#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2013, serge van Ginderachter # based on Matt Hite's bigip_pool module # (c) 2013, Matt Hite # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . DOCUMENTATION = ''' --- module: bigip_monitor_http short_description: "Manages F5 BIG-IP LTM http monitors" description: - "Manages F5 BIG-IP LTM monitors via iControl SOAP API" version_added: "1.3" author: Serge van Ginderachter notes: - "Requires BIG-IP software version >= 11" - "F5 developed module 'bigsuds' required (see http://devcentral.f5.com)" - "Best run as a local_action in your playbook" - "Monitor API documentation: https://devcentral.f5.com/wiki/iControl.LocalLB__Monitor.ashx" requirements: - bigsuds options: server: description: - BIG-IP host required: true default: null user: description: - BIG-IP username required: true default: null password: description: - BIG-IP password required: true default: null state: description: - Monitor state required: false default: 'present' choices: ['present', 'absent'] name: description: - Monitor name required: true default: null aliases: ['monitor'] partition: description: - Partition for the monitor required: false default: 'Common' parent: description: - The parent template of this monitor template required: false default: 'http' parent_partition: description: - Partition for the parent monitor required: false default: 'Common' send: description: - The send string for the monitor call required: true default: '' receive: description: - The receive string for the monitor call required: true default: '' receive_disable: description: - The receive disable string for the monitor call required: true default: '' ip: description: - IP address part of the ipport definition required: false default: '0.0.0.0' port: description: - port address part op the ipport definition required: false default: 0 interval: description: - The interval specifying how frequently the monitor instance of this template will run. By default, this interval is used for up and down states required: false default: 5 timeout: description: - The number of seconds in which the node or service must respond to the monitor request. If the target responds within the set time period, it is considered up. If the target does not respond within the set time period, it is considered down. You can change this number to any number you want, however, it should be 3 times the interval number of seconds plus 1 second. required: false default: 16 time_until_up: description: - Specifies the amount of time in seconds after the first successful response before a node will be marked up. A value of 0 will cause a node to be marked up immediately after a valid response is received from the node. The default setting is 0. required: false default: 0 ''' EXAMPLES = ''' ''' try: import bigsuds except ImportError: bigsuds_found = False else: bigsuds_found = True TEMPLATE_TYPE = 'TTYPE_HTTP' DEFAULT_PARENT_TYPE = 'http' # =========================================== # bigip_monitor module generic methods. # these should be re-useable for other monitor types # def bigip_api(bigip, user, password): api = bigsuds.BIGIP(hostname=bigip, username=user, password=password) return api def monitor_exists(module, api, monitor, parent): # hack to determine if monitor exists result = False try: ttype = api.LocalLB.Monitor.get_template_type(template_names=[monitor])[0] parent2 = api.LocalLB.Monitor.get_parent_template(template_names=[monitor])[0] if ttype == TEMPLATE_TYPE and parent == parent2: result = True else: module.fail_json(msg='Monitor already exists, but has a different type (%s) or parent(%s)' % (ttype, parent)) except bigsuds.OperationFailed, e: if "was not found" in str(e): result = False else: # genuine exception raise return result def create_monitor(api, monitor, template_attributes): try: api.LocalLB.Monitor.create_template(templates=[{'template_name': monitor, 'template_type': TEMPLATE_TYPE}], template_attributes=[template_attributes]) except bigsuds.OperationFailed, e: if "already exists" in str(e): pass else: # genuine exception raise def delete_monitor(api, monitor): try: api.LocalLB.Monitor.delete_template(template_names=[monitor]) except bigsuds.OperationFailed, e: # maybe it was deleted since we checked if not "was not found" in str(e): # genuine exception raise def check_string_property(api, monitor, str_property): return str_property == api.LocalLB.Monitor.get_template_string_property([monitor], [str_property['type']])[0] def set_string_property(api, monitor, str_property): api.LocalLB.Monitor.set_template_string_property(template_names=[monitor], values=[str_property]) def