/salt/states/bigip.py
Python | 3087 lines | 2508 code | 111 blank | 468 comment | 87 complexity | 45e814e162e0688a772174baa1053801 MD5 | raw file
Possible License(s): Apache-2.0
Large files files are truncated, but you can click here to view the full file
- # -*- coding: utf-8 -*-
- '''
- A state module designed to enforce load-balancing configurations for F5 Big-IP entities.
- :maturity: develop
- :platform: f5_bigip_11.6
- '''
- # Import Python libs
- from __future__ import absolute_import
- import json
- # Import 3rd-party libs
- import salt.ext.six as six
- #set up virtual function
- def __virtual__():
- '''
- Only load if the bigip exec module is available in __salt__
- '''
- return 'bigip' if 'bigip.list_transaction' in __salt__ else False
- def _load_result(response, ret):
- '''
- format the results of listing functions
- '''
- #were we able to connect?
- if response['code'] is None:
- ret['comment'] = response['content']
- #forbidden?
- elif response['code'] == 401:
- ret['comment'] = '401 Forbidden: Authentication required!'
- #Not found?
- elif response['code'] == 404:
- ret['comment'] = response['content']['message']
- #200?
- elif response['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Listing Current Configuration Only. ' \
- 'Not action or changes occurred during the execution of this state.'
- ret['changes'] = response['content']
- #something bad
- else:
- ret['comment'] = response['content']['message']
- return ret
- def _strip_key(dictionary, keyword):
- '''
- look for a certain key within a dictionary and nullify ti's contents, check within nested
- dictionaries and lists as well. Certain attributes such as "generation" will change even
- when there were no changes made to the entity.
- '''
- for key, value in six.iteritems(dictionary):
- if key == keyword:
- dictionary[key] = None
- elif isinstance(value, dict):
- _strip_key(value, keyword)
- elif isinstance(value, list):
- for item in value:
- if isinstance(item, dict):
- _strip_key(item, keyword)
- return dictionary
- def _check_for_changes(entity_type, ret, existing, modified):
- '''
- take an existing entity and a modified entity and check for changes.
- '''
- ret['result'] = True
- #were there any changes? generation always changes, remove it.
- if isinstance(existing, dict) and isinstance(modified, dict):
- if 'generation' in modified['content'].keys():
- del modified['content']['generation']
- if 'generation' in existing['content'].keys():
- del existing['content']['generation']
- if cmp(modified['content'], existing['content']) == 0:
- ret['comment'] = '{entity_type} is currently enforced to the desired state. No changes made.'.format(entity_type=entity_type)
- else:
- ret['comment'] = '{entity_type} was enforced to the desired state. Note: Only parameters specified ' \
- 'were enforced. See changes for details.'.format(entity_type=entity_type)
- ret['changes']['old'] = existing['content']
- ret['changes']['new'] = modified['content']
- else:
- if cmp(modified, existing) == 0:
- ret['comment'] = '{entity_type} is currently enforced to the desired state. No changes made.'.format(entity_type=entity_type)
- else:
- ret['comment'] = '{entity_type} was enforced to the desired state. Note: Only parameters specified ' \
- 'were enforced. See changes for details.'.format(entity_type=entity_type)
- ret['changes']['old'] = existing
- ret['changes']['new'] = modified
- return ret
- def _test_output(ret, action, params):
- '''
- For testing just output what the state will attempt to do without actually doing it.
- '''
- if action == 'list':
- ret['comment'] += 'The list action will just list an entity and will make no changes.\n'
- elif action == 'create' or action == 'add':
- ret['comment'] += 'The create action will attempt to create an entity if it does not already exist.\n'
- elif action == 'delete':
- ret['comment'] += 'The delete action will attempt to delete an existing entity if it exists.\n'
- elif action == 'manage':
- ret['comment'] += 'The manage action will create a new entity if it does not exist. If it does exist, it will be enforced' \
- 'to the desired state.\n'
- elif action == 'modify':
- ret['comment'] += 'The modify action will attempt to modify an existing entity only if it exists.\n'
- ret['comment'] += 'An iControl REST Request will be made using the parameters:\n'
- ret['comment'] += json.dumps(params, indent=4)
- ret['changes'] = {}
- # Return ``None`` when running with ``test=true``.
