Ë
    ÇVh(<  ã                   óª   — d dl mZmZmZ eZdZdZdZd dl	m
Z
 d dlmZmZmZmZ ddd	d
dœZd„ Zd„ Zd„ Zd„ Zd„ Zd„ Zd„ Zd„ Zd„ Zedk(  r e«        yy)é    )Úabsolute_importÚdivisionÚprint_functionaý  
module: nxos_hsrp
extends_documentation_fragment:
- cisco.nxos.nxos
short_description: Manages HSRP configuration on NX-OS switches.
description:
- Manages HSRP configuration on NX-OS switches.
version_added: 1.0.0
author:
- Jason Edelman (@jedelman8)
- Gabriele Gerbino (@GGabriele)
notes:
- Tested against NXOSv 7.3.(0)D1(1) on VIRL
- Unsupported for Cisco MDS
- HSRP feature needs to be enabled first on the system.
- SVIs must exist before using this module.
- Interface must be a L3 port before using this module.
- HSRP cannot be configured on loopback interfaces.
- MD5 authentication is only possible with HSRPv2 while it is ignored if HSRPv1 is
  used instead, while it will not raise any error. Here we allow MD5 authentication
  only with HSRPv2 in order to enforce better practice.
options:
  group:
    description:
    - HSRP group number.
    required: true
    type: str
  interface:
    description:
    - Full name of interface that is being managed for HSRP.
    required: true
    type: str
  version:
    description:
    - HSRP version.
    default: '1'
    choices:
    - '1'
    - '2'
    type: str
  priority:
    description:
    - HSRP priority or keyword 'default'.
    type: str
  preempt:
    description:
    - Enable/Disable preempt.
    choices:
    - enabled
    - disabled
    type: str
  vip:
    description:
    - HSRP virtual IP address or keyword 'default'
    type: str
  auth_string:
    description:
    - Authentication string. If this needs to be hidden(for md5 type), the string
      should be 7 followed by the key string. Otherwise, it can be 0 followed by key
      string or just key string (for backward compatibility). For text type, this
      should be just be a key string. if this is 'default', authentication is removed.
    type: str
  auth_type:
    description:
    - Authentication type.
    choices:
    - text
    - md5
    type: str
  state:
    description:
    - Specify desired state of the resource.
    choices:
    - present
    - absent
    default: present
    type: str
aW  
- name: Ensure HSRP is configured with following params on a SVI
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled

- name: Ensure HSRP is configured with following params on a SVI with clear text authentication
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: text
    auth_string: CISCO

- name: Ensure HSRP is configured with md5 authentication and clear authentication
    string
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: md5
    auth_string: 0 1234

- name: Ensure HSRP is configured with md5 authentication and hidden authentication
    string
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: md5
    auth_string: 7 1234

- name: Remove HSRP config for given interface, group, and VIP
