shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351
							#!/usr/bin/python
#
# (c) 2015, Russell Harrison <rharriso@redhat.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# pylint: disable=too-many-branches
'''Ansible module to manage records in the Dyn Managed DNS service'''
DOCUMENTATION = '''
---
module: dyn_record
version_added: "1.9"
short_description: Manage records in the Dyn Managed DNS service.
description:
  - "Manages DNS records via the REST API of the Dyn Managed DNS service.  It
  - "handles records only; there is no manipulation of zones or account support"
  - "yet. See: U(https://help.dyn.com/dns-api-knowledge-base/)"
options:
  state:
    description:
      -"Whether the record should be c(present) or c(absent). Optionally the"
      - "state c(list) can be used to return the current value of a record."
    required: true
    choices: [ 'present', 'absent', 'list' ]
    default: present

  customer_name:
    description:
      - "The Dyn customer name for your account.  If not set the value of the"
      - "c(DYNECT_CUSTOMER_NAME) environment variable is used."
    required: false
    default: nil

  user_name:
    description:
      - "The Dyn user name to log in with. If not set the value of the"
      - "c(DYNECT_USER_NAME) environment variable is used."
    required: false
    default: null

  user_password:
    description:
      - "The Dyn user's password to log in with. If not set the value of the"
      - "c(DYNECT_PASSWORD) environment variable is used."
    required: false
    default: null

  zone:
    description:
      - "The DNS zone in which your record is located."
    required: true
    default: null

  record_fqdn:
    description:
      - "Fully qualified domain name of the record name to get, create, delete,"
      - "or update."
    required: true
    default: null

  record_type:
    description:
      - "Record type."
    required: true
    choices: [ 'A', 'AAAA', 'CNAME', 'PTR', 'TXT' ]
    default: null

  record_value:
    description:
      - "Record value. If record_value is not specified; no changes will be"
      - "made and the module will fail"
    required: false
    default: null

  record_ttl:
    description:
      - 'Record's "Time to live".  Number of seconds the record remains cached'
      - 'in DNS servers or c(0) to use the default TTL for the zone.'
      - 'This option is mutually exclusive with use_zone_ttl'
    required: false
    default: 0

  use_zone_ttl:
    description:
      - 'Use the DYN Zone's Default TTL'
      - 'This option is mutually exclusive with record_ttl'
    required: false
    default: false
    mutually exclusive with: record_ttl

notes:
  - The module makes a broad assumption that there will be only one record per "node" (FQDN).
  - This module returns record(s) in the "result" element when 'state' is set to 'present'. This value can be be registered and used in your playbooks.

requirements: [ dyn ]
author: "Russell Harrison"
'''

EXAMPLES = '''
# Attempting to cname www.example.com to web1.example.com
- name: Update CNAME record
  dyn_record:
    state: present
    record_fqdn: www.example.com
    zone: example.com
    record_type: CNAME
    record_value: web1.example.com
    record_ttl: 7200

# Use the zones default TTL
- name: Update CNAME record
  dyn_record:
    state: present
    record_fqdn: www.example.com
    zone: example.com
    record_type: CNAME
    record_value: web1.example.com
    use_zone_ttl: true

- name: Update A record
  dyn_record:
    state: present
    record_fqdn: web1.example.com
    zone: example.com
    record_value: 10.0.0.10
    record_type: A
'''

try:
    IMPORT_ERROR = False
    from dyn.tm.session import DynectSession
    from dyn.tm.zones import Zone
    import dyn.tm.errors
    import os

except ImportError as error:
    IMPORT_ERROR = str(error)

# Each of the record types use a different method for the value.
RECORD_PARAMS = {
    'A'     : {'value_param': 'address'},
    'AAAA'  : {'value_param': 'address'},
    'CNAME' : {'value_param': 'cname'},
    'PTR'   : {'value_param': 'ptrdname'},
    'TXT'   : {'value_param': 'txtdata'}
}

# You'll notice that the value_param doesn't match the key (records_key)
# in the dict returned from Dyn when doing a dyn_node.get_all_records()
# This is a frustrating lookup dict to allow mapping to the RECORD_PARAMS
# dict so we can lookup other values in it efficiently

def get_record_type(record_key):
    '''Get the record type represented by the keys returned from get_any_records.'''
    return record_key.replace('_records', '').upper()

def get_record_key(record_type):
    '''Get the key to look up records in the dictionary returned from get_any_records.
       example:
       'cname_records'
    '''
    return record_type.lower() + '_records'

def get_any_records(module, node):
    '''Get any records for a given node'''
    # Lets get a list of the A records for the node
    try:
        records = node.get_any_records()
    except dyn.tm.errors.DynectGetError as error:
        if 'Not in zone' in str(error):
            # The node isn't in the zone so we'll return an empty dictionary
            return {}
        else:
            # An unknown error happened so we'll need to return it.
            module.fail_json(msg='Unable to get records',
                             error=str(error))

