diff options
Diffstat (limited to 'library/monitoring/boundary_meter')
| -rw-r--r-- | library/monitoring/boundary_meter | 256 |
1 files changed, 0 insertions, 256 deletions
diff --git a/library/monitoring/boundary_meter b/library/monitoring/boundary_meter deleted file mode 100644 index da739d4306..0000000000 --- a/library/monitoring/boundary_meter +++ /dev/null @@ -1,256 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -""" -Ansible module to add boundary meters. - -(c) 2013, curtis <curtis@serverascode.com> - -This file is part of Ansible - -Ansible is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -Ansible is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with Ansible. If not, see <http://www.gnu.org/licenses/>. -""" - -import json -import datetime -import base64 -import os - -DOCUMENTATION = ''' - -module: boundary_meter -short_description: Manage boundary meters -description: - - This module manages boundary meters -version_added: "1.3" -author: curtis@serverascode.com -requirements: - - Boundary API access - - bprobe is required to send data, but not to register a meter - - Python urllib2 -options: - name: - description: - - meter name - required: true - state: - description: - - Whether to create or remove the client from boundary - required: false - default: true - choices: ["present", "absent"] - apiid: - description: - - Organizations boundary API ID - required: true - apikey: - description: - - Organizations boundary API KEY - required: true - validate_certs: - description: - - If C(no), SSL certificates will not be validated. This should only be used - on personally controlled sites using self-signed certificates. - required: false - default: 'yes' - choices: ['yes', 'no'] - version_added: 1.5.1 - -notes: - - This module does not yet support boundary tags. - -''' - -EXAMPLES=''' -- name: Create meter - boundary_meter: apiid=AAAAAA api_key=BBBBBB state=present name={{ inventory_hostname }}" - -- name: Delete meter - boundary_meter: apiid=AAAAAA api_key=BBBBBB state=absent name={{ inventory_hostname }}" - -''' - -api_host = "api.boundary.com" -config_directory = "/etc/bprobe" - -# "resource" like thing or apikey? -def auth_encode(apikey): - auth = base64.standard_b64encode(apikey) - auth.replace("\n", "") - return auth - -def build_url(name, apiid, action, meter_id=None, cert_type=None): - if action == "create": - return 'https://%s/%s/meters' % (api_host, apiid) - elif action == "search": - return "https://%s/%s/meters?name=%s" % (api_host, apiid, name) - elif action == "certificates": - return "https://%s/%s/meters/%s/%s.pem" % (api_host, apiid, meter_id, cert_type) - elif action == "tags": - return "https://%s/%s/meters/%s/tags" % (api_host, apiid, meter_id) - elif action == "delete": - return "https://%s/%s/meters/%s" % (api_host, apiid, meter_id) - -def http_request(module, name, apiid, apikey, action, data=None, meter_id=None, cert_type=None): - - if meter_id is None: - url = build_url(name, apiid, action) - else: - if cert_type is None: - url = build_url(name, apiid, action, meter_id) - else: - url = build_url(name, apiid, action, meter_id, cert_type) - - headers = dict() - headers["Authorization"] = "Basic %s" % auth_encode(apikey) - headers["Content-Type"] = "application/json" - - return fetch_url(module, url, data=data, headers=headers) - -def create_meter(module, name, apiid, apikey): - - meters = search_meter(module, name, apiid, apikey) - - if len(meters) > 0: - # If the meter already exists, do nothing - module.exit_json(status="Meter " + name + " already exists",changed=False) - else: - # If it doesn't exist, create it - body = '{"name":"' + name + '"}' - response, info = http_request(module, name, apiid, apikey, data=body, action="create") - - if info['status'] != 200: - module.fail_json(msg="Failed to connect to api host to create meter") - - # If the config directory doesn't exist, create it - if not os.path.exists(config_directory): - try: - os.makedirs(config_directory) - except: - module.fail_json("Could not create " + config_directory) - - - # Download both cert files from the api host - types = ['key', 'cert'] - for cert_type in types: - try: - # If we can't open the file it's not there, so we should download it - cert_file = open('%s/%s.pem' % (config_directory,cert_type)) - except IOError: - # Now download the file... - rc = download_request(module, name, apiid, apikey, cert_type) - if rc == False: - module.fail_json("Download request for " + cert_type + ".pem failed") - - return 0, "Meter " + name + " created" - -def search_meter(module, name, apiid, apikey): - - response, info = http_request(module, name, apiid, apikey, action="search") - - if info['status'] != 200: - module.fail_json("Failed to connect to api host to search for meter") - - # Return meters - return json.loads(response.read()) - -def get_meter_id(module, name, apiid, apikey): - # In order to delete the meter we need its id - meters = search_meter(module, name, apiid, apikey) - - if len(meters) > 0: - return meters[0]['id'] - else: - return None - -def delete_meter(module, name, apiid, apikey): - - meter_id = get_meter_id(module, name, apiid, apikey) - - if meter_id is None: - return 1, "Meter does not exist, so can't delete it" - else: - response, info = http_request(module, name, apiid, apikey, action, meter_id) - if info['status'] != 200: - module.fail_json("Failed to delete meter") - - # Each new meter gets a new key.pem and ca.pem file, so they should be deleted - types = ['cert', 'key'] - for cert_type in types: - try: - cert_file = '%s/%s.pem' % (config_directory,cert_type) - os.remove(cert_file) - except OSError, e: - module.fail_json("Failed to remove " + cert_type + ".pem file") - - return 0, "Meter " + name + " deleted" - -def download_request(module, name, apiid, apikey, cert_type): - - meter_id = get_meter_id(module, name, apiid, apikey) - - if meter_id is not None: - action = "certificates" - response, info = http_request(module, name, apiid, apikey, action, meter_id, cert_type) - if info['status'] != 200: - module.fail_json("Failed to connect to api host to download certificate") - - if result: - try: - cert_file_path = '%s/%s.pem' % (config_directory,cert_type) - body = response.read() - cert_file = open(cert_file_path, 'w') - cert_file.write(body) - cert_file.close - os.chmod(cert_file_path, 0o600) - except: - module.fail_json("Could not write to certificate file") - - return True - else: - module.fail_json("Could not get meter id") - -def main(): - - module = AnsibleModule( - argument_spec=dict( - state=dict(required=True, choices=['present', 'absent']), - name=dict(required=False), - apikey=dict(required=True), - apiid=dict(required=True), - validate_certs = dict(default='yes', type='bool'), - ) - ) - - state = module.params['state'] - name= module.params['name'] - apikey = module.params['api_key'] - apiid = module.params['api_id'] - - if state == "present": - (rc, result) = create_meter(module, name, apiid, apikey) - - if state == "absent": - (rc, result) = delete_meter(module, name, apiid, apikey) - - if rc != 0: - module.fail_json(msg=result) - - module.exit_json(status=result,changed=True) - -# import module snippets -from ansible.module_utils.basic import * -from ansible.module_utils.urls import * -main() - |