def main():
""" Create 2 EPGs within the same Context and have
1 EPG provide a contract to the other EPG.
"""
description = ('Create 2 EPGs within the same Context and have'
'1 EPG provide a contract to the other EPG.')
creds = Credentials('apic', description)
args = creds.get()
# Create the Tenant
tenant = Tenant('aci-toolkit-demo')
# Create the Application Profile
app = AppProfile('my-demo-app', tenant)
# Create the EPGs
web_epg = EPG('web-frontend', app)
db_epg = EPG('database-backend', app)
web_epg.set_intra_epg_isolation(False)
db_epg.set_intra_epg_isolation(True)
# Create a Context and BridgeDomain
# Place both EPGs in the Context and in the same BD
context = Context('VRF-1', tenant)
bd = BridgeDomain('BD-1', tenant)
bd.add_context(context)
web_epg.add_bd(bd)
db_epg.add_bd(bd)
# Define a contract with a single entry
contract = Contract('mysql-contract', tenant)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract)
# Provide the contract from 1 EPG and consume from the other
db_epg.provide(contract)
web_epg.consume(contract)
# Login to APIC and push the config
session = Session(args.url, args.login, args.password)
session.login()
# Cleanup (uncomment the next line to delete the config)
#tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC')
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def main():
global session
# Setup or credentials and session
description = ('Duplicate an application profile with the associate BD and PN')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
oldTenant = getOldTenant()
newTenant = raw_input('Please enter the new Tenant name: ')
if newTenant == '':
error_message ([3,'You must specify a new tenant name.', True])
if oldTenant.name == newTenant:
error_message ([3,'The same Tenant name can not be used.', True])
fullTenantInfo = getFullTeanantInfo(oldTenant)
# Login to the system again so I can make direct rest calls without the acitoolkit
admin = {"ip_addr":args.url,"user":args.login,"password":args.password}
add_admin = oldSchoolLogin(admin)
''' Add the session urlToken for future use with security, and the refresh timeout for future use '''
admin.update({'urlToken':add_admin[0],'refreshTimeoutSeconds':add_admin[1], 'APIC-cookie':add_admin[2]})
createTenant(admin, newTenant, oldTenant.name, fullTenantInfo)
def main():
""" Create 2 EPGs within the same Context and have
1 EPG provide a contract to the other EPG.
"""
description = ('Create 2 EPGs within the same Context and have'
'1 EPG provide a contract to the other EPG.')
creds = Credentials('apic', description)
args = creds.get()
# Create the Tenant
tenant = Tenant('aci-toolkit-demo')
# Create the Application Profile
app = AppProfile('my-demo-app', tenant)
# Create the EPGs
web_epg = EPG('web-frontend', app)
db_epg = EPG('database-backend', app)
web_epg.set_intra_epg_isolation(False)
db_epg.set_intra_epg_isolation(True)
# Create a Context and BridgeDomain
# Place both EPGs in the Context and in the same BD
context = Context('VRF-1', tenant)
bd = BridgeDomain('BD-1', tenant)
bd.add_context(context)
web_epg.add_bd(bd)
db_epg.add_bd(bd)
# Define a contract with a single entry
contract = Contract('mysql-contract', tenant)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract)
# Provide the contract from 1 EPG and consume from the other
db_epg.provide(contract)
web_epg.consume(contract)
# Login to APIC and push the config
session = Session(args.url, args.login, args.password)
session.login()
# Cleanup (uncomment the next line to delete the config)
#tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC')
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def get_json_file_from_apic():
session = Session(from_apic['URL'], from_apic['LOGIN'],
from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
def get_contract_json():
class_query_url = '/api/node/class/fvTenant.json'
ret = session.get(class_query_url)
data = ret.json()['imdata']
for ap in data:
dn = ap['fvTenant']['attributes']['dn']
tenant_name = dn.split('/')[1][3:]
#class_query_url = '/api/mo/uni/tn-aci-toolkit-demo.json?query-target=subtree&rsp-subtree=full&rsp-subtree-include=audit-logs,no-scoped'
ap_query_url = '/api/mo/uni/tn-%s.json?rsp-subtree=full&rsp-prop-include=config-only' % (
tenant_name)
ret = session.get(ap_query_url)
if tenant_name == from_apic['tenant']:
return ast.literal_eval(ret.text)['imdata'][0]
json_file = get_contract_json()
return json_file
def main():
global session
# Setup or credentials and session
description = (
'Converts an IOS config to ACI EPGs in a Applicaiton Profile.')
creds = Credentials('apic', description)
args = creds.get()
readconfigfile()
print "\n\n"
# printsvis()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a Tenant name
while not get_tenant():
pass
# Get a good Virtual Domain to use
while not check_virtual_domain():
collect_vmmdomain()
print "\nPushing configuration into the APIC now. Please wait."
build_base()
print("\nCreated {} SVIs from a total of {} SVIs that we found.".format(
pushcount, str(len(all_svi))))
def main(argv):
global session, tenant, vmmInput
if len(argv) > 2:
vmmInput = argv[2]
argv.remove(vmmInput)
if len(argv) > 1:
tenant = argv[1]
argv.remove(tenant)
# Setup or credentials and session
description = ('Create some stuff.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a good Virtual Domain to use
while True:
if check_virtual_domain():
break
else:
collect_vmmdomain()
create_base()
create_common_contracts.create_all_contracts(theTenant, session)
create_ospf_egress.create_interface(theTenant, session, {
'provide': 'Outbound_Server',
'consume': 'Web'
})
create_application_profiles()
print("Everything seems to have worked if you are seeing this.")
