archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add module for Pure Storage FlashBlade to manage directory services (#44925)

Browse Source
pull/50373/head
Simon Dodsley 6 years ago committed by John R Barker
parent 18ed84b877
commit 754e63ab67
1 changed files with 237 additions and 0 deletions
Show Stats Download Patch File Download Diff File

237
lib/ansible/modules/storage/purestorage/purefb_ds.py
Unescape Escape View File

@ -0,0 +1,237 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2018, Simon Dodsley (simon@purestorage.com)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'}
DOCUMENTATION = r'''
---
module: purefb_ds
version_added: '2.8'
short_description: Configure FlashBlade Directory Service
description:
- Create or erase directory services configurations. There is no facility
to SSL certificates at this time. Use the FlashBlade GUI for this
additional configuration work.
- To modify an existing directory service configuration you must first delete
an exisitng configuration and then recreate with new settings.
author:
- Simon Dodsley (@sdodsley)
options:
state:
description:
- Create or delete directory service configuration
default: present
choices: [ absent, present ]
dstype:
description:
- The type of directory service to work on
choices: [ management, nfs, smb ]
enable:
description:
- Whether to enable or disable directory service support.
default: false
type: bool
uri:
description:
- A list of up to 30 URIs of the directory servers. Each URI must include
the scheme ldap:// or ldaps:// (for LDAP over SSL), a hostname, and a
domain name or IP address. For example, ldap://ad.company.com configures
the directory service with the hostname "ad" in the domain "company.com"
while specifying the unencrypted LDAP protocol.
base_dn:
description:
- Sets the base of the Distinguished Name (DN) of the directory service
groups. The base should consist of only Domain Components (DCs). The
base_dn will populate with a default value when a URI is entered by
parsing domain components from the URI. The base DN should specify DC=
for each domain component and multiple DCs should be separated by commas.
required: true
bind_password:
description:
- Sets the password of the bind_user user name account.
bind_user:
description:
- Sets the user name that can be used to bind to and query the directory.
- For Active Directory, enter the username - often referred to as
sAMAccountName or User Logon Name - of the account that is used to
perform directory lookups.
- For OpenLDAP, enter the full DN of the user.
extends_documentation_fragment:
- purestorage.fb
'''
EXAMPLES = r'''
- name: Delete exisitng management directory service
purefb_ds:
dstype: management
state: absent
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Create NFS directory service (disabled)
purefb_ds:
dstype: nfs
uri: "ldap://lab.purestorage.com"
base_dn: "DC=lab,DC=purestorage,DC=com"
bind_user: Administrator
bind_password: password
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Enable exisitng SMB directory service
purefb_ds:
dstypr: smb
enable: true
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Disable exisitng management directory service
purefb_ds:
dstype: management
enable: false
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Create NFS directory service (enabled)
purefb_ds:
dstype: nfs
enable: true
uri: "ldap://lab.purestorage.com"
base_dn: "DC=lab,DC=purestorage,DC=com"
bind_user: Administrator
bind_password: password
fb_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
'''
RETURN = r'''
'''
HAS_PURITY_FB = True
try:
from purity_fb import DirectoryService
except ImportError:
HAS_PURITY_FB = False
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.pure import get_blade, purefb_argument_spec
def update_ds(module, blade):
"""Update Directory Service"""
changed = False
module.exit_json(changed=changed)
def enable_ds(module, blade):
"""Enable Directory Service"""
changed = False
try:
blade.directory_services.update_directory_services(names=[module.params['dstype']],
directory_service=DirectoryService(enabled=True))
changed = True
except Exception:
module.fail_json(msg='Enable {0} Directory Service failed: Check Configuration'.format(module.params['dstype']))
module.exit_json(changed=changed)
def disable_ds(module, blade):
"""Disable Directory Service"""
changed = False
try:
blade.directory_services.update_directory_services(names=[module.params['dstype']],
directory_service=DirectoryService(enabled=False))
changed = True
except Exception:
module.fail_json(msg='Disable {0} Directory Service failed'.format(module.params['dstype']))
module.exit_json(changed=changed)
def delete_ds(module, blade):
"""Delete Directory Service"""
changed = False
try:
dir_service = DirectoryService(uris=[''],
base_dn="",
bind_user="",
bind_password="",
enabled=False)
blade.directory_services.update_directory_services(names=[module.params['dstype']],
directory_service=dir_service)
changed = True
except Exception:
module.fail_json(msg='Delete {0} Directory Service failed'.format(module.params['dstype']))
module.exit_json(changed=changed)
def create_ds(module, blade):
"""Create Directory Service"""
changed = False
try:
dir_service = DirectoryService(uris=module.params['uri'],
base_dn=module.params['base_dn'],
bind_user=module.params['bind_user'],
bind_password=module.params['bind_password'],
enabled=module.params['enable'])
blade.directory_services.update_directory_services(names=[module.params['dstype']],
directory_service=dir_service)
changed = True
except Exception:
module.fail_json(msg='Create {0} Directory Service failed: Check configuration'.format(module.params['dstype']))
module.exit_json(changed=changed)
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(dict(
uri=dict(type='list'),
dstype=dict(required=True, type='str', choices=['management', 'nfs', 'smb']),
state=dict(type='str', default='present', choices=['absent', 'present']),
enable=dict(type='bool', default=False),
bind_password=dict(type='str', no_log=True),
bind_user=dict(type='str'),
base_dn=dict(type='str'),
))
required_together = [['uri', 'bind_password', 'bind_user', 'base_dn']]
module = AnsibleModule(argument_spec,
required_together=required_together,
supports_check_mode=False)
if not HAS_PURITY_FB:
module.fail_json(msg='purity_fb sdk is required for this module')
state = module.params['state']
blade = get_blade(module)
ds_configured = False
dirserv = blade.directory_services.list_directory_services(names=[module.params['dstype']])
ds_enabled = dirserv.items[0].enabled
if dirserv.items[0].base_dn is not None:
ds_configured = True
if state == 'absent' and ds_configured:
delete_ds(module, blade)
elif ds_configured and module.params['enable'] and ds_enabled:
update_ds(module, blade)
elif ds_configured and not module.params['enable'] and ds_enabled:
disable_ds(module, blade)
elif ds_configured and module.params['enable'] and not ds_enabled:
enable_ds(module, blade)
elif not ds_configured and state == 'present':
create_ds(module, blade)
else:
module.exit_json(changed=False)
if __name__ == '__main__':
main()
Write Preview
Loading…
Cancel
Save