check_integer_property(api, monitor, int_property): return int_property == api.LocalLB.Monitor.get_template_integer_property([monitor], [int_property['type']])[0] def set_integer_property(api, monitor, int_property): api.LocalLB.Monitor.set_template_int_property(template_names=[monitor], values=[int_property]) def check_ipport(api, monitor, ipport): return [ipport] == api.LocalLB.Monitor.get_template_destination(template_names=[monitor]) def set_ipport(api, monitor, ipport): try: api.LocalLB.Monitor.set_template_destination(template_names=[monitor], destinations=[ipport]) return True, "" except bigsuds.OperationFailed, e: if "Cannot modify the address type of monitor" in str(e): return False, "Cannot modify the address type of monitor if already assigned to a pool." else: # genuine exception raise # =========================================== # main loop # # writing a module for other monitor types should # only need an updated main() def main(): module = AnsibleModule( argument_spec = dict( server = dict(required=True), user = dict(required=True), password = dict(required=True), partition = dict(default='Common'), state = dict(default='present', choices=['present', 'absent']), name = dict(required=True), parent = dict(default=DEFAULT_PARENT_TYPE), parent_partition = dict(default='Common'), send = dict(required=True, default=''), receive = dict(required=True, default=''), receive_disable = dict(required=True, default=''), ip = dict(required=False, default='0.0.0.0'), port = dict(required=False, type='int', default=0), interval = dict(required=False, type='int', default=5), timeout = dict(required=False, type='int', default=16) time_until_up = dict(required=False, type='int', default=0) ), supports_check_mode=True ) if not bigsuds_found: module.fail_json(msg="the python bigsuds module is required") server = module.params['server'] user = module.params['user'] password = module.params['password'] partition = module.params['partition'] parent_partition = module.params['parent_partition'] state = module.params['state'] name = module.params['name'] parent = "/%s/%s" % (parent_partition, module.params['parent']) monitor = "/%s/%s" % (partition, name) send = module.params['send'] receive = module.params['receive'] receive_disable = module.params['receive_disable'] ip = module.params['ip'] port = module.params['port'] interval = module.params['interval'] timeout = module.params['timeout'] time_until_up = module.params['time_until_up'] if ip == '0.0.0.0' and port == 0: address_type = 'ATYPE_STAR_ADDRESS_STAR_PORT' elif ip == '0.0.0.0' and port != 0: address_type = 'ATYPE_STAR_ADDRESS_EXPLICIT_PORT' elif ip != '0.0.0.0' and port != 0: address_type = 'ATYPE_EXPLICIT_ADDRESS_EXPLICIT_PORT' else: address_type = 'ATYPE_UNSET' # main logic try: api = bigip_api(server, user, password) result = {'changed': False} # default if state == 'absent': if monitor_exists: if not module.check_mode: delete_monitor(api, monitor) result['changed'] = True else: ipport = {'address_type': address_type, 'ipport': {'address': ip, 'port': port}} template_attributes = {'parent_template': parent, 'dest_ipport': ipport, 'interval': interval, 'timeout': timeout, 'is_read_only': False, 'is_directly_usable': True } template_string_properties = [{'type': 'STYPE_SEND', 'value': send}, {'type': 'STYPE_RECEIVE', 'value': receive} {'type': 'STYPE_RECEIVE_DRAIN', 'value': receive_disable}] template_integer_properties = [{'type': 'ITYPE_INTERVAL', 'value': interval}, {'type': 'ITYPE_TIMEOUT', 'value': timeout}, {'type': 'ITYPE_TIME_UNTIL_UP', 'value': interval}] if monitor_exists(module, api, monitor, parent): for str_property in template_string_properties: if not check_string_property(api, monitor, str_property): if not module.check_mode: set_string_property(api, monitor, str_property) result['changed'] = True for int_property in template_integer_properties: if not check_integer_property(api, monitor, int_property): if not module.check_mode: set_integer_property(api, monitor, int_property) result['changed'] = True if not check_ipport(api, monitor, ipport): if not module.check_mode: res, msg = set_ipport(api, monitor, ipport) if not res: module.fail_json(msg=msg) result['changed'] = True elif not module.check_mode: create_monitor(api, monitor, template_attributes) for str_property in template_string_properties: set_string_property(api, monitor, str_property) result['changed'] = True else: # monitor does not exist and check mode result['changed'] = True except Exception, e: module.fail_json(msg="received exception: %s" % e) module.exit_json(**result) # include magic from lib/ansible/module_common.py #<> main()