def get_nsxpolicy_wrapper(nsx_username=None,
nsx_password=None,
basic_auth=False):
#TODO(asarfaty) move to a different file? (under common_v3)
client_cert_provider = None
if not basic_auth:
# if basic auth requested, dont use cert file even if provided
client_cert_provider = get_client_cert_provider(
conf_path=cfg.CONF.nsx_p)
nsxlib_config = config.NsxLibConfig(
username=nsx_username or cfg.CONF.nsx_p.nsx_api_user,
password=nsx_password or cfg.CONF.nsx_p.nsx_api_password,
client_cert_provider=client_cert_provider,
retries=cfg.CONF.nsx_p.http_retries,
insecure=cfg.CONF.nsx_p.insecure,
ca_file=cfg.CONF.nsx_p.ca_file,
concurrent_connections=cfg.CONF.nsx_p.concurrent_connections,
http_timeout=cfg.CONF.nsx_p.http_timeout,
http_read_timeout=cfg.CONF.nsx_p.http_read_timeout,
conn_idle_timeout=cfg.CONF.nsx_p.conn_idle_timeout,
http_provider=None,
max_attempts=cfg.CONF.nsx_p.retries,
nsx_api_managers=cfg.CONF.nsx_p.nsx_api_managers,
plugin_scope=OS_NEUTRON_ID_SCOPE,
plugin_tag=NSX_NEUTRON_PLUGIN,
plugin_ver=n_version.version_info.release_string(),
allow_passthrough=cfg.CONF.nsx_p.allow_passthrough)
return policy.NsxPolicyLib(nsxlib_config)
def get_nsxlib_wrapper(nsx_username=None, nsx_password=None, basic_auth=False):
client_cert_provider = None
if not basic_auth:
# if basic auth requested, dont use cert file even if provided
client_cert_provider = get_client_cert_provider()
nsxlib_config = config.NsxLibConfig(
username=nsx_username or cfg.CONF.nsx_v3.nsx_api_user,
password=nsx_password or cfg.CONF.nsx_v3.nsx_api_password,
client_cert_provider=client_cert_provider,
retries=cfg.CONF.nsx_v3.http_retries,
insecure=cfg.CONF.nsx_v3.insecure,
ca_file=cfg.CONF.nsx_v3.ca_file,
concurrent_connections=cfg.CONF.nsx_v3.concurrent_connections,
http_timeout=cfg.CONF.nsx_v3.http_timeout,
http_read_timeout=cfg.CONF.nsx_v3.http_read_timeout,
conn_idle_timeout=cfg.CONF.nsx_v3.conn_idle_timeout,
http_provider=None,
max_attempts=cfg.CONF.nsx_v3.retries,
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
plugin_scope=OS_NEUTRON_ID_SCOPE,
plugin_tag=NSX_NEUTRON_PLUGIN,
plugin_ver=n_version.version_info.release_string(),
dns_nameservers=cfg.CONF.nsx_v3.nameservers,
dns_domain=cfg.CONF.nsx_v3.dns_domain)
return v3.NsxLib(nsxlib_config)
def __init__(self,
session_response=None,
username=None,
password=None,
retries=None,
insecure=None,
ca_file=None,
concurrent_connections=None,
http_timeout=None,
http_read_timeout=None,
conn_idle_timeout=None,
nsx_api_managers=None):
nsxlib_config = config.NsxLibConfig(
username=username or NSX_USER,
password=password or NSX_PASSWORD,
retries=retries or NSX_HTTP_RETRIES,
insecure=insecure if insecure is not None else NSX_INSECURE,
ca_file=ca_file or NSX_CERT,
concurrent_connections=(concurrent_connections
or NSX_CONCURENT_CONN),
http_timeout=http_timeout or NSX_HTTP_TIMEOUT,
http_read_timeout=http_read_timeout or NSX_HTTP_READ_TIMEOUT,
conn_idle_timeout=conn_idle_timeout or NSX_CONN_IDLE_TIME,
http_provider=NsxClientTestCase.MockHTTPProvider(
session_response=session_response),
nsx_api_managers=nsx_api_managers or [NSX_MANAGER],
plugin_scope=PLUGIN_SCOPE,
plugin_tag=PLUGIN_TAG,
plugin_ver=PLUGIN_VER)
super(NsxClientTestCase.MockNSXClusteredAPI,
self).__init__(nsxlib_config)
self._record = mock.Mock()
def __init__(self, args):
nsxlib_config = config.NsxLibConfig(username=args.mp_user,
