2019-02-19 10:48:40 +00:00
|
|
|
# This code is part of Ansible, but is an independent component.
|
|
|
|
|
# This particular file snippet, and this file snippet only, is BSD licensed.
|
|
|
|
|
# Modules you write using this snippet, which is embedded dynamically by Ansible
|
|
|
|
|
# still belong to the author of the module, and may assign their own license
|
|
|
|
|
# to the complete work.
|
|
|
|
|
#
|
|
|
|
|
# (c) 2019 Red Hat Inc.
|
|
|
|
|
#
|
|
|
|
|
# Redistribution and use in source and binary forms, with or without modification,
|
|
|
|
|
# are permitted provided that the following conditions are met:
|
|
|
|
|
#
|
|
|
|
|
# * Redistributions of source code must retain the above copyright
|
|
|
|
|
# notice, this list of conditions and the following disclaimer.
|
|
|
|
|
# * Redistributions in binary form must reproduce the above copyright notice,
|
|
|
|
|
# this list of conditions and the following disclaimer in the documentation
|
|
|
|
|
# and/or other materials provided with the distribution.
|
|
|
|
|
#
|
|
|
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
|
|
|
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
|
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
|
# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
|
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
|
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
|
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
|
|
|
|
|
# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
import os
|
2019-03-13 10:52:31 +00:00
|
|
|
import uuid
|
2019-02-19 10:48:40 +00:00
|
|
|
|
|
|
|
|
from ansible.module_utils.six import iteritems
|
|
|
|
|
from ansible.module_utils.six import iterkeys
|
|
|
|
|
from ansible.module_utils._text import to_text
|
|
|
|
|
from ansible.module_utils.basic import env_fallback
|
|
|
|
|
|
|
|
|
|
try:
|
2019-03-13 10:52:31 +00:00
|
|
|
from skydive.graph import Node, Edge
|
2019-02-19 10:48:40 +00:00
|
|
|
from skydive.rest.client import RESTClient
|
2019-03-13 10:52:31 +00:00
|
|
|
from skydive.websocket.client import NodeAddedMsgType, NodeUpdatedMsgType, NodeDeletedMsgType
|
|
|
|
|
from skydive.websocket.client import EdgeAddedMsgType, EdgeUpdatedMsgType, EdgeDeletedMsgType
|
|
|
|
|
from skydive.websocket.client import WSClient, WSClientDefaultProtocol, WSMessage
|
2019-02-19 10:48:40 +00:00
|
|
|
HAS_SKYDIVE_CLIENT = True
|
|
|
|
|
except ImportError:
|
|
|
|
|
HAS_SKYDIVE_CLIENT = False
|
|
|
|
|
|
|
|
|
|
# defining skydive constants
|
|
|
|
|
SKYDIVE_GREMLIN_QUERY = 'G.V().Has'
|
2019-03-13 10:52:31 +00:00
|
|
|
SKYDIVE_GREMLIN_EDGE_QUERY = 'G.E().Has'
|
2019-02-19 10:48:40 +00:00
|
|
|
|
|
|
|
|
SKYDIVE_PROVIDER_SPEC = {
|
|
|
|
|
'endpoint': dict(fallback=(env_fallback, ['SKYDIVE_ENDPOINT'])),
|
|
|
|
|
'username': dict(fallback=(env_fallback, ['SKYDIVE_USERNAME'])),
|
|
|
|
|
'password': dict(fallback=(env_fallback, ['SKYDIVE_PASSWORD']), no_log=True),
|
|
|
|
|
'insecure': dict(type='bool', default=False, fallback=(env_fallback, ['SKYDIVE_INSECURE'])),
|
|
|
|
|
'ssl': dict(type='bool', default=False, fallback=(env_fallback, ['SKYDIVE_SSL']))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-03-13 10:52:31 +00:00
|
|
|
class skydive_client_check(object):
|
|
|
|
|
""" Base class for implementing Skydive Rest API """
|
|
|
|
|
|
2019-02-19 10:48:40 +00:00
|
|
|
provider_spec = {'provider': dict(type='dict', options=SKYDIVE_PROVIDER_SPEC)}
|
|
|
|
|
|
|
|
|
|
def __init__(self, **kwargs):
|
2019-03-13 10:52:31 +00:00
|
|
|
''' Base class for implementing Skydive Rest API '''
|
2019-02-19 10:48:40 +00:00
|
|
|
if not HAS_SKYDIVE_CLIENT:
|
|
|
|
|
raise Exception('skydive-client is required but does not appear '
|
|
|
|
|
'to be installed. It can be installed using the '
|
|
|
|
|
'command `pip install skydive-client`')
|
|
|
|
|
|
|
|
|
|
if not set(kwargs.keys()).issubset(SKYDIVE_PROVIDER_SPEC.keys()):
|
|
|
|
|
raise Exception('invalid or unsupported keyword argument for skydive_restclient connection.')
