bim 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c6f9989b1a73b84f166b102c06b20f48bffa922f
4
- data.tar.gz: 485d78106d2ed26cab37cfa6cb4e1cfb9131bd23
3
+ metadata.gz: a22460bf1ff35db4e0cbfe8f3fd22a46e739a549
4
+ data.tar.gz: 212c0cc27be235f2a1144f7d36faf5903cd73ca4
5
5
  SHA512:
6
- metadata.gz: 9e378820b2071376e3a5353134c9ed16e7f6d1d0c68adb6b5b240bb6434051fea7f1ae0ca4d6e93bbbf51bd0225c62cc4b17d65f658f6fadc1f983d735c6a0d9
7
- data.tar.gz: 0a8e22881900de573bf0969731351c25d053c431be7af6a1b836083afd2b606f715fff8c74120093cd6fcc7d98bc32baec6a4faed9275fe987dbfc0d41414fe1
6
+ metadata.gz: f159fae5b2c30d32531b6d4ab3d6dffb91d73cea666719b67f5e83a688f2a9193bd6a057c6dbd36b5e08b5be11279407ef565328f0337d5fc1ae5fc51c7e5569
7
+ data.tar.gz: 89022d1283c7f7931f4a7aa14906427b99ad5f722ade86f1a221f218d0b1b803d80bca4d975f15430d932b90936ee6c6f6c45ec3bd54fc564698ebdcc49312a0
data/README.md CHANGED
@@ -35,23 +35,7 @@ if you want to use `--test` option, set TEST_VS vriable.
35
35
  - `TEST_VS`: set test virtual server
36
36
 
37
37
  ## Features
38
- There are many features for deployment SSL Certificate from CLI to BIGIP.
39
-
40
- #### Metadata
41
- - get active host in the device group
42
- - get group name that BIGIP_HOST belongs
43
-
44
- #### Virtual Server
45
- - get virutal server list and detail configuration
46
-
47
- #### Sync
48
- - execute sync action
49
- - get sync state
50
-
51
- #### SSL
52
- - upload key and certificate
53
- - create ssl client profile
54
- - replace old ssl client profile to new ssl client profile
38
+ There are many features to help BIG_IP operation.
55
39
 
56
40
  ## Usage
57
41
 
@@ -77,7 +61,16 @@ $ bim meta device_groups
77
61
  $ bim vs list
78
62
 
79
63
  # output one of the virtual server list
80
- $ bim vs detail Virtual_Server_Name
64
+ $ bim vs detail VS_Name
65
+
66
+ # update global ip address
67
+ $ bim vs update_global_address VS_Name GLOBAL_IPADDRESS PORT
68
+
69
+ # change firewall policy
70
+ $ bim vs change_nf VS_NAME NETWORK_FIREWALL_FULLPATH
71
+
72
+ # change pool
73
+ $ bim vs change_pool VS_NAME POOL_FULLPATH
81
74
  ```
82
75
 
83
76
  #### Sync
@@ -100,7 +93,7 @@ $ bim ssl bundles
100
93
  $ bim ssl profiles
101
94
 
102
95
  # output specified ssl profile
103
- $ bim ssl detail SSL Profile Name
96
+ $ bim ssl detail SSL_Profile_Name
104
97
 
105
98
  # upload and create_ssl_profile and replace.
106
99
  $ bim ssl deploy OLD_SSL_PROFILE_NAME NEW_SSL_PROFILE_NAME PRIVATE_KEYFILE CERTIFICATE_FILE CHAIN
@@ -127,6 +120,83 @@ $ bim ssl replace OLD_SSL_PROFILE_NAME NEW_SSL_PROFILE_NAME
127
120
  $ TEST_VS=test_virtual_server bim replace OLD_SSL_PROFILE_NAME NEW_SSL_PROFILE_NAME --test
128
121
  ```
129
122
 
