def as_obj(self):
if getattr(self, 'type', None) == 'tunnel_interface':
return TunnelInterface(**vars(self))
return ClusterPhysicalInterface(**vars(self))
def create_bulk(cls,
name,
interfaces=None,
nodes=2,
cluster_mode="balancing",
primary_mgt=None,
backup_mgt=None,
primary_heartbeat=None,
log_server_ref=None,
domain_server_address=None,
location_ref=None,
default_nat=False,
enable_antivirus=False,
enable_gti=False,
comment=None,
snmp=None,
extra_opts=None,
**kw):
"""
Create bulk is called by the `create` constructor when creating a cluster engine.
This allows for multiple interfaces to be defined and passed in during element
creation.
:param dict snmp: SNMP dict should have keys `snmp_agent` str defining name of SNMPAgent,
`snmp_interface` which is a list of interface IDs, and optionally `snmp_location` which
is a string with the SNMP location name.
"""
primary_heartbeat = primary_mgt if not primary_heartbeat else primary_heartbeat
physical_interfaces = []
for interface in interfaces:
if "interface_id" not in interface:
raise CreateEngineFailed(
"Interface definitions must contain the interface_id "
"field. Failed to create engine: %s" % name)
if interface.get("type", None) == "tunnel_interface":
tunnel_interface = TunnelInterface(**interface)
physical_interfaces.append(
{"tunnel_interface": tunnel_interface})
else:
cluster_interface = ClusterPhysicalInterface(
primary_mgt=primary_mgt,
backup_mgt=backup_mgt,
primary_heartbeat=primary_heartbeat,
**interface)
physical_interfaces.append(
{"physical_interface": cluster_interface})
if snmp:
snmp_agent = dict(
snmp_agent_ref=snmp.get("snmp_agent", ""),
snmp_location=snmp.get("snmp_location", ""),
)
snmp_agent.update(snmp_interface=add_snmp(
interfaces, snmp.get("snmp_interface", [])))
try:
engine = super(FirewallCluster, cls)._create(
name=name,
node_type="firewall_node",
physical_interfaces=physical_interfaces,
domain_server_address=domain_server_address,
log_server_ref=log_server_ref,
location_ref=location_ref,
enable_gti=enable_gti,
nodes=nodes,
enable_antivirus=enable_antivirus,
default_nat=default_nat,
snmp_agent=snmp_agent if snmp else None,
comment=comment,
**extra_opts if extra_opts else {})
engine.update(cluster_mode=cluster_mode)
return ElementCreator(cls, json=engine)
except (ElementNotFound, CreateElementFailed) as e:
raise CreateEngineFailed(e)
def add_layer3_cluster_interface(self, interface_id, cluster_virtual=None,
network_value=None, macaddress=None, nodes=None, cvi_mode='packetdispatch',
zone_ref=None, comment=None, **kw):
"""
Add cluster virtual interface. A "CVI" interface is used as a VIP
address for clustered engines. Providing 'nodes' will create the
node specific interfaces. You can also add a cluster address with only
a CVI, or only NDI's.
Add CVI only::
engine.physical_interface.add_cluster_virtual_interface(
interface_id=30,
cluster_virtual='30.30.30.1',
network_value='30.30.30.0/24',
macaddress='02:02:02:02:02:06')
Add NDI's only::
engine.physical_interface.add_cluster_virtual_interface(
interface_id=30,
nodes=nodes)
Add CVI and NDI's::
engine.physical_interface.add_cluster_virtual_interface(
cluster_virtual='5.5.5.1',
network_value='5.5.5.0/24',
macaddress='02:03:03:03:03:03',
nodes=[{'address':'5.5.5.2', 'network_value':'5.5.5.0/24', 'nodeid':1},
{'address':'5.5.5.3', 'network_value':'5.5.5.0/24', 'nodeid':2}])
.. versionchanged:: 0.6.1
Renamed from add_cluster_virtual_interface
:param str,int interface_id: physical interface identifier
:param str cluster_virtual: CVI address (VIP) for this interface
:param str network_value: network value for VIP; format: 10.10.10.0/24
:param str macaddress: mandatory mac address if cluster_virtual and
cluster_mask provided
:param list nodes: list of dictionary items identifying cluster nodes
:param str cvi_mode: packetdispatch is recommended setting
:param str zone_ref: zone reference, can be name, href or Zone
:param kw: key word arguments are valid NodeInterface sub-interface
settings passed in during create time. For example, 'backup_mgt=True'
to enable this interface as the management backup.
:raises EngineCommandFailed: failure creating interface
:return: None
"""
interfaces = [{'nodes': nodes if nodes else [],
'cluster_virtual': cluster_virtual, 'network_value': network_value}]
try:
interface = self._engine.interface.get(interface_id)
interface._add_interface(interface_id, interfaces=interfaces)
return interface.update()
except InterfaceNotFound:
interface = ClusterPhysicalInterface(
engine=self._engine,
interface_id=interface_id,
interfaces=interfaces,
cvi_mode=cvi_mode if macaddress else 'none',
macaddress=macaddress,
zone_ref=zone_ref, comment=comment, **kw)
return self._engine.add_interface(interface)
def add_layer3_vlan_cluster_interface(self, interface_id, vlan_id,
nodes=None, cluster_virtual=None, network_value=None, macaddress=None,
cvi_mode='packetdispatch', zone_ref=None, comment=None):
"""
Add IP addresses to VLANs on a firewall cluster. The minimum params
required are ``interface_id`` and ``vlan_id``.