def main(argv):
global session, tenant, vmmInput
if len(argv) > 2:
vmmInput = argv[2]
argv.remove(vmmInput)
if len(argv) > 1:
tenant = argv[1]
argv.remove(tenant)
# Setup or credentials and session
description = ('Create some stuff.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a good Virtual Domain to use
while True:
if check_virtual_domain():
break
else:
collect_vmmdomain()
create_base()
create_common_contracts.create_all_contracts(theTenant, session)
create_ospf_egress.create_interface(theTenant, session, {'provide':'Outbound_Server', 'consume':'Web'})
create_application_profiles()
print ("Everything seems to have worked if you are seeing this.")
def get_config_tenant(choice):
"""
Will collect the config from the APIC - JSON format
"""
session = Session(from_apic['URL'], from_apic['LOGIN'],
from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
def get_tenant_json():
"""
Will call the APIC API to collect the Tenant configuration
:return: the tenant configuration in JSON format
"""
class_query_url = '/api/node/class/fvTenant.json'
ret = session.get(class_query_url)
data = ret.json()['imdata']
for ap in data:
dn = ap['fvTenant']['attributes']['dn']
tenant_name = dn.split('/')[1][3:]
ap_query_url = '/api/mo/uni/tn-%s.json?rsp-subtree=full&rsp-prop-include=config-only' % (
tenant_name)
ret = session.get(ap_query_url)
if tenant_name == choice:
return ast.literal_eval(ret.text)['imdata'][0]
json_file = get_tenant_json()
return json_file
def main():
global session
# Setup or credentials and session
description = ('Converts an IOS config to ACI EPGs in a Applicaiton Profile.')
creds = Credentials('apic', description)
args = creds.get()
readconfigfile()
print "\n\n"
# printsvis()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a Tenant name
while not get_tenant():
pass
# Get a good Virtual Domain to use
while not check_virtual_domain():
collect_vmmdomain()
print "\nPushing configuration into the APIC now. Please wait."
build_base()
print ("\nCreated {} SVIs from a total of {} SVIs that we found.".format(pushcount, str(len(all_svi))))
def login_to_apic(self):
"""Login to the APIC
RETURNS: Instance of class Session
"""
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
self.assertTrue(resp.ok)
return session
def login_to_apic(self):
"""Login to the APIC
RETURNS: Instance of class Session
"""
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
self.assertTrue(resp.ok)
return session
def main():
""" Create 2 Tenants with a single EPG in each. Between the 2 tenants, the EPGs
communicate through an exported contract.
"""
description = ('Create 2 Tenants with a single EPG in each. Between the 2 tenants,'
'the EPGs communicate through an exported contract.Create 2 EPGs '
'within the same Context and have 1 EPG provide a contract to the '
'other EPG.')
creds = Credentials('apic', description)
args = creds.get()
# Create the first Tenant
tenant1 = Tenant('common')
app1 = AppProfile('app-1', tenant1)
web_epg = EPG('web-frontend', app1)
# Create the second Tenant
tenant2 = Tenant('aci-2')
app2 = AppProfile('app-2', tenant2)
db_epg = EPG('database-backend', app2)
# Define a contract with a single entry
contract = Contract('mysql-contract', tenant2)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract)
# Provide the contract from 1 EPG
db_epg.provide(contract)
# Import the contract into the other tenant
imported_contract = ContractInterface('mysql-imported-contract', tenant1)
imported_contract.import_contract(contract)
# Consume the contract in the second tenant
web_epg.consume_cif(imported_contract)
# Login to APIC and push the config
session = Session(args.url, args.login, args.password)
session.login()
# Cleanup (uncomment the next 2 lines to delete the config)
# tenant1.mark_as_deleted()
# tenant2.mark_as_deleted()
for tenant in [tenant2, tenant1]:
resp = tenant.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC')
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def push_json_to_apic(json_content):
"""
:param json_content: the json file to be pushed to APIC
:return: the respond of the push action
"""
session = Session(to_apic['URL'], to_apic['LOGIN'], to_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
return session.push_to_apic('/api/mo/uni.json', json_content)
def push_json_to_apic(json_content):
"""
:param json_content: the json file to be pushed to APIC
:return: the respond of the push action
"""
session = Session(to_apic['URL'], to_apic['LOGIN'], to_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
return session.push_to_apic('/api/mo/uni.json', json_content)
def _login_session(self, url, login, password):
"""
Login to a particular APIC
:param url: String containing the URL to login to the APIC
:param login: String containing the username to login to the APIC
:param password: String containing the password to login to the APIC
:return: Instance of Session class
"""
session = Session(url, login, password)
resp = session.login()
self.assertTrue(resp.ok)
return session
def _login_session(self, url, login, password):
"""
Login to a particular APIC
:param url: String containing the URL to login to the APIC
:param login: String containing the username to login to the APIC
:param password: String containing the password to login to the APIC
:return: Instance of Session class
"""
session = Session(url, login, password)
resp = session.login()
self.assertTrue(resp.ok)
return session
def setUp(self):
session = Session("http://172.31.216.100", "admin", "ins3965!")
try:
resp = session.login()
self.session = session
print(resp)
if not resp.ok:
print('%% Could not login to APIC')
sys.exit(0)
except:
print("unable to login")
conn = sqlite3.connect("searchdatabase.db")
self.conn = conn.cursor()
def setUp(self):
session = Session("http://172.31.216.100", "admin", "ins3965!")