- ret['result'] = None
- return ret
- def list_node(hostname, username, password, name):
- '''
- A function to connect to a bigip device and list a specific node.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the node to list.
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'list', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name
- }
- )
- response = __salt__['bigip.list_node'](hostname, username, password, name)
- return _load_result(response, ret)
- def create_node(hostname, username, password, name, address):
- '''
- Create a new node if it does not already exist.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the node to create
- address
- The address of the node
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'create', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'address': address
- }
- )
- #is this node currently configured?
- existing = __salt__['bigip.list_node'](hostname, username, password, name)
- # if it exists
- if existing['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'A node by this name currently exists. No change made.'
- # if it doesn't exist
- elif existing['code'] == 404:
- response = __salt__['bigip.create_node'](hostname, username, password, name, address)
- ret['result'] = True
- ret['changes']['old'] = {}
- ret['changes']['new'] = response['content']
- ret['comment'] = 'Node was successfully created.'
- # else something else was returned
- else:
- ret = _load_result(existing, ret)
- return ret
- def manage_node(hostname, username, password, name, address,
- connection_limit=None,
- description=None,
- dynamic_ratio=None,
- logging=None,
- monitor=None,
- rate_limit=None,
- ratio=None,
- session=None,
- node_state=None):
- '''
- Manages a node of a given bigip device. If the node does not exist it will be created, otherwise,
- only the properties which are different than the existing will be updated.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the node to manage.
- address
- The address of the node
- connection_limit
- [integer]
- description
- [string]
- dynam
- c_ratio: [integer]
- logging
- [enabled | disabled]
- monitor
- [[name] | none | default]
- rate_limit
- [integer]
- ratio
- [integer]
- session
- [user-enabled | user-disabled]
- node_state (state)
- [user-down | user-up ]
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'manage', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'address': address,
- 'connection_limit': connection_limit,
- 'description': description,
- 'dynamic_ratio': dynamic_ratio,
- 'logging': logging,
- 'monitor': monitor,
- 'rate_limit': rate_limit,
- 'ratio': ratio,
- 'session': session,
- 'state:': node_state
- }
- )
- #is this node currently configured?
- existing = __salt__['bigip.list_node'](hostname, username, password, name)
- # if it exists by name
- if existing['code'] == 200:
- # ensure the address is the same, we don't want to modify a different node than what
- # we think we are managing
- if existing['content']['address'] != address:
- ret['result'] = False
- ret['comment'] = 'A node with this name exists but the address does not match.'
- modified = __salt__['bigip.modify_node'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- connection_limit=connection_limit,
- description=description,
- dynamic_ratio=dynamic_ratio,
- logging=logging,
- monitor=monitor,
- rate_limit=rate_limit,
- ratio=ratio,
- session=session,
- state=node_state)
- #was the modification successful?
- if modified['code'] == 200:
- ret = _check_for_changes('Node', ret, existing, modified)
- else:
- ret = _load_result(modified, ret)
- # not found, attempt to create it
- elif existing['code'] == 404:
- new = __salt__['bigip.create_node'](hostname, username, password, name, address)
- # were we able to create it?
- if new['code'] == 200:
- # try modification
- modified = __salt__['bigip.modify_node'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- connection_limit=connection_limit,
- description=description,
- dynamic_ratio=dynamic_ratio,
- logging=logging,
- monitor=monitor,
- rate_limit=rate_limit,
- ratio=ratio,
- session=session,
- state=node_state)
- #was the modification successful?
- if modified['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Node was created and enforced to the desired state. Note: Only parameters specified ' \
- 'were enforced. See changes for details.'
- ret['changes']['old'] = {}
- ret['changes']['new'] = modified['content']
- # roll it back
- else:
- deleted = __salt__['bigip.delete_node'](hostname, username, password, name)
- # did we get rid of it?
