", + "delete service snmp listen-address 100.1.2.1 port 33", + "set service snmp v3 group default mode rw", + "set service snmp v3 group default seclevel priv", + "set service snmp v3 group default view view1", + "delete service snmp v3 user admin_user auth type sha", + "delete service snmp v3 user admin_user auth plaintext-key abc1234567", + "delete service snmp v3 user admin_user privacy type aes", + "delete service snmp v3 user admin_user privacy plaintext-key abc1234567", + "delete service snmp v3 user guest_user auth type sha", + "delete service snmp v3 user guest_user auth plaintext-key opq1234567", + "delete service snmp v3 user guest_user privacy type aes", + "delete service snmp v3 user guest_user privacy plaintext-key opq1234567", + "set service snmp v3 engineid 34", + "set service snmp contact admin@example.com", + "set service snmp description snmp_config", + "set service snmp smux-peer peer1", + "set service snmp trap-source 1.1.1.1", + "set service snmp trap-target 10.10.1.1", + "delete service snmp location 'RDU, NC'", + ] + + self.execute_module(changed=True, commands=commands) + + def test_snmp_server_deleted(self): + set_module_args( + dict( + state="deleted", + ) + ) + commands = ["delete service snmp"] + self.execute_module(changed=True, commands=commands) + + def test_snmp_server_rendered(self): + set_module_args( + dict( + config=dict( + communities=[ + dict( + name="routers", + clients=["12.1.1.0/24", "1.1.1.0/24"], + authorization_type="rw", + ), + dict(name="switches", authorization_type="ro"), + ], + contact="admin@example.com", + description="snmp_config", + smux_peer="peer1", + trap_source="1.1.1.1", + trap_target=dict( + address="10.10.1.1", community="switches", port="80" + ), + snmp_v3=dict( + engine_id="34", + groups=[ + dict( + group="default", + mode="rw", + seclevel="priv", + view="view1", + ) + ], + trap_targets=[ + dict( + address="20.12.1.1", + authentication=dict( + type="sha", plaintext_key="abc1234567" + ), + privacy=dict( + type="aes", plaintext_key="abc1234567" + ), + ), + ], + ), + ), + state="rendered", + ) + ) + commands = [ + "set service snmp community routers client 1.1.1.0/24", + "set service snmp community routers client 12.1.1.0/24", + "set service snmp community routers authorization rw", + "set service snmp community switches authorization ro", + "set service snmp v3 group default mode rw", + "set service snmp v3 group default seclevel priv", + "set service snmp v3 group default view view1", + "set service snmp v3 engineid 34", + "set service snmp contact admin@example.com", + "set service snmp description snmp_config", + "set service snmp smux-peer peer1", + "set service snmp trap-source 1.1.1.1", + "set service snmp trap-target 10.10.1.1", + ] + result = self.execute_module(changed=False) + self.assertEqual( + sorted(result["rendered"]), + sorted(commands), + result["rendered"], + ) + + def test_snmp_server_parsed(self): + commands = [ + "set service snmp community routers client 1.1.1.0/24", + "set service snmp community routers client 12.1.1.0/24", + "set service snmp community routers authorization rw", + "set service snmp community switches authorization ro", + "set service snmp v3 group default mode rw", + "set service snmp v3 group default seclevel priv", + "set service snmp v3 group default view view1", + "set service snmp v3 engineid 34", + "set service snmp contact admin@example.com", + "set service snmp description snmp_config", + "set service snmp smux-peer peer1", + "set service snmp trap-source 1.1.1.1", + "set service snmp trap-target 10.10.1.1", + ] + parsed_str = "\n".join(commands) + set_module_args(dict(running_config=parsed_str, state="parsed")) + result = self.execute_module(changed=False) + parsed_list = { + "communities": [ + { + "authorization_type": "rw", + "clients": ["1.1.1.0/24", "12.1.1.0/24"], + "name": "routers", + }, + {"authorization_type": "ro", "name": "switches"}, + ], + "contact": "admin@example.com", + "description": "snmp_config", + "smux_peer": "peer1", + "snmp_v3": { + "engine_id": "34", + "groups": [ + { + "group": "default", + "mode": "rw", + "seclevel": "priv", + "view": "view1", + } + ], + }, + "trap_source": "1.1.1.1", + "trap_target": {"address": "10.10.1.1"}, + } + self.assertEqual(parsed_list, result["parsed"]) + + def test_snmp_server_gathered(self): + set_module_args(dict(state="gathered")) + result = self.execute_module(changed=False) + gathered_list = { + "communities": [ + {"name": "bridges", "networks": ["1.1.1.0/24", "12.1.1.0/24"]}, + ], + "listen_addresses": [{"address": "100.1.2.1", "port": 33}], + "location": "RDU, NC", + "snmp_v3": { + "users": [ + { + "authentication": { + "plaintext_key": "abc1234567", + "type": "sha", + }, + "privacy": { + "plaintext_key": "abc1234567", + "type": "aes", + }, + "user": "admin_user", + }, + { + "authentication": { + "plaintext_key": "opq1234567", + "type": "sha", + }, + "privacy": { + "plaintext_key": "opq1234567", + "type": "aes", + }, + "user": "guest_user", + }, + ] + }, + } + self.assertEqual(gathered_list, result["gathered"])