123
+ #### Firewall
124
+
125
+ ```sh
126
+ # output firewall policy list
127
+ $ bim fw ls
128
+
129
+ # output firewall detail configuration
130
+ $ bim fw detail FIREWALL_POLICY_NAME
131
+ ```
132
+
133
+ #### Node
134
+
135
+ ```sh
136
+ # output node list
137
+ $ bim node ls
138
+
139
+ # output node detail
140
+ $ bim node detail NODE_NAME
141
+
142
+ # create node
143
+ $ bim node create NODE_NAME IP_ADDRESS
144
+
145
+ # delete node
146
+ $ bim node delete NODE_NAME
147
+ ```
148
+
149
+ #### Pool
150
+
151
+ ```sh
152
+ # output pool list
153
+ $ bim pool ls
154
+
155
+ # output members belongs pool
156
+ $ bim pool members POOL_NAME
157
+
158
+ # create pool
159
+ $ bim pool create POOL_NAME [--monitor='monitor name'] [--slow-ramp-time=interger] [--members='[{"name": "NodeName:PORT", "address": "NodeAddress"}, {"name": "NodeName:PORT", "address": "NodeAddress"}]']
160
+
161
+ # update pool
162
+ $ bim pool update POOL_NAME [--monitor='monitor name'] [--slow-ramp-time=interger] [--members='[{"name": "NodeName:PORT", "address": "NodeAddress"}, {"name": "NodeName:PORT", "address": "NodeAddress"}]']
163
+
164
+ # enable members
165
+ $ bim pool enable POOL_NAME --members=IP_ADDRESS:PORT IP_ADDRESS:PORT
166
+
167
+ # disable members
168
+ $ bim pool disable POOL_NAME --members=IP_ADDRESS:PORT IP_ADDRESS:PORT
169
+
170
+ # add members
171
+ $ bim pool add POOL_NAME --members=NODENAME:PORT NODENAME:PORT
172
+
173
+ # drop members
174
+ $ bim pool drop POOL_NAME --members=NODENAME:PORT NODENAME:PORT
175
+ ```
176
+
177
+ #### Snat
178
+
179
+ ```sh
180
+ # output snat list
181
+ $ bim snat ls
182
+
183
+ # output snat configuration
184
+ $ bim snat detail SNAT_NAME
185
+
186
+ # create snat
187
+ $ bim snat create SNAT_NAME --translation=GLOBAL_IPADDRESS --addresses=IPADDRESS/MASK IPADDRESS/MASK --vlans=VLAN1 VLAN2
188
+ # ※ if not set vlans, set false to vlanEnabled and ALL* to vlans.
189
+
190
+ # update snat
191
+ $ bim snat update SNAT_NAME --translation=GLOBAL_IPADDRESS --addresses=IPADDRESS/MASK IPADDRESS/MASK --vlans=VLAN1 VLAN2
192
+
193
+ # add address
194
+ $ bim add_address SNAT_NAME --addresses=IPADDRESS/MASK IPADDRESS/MASK
195
+
196
+ # remove address
197
+ $ bim remove_address SNAT_NAME --addresses=IPADDRESS/MASK IPADDRESS/MASK
198
+ ```
199
+
130
200
  ## License
131
201
 
132
202
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
@@ -4,10 +4,10 @@ _bim() {
4
4
  _get_comp_words_by_ref -n : cur prev
5
5
 
6
6
  if [ "$COMP_CWORD" -eq 1 ]; then
7
- COMPREPLY=( $(compgen -W "$(./bin/bim help | tail -n +2 | awk '{ print $2}')" -- "$cur") )
7
+ COMPREPLY=( $(compgen -W "$(bim help | tail -n +2 | awk '{ print $2}')" -- "$cur") )
8
8
  elif [ $COMP_CWORD -eq 2 ]; then
9
9
  if [ $prev = "ssl" ] || [ $prev = "meta" ] || [ $prev = "sync" ]; then
10
- COMPREPLY=( $(compgen -W "$(./bin/bim $prev help | tail -n +2 | awk '{ print $3}')" -- $cur) )
10
+ COMPREPLY=( $(compgen -W "$(bim $prev help | tail -n +2 | awk '{ print $3}')" -- $cur) )
11
11
  fi
12
12
  fi
13
13
  }
@@ -6,6 +6,7 @@ require 'bim/action/vs'
6
6
  require 'bim/action/node'
7
7
  require 'bim/action/pool'
8
8
  require 'bim/action/fw'
9
+ require 'bim/action/snat'
9
10
 
10
11
  module Bim
11
12
  # Action module is namespace
@@ -18,11 +18,20 @@ module Bim
18
18
  end
19
19
  end
20
20
 
21
- def create(name, members = nil)
22
- j = members ? { 'name' => name, 'members' => JSON.parse(members) } : { 'name' => name }
21
+ def create(name, monitor, slow_ramp_time, members)
22
+ j = { 'name' => name, 'monitor' => monitor, 'slowRampTime' => slow_ramp_time }
23
+ j['members'] = JSON.parse(members.delete('\\')) unless members.nil?
23
24
  post(POOL_URI, j.to_json)
24
25
  end
25
26
 