  cisco.nxos.nxos_hsrp:
    group: 10
    interface: vlan10
    vip: 10.1.1.1
    state: absent
zª
commands:
    description: commands sent to the device
    returned: always
    type: list
    sample: ["interface vlan10", "hsrp version 2", "hsrp 30", "ip 10.30.1.1"]
)ÚAnsibleModule)Úget_capabilitiesÚget_interface_typeÚload_configÚrun_commandsNÚ100ÚtextÚcisco)ÚvipÚpriorityÚ	auth_typeÚauth_stringc                 óŽ   — i }|D ]=  }| j                  |«      }|sŒ|j                  |«      }|rt        |«      ||<   Œ9|||<   Œ? |S ©N)ÚgetÚstr)Úkey_mapÚtableÚnew_dictÚkeyÚnew_keyÚvalues         úh/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/cisco/nxos/plugins/modules/nxos_hsrp.pyÚapply_key_mapr   ¤   sV   € Ø€HØò *ˆØ—+‘+˜cÓ"ˆÚØ—I‘I˜c“NˆEÙÜ$'¨£J˜Ò!à$)˜Ò!ð*ð €Oó    c                 óè   — dj                  | «      }i } d}	 t        ||g«      d   }|dv r1|d   d   }t        |j	                  dd«      «      }|d	k(  s|d
k(  rd}|S |dk(  rd}|S # t        $ r Y y w xY w)Nzshow interface {0} | jsonÚunknownr   )ÚethernetÚportchannelÚTABLE_interfaceÚROW_interfaceÚeth_modeÚlayer3ÚaccessÚtrunkÚlayer2Úsvi)Úformatr
   Ú
IndexErrorr   r   )Ú	interfaceÚ	intf_typeÚmoduleÚcommandÚmodeÚbodyÚinterface_tables          r   Úget_interface_moder4   ±   s¨   € Ø)×0Ñ0°Ó;€GØ€IØ€DðÜ˜F W IÓ.¨qÑ1ˆð Ð/Ñ/ØÐ0Ñ1°/ÑBˆÜ?×&Ñ& z°8Ó<Ó=ˆØ8Ò˜t wšØˆDð €Kð 
eÒ	ØˆØ€Køô ò Ùðús   —A% Á%	A1Á0A1c           
      óö  — dj                  | «      }i }dddddddd	d
dœ	}	 t        ||g«      d   }|d   d   }d|vr|d= dt        |«      v rt        |||«      }t        |t        «      r|g}|D ]f  }t        ||«      }	|	d   j                  «       |	d<   |	d   dk(  rd|	d<   n|	d   dk(  rd|	d<   |	d   dk(  r|	d	   dk(  rd|	d	<   nd|	d	<   |	d   |k(  sŒd|	c S  |S # t        t
        t        t        f$ r i cY S w xY w)Nzshow hsrp group {0} all | jsonr-   ÚgroupÚversionr   Úpreemptr   r   Úauth_encr   )	Úsh_if_indexÚsh_group_numÚsh_group_versionÚsh_cfg_prioÚ
sh_preemptÚsh_vipÚsh_authentication_typeÚsh_keystring_attrÚsh_authentication_datar   ÚTABLE_grp_detailÚROW_grp_detailrA   úunknown enum:Úv1Ú1Úv2Ú2Úmd5ÚhiddenÚ7Ú0)r+   r
   r   Úget_hsrp_group_unknown_enumÚAttributeErrorr,   Ú	TypeErrorÚKeyErrorÚ
isinstanceÚdictr   Úlower)
r6   r-   r/   r0   ÚhsrpÚhsrp_keyr2   Ú
hsrp_tableÚ
hsrp_groupÚparsed_hsrps
             r   Úget_hsrp_grouprZ   Ä   sj  € Ø.×5Ñ5°eÓ<€GØ€Dð #ØØ%Ø!ØØØ"-Ø'Ø"/ñ
€HðÜ˜F W IÓ.¨qÑ1ˆØÐ,Ñ-Ð.>Ñ?ˆ
Ø jÑ0ØÐ,Ð-Øœc *›oÑ-Ü4°V¸WÀjÓQˆJô *œdÔ#Ø \ˆ
à ò ˆ
Ü# H¨jÓ9ˆà#.¨{Ñ#;×#AÑ#AÓ#CˆKÑ àyÑ! TÒ)Ø%(ˆK˜	Ò"Ø˜Ñ# tÒ+Ø%(ˆK˜	Ñ"à{Ñ# uÒ,Ø˜:Ñ&¨(Ò2Ø*-˜JÒ'à*-˜JÑ'à{Ñ# yÓ0ØÒð#ð& €Køô3 œJ¬	´8Ð<ò ØŠ	ðús   ¡9C ÃC8Ã7C8c                 óv   — d|d   v r1d|j                  d«      d   dœ}t        | |«      d   }d|v rdnd	|d<   |S )
aW  Some older NXOS images fail to set the attr values when using structured output and
    instead set the values to <unknown enum>. This fallback method is a workaround that
    uses an unstructured (text) request to query the device a second time.