|
|
|
|
|
for key, value in iteritems(SKYDIVE_PROVIDER_SPEC):
|
|
|
|
|
if key not in kwargs:
|
|
|
|
|
# apply default values from SKYDIVE_PROVIDER_SPEC since we cannot just
|
|
|
|
|
# assume the provider values are coming from AnsibleModule
|
|
|
|
|
if 'default' in value:
|
|
|
|
|
kwargs[key] = value['default']
|
|
|
|
|
# override any values with env variables unless they were
|
|
|
|
|
# explicitly set
|
|
|
|
|
env = ('SKYDIVE_%s' % key).upper()
|
|
|
|
|
if env in os.environ:
|
|
|
|
|
kwargs[key] = os.environ.get(env)
|
2019-03-13 10:52:31 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_inject_protocol(object):
|
|
|
|
|
""" Implements inject protocol for node and edge modules """
|
|
|
|
|
|
|
|
|
|
def onOpen(self):
|
|
|
|
|
module = self.factory.kwargs["module"]
|
|
|
|
|
params = self.factory.kwargs["params"]
|
|
|
|
|
result = self.factory.kwargs["result"]
|
|
|
|
|
if "node1" and "node2" in self.factory.kwargs:
|
|
|
|
|
node1 = self.factory.kwargs["node1"]
|
|
|
|
|
node2 = self.factory.kwargs["node2"]
|
|
|
|
|
|
|
|
|
|
if module.check_mode:
|
|
|
|
|
self.stop()
|
|
|
|
|
return
|
|
|
|
|
try:
|
|
|
|
|
host = params["host"]
|
|
|
|
|
if params["metadata"]:
|
|
|
|
|
metadata = module._check_type_dict(params["metadata"])
|
|
|
|
|
else:
|
|
|
|
|
metadata = {}
|
|
|
|
|
if "node_type" in params:
|
|
|
|
|
metadata["Name"] = params["name"]
|
|
|
|
|
metadata["Type"] = params["node_type"]
|
|
|
|
|
seed = params["seed"]
|
|
|
|
|
if not seed:
|
|
|
|
|
seed = "%s:%s" % (params["name"], params["node_type"])
|
|
|
|
|
if module.params['state'] == 'present' or module.params['state'] == 'update':
|
|
|
|
|
uid = str(uuid.uuid5(uuid.NAMESPACE_OID, seed))
|
|
|
|
|
node = Node(uid, host, metadata=metadata)
|
|
|
|
|
if module.params['state'] == 'present':
|
|
|
|
|
msg = WSMessage("Graph", NodeAddedMsgType, node)
|
|
|
|
|
else:
|
|
|
|
|
msg = WSMessage("Graph", NodeUpdatedMsgType, node)
|
|
|
|
|
else:
|
|
|
|
|
uid = params['id']
|
|
|
|
|
node = Node(uid, host, metadata=metadata)
|
|
|
|
|
msg = WSMessage("Graph", NodeDeletedMsgType, node)
|
|
|
|
|
elif "relation_type" in params:
|
|
|
|
|
metadata["RelationType"] = params["relation_type"]
|
|
|
|
|
if module.params['state'] == 'present' or module.params['state'] == 'update':
|
|
|
|
|
uid = str(uuid.uuid5(uuid.NAMESPACE_OID, "%s:%s:%s" %
|
|
|
|
|
(node1, node2, params["relation_type"])))
|
|
|
|
|
edge = Edge(uid, host, node1, node2, metadata=metadata)
|
|
|
|
|
if module.params['state'] == 'present':
|
|
|
|
|
msg = WSMessage("Graph", EdgeAddedMsgType, edge)
|
|
|
|
|
else:
|
|
|
|
|
msg = WSMessage("Graph", EdgeUpdatedMsgType, edge)
|
|
|
|
|
else:
|
|
|
|
|
uid = module.params['id']
|
|
|
|
|
edge = Edge(uid, host, node1, node2, metadata=metadata)
|
|
|
|
|
msg = WSMessage("Graph", EdgeDeletedMsgType, edge)
|
|
|
|
|
|
|
|
|
|
self.sendWSMessage(msg)
|
|
|
|
|
if uid:
|
|
|
|
|
result["UUID"] = uid
|