password=args.mp_password,
nsx_api_managers=[args.mp_ip],
ca_file=args.mp_cert_file)
self.nsxlib = v3.NsxLib(nsxlib_config)
self.content_type = "application/json"
self.headers = {'content-type': self.content_type}
def get_nsxpolicy_lib(self):
""" Prepare agent for NSX Policy API calls"""
nsxlib_config = config.NsxLibConfig(
nsx_api_managers=[cfg.CONF.NSX_POLICY.nsx_policy_manager],
username=cfg.CONF.NSX_POLICY.nsx_policy_username,
password=cfg.CONF.NSX_POLICY.nsx_policy_password)
return v3.NsxPolicyLib(nsxlib_config)
def get_nsxmanager_client(self):
"""Prepare agent for NSX Manager API calls"""
nsxlib_config = config.NsxLibConfig(
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
username=cfg.CONF.nsx_v3.nsx_api_user,
password=cfg.CONF.nsx_v3.nsx_api_password)
return v3.NsxLib(nsxlib_config).client
def __init__(self, host, username, password, db_connection):
self.host = host
self.username = username
self.password = password
self.neutron_db = (NeutronNsxDB(db_connection)
if db_connection else None)
nsxlib_config = config.NsxLibConfig(
username=self.username,
password=self.password,
nsx_api_managers=[self.host],
# allow admin user to delete entities created
# under openstack principal identity
allow_overwrite_header=True)
self.nsxlib = v3.NsxLib(nsxlib_config)
def get_nsxlib_config_with_client_cert():
return config.NsxLibConfig(
client_cert_provider=client_cert.ClientCertProvider(CLIENT_CERT),
retries=NSX_HTTP_RETRIES,
insecure=NSX_INSECURE,
ca_file=NSX_CERT,
concurrent_connections=NSX_CONCURENT_CONN,
http_timeout=NSX_HTTP_TIMEOUT,
http_read_timeout=NSX_HTTP_READ_TIMEOUT,
conn_idle_timeout=NSX_CONN_IDLE_TIME,
http_provider=None,
nsx_api_managers=[],
plugin_scope=PLUGIN_SCOPE,
plugin_tag=PLUGIN_TAG,
plugin_ver=PLUGIN_VER)
def get_default_nsxlib_config():
return config.NsxLibConfig(username=NSX_USER,
password=NSX_PASSWORD,
retries=NSX_HTTP_RETRIES,
insecure=NSX_INSECURE,
ca_file=NSX_CERT,
concurrent_connections=NSX_CONCURENT_CONN,
http_timeout=NSX_HTTP_TIMEOUT,
http_read_timeout=NSX_HTTP_READ_TIMEOUT,
conn_idle_timeout=NSX_CONN_IDLE_TIME,
http_provider=None,
nsx_api_managers=[],
plugin_scope=PLUGIN_SCOPE,
plugin_tag=PLUGIN_TAG,
plugin_ver=PLUGIN_VER,
dns_nameservers=DNS_NAMESERVERS,
dns_domain=DNS_DOMAIN)
def __init__(self, host, username, password, nsx_cert, key, ca_cert,
cluster, read_only, shared_t0):
self.host = host
self.username = username
self.password = password
self.nsx_cert = nsx_cert
self.key = key
self.ca_cert = ca_cert
cert_provider = None
insecure = True
if nsx_cert and key:
self.fd, self.certpath = tempfile.mkstemp(dir='/tmp')
cert_provider = self._get_cert_provider(self.nsx_cert, self.key)
print("Authenticating with NSX using client certificate loaded "
"at %s and private key loaded at %s " % (nsx_cert, key))
if ca_cert:
insecure = False
else:
print("Authenticating with NSX using basic authentication")
nsxlib_config = config.NsxLibConfig(
username=self.username,
password=self.password,
client_cert_provider=cert_provider,
insecure=insecure,
ca_file=self.ca_cert,
nsx_api_managers=[self.host],
# allow admin user to delete entities created
# under openstack principal identity
allow_overwrite_header=True)
self._cluster = cluster
self._read_only = True if read_only == "yes" else False
self._shared_t0 = True if shared_t0 == "yes" else False