27
+ def update(name, monitor, slow_ramp_time, members)
28
+ uri = URI(sub_localhost(specify_link_by_name(POOL_URI, name)))
29
+ j = { 'name' => name, 'monitor' => monitor, 'slowRampTime' => slow_ramp_time }
30
+ j['members'] = JSON.parse(members.delete('\\')) unless members.nil?
31
+ req = request(uri, Bim::AUTH, 'application/json', 'PATCH', j.to_json)
32
+ http(uri).request(req).body
33
+ end
34
+
26
35
  def members(name)
27
36
  cond = proc { |item| name == item['name'] }
28
37
  select_map(POOL_URI, cond) do |item|
@@ -32,6 +41,14 @@ module Bim
32
41
  end
33
42
  end
34
43
 
44
+ def enable(name, members)
45
+ { 'enabled_members': change_session(name, members, 'user-enabled') }
46
+ end
47
+
48
+ def disable(name, members)
49
+ { 'disabled_members': change_session(name, members, 'user-disabled') }
50
+ end
51
+
35
52
  def drop_members(name, members)
36
53
  members_link = specify_link(POOL_URI, %w[membersReference link]) do |item|
37
54
  item['name'] == name
@@ -67,6 +84,24 @@ module Bim
67
84
 
68
85
  { 'add_members': add_members }
69
86
  end
87
+
88
+ private
89
+
90
+ def change_session(name, members, session_value)
91
+ uri = URI(sub_localhost(specify_link_by_name(POOL_URI, name, %w[membersReference link])))
92
+
93
+ success_members = []
94
+ cond = proc { |item| members.include?(item['name']) }
95
+ JSON.parse(select_map(uri, cond) do |item|
96
+ { 'name': item['name'], 'self_link': sub_localhost(item['selfLink']) }
97
+ end).each do |item|
98
+ uri = URI.parse(item['self_link'])
99
+ req = request(uri, Bim::AUTH, 'application/json', 'PATCH', { session: session_value }.to_json)
100
+ success_members.push(item['name']) if http(uri).request(req).code == '200'
101
+ end
102
+
103
+ success_members
104
+ end
70
105
  end
71
106
  end
72
107
  end
@@ -0,0 +1,66 @@
1
+ module Bim
2
+ module Action
3
+ # Snat class uses by Bim::Subcommands::Node
4
+ class Snat
5
+ extend Bim::Util
6
+
7
+ SNAT_PATH = '/mgmt/tm/ltm/snat'.freeze
8
+ SNAT_URI = URI.join(Bim::BASE_URL, Bim::Action::Snat::SNAT_PATH)
9
+
10
+ class << self
11
+ def ls
12
+ map(SNAT_URI) do |item|
13
+ {
14
+ 'name': item['name'],
15
+ 'translation': item['translation'],
16
+ 'address_list': item['origins'].map { |origin| origin['name'] },
17
+ 'vlans': item['vlans']
18
+ }
19
+ end
20
+ end
21
+
22
+ def detail(name)
23
+ specify(SNAT_URI) { |d| d['name'] == name }
24
+ end
25
+
26
+ def create(name, translation, address_list, vlans)
27
+ j = {
28
+ 'name': name,
29
+ 'translation': translation,
30
+ 'origins': address_list.map { |address| { 'name': address } }
31
+ }
32
+ unless vlans.nil?
33
+ j['vlansEnabled'] = true
34
+ j['vlans'] = vlans.map { |vlan| "/Common/#{vlan}" }
35
+ end
36
+ post(SNAT_URI, j.to_json)
37
+ end
38
+
39
+ def update(name, translation, address_list, vlans)
40
+ j = {}
41
+ if address_list
42
+ j['origins'] = address_list.map { |address| { 'name': address } }
43
+ end
44
+ j['translation'] = translation if translation
45
+ unless vlans.nil?
46
+ j['vlansEnabled'] = true
47
+ j['vlans'] = vlans.map { |vlan| "/Common/#{vlan}" }
48
+ end
49
+ self_patch(name, SNAT_URI, j.to_json)
50
+ end
51
+
52
+ def add_address(name, addresses)
53
+ origins = specify_link_by_name(SNAT_URI, name, %(origins))
54
+ j = { 'origins': origins.push(addresses.map { |address| { 'name': address } }).flatten }
55
+ self_patch(name, SNAT_URI, j.to_json)
56
+ end
57
+
58
+ def remove_address(name, addresses)
59
+ origins = specify_link_by_name(SNAT_URI, name, %(origins))
60
+ j = { 'origins': (origins.map { |origin| origin['name'] } - addresses).map { |address| { 'name': address } } }
61
+ self_patch(name, SNAT_URI, j.to_json)
62
+ end
63
+ end
64
+ end
65
+ end
66
+ end
@@ -22,16 +22,11 @@ module Bim
22
22
  specify(VS_URI) { |d| d['name'] == name }
23
23
  end
24
24
 