|
|
|
|
result["changed"] = True
|
|
|
|
|
except Exception as e:
|
|
|
|
|
module.fail_json(
|
|
|
|
|
msg='Error during topology update %s' % e, **result)
|
|
|
|
|
finally:
|
|
|
|
|
self.stop()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_wsclient(skydive_client_check):
|
|
|
|
|
""" Base class for implementing Skydive Websocket API """
|
|
|
|
|
|
|
|
|
|
def __init__(self, module, **kwargs):
|
|
|
|
|
super(skydive_wsclient, self).__init__(**kwargs)
|
|
|
|
|
|
|
|
|
|
class skydive_full_inject_protocol(skydive_inject_protocol, WSClientDefaultProtocol):
|
|
|
|
|
pass
|
|
|
|
|
kwargs['scheme'] = "ws"
|
|
|
|
|
if 'ssl' in kwargs:
|
|
|
|
|
if kwargs['ssl']:
|
|
|
|
|
kwargs['scheme'] = "wss"
|
|
|
|
|
if 'insecure' not in kwargs:
|
|
|
|
|
kwargs['insecure'] = False
|
|
|
|
|
scheme = kwargs['scheme']
|
|
|
|
|
self.result = dict(changed=False)
|
|
|
|
|
if "node_type" in module.params:
|
|
|
|
|
self.wsclient_object = WSClient("ansible-" + str(os.getpid()) + "-" + module.params['host'],
|
|
|
|
|
"%s://%s/ws/publisher" % (scheme, kwargs["endpoint"]),
|
|
|
|
|
protocol=type('skydive_full_inject_protocol', (skydive_inject_protocol,
|
|
|
|
|
WSClientDefaultProtocol), dict()),
|
|
|
|
|
persistent=True,
|
|
|
|
|
insecure=kwargs["insecure"],
|
|
|
|
|
username=kwargs["username"],
|
|
|
|
|
password=kwargs["password"],
|
|
|
|
|
module=module,
|
|
|
|
|
params=module.params,
|
|
|
|
|
result=self.result)
|
|
|
|
|
elif "relation_type" in module.params:
|
|
|
|
|
self.parent_node = self.get_node_id(module.params['parent_node'])
|
|
|
|
|
self.child_node = self.get_node_id(module.params['child_node'])
|
|
|
|
|
|
|
|
|
|
self.wsclient_object = WSClient("ansible-" + str(os.getpid()) + "-" + module.params['host'],
|
|
|
|
|
"%s://%s/ws/publisher" % (scheme, kwargs["endpoint"]),
|
|
|
|
|
protocol=type('skydive_full_inject_protocol', (skydive_inject_protocol,
|
|
|
|
|
WSClientDefaultProtocol), dict()),
|
|
|
|
|
persistent=True,
|
|
|
|
|
insecure=kwargs["insecure"],
|
|
|
|
|
username=kwargs["username"],
|
|
|
|
|
password=kwargs["password"],
|
|
|
|
|
module=module,
|
|
|
|
|
params=module.params,
|
|
|
|
|
node1=self.parent_node,
|
|
|
|
|
node2=self.child_node,
|
|
|
|
|
result=self.result)
|
|
|
|
|
|
|
|
|
|
def get_node_id(self, node_selector):
|
|
|
|
|
""" Checks if Gremlin expresssion is passed as input to get the nodes UUID """
|
|
|
|
|
if node_selector.startswith("G.") or node_selector.startswith("g."):
|
|
|
|
|
nodes = self.restclient_object.lookup_nodes(node_selector)
|
|
|
|
|
if len(nodes) == 0:
|
|
|
|
|
raise self.module.fail_json(msg=to_text("Node not found: {0}".format(node_selector)))
|
|
|
|
|
elif len(nodes) > 1:
|
|
|
|
|
raise self.module.fail_json(
|
|
|
|
|
msg=to_text("Node selection should return only one node: {0}".format(node_selector)))
|
|
|
|
|
return str(nodes[0].id)
|
|
|
|
|
return node_selector