- if deleted['code'] == 200:
- ret['comment'] = 'Node was successfully created but an error occurred during modification. ' \
- 'The creation of the node has been rolled back. Message is as follows:\n' \
- '{message}'.format(message=modified['content']['message'])
- # something bad happened
- else:
- ret['comment'] = 'Node was successfully created but an error occurred during modification. ' \
- 'The creation of the node was not able to be rolled back. Message is as follows:' \
- '\n {message}\n{message_two}'.format(message=modified['content']['message'],
- message_two=deleted['content']['message'])
- # unable to create it
- else:
- ret = _load_result(new, ret)
- # an error occurred
- else:
- ret = _load_result(existing, ret)
- return ret
- def modify_node(hostname, username, password, name,
- connection_limit=None,
- description=None,
- dynamic_ratio=None,
- logging=None,
- monitor=None,
- rate_limit=None,
- ratio=None,
- session=None,
- node_state=None):
- '''
- Modify an existing node. Only a node which already exists will be modified and
- only the parameters specified will be enforced.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the node to modify
- connection_limit
- [integer]
- description
- [string]
- dynamic_ratio
- [integer]
- logging
- [enabled | disabled]
- monitor
- [[name] | none | default]
- rate_limit
- [integer]
- ratio
- [integer]
- session
- [user-enabled | user-disabled]
- node_state (state)
- [user-down | user-up ]
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'modify', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'connection_limit': connection_limit,
- 'description': description,
- 'dynamic_ratio': dynamic_ratio,
- 'logging': logging,
- 'monitor': monitor,
- 'rate_limit': rate_limit,
- 'ratio': ratio,
- 'session': session,
- 'state:': node_state
- }
- )
- #is this node currently configured?
- existing = __salt__['bigip.list_node'](hostname, username, password, name)
- # if it exists by name
- if existing['code'] == 200:
- modified = __salt__['bigip.modify_node'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- connection_limit=connection_limit,
- description=description,
- dynamic_ratio=dynamic_ratio,
- logging=logging,
- monitor=monitor,
- rate_limit=rate_limit,
- ratio=ratio,
- session=session,
- state=node_state)
- #was the modification successful?
- if modified['code'] == 200:
- ret = _check_for_changes('Node', ret, existing, modified)
- else:
- ret = _load_result(modified, ret)
- # not found, attempt to create it
- elif existing['code'] == 404:
- ret['comment'] = 'A node with this name was not found.'
- # an error occurred
- else:
- ret = _load_result(existing, ret)
- return ret
- def delete_node(hostname, username, password, name):
- '''
- Delete an existing node.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the node which will be deleted.
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'delete', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- }
- )
- #is this node currently configured?
- existing = __salt__['bigip.list_node'](hostname, username, password, name)
- # if it exists by name
- if existing['code'] == 200:
- deleted = __salt__['bigip.delete_node'](hostname, username, password, name)
- # did we get rid of it?
- if deleted['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Node was successfully deleted.'
- ret['changes']['old'] = existing['content']
- ret['changes']['new'] = {}
- # something bad happened
- else:
- ret = _load_result(existing, ret)
- # not found
- elif existing['code'] == 404:
- ret['result'] = True
- ret['comment'] = 'This node already does not exist. No changes made.'
- ret['changes']['old'] = {}
- ret['changes']['new'] = {}
- else:
- ret = _load_result(existing, ret)
- return ret
- def list_pool(hostname, username, password, name):
- '''
- A function to connect to a bigip device and list a specific pool.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to list.