try:
resp = session.login()
self.session = session
print resp
if not resp.ok:
print('%% Could not login to APIC')
sys.exit(0)
except:
print "unable to login"
conn = sqlite3.connect("searchdatabase.db")
self.conn = conn.cursor()
def exportToFile(file1=None):
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit(1)
cp = CABLEPLAN.get(session)
if file1:
f = open(file1, 'w')
cp.export(f)
f.close()
else:
print cp.export(),
def list_tenant():
session = Session(from_apic['URL'], from_apic['LOGIN'], from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
all_tenant = PrettyTable(["Current Tenant(s)"])
all_tenant.align["Current Tenant(s)"] = "l"
all_tenant.padding_width = 1
tenants = ACI.Tenant.get(session)
for tenant in tenants:
all_tenant.add_row([tenant.name])
print all_tenant
def exportToFile(file1=None) :
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit(1)
cp = CABLEPLAN.get(session)
if file1 :
f = open(file1, 'w')
cp.export(f)
f.close()
else :
print cp.export(),
def test_link_get_bad_parent(self):
pod = Link
session = Session(URL, LOGIN, PASSWORD)
self.assertRaises(TypeError, Link.get, session, pod)
pod = Pod('1')
self.assertRaises(TypeError, Link.get, 'bad_session', pod)
def test_eNode_session(self):
attrib = {'name': 'testEnode'}
self.assertRaises(TypeError, ENode, attrib, 'text')
session = Session(URL, LOGIN, PASSWORD)
node = ENode(attrib, session)
self.assertEqual(node._session, session)
def compareCablePlans(file1, file2=None) :
if file2 :
cp1 = CABLEPLAN.get(file1)
source1 = file1
cp2 = CABLEPLAN.get(file2)
source2 = file2
else :
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit(1)
cp1 = CABLEPLAN.get(session)
source1 = 'APIC'
cp2 = CABLEPLAN.get(file1)
source2 = file1
missing_switches = cp1.difference_switch(cp2)
extra_switches = cp2.difference_switch(cp1)
if missing_switches :
print '\nThe following switches are in',source1+', but not in',source2
for switch in missing_switches :
print ' ',switch.get_name()
if extra_switches :
print '\nThe following switches are in',source2+', but not in',source1
for switch in missing_switches :
print ' ',switch.get_name()
if missing_switches or extra_switches :
print 'Link comparisons skipped because the switches are miss-matched'
else :
missing_links = cp1.difference_link(cp2)
extra_links = cp2.difference_link(cp1)
if missing_links :
print '\nThe following links in',source1,'are not found in',source2
for link in missing_links :
print ' ',link.get_name()
if extra_links :
print '\nThe following links in',source2,'are not found in',source1
for link in extra_links :
print ' ',link.get_name()
if not missing_links and not extra_links :
print source1,'and',source2,'are the same'
def compareCablePlans(file1, file2=None):
if file2:
cp1 = CABLEPLAN.get(file1)
source1 = file1
cp2 = CABLEPLAN.get(file2)
source2 = file2
else:
session = Session(URL, LOGIN, PASSWORD)
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit(1)
cp1 = CABLEPLAN.get(session)
source1 = 'APIC'
cp2 = CABLEPLAN.get(file1)
source2 = file1
missing_switches = cp1.difference_switch(cp2)
extra_switches = cp2.difference_switch(cp1)
if missing_switches:
print '\nThe following switches are in', source1 + ', but not in', source2
for switch in missing_switches:
print ' ', switch.get_name()
if extra_switches:
print '\nThe following switches are in', source2 + ', but not in', source1
for switch in missing_switches:
print ' ', switch.get_name()
if missing_switches or extra_switches:
print 'Link comparisons skipped because the switches are miss-matched'
else:
missing_links = cp1.difference_link(cp2)
extra_links = cp2.difference_link(cp1)
if missing_links:
print '\nThe following links in', source1, 'are not found in', source2
for link in missing_links:
print ' ', link.get_name()
if extra_links:
print '\nThe following links in', source2, 'are not found in', source1
for link in extra_links:
print ' ', link.get_name()
if not missing_links and not extra_links:
print source1, 'and', source2, 'are the same'
def main():
# Setup or credentials and session
description = ('Common contracts and filters')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# This creates the tenant object
theTenant = Tenant(tenant)
create_all_contracts(theTenant, session)
print ("Created common contracts and filters in the {} tenant.".format(theTenant))
print ("Everything seems to have worked if you are seeing this.")
def main():
global session
# Setup or credentials and session
description = ('Find the VMM Domain to use for EPGs')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a good Virtual Domain to use
while True:
if check_virtual_domain():
break
else:
collect_vmmdomain()
def main():
# Setup or credentials and session
description = ('Common contracts and filters')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# This creates the tenant object
theTenant = Tenant(tenant)
create_all_contracts(theTenant, session)
print("Created common contracts and filters in the {} tenant.".format(
theTenant))
print("Everything seems to have worked if you are seeing this.")