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_restclient(skydive_client_check):
|
|
|
|
|
""" Base class for implementing Skydive Rest API """
|
|
|
|
|
|
|
|
|
|
def __init__(self, **kwargs):
|
|
|
|
|
super(skydive_restclient, self).__init__(**kwargs)
|
2019-02-19 10:48:40 +00:00
|
|
|
kwargs['scheme'] = "http"
|
|
|
|
|
if 'ssl' in kwargs:
|
|
|
|
|
if kwargs['ssl']:
|
|
|
|
|
kwargs['scheme'] = "https"
|
|
|
|
|
if 'insecure' not in kwargs:
|
|
|
|
|
kwargs['insecure'] = False
|
|
|
|
|
self.restclient_object = RESTClient(kwargs['endpoint'],
|
|
|
|
|
scheme=kwargs['scheme'],
|
|
|
|
|
insecure=kwargs['insecure'],
|
|
|
|
|
username=kwargs['username'],
|
|
|
|
|
password=kwargs['password'])
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_lookup(skydive_restclient):
|
2019-03-13 10:52:31 +00:00
|
|
|
""" Implements Skydive Lookup queries """
|
|
|
|
|
|
2019-02-19 10:48:40 +00:00
|
|
|
provider_spec = {'provider': dict(type='dict', options=SKYDIVE_PROVIDER_SPEC)}
|
|
|
|
|
|
|
|
|
|
def __init__(self, provider):
|
|
|
|
|
super(skydive_lookup, self).__init__(**provider)
|
|
|
|
|
self.query_str = ""
|
|
|
|
|
|
|
|
|
|
def lookup_query(self, filter_data):
|
|
|
|
|
query_key = filter_data.keys()[0]
|
|
|
|
|
self.query_str = filter_data[query_key]
|
|
|
|
|
nodes = self.restclient_object.lookup_nodes(self.query_str)
|
|
|
|
|
result = []
|
|
|
|
|
for each in nodes:
|
|
|
|
|
result.append(each.__dict__)
|
|
|
|
|
if len(result) == 0:
|
|
|
|
|
raise Exception("Cannot find any entry for the input Gremlin query!")
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_flow_capture(skydive_restclient):
|
2019-03-13 10:52:31 +00:00
|
|
|
""" Implements Skydive Flow capture modules """
|
|
|
|
|
|
2019-02-19 10:48:40 +00:00
|
|
|
def __init__(self, module):
|
|
|
|
|
self.module = module
|
|
|
|
|
provider = module.params['provider']
|
|
|
|
|
|
|
|
|
|
super(skydive_flow_capture, self).__init__(**provider)
|
|
|
|
|
|
|
|
|
|
def run(self, ib_spec):
|
|
|
|
|
state = self.module.params['state']
|
|
|
|
|
if state not in ('present', 'absent'):
|
|
|
|
|
self.module.fail_json(msg='state must be one of `present`, `absent`, got `%s`' % state)
|
|
|
|
|
|
|
|
|
|
result = {'changed': False}
|
|
|
|
|
obj_filter = dict([(k, self.module.params[k]) for k, v in iteritems(ib_spec) if v.get('ib_req')])
|
|
|
|
|
|
|
|
|
|
proposed_object = {}
|
|
|
|
|
for key in iterkeys(ib_spec):
|
|
|
|
|
if self.module.params[key] is not None:
|
|
|
|
|
proposed_object[key] = self.module.params[key]
|
|
|
|
|
|
|
|
|
|
if obj_filter['query']:
|
|
|
|
|
cature_query = obj_filter['query']
|
|
|
|
|
elif obj_filter['interface_name'] and obj_filter['type']:
|
|
|
|
|
cature_query = SKYDIVE_GREMLIN_QUERY + "('Name', '{0}', 'Type', '{1}')".format(obj_filter['interface_name'],
|
|
|
|
|
obj_filter['type'])
|
|
|
|
|
else:
|
|
|
|
|
raise self.module.fail_json(msg="Interface name and Type is required if gremlin query is not defined!")