    'sh_preempt' is currently the only attr affected. Add checks for other attrs as needed.
    rE   r>   r   ú|r   )Úoutputr0   zmay preemptÚenabledÚdisabled)Úsplitr
   )r/   r0   rW   ÚcmdÚouts        r   rN   rN   ÷   sS   € ð ˜* \Ñ2Ñ2Ø¨G¯M©M¸#Ó,>¸qÑ,AÑBˆÜ˜6 3Ó'¨Ñ*ˆØ1>À#Ñ1E¡9ÈJˆ
<Ñ ØÐr   c                 óJ   — dj                  |«      dj                  | «      g}|S )Núinterface {0}zno hsrp {0})r+   )r6   r-   Úcommandss      r   Úget_commands_remove_hsrprf     s'   € Ø×&Ñ& yÓ1°=×3GÑ3GÈÓ3NÐO€HØ€Or   c                 óì  — g }dddddœ}| j                  dd «      }| j                  dd «      }| j                  dd «      }| j                  d	d «      }	|r|d
k(  rd| d<   n
|dk(  rd| d<   |	rO|	dk(  r3|r-|j                  d	«      t        j                  d	«      k7  rd| d	<   n| d	= ndj                  | d	   «      | d	<   |rO|dk(  r3|r-|j                  d«      t        j                  d«      k7  rd| d<   n| d= ndj                  | d   «      | d<   | D ]V  }
 |j                  |
d«      j                  d$i | ¤Ž}|r.|dk7  r)|
dk(  r|j                  d|«       n|j	                  |«       d }ŒX | j                  dd «      }| j                  dd «      }| j                  dd «      }|s|rŸ|s|d   }n|s|d   }|dk7  rQ|dk(  r$dj                  ||«      }|j	                  |«       nb|dk(  r]dj                  |«      }|j	                  |«       n:|r8|j                  d«      t        j                  d«      k7  r|j	                  d«       |r&|s$|j                  ddj                  |d   «      «       | j                  dd «      }|rB|dk(  rd}n|d k(  rd!}|j                  d«       |j                  dd"j                  |«      «       |r5|d   j                  d#«      s!|j                  dd"j                  |«      «       |S )%Nzhsrp {group}z
{priority}z	{preempt}z{vip})r6   r   r8   r   r8   r6   r   r   r^   r_   z
no preemptÚdefaultzno priorityzpriority {0}zno ipzip {0}ÚDNEr   r   r   r9   rJ   z%authentication md5 key-string {0} {1}r   zauthentication text {0}zno authenticationzhsrp {0}r7   rI   zhsrp version 2rG   zhsrp version 1rd   r-   © )r   ÚPARAM_TO_DEFAULT_KEYMAPr+   ÚinsertÚappendÚ
startswith)Údeltar-   ÚargsÚexistingre   Úconfig_argsr8   r6   r   r   r   r0   r   r   r9   r7   s                   r   Úget_commands_config_hsrprs   	  s	  € Ø€Hð  Ø ØØñ	€Kð i‰i˜	 4Ó(€GØI‰Ig˜tÓ$€EØ
)‰)E˜4Ó
 €CØy‰y˜ TÓ*€HáØiÒØ(ˆE)ÒØ˜
Ò"Ø+ˆE)ÑáØyÒ Ù˜HŸL™L¨Ó4Ô8O×8SÑ8SÐT^Ó8_Ò_Ø$1jÒ!à˜*Ñ%à .× 5Ñ 5°e¸JÑ6GÓ HˆE*Ñá
Ø)ÒÙ˜HŸL™L¨Ó/Ô3J×3NÑ3NÈuÓ3UÒUØ&e’à˜%‘Là#Ÿ?™?¨5°©<Ó8ˆE%‰Làò ˆØ4+—/‘/ # uÓ-×4Ñ4Ñ=°uÑ=ˆÙw %Ò'ØgŠ~Ø—‘  7Õ+à—‘ Ô(Ø‰ðð —	‘	˜+ tÓ,€IØ—)‘)˜M¨4Ó0€KØy‰y˜ TÓ*€HÙ‘KÙØ˜[Ñ)‰IÙØ˜}Ñ-ˆKØ˜)Ò#Ø˜EÒ!ØA×HÑHÈÐS^Ó_Ø—‘ Õ(Ø˜fÒ$Ø3×:Ñ:¸;ÓGØ—‘ Õ(á˜HŸL™L¨Ó7Ô;R×;VÑ;VØó<ò ð —‘Ð 3Ô4á™Ø‰˜˜:×,Ñ,¨T°'©]Ó;Ô<ài‰i˜	 4Ó(€GÙØcŠ>Ø&‰GØ˜Š^Ø&ˆGØ‰˜˜7Ô#Ø‰˜˜?×1Ñ1°)Ó<Ô=áØ˜‰{×%Ñ% kÔ2ØO‰O˜A˜×5Ñ5°iÓ@ÔAà€Or   c                 óÜ   — dj                  | «      }	 t        ||gd¬«      d   }d|j                  «       v ry|j                  d«      }|d   j	                  d	«      ry