25
- def update_dnat(name, dnat_addr, port)
25
+ def update_global_address(name, dnat_addr, port)
26
26
  j = { 'destination' => "#{dnat_addr}:#{port}" }.to_json
27
27
  self_patch(name, VS_URI, j)
28
28
  end
29
29
 
30
- def update_snat(name, snat_addr, bitmask)
31
- j = { 'source' => "#{snat_addr}/#{bitmask}" }.to_json
32
- self_patch(name, VS_URI, j)
33
- end
34
-
35
30
  def change_nf(name, nf_name)
36
31
  j = { 'fwEnforcedPolicy' => nf_name }.to_json
37
32
  self_patch(name, VS_URI, j)
@@ -6,6 +6,7 @@ require 'bim/subcommands/vs'
6
6
  require 'bim/subcommands/node'
7
7
  require 'bim/subcommands/pool'
8
8
  require 'bim/subcommands/fw'
9
+ require 'bim/subcommands/snat'
9
10
 
10
11
  module Bim
11
12
  # Subcommands module is namespace
@@ -11,35 +11,69 @@ module Bim
11
11
  end
12
12
 
13
13
  desc(
14
- 'create [NAME] [MEMBERS(optional: \'[{"name": "NodeName:Port", "address": "NodeAddress"}, {"name": "NodeName:Port", "address": "NodeAddress"}]\')]',
14
+ 'create [NAME]',
15
15
  'create pool with node members'
16
16
  )
17
- def create(name, members = nil)
18
- puts Bim::Action::Pool.create(name, members)
17
+ option :monitor, desc: 'monitor expects string(ex: \'http\', \'http and https\')'
18
+ option :slow_ramp_time, desc: 'slow_ramp_time expects integer'
19
+ option :members, desc: 'members expects json array(members: \'[{"name": "NodeName:Port", "address": "NodeAddress"}, {"name": "NodeName:Port", "address": "NodeAddress"}]\')'
20
+ def create(name)
21
+ puts Bim::Action::Pool.create(name, options[:monitor], options[:slow_ramp_time], options[:members])
22
+ end
23
+
24
+ desc(
25
+ 'update [NAME]',
26
+ 'update pool with node members'
27
+ )
28
+ option :monitor, desc: 'monitor expects string(ex: \'http\', \'http and https\')'
29
+ option :slow_ramp_time, desc: 'slow_ramp_time expects integer'
30
+ option :members, desc: 'members expects json array(members: \'[{"name": "NodeName:Port", "address": "NodeAddress"}, {"name": "NodeName:Port", "address": "NodeAddress"}]\')'
31
+ def update(name)
32
+ puts Bim::Action::Pool.update(name, options[:monitor], options[:slow_ramp_time], options[:members])
19
33
  end
20
34
 
21
35
  desc(
22
36
  'members [NAME]',
23
- 'output members belongs to pool'
37
+ 'output members belongs pool'
24
38
  )
25
39
  def members(name)
26
40
  puts Bim::Action::Pool.members(name)
27
41
  end
28
42
 
29
43
  desc(
30
- 'drop [NAME] [MEMBERS(NodeName:Port)]',
31
- 'drop node members (members are variable length)'
44
+ 'enable [NAME]',
45
+ 'enable node members'
46
+ )
47
+ option :members, required: true, type: :array, desc: 'members expects NodeName:Port format'
48
+ def enable(name)
49
+ puts Bim::Action::Pool.enable(name, options[:members])
50
+ end
51
+
52
+ desc(
53
+ 'disable [NAME]',
54
+ 'disable node members'
55
+ )
56
+ option :members, required: true, type: :array, desc: 'members expects NodeName:Port format'
57
+ def disable(name)
58
+ puts Bim::Action::Pool.disable(name, options[:members])
59
+ end
60
+
61
+ desc(
62
+ 'add [NAME]',
63
+ 'add node members'
32
64
  )
33
- def drop(name, *members)
34
- puts Bim::Action::Pool.drop_members(name, members)
65
+ option :members, required: true, type: :array, desc: 'members expects NodeName:Port format'
66
+ def add(name)
67
+ puts Bim::Action::Pool.add_members(name, options[:members])
35
68
  end
36
69
 