def test_node_bad_parent(self):
pod_id = '1'
session = Session(URL, LOGIN, PASSWORD)
self.assertRaises(TypeError,
Node,
'1',
'2',
'Spine1',
role='leaf',
parent=pod_id)
def load_db():
"""
This will setup the session to the APIC and then load the db
:return:
"""
try:
apic_args = APICArgs(session['ipaddr'], session['username'],
session['secure'], session['password'])
except KeyError:
return False
# return redirect(url_for('credentialsview.index'))
# apic_session = Session(apic_args.url, apic_args.login, apic_args.password)
# resp = apic_session.login()
# if not resp.ok:
# raise LoginError
# sdb.session = apic_session
# sdb.build()
try:
apic_session = Session(apic_args.url, apic_args.login,
apic_args.password)
resp = apic_session.login()
if not resp.ok:
raise LoginError
sdb.session = apic_session
sdb.build()
except Timeout:
flash('Connection timeout when trying to reach the APIC', 'error')
return False
# return redirect(url_for('switchreportadmin.index_view'))
except LoginError:
flash('Unable to login to the APIC', 'error')
return False
# return redirect(url_for('credentialsview.index'))
except ConnectionError:
flash('Connection failure. Perhaps \'secure\' setting is wrong')
return False
# return redirect(url_for('credentialsview.index'))
except CredentialsError, e:
flash('There is a problem with your APIC credentials:' + e.message)
return False
def list_tenant():
"""
Will obtain the latest list of Tenants configuraed on the APIC
(that the credentials have access to anyway)
"""
session = Session(from_apic['URL'], from_apic['LOGIN'],
from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
#Put in a pretty table
all_tenant = PrettyTable(["Current Tenant(s)"])
all_tenant.align["Current Tenant(s)"] = "l"
all_tenant.padding_width = 1
tenants = ACI.Tenant.get(session)
for tenant in tenants:
all_tenant.add_row([tenant.name])
print all_tenant
def load_db():
"""
This will setup the session to the APIC and then load the db
:return:
"""
try:
apic_args = APICArgs(session['ipaddr'], session['username'], session['secure'], session['password'])
except KeyError:
return False
# return redirect(url_for('credentialsview.index'))
# apic_session = Session(apic_args.url, apic_args.login, apic_args.password)
# resp = apic_session.login()
# if not resp.ok:
# raise LoginError
# sdb.session = apic_session
# sdb.build()
try:
apic_session = Session(apic_args.url, apic_args.login, apic_args.password)
resp = apic_session.login()
if not resp.ok:
raise LoginError
sdb.session = apic_session
sdb.build()
except Timeout:
flash('Connection timeout when trying to reach the APIC', 'error')
return False
# return redirect(url_for('switchreportadmin.index_view'))
except LoginError:
flash('Unable to login to the APIC', 'error')
return False
# return redirect(url_for('credentialsview.index'))
except ConnectionError:
flash('Connection failure. Perhaps \'secure\' setting is wrong')
return False
# return redirect(url_for('credentialsview.index'))
except CredentialsError, e:
flash('There is a problem with your APIC credentials:' + e.message)
return False
def main():
global session
# Setup or credentials and session
description = ('Create a number of demo application profiles.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a good Virtual Domain to use
while True:
if check_virtual_domain():
break
else:
collect_vmmdomain()
create_base()
create_application_profiles()
print("Everything seems to have worked if you are seeing this.")
def main():
global session
# Setup or credentials and session
description = ('Create a number of demo application profiles.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get a good Virtual Domain to use
while True:
if check_virtual_domain():
break
else:
collect_vmmdomain()
create_base()
create_application_profiles()
print ("Everything seems to have worked if you are seeing this.")
def main():
global session
# Setup or credentials and session
description = (
'Duplicate an application profile with the associate BD and PN')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
oldTenant = getOldTenant()
newTenant = raw_input('Please enter the new Tenant name: ')
if newTenant == '':
error_message([3, 'You must specify a new tenant name.', True])
if oldTenant.name == newTenant:
error_message([3, 'The same Tenant name can not be used.', True])
fullTenantInfo = getFullTeanantInfo(oldTenant)
# Login to the system again so I can make direct rest calls without the acitoolkit
admin = {
"ip_addr": args.url,
"user": args.login,
"password": args.password
}
add_admin = oldSchoolLogin(admin)
''' Add the session urlToken for future use with security, and the refresh timeout for future use '''
admin.update({
'urlToken': add_admin[0],
'refreshTimeoutSeconds': add_admin[1],
'APIC-cookie': add_admin[2]
})
createTenant(admin, newTenant, oldTenant.name, fullTenantInfo)
def get_json_file_from_apic():
session = Session(from_apic['URL'], from_apic['LOGIN'], from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
def get_contract_json():
class_query_url = '/api/node/class/fvTenant.json'
ret = session.get(class_query_url)
data = ret.json()['imdata']
for ap in data:
dn = ap['fvTenant']['attributes']['dn']
tenant_name = dn.split('/')[1][3:]
#class_query_url = '/api/mo/uni/tn-aci-toolkit-demo.json?query-target=subtree&rsp-subtree=full&rsp-subtree-include=audit-logs,no-scoped'
ap_query_url = '/api/mo/uni/tn-%s.json?rsp-subtree=full&rsp-prop-include=config-only' % (tenant_name)
ret = session.get(ap_query_url)
if tenant_name == from_apic['tenant']:
return ast.literal_eval(ret.text)['imdata'][0]
json_file = get_contract_json()
return json_file
def main():
# Setup or credentials and session
description = ('Create 3 EPGs within the same Context, have them '
'provide and consume contracts and attach them to '
'a vmm domain.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
vdomain = EPGDomain.get_by_name(session, vmmdomain)
# Create the Tenant
tenant = Tenant(this_tenant)
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
'''
Define a contract with a single entry
Additional entries can be added by duplicating the FilterEntry
Push to APIC after each FilterEntry if it is not the last
'''
contract1 = Contract('mysql-contract', tenant)
entry1 = FilterEntry('SQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract1)
contract2 = Contract('app-contract', tenant)
contract2.set_scope('application-profile')
entry1 = FilterEntry('Flask',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
tenant.push_to_apic(session)
entry2 = FilterEntry('Flask2',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5050',
dToPort='5050',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
contract3 = Contract('web-contract', tenant)
contract3.set_scope('application-profile')
entry1 = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract3)
# Provide the contract from 1 EPG and consume from the other
t3_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract2)
t1_epg.consume(contract2)
t1_epg.provide(contract3)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
def main():
description = ('Create 2 EPGs within the same Context and have'
'1 EPG provide a contract to the other EPG.')