y# t
        $ r Y yw xY w)Nzshow run interface {0}F)Úcheck_rcr   Úinvalidri   ú
éÿÿÿÿr-   T)r+   r
   rT   r`   rn   rQ   )r-   r/   r0   r2   Úraw_lists        r   Ú
is_defaultrz   a  su   € Ø&×-Ñ-¨iÓ8€GðÜ˜F W I¸Ô>¸qÑAˆØ˜Ÿ
™
›Ñ$Øà—z‘z $Ó'ˆHØ˜‰|×&Ñ& {Ô3ØàøÜò Ùðús   “$A ¸%A Á	A+Á*A+c                 ór   — dj                  | «      }d|j                  «       v r|j                  d|¬«       y y )NÚ zinvalid ip addressz+Invalid VIP. Possible duplicate IP address.)Úmsgr   )ÚjoinrT   Ú	fail_json)r2   r   r/   Únew_bodys       r   Úvalidate_configr   r  s8   € Øw‰wt‹}€HØ˜xŸ~™~Ó/Ñ/Ø×ÑÐJÐPSÐÕTð 0r   c                  óD  — t        t        dd¬«      t        d¬«      t        ddgdd¬«      t        dd¬	«      t        dd
dgd¬«      t        dd¬	«      t        ddgd¬«      t        dd¬	«      t        ddgdd¬«      ¬«	      } t        | d¬«      }t        «       }t        d|¬«      }|j                  d   j	                  «       }|j                  d   }|j                  d   }|j                  d   }|j                  d   }|j                  d   }	|j                  d   }
|j                  d   }|j                  d   }d}d }|rk|j                  «       }t        |«      d k(  r|d!   }|d"   }n&t        |«      d"k(  r|d!   }n|j                  d#¬$«       |dk7  r|d%k7  r|j                  d&¬$«       t        |«      }|j                  d'd(«      }t        |«      }|d)k7  r?|d*k(  r:t        ||«      d+k(  r|j                  d,|¬-«       |d.k(  r|j                  d/|¬-«       t        |||«      }|d0k(  r|j                  d1|¬-«       |s|r|r|s|j                  d2¬$«       t        ||||	|
|||¬3«      }t        d4„ |j                  «       D «       «      }t        |||«      }|j                  dd «      dk(  r|d   dk(  rN|j                  d5¬$«       n;|j                  dd «      s)|r'|d   dk(  r|d   dk(  r|dk(  r|j                  d6¬$«       g }|dk(  rat        t        |j                  «       «      j!                  |j                  «       «      «      }|rDt#        ||||«      }|j%                  |«       n$|dk(  r|rt'        ||«      }|j%                  |«       |rz|j(                  r |j*                  d;i |¤Ž n[t-        ||«       |d*k(  r0|dk(  r+|j/                  d!d7«       t1        ||«      }t3        ||
|«       d|d8<   d9|v r|j5                  d!«       ||d:<    |j*                  d;i |¤Ž y )<NTr   )ÚrequiredÚtype)rƒ   rG   rI   F)Úchoicesrh   rƒ   )r„   rƒ   r_   r^   )r„   r…   rƒ   r   rJ   )r…   rƒ   ÚabsentÚpresent)r…   rƒ   rh   )	r6   r-   r7   r   r8   r   r   r   Ústate)Úargument_specÚsupports_check_mode)ÚchangedÚwarningsr-   r6   r7   rˆ   r   r8   r   r   r   rM   é   r   é   zInvalid auth_string)r}   rL   z(Invalid auth_string, only 0 or 7 allowedÚnetwork_apiÚnxapir!   Úcliconfri   z3That interface does not exist yet. Create it first.)r}   r-   Úloopbackz'Loopback interfaces don't support HSRP.r)   z>That interface is a layer2 port.