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'list', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- }
- )
- response = __salt__['bigip.list_pool'](hostname, username, password, name)
- return _load_result(response, ret)
- def create_pool(hostname, username, password, name, members=None,
- allow_nat=None,
- allow_snat=None,
- description=None,
- gateway_failsafe_device=None,
- ignore_persisted_weight=None,
- ip_tos_to_client=None,
- ip_tos_to_server=None,
- link_qos_to_client=None,
- link_qos_to_server=None,
- load_balancing_mode=None,
- min_active_members=None,
- min_up_members=None,
- min_up_members_action=None,
- min_up_members_checking=None,
- monitor=None,
- profiles=None,
- queue_depth_limit=None,
- queue_on_connection_limit=None,
- queue_time_limit=None,
- reselect_tries=None,
- service_down_action=None,
- slow_ramp_time=None):
- '''
- Create a new node if it does not already exist.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to create
- members
- List of members to be added to the pool
- allow_nat
- [yes | no]
- allow_snat
- [yes | no]
- description
- [string]
- gateway_failsafe_device
- [string]
- ignore_persisted_weight
- [enabled | disabled]
- ip_tos_to_client
- [pass-through | [integer]]
- ip_tos_to_server
- [pass-through | [integer]]
- link_qos_to_client
- [pass-through | [integer]]
- link_qos_to_server
- [pass-through | [integer]]
- load_balancing_mode
- [dynamic-ratio-member | dynamic-ratio-node |
- fastest-app-response | fastest-node |
- least-connections-members |
- least-connections-node |
- least-sessions |
- observed-member | observed-node |
- predictive-member | predictive-node |
- ratio-least-connections-member |
- ratio-least-connections-node |
- ratio-member | ratio-node | ratio-session |
- round-robin | weighted-least-connections-member |
- weighted-least-connections-node]
- min_active_members
- [integer]
- min_up_members
- [integer]
- min_up_members_action
- [failover | reboot | restart-all]
- min_up_members_checking
- [enabled | disabled]
- monitor
- [name]
- profiles
- [none | profile_name]
- queue_depth_limit
- [integer]
- queue_on_connection_limit
- [enabled | disabled]
- queue_time_limit
- [integer]
- reselect_tries
- [integer]
- service_down_action
- [drop | none | reselect | reset]
- slow_ramp_time
- [integer]
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'create', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'members': members,
- 'allow_nat': allow_nat,
- 'allow_snat': allow_snat,
- 'description': description,
- 'gateway_failsafe_device': gateway_failsafe_device,
- 'ignore_persisted_weight': ignore_persisted_weight,
- 'ip_tos_client:': ip_tos_to_client,
- 'ip_tos_server': ip_tos_to_server,
- 'link_qos_to_client': link_qos_to_client,
- 'link_qos_to_server': link_qos_to_server,
- 'load_balancing_mode': load_balancing_mode,
- 'min_active_members': min_active_members,
- 'min_up_members': min_up_members,
- 'min_up_members_checking': min_up_members_checking,
- 'monitor': monitor,
- 'profiles': profiles,
- 'queue_depth_limit': queue_depth_limit,
- 'queue_on_connection_limit': queue_on_connection_limit,
- 'queue_time_limit': queue_time_limit,
- 'reselect_tries': reselect_tries,
- 'service_down_action': service_down_action,
- 'slow_ramp_time': slow_ramp_time
- }
- )
- #is this pool currently configured?
- existing = __salt__['bigip.list_pool'](hostname, username, password, name)
- # if it exists
- if existing['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'A pool by this name currently exists. No change made.'
- # if it doesn't exist
- elif existing['code'] == 404:
- response = __salt__['bigip.create_pool'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- members=members,
- allow_nat=allow_nat,
- allow_snat=allow_snat,
- description=description,
- gateway_failsafe_device=gateway_failsafe_device,
- ignore_persisted_weight=ignore_persisted_weight,
- ip_tos_to_client=ip_tos_to_client,
- ip_tos_to_server=ip_tos_to_server,
- link_qos_to_client=link_qos_to_client,
- link_qos_to_server=link_qos_to_server,
- load_balancing_mode=load_balancing_mode,
- min_active_members=min_active_members,
- min_up_members=min_up_members,
- min_up_members_action=min_up_members_action,
- min_up_members_checking=min_up_members_checking,
- monitor=monitor,
- profiles=profiles,
- queue_depth_limit=queue_depth_limit,
- queue_on_connection_limit=queue_on_connection_limit,
- queue_time_limit=queue_time_limit,
- reselect_tries=reselect_tries,
- service_down_action=service_down_action,
- slow_ramp_time=slow_ramp_time)
- if response['code'] == 200:
- ret['result'] = True
- ret['changes']['old'] = {}
- ret['changes']['new'] = response['content']
- ret['comment'] = 'Pool was successfully created.'