creds = Credentials('apic', description)
args = creds.get()
session = Session(args.url, args.login, args.password)
session.login()
for line in data:
line = line.strip("\n")
tnt = line.split(",")[0]
appro = line.split(",")[1]
epg1 = line.split(",")[2]
epg2 = line.split(",")[3]
contractn = line.split(",")[4]
bd1 = line.split(",")[5]
vrf1 = line.split(",")[6]
# Create the Tenant
tenant = Tenant(tnt)
# Create the Application Profile
app = AppProfile(appro, tenant)
# Create the EPGs
epg_obj1 = EPG(epg1, app)
epg_obj2 = EPG(epg2, app)
epg_obj1.set_intra_epg_isolation(False)
epg_obj2.set_intra_epg_isolation(True)
# Create a Context and BridgeDomain
# Place both EPGs in the Context and in the same BD
context = Context(vrf1, tenant)
bd = BridgeDomain(bd1, tenant)
bd.add_context(context)
epg_obj1.add_bd(bd)
epg_obj2.add_bd(bd)
# Define a contract with a single entry
contract = Contract(contractn, tenant)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract)
# Provide the contract from 1 EPG and consume from the other
epg_obj2.provide(contract)
epg_obj1.consume(contract)
# Login to APIC and push the config
# Cleanup (uncomment the next line to delete the config)
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC')
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def setup_multisite_test(printonly=False, delete=False):
# Create the Tenant
tenant1 = Tenant('multisite')
# Create the Application Profile
app = AppProfile('my-demo-app', tenant1)
# Create the EPGs
web_epg = EPG('web-frontend', app)
db_epg = EPG('database-backend', app)
# Create a Context and BridgeDomain
# Place both EPGs in the Context and in the same BD
context = Context('VRF-1', tenant1)
bd = BridgeDomain('BD-1', tenant1)
bd.add_context(context)
web_epg.add_bd(bd)
db_epg.add_bd(bd)
# Define a contract with a single entry
contract = Contract('multisite_mysqlcontract', tenant1)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract)
# Provide the contract from 1 EPG and consume from the other
db_epg.provide(contract)
web_epg.consume(contract)
context = Context('ctx0', tenant1)
#contract = Contract('contract', tenant)
phyif = Interface('eth', '1', '102', '1', '25')
l2if = L2Interface('eth 1/102/1/25', 'vlan', '500')
l2if.attach(phyif)
l3if = L3Interface('l3if')
l3if.set_l3if_type('ext-svi')
l3if.set_addr('20.0.0.1/16')
l3if.add_context(context)
l3if.attach(l2if)
#l3if.networks.append('1.1.1.1/32')
#outside.provide(contract)
l3if.attach(l2if)
rtr = OSPFRouter('rtr-1')
rtr.set_router_id('101.101.101.101')
rtr.set_node_id('102')
# net1 = OutsideNetwork('1.1.1.1/32')
# net1.network = '1.1.1.1/32'
# net1.provide(contract)
ospfif = OSPFInterface('ospfif-1', router=rtr, area_id='0.0.0.1')
ospfif.attach(l3if)
# ospfif.networks.append(net1)
outside = OutsideEPG('multisite-l3out', tenant1)
outside.attach(ospfif)
#outside.add_context(context)
# Create the Tenant
tenant2 = Tenant('multisite')
# Create the Application Profile
app = AppProfile('my-demo-app', tenant2)
# Create the EPGs
web_epg = EPG('web-frontend', app)
# Create a Context and BridgeDomain
# Place both EPGs in the Context and in the same BD
context = Context('VRF-1', tenant2)
bd = BridgeDomain('BD-1', tenant2)
bd.add_context(context)
web_epg.add_bd(bd)
context = Context('ctx0', tenant2)
#contract = Contract('contract', tenant)
phyif = Interface('eth', '1', '102', '1', '25')
l2if = L2Interface('eth 1/102/1/25', 'vlan', '500')
l2if.attach(phyif)
l3if = L3Interface('l3if')
l3if.set_l3if_type('ext-svi')
l3if.set_addr('20.0.0.2/16')
l3if.add_context(context)
l3if.attach(l2if)
#outside.provide(contract)
l3if.attach(l2if)
rtr = OSPFRouter('rtr-1')
rtr.set_router_id('102.102.102.102')
rtr.set_node_id('102')
ospfif = OSPFInterface('ospfif-1', router=rtr, area_id='0.0.0.1')
ospfif.attach(l3if)
#ospfif.networks.append('1.1.1.1/32')
#ospfif.networks.append('1.1.1.2/32')
outside = OutsideEPG('multisite-l3out', tenant2)
outside.attach(ospfif)
if not printonly:
# Login to APIC and push the config
session = Session(SITE1_URL, SITE1_LOGIN, SITE1_PASSWORD)
session.login()
# Cleanup (uncomment the next line to delete the config)
if delete:
print 'Deleting...'
tenant1.mark_as_deleted()
resp = tenant1.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC', resp.text)
else:
print resp, resp.text
print('URL: ' + str(tenant1.get_url()))
print('JSON:')
print json.dumps(tenant1.get_json(), indent=4, separators=(',',':'))
if not printonly:
# Login to APIC and push the config
session = Session(SITE2_URL, SITE2_LOGIN, SITE2_PASSWORD)
session.login()
# Cleanup (uncomment the next line to delete the config)
if delete:
tenant2.mark_as_deleted()
resp = tenant2.push_to_apic(session)
if resp.ok:
# Print what was sent
print('Pushed the following JSON to the APIC', resp.text)
else:
print resp, resp.text
print('URL: ' + str(tenant2.get_url()))
print('JSON:')
print json.dumps(tenant2.get_json(), indent=4, separators=(',',':'))
def pull_json_from_apic():
"""
:return: all the json files that relate to the copied application profile.