Make it a layer 3 port first.zDWhen using auth parameters, you need BOTH auth_type AND auth_string.)r6   r7   r   r8   r   r   r   r9   c              3   ó0   K  — | ]  \  }}|€Œ	||f–— Œ y ­wr   rj   )Ú.0ÚkÚvs      r   ú	<genexpr>zmain.<locals>.<genexpr>É  s   è ø€ ÒE™t˜q !°q±}Q˜”FÑEùs   ‚
	z2It's recommended to use HSRP v2 when auth_type=md5zIExisting auth_type is md5. It's recommended to use HSRP v2 when using md5zconfig tr‹   Ú	configurere   rj   )rS   r   ÚlistÚparamsrT   r`   Úlenr   r   r   r   rz   r4   ÚitemsrZ   ÚsetÚ
differencers   Úextendrf   Ú
check_modeÚ	exit_jsonr	   rl   r
   r   Úpop)r‰   r/   rŒ   Úresultsr-   r6   r7   rˆ   r   r8   r   r   Úauth_full_stringr9   r   ÚkstrÚdevice_infor   r.   r1   rp   Úproposedrq   re   ro   r0   r2   s                              r   Úmainr¨   x  sK  € ÜÜ˜D uÔ-Ü Ô%Ü˜c 3˜Z°¸uÔEÜ˜5¨5Ô1Ü˜%¨*°iÐ)@È5ÔQÜe eÔ,Ü ¨˜¸Ô?Ü˜e¨eÔ4Ü˜H iÐ0¸5È)ÔTô
€Mô ¨ÈDÔQ€Fä‹v€HÜ˜5¨8Ô4€Gà—‘˜kÑ*×0Ñ0Ó2€IØM‰M˜'Ñ"€EØm‰m˜IÑ&€GØM‰M˜'Ñ"€EØ}‰}˜ZÑ(€HØm‰m˜IÑ&€GØ
-‰-˜Ñ
€CØ—‘˜kÑ*€IØ—}‘} ]Ñ3ÐØ€HØ€KÙØ×%Ñ%Ó'ˆÜˆt‹9˜Š>Ø˜A‘wˆHØ˜q™'‰KÜ‹Y˜!Š^Ø˜q™'‰Kà×ÑÐ!6ÐÔ7ØsŠ?˜x¨3šØ×ÑÐ!KÐÔLä" 6Ó*€KØ—/‘/ -°Ó9€Kä" 9Ó-€IØJÒ ;°)Ò#;Üi Ó(¨EÒ1Ø×ÑØLØ#ð ô ð ˜
Ò"Ø×ÑØ=Ø#ð ô ô
 ˜i¨°FÓ;€DØˆxÒØ×ÑØTØð 	ô 	
ñ
 ‘KÙ™kØ×ÑØ]ð ô ô ØØØØØØØØô	€Dô ÑE t§z¡z£|ÔEÓE€Hä˜e Y°Ó7€Hð ‡||K Ó&¨%Ò/ØIÑ #Ò%Ø×ÑÐ!XÐÕYà\‰\˜+ tÔ,±ØYÑ 3Ò&¨8°KÑ+@ÀEÒ+IÈuÐXaÒOaØ×ÑØbð ô ð €HØ	ÒÜ”S˜Ÿ™Ó)Ó*×5Ñ5°h·n±nÓ6FÓGÓHˆÙÜ.¨u°iÀÀxÓPˆGØO‰O˜GÕ$à	(Ò	ÙÜ.¨u°iÓ@ˆGØO‰O˜GÔ$áØ×ÒØˆF×ÑÑ'˜wÓ'ä˜ Ô)ð ˜iÒ'¨E°YÒ,>Ø—‘  :Ô.Ü# F¨HÓ5Ü  c¨6Ô2à!%ˆGIÑà˜hÑ&Ø—‘˜Q”à"€GˆJÑØ€F×ÑÑwÓr   Ú__main__)Ú
__future__r   r   r   r„   Ú__metaclass__ÚDOCUMENTATIONÚEXAMPLESÚRETURNÚansible.module_utils.basicr   ÚEansible_collections.cisco.nxos.plugins.module_utils.network.nxos.nxosr   r   r	   r
   rk   r   r4   rZ   rN   rf   rs   rz   r   r¨   Ú__name__rj   r   r   ú<module>r²      s–   ðç @Ñ @ð €ð
M€ð^/€ðb
€õ 5÷ó ð ØØØñ	Ð ò
òò&0òf
òò
Uòpò"Uò~ ðB ˆzÒÙ…Fð r   