    # Return a dictionary of the record objects
    return records

def get_record_values(records):
    '''Get the record values for each record returned by get_any_records.'''
    # This simply returns the values from a record
    ret_dict = {}
    for key in records.keys():
        record_type = get_record_type(key)
        params = [RECORD_PARAMS[record_type]['value_param'], 'ttl', 'zone', 'fqdn']
        ret_dict[key] = []
        properties = {}
        for elem in records[key]:
            for param in params:
                properties[param] = getattr(elem, param)
            ret_dict[key].append(properties)

    return ret_dict

def compare_record_values(record_type_key, user_record_value, dyn_values):
    ''' Verify the user record_value exists in dyn'''
    rtype = get_record_type(record_type_key)
    for record in dyn_values[record_type_key]:
        if user_record_value in record[RECORD_PARAMS[rtype]['value_param']]:
            return True

    return False

def compare_record_ttl(record_type_key, user_record_value, dyn_values, user_param_ttl):
    ''' Verify the ttls match for the record'''
    rtype = get_record_type(record_type_key)
    for record in dyn_values[record_type_key]:
        # find the right record
        if user_record_value in record[RECORD_PARAMS[rtype]['value_param']]:
            # Compare ttls from the records
            if int(record['ttl']) == user_param_ttl:
                return True

    return False

def main():
    '''Ansible module for managing Dyn DNS records.'''
    module = AnsibleModule(
        argument_spec=dict(
            state=dict(default='present', choices=['present', 'absent', 'list']),
            customer_name=dict(default=os.environ.get('DYNECT_CUSTOMER_NAME', None), type='str'),
            user_name=dict(default=os.environ.get('DYNECT_USER_NAME', None), type='str', no_log=True),
            user_password=dict(default=os.environ.get('DYNECT_PASSWORD', None), type='str', no_log=True),
            zone=dict(required=True, type='str'),
            record_fqdn=dict(required=False, type='str'),
            record_type=dict(required=False, type='str', choices=[
                'A', 'AAAA', 'CNAME', 'PTR', 'TXT']),
            record_value=dict(required=False, type='str'),
            record_ttl=dict(required=False, default=None, type='int'),
            use_zone_ttl=dict(required=False, default=False),
        ),
        required_together=(
            ['record_fqdn', 'record_value', 'record_ttl', 'record_type']
        ),
        mutually_exclusive=[('record_ttl', 'use_zone_ttl')]
    )

    if IMPORT_ERROR:
        module.fail_json(msg="Unable to import dyn module: https://pypi.python.org/pypi/dyn", error=IMPORT_ERROR)

    if module.params['record_ttl'] != None and int(module.params['record_ttl']) <= 0:
        module.fail_json(msg="Invalid Value for record TTL")

    # Start the Dyn session
    try:
        _ = DynectSession(module.params['customer_name'],
                          module.params['user_name'],
                          module.params['user_password'])
    except dyn.tm.errors.DynectAuthError as error:
        module.fail_json(msg='Unable to authenticate with Dyn', error=str(error))

    # Retrieve zone object
    try:
        dyn_zone = Zone(module.params['zone'])
    except dyn.tm.errors.DynectGetError as error:
        if 'No such zone' in str(error):
            module.fail_json(msg="Not a valid zone for this account", zone=module.params['zone'])
        else:
            module.fail_json(msg="Unable to retrieve zone", error=str(error))

    # To retrieve the node object we need to remove the zone name from the FQDN
    dyn_node_name = module.params['record_fqdn'].replace('.' + module.params['zone'], '')

    # Retrieve the zone object from dyn
    dyn_zone = Zone(module.params['zone'])

    # Retrieve the node object from dyn
    dyn_node = dyn_zone.get_node(node=dyn_node_name)

    # All states will need a list of the exiting records for the zone.
    dyn_node_records = get_any_records(module, dyn_node)

    dyn_values = get_record_values(dyn_node_records)

    if module.params['state'] == 'list':
        module.exit_json(changed=False, dyn_records=dyn_values)

    elif module.params['state'] == 'absent':
        # If there are any records present we'll want to delete the node.
        if dyn_node_records:
            dyn_node.delete()

            # Publish the zone since we've modified it.
            dyn_zone.publish()

            module.exit_json(changed=True, msg="Removed node %s from zone %s" % (dyn_node_name, module.params['zone']))

        module.exit_json(changed=False)

    elif module.params['state'] == 'present':

        # configure the TTL variable:
        # if use_zone_ttl, use the default TTL of the account.
        # if TTL == None, don't check it, set it as 0 (api default)
        # if TTL > 0, ensure this TTL is set
        if module.params['use_zone_ttl']:
            user_param_ttl = dyn_zone.ttl
        elif not module.params['record_ttl']:
            user_param_ttl = 0
        else:
            user_param_ttl = module.params['record_ttl']

        # First get a list of existing records for the node
        record_type_key = get_record_key(module.params['record_type'])
        user_record_value = module.params['record_value']

        # Check to see if the record is already in place before doing anything.
        if dyn_node_records and compare_record_values(record_type_key, user_record_value, dyn_values):

            if user_param_ttl == 0 or \
               compare_record_ttl(record_type_key, user_record_value, dyn_values, user_param_ttl):
                module.exit_json(changed=False, dyn_record=dyn_values)

        # Working on the assumption that there is only one record per
        # node we will first delete the node if there are any records before
        # creating the correct record
        if dyn_node_records:
            dyn_node.delete()

        # Now lets create the correct node entry.
        record = dyn_zone.add_record(dyn_node_name,
                                     module.params['record_type'],
                                     module.params['record_value'],
                                     user_param_ttl
                                    )

        # Now publish the zone since we've updated it.
        dyn_zone.publish()

        rmsg = "Created node [%s] "  % dyn_node_name
        rmsg += "in zone: [%s]"      % module.params['zone']
        module.exit_json(changed=True, msg=rmsg, dyn_record=get_record_values({record_type_key: [record]}))

    module.fail_json(msg="Unknown state: [%s]" % module.params['state'])

# Ansible tends to need a wild card import so we'll use it here
# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled
from ansible.module_utils.basic import *
if __name__ == '__main__':
    main()