"""
def _push_to_list(l, i):
if i not in l:
l.append(i)
def _push_child_to_tenant(mo):
tenant_json['fvTenant']['children'].append(mo)
session = Session(from_apic['URL'], from_apic['LOGIN'], from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
app_json = get_app_json_from_apic(session, from_apic['application'])
# take out parameter 'dn':
del app_json['fvAp']['attributes']['dn']
cons = []
filters = []
bds = []
private_networks = []
# look for the contracts and bridge domains that are related
for epg in app_json['fvAp']['children']:
eliminated_children = []
for child in epg['fvAEPg']['children']:
if child.has_key('fvRsCons'):
_push_to_list(cons, child['fvRsCons']['attributes']['tnVzBrCPName'])
if child.has_key('fvRsProv'):
_push_to_list(cons, child['fvRsProv']['attributes']['tnVzBrCPName'])
if child.has_key('fvRsBd'):
_push_to_list(bds, child['fvRsBd']['attributes']['tnFvBDName'])
if child.has_key('fvRsNodeAtt') or child.has_key('fvRsPathAtt'):
eliminated_children.append(epg['fvAEPg']['children'].index(child))
eliminated_children.sort(reverse=True)
for index in eliminated_children:
epg['fvAEPg']['children'].pop(index)
# achieve all the bridge domain json
bds_json = []
for bd in bds:
bd_json = get_bridge_domain_json_from_apic(session, bd)
del bd_json['fvBD']['attributes']['dn']
bds_json.append(bd_json)
if bd_json['fvBD']['children'][0]['fvRsCtx']['attributes']['tnFvCtxName']:
private_networks.append(bd_json['fvBD']['children'][0]['fvRsCtx']['attributes']['tnFvCtxName'])
private_networks_json = []
for pn in private_networks:
pn_json = get_private_network_json_from_apic(session, pn)
del pn_json['fvCtx']['attributes']['dn']
private_networks_json.append(pn_json)
# achieve all the contracts json
contracts_json = []
for con in cons:
con_json = get_contracts_json_from_apic(session, con)
del con_json['vzBrCP']['attributes']['dn']
contracts_json.append(con_json)
# look for the filters that are related
for subj in con_json['vzBrCP']['children']:
if subj['vzSubj'].has_key('children'):
for filter in subj['vzSubj']['children']:
_push_to_list(filters, filter['vzRsSubjFiltAtt']['attributes']['tnVzFilterName'])
# achieve all the filters json
filters_json = []
for filter in filters:
fil_json = get_filters_json_from_apic(session, filter)
del fil_json['vzFilter']['attributes']['dn']
filters_json.append(fil_json)
# combine all the achieved json into one json object
tenant_json = {'fvTenant': {'attributes': {'name': to_apic['tenant']}, 'children': []}}
_push_child_to_tenant(app_json)
for p_n in private_networks_json:
_push_child_to_tenant(p_n)
for b_j in bds_json:
_push_child_to_tenant(b_j)
for c_j in contracts_json:
_push_child_to_tenant(c_j)
for f_j in filters_json:
_push_child_to_tenant(f_j)
print "Successfully pull json from APIC."
return tenant_json
def main():
required = collect_required()
# Setup or credentials and session
description = ('Create 5 EPGs within the same Context, have them '
'provide and consume the same contract so that they '
'can communicate between eachother.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
try:
vdomain = EPGDomain.get_by_name(session, required[1])
except:
print "There was an error using " + required[
1] + " as the VMMDomain. Are you sure it exists?"
exit()
# Create the Tenant
tenant = Tenant(required[0])
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
t4_epg = EPG(tier4_epg, app)
t5_epg = EPG(tier5_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
# Add all the IP Addresses to the bridge domain
bd_subnet5 = Subnet(tier1_epg, bd)
bd_subnet5.set_addr(tier1_subnet)
bd_subnet5.set_scope(subnet_scope)
bd.add_subnet(bd_subnet5)
bd_subnet6 = Subnet(tier2_epg, bd)
bd_subnet6.set_addr(tier2_subnet)
bd_subnet6.set_scope(subnet_scope)
bd.add_subnet(bd_subnet6)
bd_subnet7 = Subnet(tier3_epg, bd)
bd_subnet7.set_addr(tier3_subnet)
bd_subnet7.set_scope(subnet_scope)
bd.add_subnet(bd_subnet7)
bd_subnet8 = Subnet(tier4_epg, bd)
bd_subnet8.set_addr(tier4_subnet)
bd_subnet8.set_scope(subnet_scope)
bd.add_subnet(bd_subnet8)
bd_subnet9 = Subnet(tier5_epg, bd)
bd_subnet9.set_addr(tier5_subnet)
bd_subnet9.set_scope(subnet_scope)
bd.add_subnet(bd_subnet9)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
t3_epg.add_infradomain(vdomain)
t4_epg.add_bd(bd)
t4_epg.add_infradomain(vdomain)
t5_epg.add_bd(bd)
t5_epg.add_infradomain(vdomain)
'''
Define a contract with a single entry
Additional entries can be added by duplicating "entry1"
'''
contract1 = Contract('allow_all', tenant)
entry1 = FilterEntry('all',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='unspecified',
prot='unspecified',
tcpRules='unspecified',
parent=contract1)
# All the EPGs provide and consume the contract
t1_epg.consume(contract1)
t1_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract1)
t3_epg.consume(contract1)
t3_epg.provide(contract1)
t4_epg.consume(contract1)
t4_epg.provide(contract1)
t5_epg.consume(contract1)
t5_epg.provide(contract1)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
# Uncomment the next lines if you want to see the configuration
# print('URL: ' + str(tenant.get_url()))
# print('JSON: ' + str(tenant.get_json()))
else:
print resp
print resp.text
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def pull_json_from_apic():
"""
:return: all the json files that relate to the copied application profile.