- else:
- ret = _load_result(existing, ret)
- # else something else was returned
- else:
- ret = _load_result(existing, ret)
- return ret
- def manage_pool(hostname, username, password, name,
- allow_nat=None,
- allow_snat=None,
- description=None,
- gateway_failsafe_device=None,
- ignore_persisted_weight=None,
- ip_tos_to_client=None,
- ip_tos_to_server=None,
- link_qos_to_client=None,
- link_qos_to_server=None,
- load_balancing_mode=None,
- min_active_members=None,
- min_up_members=None,
- min_up_members_action=None,
- min_up_members_checking=None,
- monitor=None,
- profiles=None,
- queue_depth_limit=None,
- queue_on_connection_limit=None,
- queue_time_limit=None,
- reselect_tries=None,
- service_down_action=None,
- slow_ramp_time=None):
- '''
- Create a new pool if it does not already exist. Pool members are managed separately. Only the
- parameters specified are enforced.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to create
- allow_nat
- [yes | no]
- allow_snat
- [yes | no]
- description
- [string]
- gateway_failsafe_device
- [string]
- ignore_persisted_weight
- [enabled | disabled]
- ip_tos_to_client
- [pass-through | [integer]]
- ip_tos_to_server
- [pass-through | [integer]]
- link_qos_to_client
- [pass-through | [integer]]
- link_qos_to_server
- [pass-through | [integer]]
- load_balancing_mode
- [dynamic-ratio-member | dynamic-ratio-node |
- fastest-app-response | fastest-node |
- least-connections-members |
- least-connections-node |
- least-sessions |
- observed-member | observed-node |
- predictive-member | predictive-node |
- ratio-least-connections-member |
- ratio-least-connections-node |
- ratio-member | ratio-node | ratio-session |
- round-robin | weighted-least-connections-member |
- weighted-least-connections-node]
- min_active_members
- [integer]
- min_up_members
- [integer]
- min_up_members_action
- [failover | reboot | restart-all]
- min_up_members_checking
- [enabled | disabled]
- monitor
- [name]
- profiles
- [none | profile_name]
- queue_depth_limit
- [integer]
- queue_on_connection_limit
- [enabled | disabled]
- queue_time_limit
- [integer]
- reselect_tries
- [integer]
- service_down_action
- [drop | none | reselect | reset]
- slow_ramp_time
- [integer]
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'manage', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'allow_nat': allow_nat,
- 'allow_snat': allow_snat,
- 'description': description,
- 'gateway_failsafe_device': gateway_failsafe_device,
- 'ignore_persisted_weight': ignore_persisted_weight,
- 'ip_tos_client:': ip_tos_to_client,
- 'ip_tos_server': ip_tos_to_server,
- 'link_qos_to_client': link_qos_to_client,
- 'link_qos_to_server': link_qos_to_server,
- 'load_balancing_mode': load_balancing_mode,
- 'min_active_members': min_active_members,
- 'min_up_members': min_up_members,
- 'min_up_members_checking': min_up_members_checking,
- 'monitor': monitor,
- 'profiles': profiles,
- 'queue_depth_limit': queue_depth_limit,
- 'queue_on_connection_limit': queue_on_connection_limit,
- 'queue_time_limit': queue_time_limit,
- 'reselect_tries': reselect_tries,
- 'service_down_action': service_down_action,
- 'slow_ramp_time': slow_ramp_time
- }
- )
- #is this pool currently configured?
- existing = __salt__['bigip.list_pool'](hostname, username, password, name)
- # if it exists
- if existing['code'] == 200:
- modified = __salt__['bigip.modify_pool'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- allow_nat=allow_nat,
- allow_snat=allow_snat,
- description=description,
- gateway_failsafe_device=gateway_failsafe_device,
- ignore_persisted_weight=ignore_persisted_weight,
- ip_tos_to_client=ip_tos_to_client,
- ip_tos_to_server=ip_tos_to_server,
- link_qos_to_client=link_qos_to_client,
- link_qos_to_server=link_qos_to_server,
- load_balancing_mode=load_balancing_mode,
- min_active_members=min_active_members,
- min_up_members=min_up_members,
- min_up_members_action=min_up_members_action,
- min_up_members_checking=min_up_members_checking,
- monitor=monitor,
- profiles=profiles,
- queue_depth_limit=queue_depth_limit,
- queue_on_connection_limit=queue_on_connection_limit,
- queue_time_limit=queue_time_limit,
- reselect_tries=reselect_tries,
- service_down_action=service_down_action,
- slow_ramp_time=slow_ramp_time)
- #was the modification successful?