|
|
|
|
|
|
|
|
|
|
# to check current object ref for idempotency
|
|
|
|
|
captured_list_objs = self.restclient_object.capture_list()
|
|
|
|
|
current_ref_uuid = None
|
|
|
|
|
for each_capture in captured_list_objs:
|
|
|
|
|
if cature_query == each_capture.__dict__['query']:
|
|
|
|
|
current_ref_uuid = each_capture.__dict__['uuid']
|
|
|
|
|
break
|
|
|
|
|
if state == 'present':
|
|
|
|
|
if not current_ref_uuid:
|
|
|
|
|
try:
|
|
|
|
|
self.restclient_object.capture_create(cature_query, obj_filter['capture_name'],
|
|
|
|
|
obj_filter['description'], obj_filter['extra_tcp_metric'],
|
|
|
|
|
obj_filter['ip_defrag'], obj_filter['reassemble_tcp'],
|
|
|
|
|
obj_filter['layer_key_mode'])
|
|
|
|
|
except Exception as e:
|
|
|
|
|
self.module.fail_json(msg=to_text(e))
|
|
|
|
|
result['changed'] = True
|
|
|
|
|
if state == 'absent':
|
|
|
|
|
if current_ref_uuid:
|
|
|
|
|
try:
|
|
|
|
|
self.restclient_object.capture_delete(current_ref_uuid)
|
|
|
|
|
except Exception as e:
|
|
|
|
|
self.module.fail_json(msg=to_text(e))
|
|
|
|
|
result['changed'] = True
|
|
|
|
|
|
|
|
|
|
return result
|
2019-03-13 10:52:31 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_node(skydive_wsclient, skydive_restclient):
|
|
|
|
|
""" Implements Skydive Node modules """
|
|
|
|
|
|
|
|
|
|
def __init__(self, module):
|
|
|
|
|
self.module = module
|
|
|
|
|
provider = module.params['provider']
|
|
|
|
|
super(skydive_node, self).__init__(self.module, **provider)
|
|
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
|
try:
|
|
|
|
|
lookup_query = SKYDIVE_GREMLIN_QUERY + "('Name', '{0}', 'Type', '{1}')".format(self.module.params['name'],
|
|
|
|
|
self.module.params['node_type'])
|
|
|
|
|
node_exists = self.restclient_object.lookup_nodes(lookup_query)
|
|
|
|
|
|
|
|
|
|
if not node_exists and self.module.params['state'] == 'present':
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
elif len(node_exists) > 0 and self.module.params['state'] == 'update':
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
elif len(node_exists) > 0 and self.module.params['state'] == 'absent':
|
|
|
|
|
self.module.params['id'] = node_exists[0].__dict__['id']
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
except Exception as e:
|
|
|
|
|
self.module.fail_json(msg=to_text(e))
|
|
|
|
|
return self.result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class skydive_edge(skydive_wsclient, skydive_restclient):
|
|
|
|
|
""" Implements Skydive Edge modules """
|
|
|
|
|
|
|
|
|
|
def __init__(self, module):
|
|
|
|
|
self.module = module
|
|
|
|
|
provider = module.params['provider']
|
|
|
|
|
|
|
|
|
|
super(skydive_edge, self).__init__(self.module, **provider)
|
|
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
|
try:
|
|
|
|
|
edge_exists = False
|
|
|
|
|
edge_query = SKYDIVE_GREMLIN_EDGE_QUERY + "('Parent', '{0}', 'Child', '{1}')".format(self.parent_node,
|
|
|
|
|
self.child_node)
|
|
|
|
|
query_result = self.restclient_object.lookup_edges(edge_query)
|
|
|
|
|
if query_result:
|
|
|
|
|
query_result = query_result[0].__dict__
|
|
|
|
|
edge_exists = True
|
|
|
|
|
|
|
|
|
|
if not edge_exists and self.module.params['state'] == 'present':
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
elif edge_exists and self.module.params['state'] == 'update':
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
elif edge_exists and self.module.params['state'] == 'absent':
|
|
|
|
|
self.module.params['id'] = query_result['id']
|
|
|
|
|
self.wsclient_object.connect()
|
|
|
|
|
self.wsclient_object.start()
|
|
|
|
|
except Exception as e:
|
|
|
|
|
self.module.fail_json(msg=to_text(e))
|
|
|
|
|
return self.result
|