"""
def _push_to_list(l, i):
if i not in l:
l.append(i)
def _push_child_to_tenant(mo):
tenant_json['fvTenant']['children'].append(mo)
session = Session(from_apic['URL'], from_apic['LOGIN'],
from_apic['PASSWORD'])
resp = session.login()
if not resp.ok:
print '%% Could not login to APIC'
sys.exit()
app_json = get_app_json_from_apic(session, from_apic['application'])
# take out parameter 'dn':
del app_json['fvAp']['attributes']['dn']
cons = []
filters = []
bds = []
private_networks = []
# look for the contracts and bridge domains that are related
for epg in app_json['fvAp']['children']:
eliminated_children = []
for child in epg['fvAEPg']['children']:
if child.has_key('fvRsCons'):
_push_to_list(cons,
child['fvRsCons']['attributes']['tnVzBrCPName'])
if child.has_key('fvRsProv'):
_push_to_list(cons,
child['fvRsProv']['attributes']['tnVzBrCPName'])
if child.has_key('fvRsBd'):
_push_to_list(bds, child['fvRsBd']['attributes']['tnFvBDName'])
if child.has_key('fvRsNodeAtt') or child.has_key('fvRsPathAtt'):
eliminated_children.append(
epg['fvAEPg']['children'].index(child))
eliminated_children.sort(reverse=True)
for index in eliminated_children:
epg['fvAEPg']['children'].pop(index)
# achieve all the bridge domain json
bds_json = []
for bd in bds:
bd_json = get_bridge_domain_json_from_apic(session, bd)
del bd_json['fvBD']['attributes']['dn']
bds_json.append(bd_json)
if bd_json['fvBD']['children'][0]['fvRsCtx']['attributes'][
'tnFvCtxName']:
private_networks.append(bd_json['fvBD']['children'][0]['fvRsCtx']
['attributes']['tnFvCtxName'])
private_networks_json = []
for pn in private_networks:
pn_json = get_private_network_json_from_apic(session, pn)
del pn_json['fvCtx']['attributes']['dn']
private_networks_json.append(pn_json)
# achieve all the contracts json
contracts_json = []
for con in cons:
con_json = get_contracts_json_from_apic(session, con)
del con_json['vzBrCP']['attributes']['dn']
contracts_json.append(con_json)
# look for the filters that are related
for subj in con_json['vzBrCP']['children']:
if subj['vzSubj'].has_key('children'):
for filter in subj['vzSubj']['children']:
_push_to_list(
filters, filter['vzRsSubjFiltAtt']['attributes']
['tnVzFilterName'])
# achieve all the filters json
filters_json = []
for filter in filters:
fil_json = get_filters_json_from_apic(session, filter)
del fil_json['vzFilter']['attributes']['dn']
filters_json.append(fil_json)
# combine all the achieved json into one json object
tenant_json = {
'fvTenant': {
'attributes': {
'name': to_apic['tenant']
},
'children': []
}
}
_push_child_to_tenant(app_json)
for p_n in private_networks_json:
_push_child_to_tenant(p_n)
for b_j in bds_json:
_push_child_to_tenant(b_j)
for c_j in contracts_json:
_push_child_to_tenant(c_j)
for f_j in filters_json:
_push_child_to_tenant(f_j)
print "Successfully pull json from APIC."
return tenant_json
def main():
required = collect_required()
# Setup or credentials and session
description = ('Create 5 EPGs within the same Context, have them '
'provide and consume the same contract so that they '
'can communicate between eachother.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
try:
vdomain = EPGDomain.get_by_name(session,required[1])
except:
print "There was an error using " + required[1] + " as the VMMDomain. Are you sure it exists?"
exit()
# Create the Tenant
tenant = Tenant(required[0])
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
t4_epg = EPG(tier4_epg, app)
t5_epg = EPG(tier5_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
# Add all the IP Addresses to the bridge domain
bd_subnet5 = Subnet(tier1_epg, bd)
bd_subnet5.set_addr(tier1_subnet)
bd_subnet5.set_scope(subnet_scope)
bd.add_subnet(bd_subnet5)
bd_subnet6 = Subnet(tier2_epg, bd)
bd_subnet6.set_addr(tier2_subnet)
bd_subnet6.set_scope(subnet_scope)
bd.add_subnet(bd_subnet6)
bd_subnet7 = Subnet(tier3_epg, bd)
bd_subnet7.set_addr(tier3_subnet)
bd_subnet7.set_scope(subnet_scope)
bd.add_subnet(bd_subnet7)
bd_subnet8 = Subnet(tier4_epg, bd)
bd_subnet8.set_addr(tier4_subnet)
bd_subnet8.set_scope(subnet_scope)
bd.add_subnet(bd_subnet8)
bd_subnet9 = Subnet(tier5_epg, bd)
bd_subnet9.set_addr(tier5_subnet)
bd_subnet9.set_scope(subnet_scope)
bd.add_subnet(bd_subnet9)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
t3_epg.add_infradomain(vdomain)
t4_epg.add_bd(bd)
t4_epg.add_infradomain(vdomain)
t5_epg.add_bd(bd)
t5_epg.add_infradomain(vdomain)
'''
Define a contract with a single entry
Additional entries can be added by duplicating "entry1"
'''
contract1 = Contract('allow_all', tenant)
entry1 = FilterEntry('all',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='unspecified',
prot='unspecified',
tcpRules='unspecified',
parent=contract1)
# All the EPGs provide and consume the contract
t1_epg.consume(contract1)
t1_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract1)
t3_epg.consume(contract1)
t3_epg.provide(contract1)
t4_epg.consume(contract1)
t4_epg.provide(contract1)
t5_epg.consume(contract1)
t5_epg.provide(contract1)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
# Uncomment the next lines if you want to see the configuration
# print('URL: ' + str(tenant.get_url()))
# print('JSON: ' + str(tenant.get_json()))
else:
print resp
print resp.text
print('URL: ' + str(tenant.get_url()))
print('JSON: ' + str(tenant.get_json()))
def main():
""" Create 2 Tenants with a single EPG in each. Between the 2 tenants, the EPGs
communicate through an exported contract.
"""
description = (
"Create 2 Tenants with a single EPG in each. Between the 2 tenants,"
"the EPGs communicate through an exported contract.Create 2 EPGs "
"within the same Context and have 1 EPG provide a contract to the "
"other EPG."