self.nsxlib = v3.NsxLib(nsxlib_config)
self._nsx_client = self.nsxlib.client
self._ip_pool_client = self._get_ip_pool_client(self._nsx_client)
self._router_port_client = self.nsxlib.logical_router_port
self._router_client = self._get_router_client(self._nsx_client)
self._routerlib = router.RouterLib(self._router_client,
self._router_port_client,
self.nsxlib)
def get_nsxlib_wrapper():
nsxlib_config = config.NsxLibConfig(
username=cfg.CONF.nsx_v3.nsx_api_user,
password=cfg.CONF.nsx_v3.nsx_api_password,
retries=cfg.CONF.nsx_v3.http_retries,
insecure=cfg.CONF.nsx_v3.insecure,
ca_file=cfg.CONF.nsx_v3.ca_file,
concurrent_connections=cfg.CONF.nsx_v3.concurrent_connections,
http_timeout=cfg.CONF.nsx_v3.http_timeout,
http_read_timeout=cfg.CONF.nsx_v3.http_read_timeout,
conn_idle_timeout=cfg.CONF.nsx_v3.conn_idle_timeout,
http_provider=None,
max_attempts=cfg.CONF.nsx_v3.retries,
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
plugin_scope=OS_NEUTRON_ID_SCOPE,
plugin_tag=NSX_NEUTRON_PLUGIN,
plugin_ver=n_version.version_info.release_string(),
dns_nameservers=cfg.CONF.nsx_v3.nameservers,
dns_domain=cfg.CONF.nsx_v3.dns_domain,
dhcp_profile_uuid=cfg.CONF.nsx_v3.dhcp_profile)
return v3.NsxLib(nsxlib_config)
def main(argv=sys.argv):
from vmware_nsxlib import v3
from vmware_nsxlib.v3 import config
op = None
resource_type = None
resource_id = None
resource_args = {}
policy_ip = os.environ.get('NSX_POLICY_IP')
policy_username = os.environ.get('NSX_POLICY_USERNAME')
policy_password = os.environ.get('NSX_POLICY_PASSWORD')
if not policy_ip or not policy_username or not policy_password:
print("Please provide policy appliance details in environment")
sys.exit(1)
usage = "Usage: %s -o <operation> -r <resource type> " \
"-i <resource id> -a <arg name=value>" % argv[0]
try:
opts, args = getopt.getopt(argv[1:], "to:r:i:a:c:")
except getopt.GetoptError:
print(usage)
sys.exit(1)
transaction = False
count = 1
for opt, val in opts:
if opt in ('-o'):
op = val
if op not in OPERATIONS:
print("Running custom operation %s" % op)
elif opt in ('-p'):
policy_ip = val
elif opt in ('-t'):
transaction = True
elif opt in ('-c'):
count = val
elif opt in ('-r'):
resource_type = val
if resource_type not in RESOURCES:
print("Choose resource from %s" % (RESOURCES, ))
sys.exit(1)
elif opt in ('-i'):
resource_id = val
elif opt in ('-a'):
arg = val.split("=")
if len(arg) != 2:
print(usage)
sys.exit(1)
resource_args[arg[0]] = arg[1]
print("Performing %s operation on %s %s" %
(op, resource_type, resource_id))
nsxlib_config = config.NsxLibConfig(nsx_api_managers=[policy_ip],
username=policy_username,
password=policy_password)
nsxlib = v3.NsxPolicyLib(nsxlib_config)
if op == 'get':
if not resource_id:
resource_id = "all"
result = get_resource(nsxlib, resource_type, resource_id)
print(json.dumps(result, indent=4))
elif op == 'create':
create_resource(nsxlib, transaction, int(count), resource_type,
resource_id, resource_args)
elif op == 'delete':
delete_resource(nsxlib, resource_type, resource_id)
elif op == 'update':
update_resource(nsxlib, resource_type, resource_id, resource_args)
elif op == 'state':
result = get_realized_state_for_resource(nsxlib, resource_type,
resource_id)
print(json.dumps(result, indent=4))
else:
custom_operation(nsxlib, op, resource_type, resource_id, resource_args)