37
70
  desc(
38
- 'add [NAME] [MEMBERS(NodeName:Port)]',
39
- 'add node members (members aer variable length)'
71
+ 'drop [NAME]',
72
+ 'drop node members'
40
73
  )
41
- def add(name, *members)
42
- puts Bim::Action::Pool.add_members(name, members)
74
+ option :members, required: true, type: :array, desc: 'members expects NodeName:Port format'
75
+ def drop(name)
76
+ puts Bim::Action::Pool.drop_members(name, options[:members])
43
77
  end
44
78
  end
45
79
  end
@@ -0,0 +1,62 @@
1
+ module Bim
2
+ module Subcommands
3
+ # Snat class defines subcommands
4
+ class Snat < Thor
5
+ desc(
6
+ 'ls',
7
+ 'output snat list'
8
+ )
9
+ def ls
10
+ puts Bim::Action::Snat.ls
11
+ end
12
+
13
+ desc(
14
+ 'detail [NAME]',
15
+ 'output SNAT detail configuration'
16
+ )
17
+ def detail(name)
18
+ puts Bim::Action::Snat.detail(name)
19
+ end
20
+
21
+ desc(
22
+ 'create [NAME]',
23
+ 'create SNAT'
24
+ )
25
+ option :vlans, type: :array
26
+ option :translation, required: true
27
+ option :address_list, required: true, type: :array, desc: 'address_list expects CIDR format(IPADDR/Mask)'
28
+ def create(name)
29
+ puts Bim::Action::Snat.create(name, options[:translation], options[:address_list], options[:vlans])
30
+ end
31
+
32
+ desc(
33
+ 'update [NAME]',
34
+ 'update SNAT'
35
+ )
36
+ option :vlans, type: :array
37
+ option :translation, required: true
38
+ option :address_list, required: true, type: :array, desc: 'address_list expects CIDR format(IPADDR/Mask)'
39
+ def update(name)
40
+ puts Bim::Action::Snat.update(name, options[:translation], options[:address_list], options[:vlans])
41
+ end
42
+
43
+ desc(
44
+ 'add_address [NAME]',
45
+ 'add address for SNAT'
46
+ )
47
+ option :addresses, required: true, type: :array, desc: 'addresses expects CIDR format(IPADDR/Mask)'
48
+ def add_address(name)
49
+ puts Bim::Action::Snat.add_address(name, options[:addresses])
50
+ end
51
+
52
+ desc(
53
+ 'remove_address [NAME]',
54
+ 'remove address for SNAT'
55
+ )
56
+ option :addresses, required: true, type: :array, desc: 'addresses expects CIDR format(IPADDR/Mask)'
57
+ def remove_address(name)
58
+ puts Bim::Action::Snat.remove_address(name, options[:addresses])
59
+ end
60
+ end
61
+ end
62
+ end
@@ -19,19 +19,11 @@ module Bim
19
19
  end
20
20
 
21
21
  desc(
22
- 'update_dnat [NAME] [DNAT_ADDRESS] [PORT]',
23
- 'update dnat configuration'
22
+ 'update_global_address [NAME] [GLOBAL_ADDRESS] [PORT]',
23
+ 'update global ip address'
24
24
  )
25
- def update_dnat(name, dnat_addr, port)
26
- puts Bim::Action::VS.update_dnat(name, dnat_addr, port)
27
- end
28
-
29
- desc(
30
- 'update_snat [NAME] [SNAT_ADDRESS] [BIT_MASK]',
31
- 'update snat configuration'
32
- )
33
- def update_snat(name, snat_addr, bit_mask)
34
- puts Bim::Action::VS.update_snat(name, snat_addr, bit_mask)
25
+ def update_global_address(name, global_addr, port)
26
+ puts Bim::Action::VS.update_global_address(name, global_addr, port)
35
27
  end
36
28
 
37
29
  desc(
@@ -1,3 +1,3 @@
1
1
  module Bim
2
- VERSION = '1.0.0'.freeze
2
+ VERSION = '1.1.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bim
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - littlekbt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-14 00:00:00.000000000 Z
11
+ date: 2017-11-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -90,6 +90,7 @@ files:
90
90
  - lib/bim/action/meta.rb
91
91
  - lib/bim/action/node.rb
92
92
  - lib/bim/action/pool.rb
93
+ - lib/bim/action/snat.rb
93
94
  - lib/bim/action/ssl.rb
94
95
  - lib/bim/action/sync.rb
95
96
  - lib/bim/action/vs.rb
@@ -99,6 +100,7 @@ files:
99
100
  - lib/bim/subcommands/meta.rb
100
101
  - lib/bim/subcommands/node.rb
101
102
  - lib/bim/subcommands/pool.rb
103
+ - lib/bim/subcommands/snat.rb
102
104
  - lib/bim/subcommands/ssl.rb
103
105
  - lib/bim/subcommands/sync.rb
104
106
  - lib/bim/subcommands/vs.rb