)
creds = Credentials("apic", description)
args = creds.get()
# Create the first Tenant
tenant1 = Tenant("aci-toolkit-demo-1")
app1 = AppProfile("my-demo-app-1", tenant1)
web_epg = EPG("web-frontend", app1)
# Create the second Tenant
tenant2 = Tenant("aci-toolkit-demo-2")
app2 = AppProfile("my-demo-app-2", tenant2)
db_epg = EPG("database-backend", app2)
# Define a contract with a single entry
contract = Contract("mysql-contract", tenant2)
entry1 = FilterEntry(
"entry1",
applyToFrag="no",
arpOpc="unspecified",
dFromPort="3306",
dToPort="3306",
etherT="ip",
prot="tcp",
sFromPort="1",
sToPort="65535",
tcpRules="unspecified",
parent=contract,
)
# Provide the contract from 1 EPG
db_epg.provide(contract)
# Import the contract into the other tenant
imported_contract = ContractInterface("mysql-imported-contract", tenant1)
imported_contract.import_contract(contract)
# Consume the contract in the second tenant
web_epg.consume_cif(imported_contract)
# Login to APIC and push the config
session = Session(args.url, args.login, args.password)
session.login()
# Cleanup (uncomment the next 2 lines to delete the config)
# tenant1.mark_as_deleted()
# tenant2.mark_as_deleted()
for tenant in [tenant2, tenant1]:
resp = tenant.push_to_apic(session)
if resp.ok:
# Print what was sent
print("Pushed the following JSON to the APIC")
print("URL: " + str(tenant.get_url()))
print("JSON: " + str(tenant.get_json()))
def main():
# Setup or credentials and session
description = ('Create 3 EPGs within the same Context, have them '
'provide and consume contracts and attach them to '
'a vmm domain.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
vdomain = EPGDomain.get_by_name(session,vmmdomain)
# Create the Tenant
tenant = Tenant(this_tenant)
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
'''
Define a contract with a single entry
Additional entries can be added by duplicating the FilterEntry
Push to APIC after each FilterEntry if it is not the last
'''
contract1 = Contract('mysql-contract', tenant)
entry1 = FilterEntry('SQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract1)
contract2 = Contract('app-contract', tenant)
contract2.set_scope('application-profile')
entry1 = FilterEntry('Flask',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
tenant.push_to_apic(session)
entry2 = FilterEntry('Flask2',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5050',
dToPort='5050',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
contract3 = Contract('web-contract', tenant)
contract3.set_scope('application-profile')
entry1 = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract3)
# Provide the contract from 1 EPG and consume from the other
t3_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract2)
t1_epg.consume(contract2)
t1_epg.provide(contract3)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
def main():
description = ('Create 3 EPGs within the same Bridge Domain and have'
'2 EPGs provide a contract to the other EPG.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC and push the config
session = Session(args.url, args.login, args.password, verify_ssl=False)
log = session.login()
if log.ok:
print('Login to APIC successful !!!')
if not log.ok:
print('Error: Could not login to APIC')
print(log.status_code)
# Create the Tenant
name_tenant = input('Enter Tenant name: ')
tenant = Tenant(name_tenant)
tenant_resp = tenant.push_to_apic(session)
if tenant_resp.ok:
print('Tenant created successfully !!!')
if not tenant_resp.ok:
print('Error: Could not create Tenant')
print(tenant_resp.status_code)
# Gets vmm domain from APIC
vmm = VmmDomain.get_by_name(session, 'vCenter-ACI')
vmm_resp = tenant.push_to_apic(session)
if vmm_resp.ok:
print('VmmDomain: vCenter-ACI, opened successfully !!!')
if not vmm_resp.ok:
print('Error: Could not open VmmDomain: vCenter-ACI')
print(vmm_resp.status_code)
# Create the Application Profile
name_ap = input('Enter Application Profile name: ')
app = AppProfile(name_ap, tenant)
app_resp = tenant.push_to_apic(session)
if app_resp.ok:
print('Application Profile created successfully !!!')
if not app_resp.ok:
print('Error: Could not create Application Profile')
print(app_resp.status_code)
# Create the WEB EPG
web_epg = EPG('WEB', app)
web_resp = tenant.push_to_apic(session)
if web_resp.ok:
print('WEB epg created successfully !!!')
if not web_resp.ok:
print('Error: Could not create WEB epg')
print(web_resp.status_code)
# Create the DATA EPG
db_epg = EPG('DATA', app)
db_resp = tenant.push_to_apic(session)
if db_resp.ok:
print('DATA epg created successfully !!!')
if not db_resp.ok:
print('Error: Could not create DATA epg')
print(db_epg.status_code)
# Create the APP EPG
app_epg = EPG('APP', app)
app_resp = tenant.push_to_apic(session)
if app_resp.ok:
print('APP epg created successfully !!!')
if not app_resp.ok:
print('Error: Could not create APP epg')
print(app_epg.status_code)
# Associating EPGs to Vmm Domain
web_epg.attach(vmm)
db_epg.attach(vmm)
app_epg.attach(vmm)
# Create a BridgeDomain
# Place both EPGs in the Context and in the same BD
bd = BridgeDomain('BD-1', tenant)
web_epg.add_bd(bd)
db_epg.add_bd(bd)
app_epg.add_bd(bd)
# Define web-to app contract
contract1 = Contract('web-to-app', tenant)
entry1 = FilterEntry('entry1',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract1)
# Define app-to-data contract
contract2 = Contract('app-to-data', tenant)
entry2 = FilterEntry('entry2',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1433',
dToPort='1433',
etherT='ip',
prot='tcp',
sFromPort='1',
sToPort='65535',
tcpRules='unspecified',
parent=contract2)
# Provide the contract from 1 EPG and consume from the other
db_epg.provide(contract2)
web_epg.provide(contract1)
app_epg.consume(contract1)
app_epg.consume(contract2)
########### ClEANUP (uncomment the next line to delete the tenant)
#tenant.mark_as_deleted()
####################################
#Push all the config to apic
resp = tenant.push_to_apic(session)
if resp.ok:
print('All the configuration was pushed to APIC !!!')
if not resp.ok:
print('Error: Could not push configuration to APIC')
print(resp.status_code)