- if modified['code'] == 200:
- #remove member listings and self-links
- del existing['content']['membersReference']
- del modified['content']['membersReference']
- del existing['content']['selfLink']
- del modified['content']['selfLink']
- ret = _check_for_changes('Pool', ret, existing, modified)
- else:
- ret = _load_result(modified, ret)
- # if it doesn't exist
- elif existing['code'] == 404:
- new = __salt__['bigip.create_pool'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- allow_nat=allow_nat,
- allow_snat=allow_snat,
- description=description,
- gateway_failsafe_device=gateway_failsafe_device,
- ignore_persisted_weight=ignore_persisted_weight,
- ip_tos_to_client=ip_tos_to_client,
- ip_tos_to_server=ip_tos_to_server,
- link_qos_to_client=link_qos_to_client,
- link_qos_to_server=link_qos_to_server,
- load_balancing_mode=load_balancing_mode,
- min_active_members=min_active_members,
- min_up_members=min_up_members,
- min_up_members_action=min_up_members_action,
- min_up_members_checking=min_up_members_checking,
- monitor=monitor,
- profiles=profiles,
- queue_depth_limit=queue_depth_limit,
- queue_on_connection_limit=queue_on_connection_limit,
- queue_time_limit=queue_time_limit,
- reselect_tries=reselect_tries,
- service_down_action=service_down_action,
- slow_ramp_time=slow_ramp_time)
- # were we able to create it?
- if new['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Pool was created and enforced to the desired state. Note: Only parameters specified ' \
- 'were enforced. See changes for details.'
- ret['changes']['old'] = {}
- ret['changes']['new'] = new['content']
- # unable to create it
- else:
- ret = _load_result(new, ret)
- # else something else was returned
- else:
- ret = _load_result(existing, ret)
- return ret
- def modify_pool(hostname, username, password, name,
- allow_nat=None,
- allow_snat=None,
- description=None,
- gateway_failsafe_device=None,
- ignore_persisted_weight=None,
- ip_tos_to_client=None,
- ip_tos_to_server=None,
- link_qos_to_client=None,
- link_qos_to_server=None,
- load_balancing_mode=None,
- min_active_members=None,
- min_up_members=None,
- min_up_members_action=None,
- min_up_members_checking=None,
- monitor=None,
- profiles=None,
- queue_depth_limit=None,
- queue_on_connection_limit=None,
- queue_time_limit=None,
- reselect_tries=None,
- service_down_action=None,
- slow_ramp_time=None):
- '''
- Modify an existing pool. Pool members are managed separately. Only the
- parameters specified are enforced.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to create
- allow_nat
- [yes | no]
- allow_snat
- [yes | no]
- description
- [string]
- gateway_failsafe_device
- [string]
- ignore_persisted_weight
- [enabled | disabled]
- ip_tos_to_client
- [pass-through | [integer]]
- ip_tos_to_server
- [pass-through | [integer]]
- link_qos_to_client
- [pass-through | [integer]]
- link_qos_to_server
- [pass-through | [integer]]
- load_balancing_mode
- [dynamic-ratio-member | dynamic-ratio-node |
- fastest-app-response | fastest-node |
- least-connections-members |
- least-connections-node |
- least-sessions |
- observed-member | observed-node |
- predictive-member | predictive-node |
- ratio-least-connections-member |
- ratio-least-connections-node |
- ratio-member | ratio-node | ratio-session |
- round-robin | weighted-least-connections-member |
- weighted-least-connections-node]
- min_active_members
- [integer]
- min_up_members
- [integer]
- min_up_members_action
- [failover | reboot | restart-all]
- min_up_members_checking
- [enabled | disabled]
- monitor
- [name]
- profiles
- [none | profile_name]
- queue_depth_limit
- [integer]
- queue_on_connection_limit
- [enabled | disabled]
- queue_time_limit
- [integer]