To create a VLAN interface with a CVI, specify ``cluster_virtual``,
``cluster_mask`` and ``macaddress``.
To create a VLAN with only NDI, specify ``nodes`` parameter.
Nodes data structure is expected to be in this format::
nodes=[{'address':'5.5.5.2', 'network_value':'5.5.5.0/24', 'nodeid':1},
{'address':'5.5.5.3', 'network_value':'5.5.5.0/24', 'nodeid':2}]
:param str,int interface_id: interface id to assign VLAN.
:param str,int vlan_id: vlan identifier
:param list nodes: optional addresses for node interfaces (NDI's). For a cluster,
each node will require an address specified using the nodes format.
:param str cluster_virtual: cluster virtual ip address (optional). If specified, cluster_mask
parameter is required
:param str network_value: Specifies the network address, i.e. if cluster virtual is 1.1.1.1,
cluster mask could be 1.1.1.0/24.
:param str macaddress: (optional) if used will provide the mapping from node interfaces
to participate in load balancing.
:param str cvi_mode: cvi mode for cluster interface (default: packetdispatch)
:param zone_ref: zone to assign, can be name, str href or Zone
:raises EngineCommandFailed: failure creating interface
:return: None
.. note::
If the ``interface_id`` specified already exists, it is still possible
to add additional VLANs and interface addresses.
"""
interfaces = {'nodes': nodes if nodes else [],
'cluster_virtual': cluster_virtual, 'network_value': network_value}
_interface = {'interface_id': interface_id, 'interfaces': [interfaces],
'macaddress': macaddress, 'cvi_mode': cvi_mode if macaddress else 'none',
'zone_ref': zone_ref, 'comment': comment}
try:
interface = self._engine.interface.get(interface_id)
vlan = interface.vlan_interface.get(vlan_id)
# Interface exists, so we need to update but check if VLAN already exists
if vlan is None:
interfaces.update(vlan_id=vlan_id)
interface._add_interface(**_interface)
else:
for k in ('macaddress', 'cvi_mode'):
_interface.pop(k)
_interface.update(interface_id='{}.{}'.format(interface_id, vlan_id))
vlan._add_interface(**_interface)
return interface.update()
except InterfaceNotFound:
interfaces.update(vlan_id=vlan_id)
interface = ClusterPhysicalInterface(**_interface)
return self._engine.add_interface(interface)
def create_bulk(cls,
name,
interfaces=None,
nodes=2,
cluster_mode='balancing',
primary_mgt=None,
backup_mgt=None,
primary_heartbeat=None,
log_server_ref=None,
domain_server_address=None,
location_ref=None,
default_nat=False,
enable_antivirus=False,
enable_gti=False,
comment=None,
snmp=None,
**kw):
"""
:param dict snmp: SNMP dict should have keys `snmp_agent` str defining name of SNMPAgent,
`snmp_interface` which is a list of interface IDs, and optionally `snmp_location` which
is a string with the SNMP location name.
"""
primary_heartbeat = primary_mgt if not primary_heartbeat else primary_heartbeat
physical_interfaces = []
for interface in interfaces:
if 'interface_id' not in interface:
raise CreateEngineFailed(
'Interface definitions must contain the interface_id '
'field. Failed to create engine: %s' % name)
if interface.get('type', None) == 'tunnel_interface':
tunnel_interface = TunnelInterface(**interface)
physical_interfaces.append(
{'tunnel_interface': tunnel_interface})
else:
cluster_interface = ClusterPhysicalInterface(
primary_mgt=primary_mgt,
backup_mgt=backup_mgt,
primary_heartbeat=primary_heartbeat,
**interface)
physical_interfaces.append(
{'physical_interface': cluster_interface})
if snmp:
snmp_agent = dict(snmp_agent_ref=snmp.get('snmp_agent', ''),
snmp_location=snmp.get('snmp_location', ''))
snmp_agent.update(snmp_interface=add_snmp(
interfaces, snmp.get('snmp_interface', [])))
try:
engine = super(FirewallCluster, cls)._create(
name=name,
node_type='firewall_node',
physical_interfaces=physical_interfaces,
domain_server_address=domain_server_address,
log_server_ref=log_server_ref,
location_ref=location_ref,
nodes=nodes,
enable_gti=enable_gti,
enable_antivirus=enable_antivirus,
default_nat=default_nat,
snmp_agent=snmp_agent if snmp else None,
comment=comment)
engine.update(cluster_mode=cluster_mode)
return ElementCreator(cls, json=engine)
except (ElementNotFound, CreateElementFailed) as e:
raise CreateEngineFailed(e)