- reselect_tries
- [integer]
- service_down_action
- [drop | none | reselect | reset]
- slow_ramp_time
- [integer]
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'modify', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'allow_nat': allow_nat,
- 'allow_snat': allow_snat,
- 'description': description,
- 'gateway_failsafe_device': gateway_failsafe_device,
- 'ignore_persisted_weight': ignore_persisted_weight,
- 'ip_tos_client:': ip_tos_to_client,
- 'ip_tos_server': ip_tos_to_server,
- 'link_qos_to_client': link_qos_to_client,
- 'link_qos_to_server': link_qos_to_server,
- 'load_balancing_mode': load_balancing_mode,
- 'min_active_members': min_active_members,
- 'min_up_members': min_up_members,
- 'min_up_members_checking': min_up_members_checking,
- 'monitor': monitor,
- 'profiles': profiles,
- 'queue_depth_limit': queue_depth_limit,
- 'queue_on_connection_limit': queue_on_connection_limit,
- 'queue_time_limit': queue_time_limit,
- 'reselect_tries': reselect_tries,
- 'service_down_action': service_down_action,
- 'slow_ramp_time': slow_ramp_time
- }
- )
- #is this pool currently configured?
- existing = __salt__['bigip.list_pool'](hostname, username, password, name)
- # if it exists
- if existing['code'] == 200:
- modified = __salt__['bigip.modify_pool'](hostname=hostname,
- username=username,
- password=password,
- name=name,
- allow_nat=allow_nat,
- allow_snat=allow_snat,
- description=description,
- gateway_failsafe_device=gateway_failsafe_device,
- ignore_persisted_weight=ignore_persisted_weight,
- ip_tos_to_client=ip_tos_to_client,
- ip_tos_to_server=ip_tos_to_server,
- link_qos_to_client=link_qos_to_client,
- link_qos_to_server=link_qos_to_server,
- load_balancing_mode=load_balancing_mode,
- min_active_members=min_active_members,
- min_up_members=min_up_members,
- min_up_members_action=min_up_members_action,
- min_up_members_checking=min_up_members_checking,
- monitor=monitor,
- profiles=profiles,
- queue_depth_limit=queue_depth_limit,
- queue_on_connection_limit=queue_on_connection_limit,
- queue_time_limit=queue_time_limit,
- reselect_tries=reselect_tries,
- service_down_action=service_down_action,
- slow_ramp_time=slow_ramp_time)
- #was the modification successful?
- if modified['code'] == 200:
- #remove member listings and self-links
- del existing['content']['membersReference']
- del modified['content']['membersReference']
- del existing['content']['selfLink']
- del modified['content']['selfLink']
- ret = _check_for_changes('Pool', ret, existing, modified)
- else:
- ret = _load_result(modified, ret)
- # if it doesn't exist
- elif existing['code'] == 404:
- ret['comment'] = 'A pool with this name was not found.'
- # else something else was returned
- else:
- ret = _load_result(existing, ret)
- return ret
- def delete_pool(hostname, username, password, name):
- '''
- Delete an existing pool.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool which will be deleted
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'delete', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- }
- )
- #is this pool currently configured?
- existing = __salt__['bigip.list_pool'](hostname, username, password, name)
- # if it exists by name
- if existing['code'] == 200:
- deleted = __salt__['bigip.delete_pool'](hostname, username, password, name)
- # did we get rid of it?
- if deleted['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Pool was successfully deleted.'
- ret['changes']['old'] = existing['content']
- ret['changes']['new'] = {}
- # something bad happened
- else:
- ret = _load_result(deleted, ret)
- # not found
- elif existing['code'] == 404:
- ret['result'] = True
- ret['comment'] = 'This pool already does not exist. No changes made.'
- ret['changes']['old'] = {}
- ret['changes']['new'] = {}
- else:
- ret = _load_result(existing, ret)
- return ret
- def manage_pool_members(hostname, username, password, name, members):
- '''
- Manage the members of an existing pool. This function replaces all current pool members.
- Only the parameters specified are enforced.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to modify
- members
- list of pool members to manage.
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'manage', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'members': members
- }
- )
- #is this pool currently configured?
- existing = __salt__['bigip.list_pool'](hostname, username, password, name)
- # if it exists
- if existing['code'] == 200:
- #what are the current members?
- current_members = existing['content']['membersReference']['items']
- modified = __salt__['bigip.replace_pool_members'](hostname, username, password, name, members)
- #was the modification successful?
- if modified['code'] == 200:
- #re-list the pool with new membership
- new_listing = __salt__['bigip.list_pool'](hostname, username, password, name)
- #just in case something happened...
- if new_listing['code'] != 200:
- ret = _load_result(new_listing, ret)
- ret['comment'] = 'modification of the pool was successful but an error occurred upon retrieving new' \
- ' listing.'
- return ret
- new_members = new_listing['content']['membersReference']['items']
- #remove generation keys and create new lists indexed by integers
- for current_member in current_members:
- del current_member['generation']
- for new_member in new_members:
- del new_member['generation']
- #anything changed?
- ret = _check_for_changes('Pool Membership', ret, current_members, new_members)
- else:
- ret = _load_result(modified, ret)
- #pool does not exists
- elif existing['code'] == 404:
- ret['comment'] = 'A pool with this name was not found.'
- else:
- ret = _load_result(existing, ret)
- return ret
- def add_pool_member(hostname, username, password, name, member):
- '''
- A function to connect to a bigip device and add a new member to an existing pool.
- hostname
- The host/address of the bigip device
- username
- The iControl REST username
- password
- The iControl REST password
- name
- The name of the pool to modify
- member
- The member to add to the pool
- '''
- ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
- if __opts__['test']:
- return _test_output(ret, 'add', params={
- 'hostname': hostname,
- 'username': username,
- 'password': password,
- 'name': name,
- 'members': member
- }
- )
- #is this pool member currently configured?
- existing_pool = __salt__['bigip.list_pool'](hostname, username, password, name)
- if existing_pool['code'] == 200:
- # for some reason iControl REST doesn't support listing a single pool member.
- # the response from GET for listing a member will return 200 even if it doesn't exists.
- # because of this we have to do some rather "unnecessary" searching within a pool.
- #what are the current members?
- current_members = existing_pool['content']['membersReference']['items']
- #loop through them
- exists = False
- for current_member in current_members:
- if current_member['name'] == member['name']:
- exists = True
- break
- if exists:
- ret['result'] = True
- ret['comment'] = 'Member: {name} already exists within this pool. No changes made.'.format(name=member['name'])
- ret['changes']['old'] = {}
- ret['changes']['new'] = {}
- else:
- new_member = __salt__['bigip.add_pool_member'](hostname, username, password, name, member)
- if new_member['code'] == 200:
- ret['result'] = True
- ret['comment'] = 'Member: {name} has been successfully added to the pool.'.format(name=member['name'])
- ret['changes']['old'] = {}
- #look up the member again...
- pool_listing = __salt__['bigip.list_pool'](hostname, username, password, name)
- if pool_listing['code'] != 200:
- ret = _load_result(new_member, ret)
- return ret
- members = pool_listing['content']['membersReference']['items']
- #loop through them
- for current_member in members:
- if current_member['name'] == member['name']:
- added_member = current_member
- break
- ret['changes']['new'] = added_member
- # member wasn't added
- else:
- ret = _load_result(new_member, ret)
- #pool does not exists
- elif existing_pool['code'] == 404:
- ret['comment'] = 'A pool with this name was not found.'
- else:
- ret = _load_result(existing_pool, ret)
- return ret
- def modify_pool_member(hostname, username, password, name, member,
- connection_limit=None,
- description=None,
- dynamic_ratio=None,
- inherit_profile=None,
- logging=None,
- monitor=None,
- priority_group=None,
- prof…
Large files files are truncated, but you can click here to view the full file