def GenerateDefaultPortSetting():
"""
Generates default port settings for a portgroup matching VCs defaults.
"""
cfg = Vim.Dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
bPolicy= Vim.BoolPolicy(inherited = False,
value = False)
iPolicy = Vim.IntPolicy(inherited = False,
value = 10)
cfg.SetBlocked(bPolicy)
shaping = Vim.Dvs.DistributedVirtualPort.TrafficShapingPolicy(enabled = bPolicy)
shaping.SetInherited(False)
cfg.SetInShapingPolicy(shaping)
cfg.SetOutShapingPolicy(shaping)
cfg.SetIpfixEnabled(bPolicy)
security = Vim.Dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(allowPromiscuous = bPolicy,
forgedTransmits = bPolicy,
macChanges = bPolicy)
security.SetInherited(False)
cfg.SetSecurityPolicy(security)
numericRange = Vim.NumericRange(start = 1,
end = 4094)
vlan = Vim.Dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
vlan.SetInherited(False)
vlan.GetVlanId().append(numericRange)
cfg.SetVlan(vlan)
# Set failover policy
bPolicy1 = Vim.BoolPolicy(inherited = False,
value = True)
failoverPolicy = Vim.Dvs.VmwareDistributedVirtualSwitch.UplinkPortTeamingPolicy()
failoverPolicy.SetInherited(False)
failureCriteria = Vim.Dvs.VmwareDistributedVirtualSwitch.FailureCriteria()
failureCriteria.SetInherited(False)
sPolicy = Vim.StringPolicy(inherited = False,
value = "exact")
failureCriteria.SetCheckSpeed(sPolicy)
failureCriteria.SetFullDuplex(bPolicy1)
failureCriteria.SetCheckErrorPercent(bPolicy1)
failureCriteria.SetPercentage(iPolicy)
failureCriteria.SetSpeed(iPolicy)
teamingPolicy = Vim.StringPolicy()
teamingPolicy.SetInherited(False)
teamingPolicy.SetValue('loadbalance_srcid')
failoverPolicy.SetPolicy(teamingPolicy)
failoverPolicy.SetFailureCriteria(failureCriteria)
cfg.SetUplinkTeamingPolicy(failoverPolicy)
return cfg
def set_network_security_policy(options):
""" Function to configure security policy on the network
to work in nested environment
@param options cli options to this script
@return None
"""
network = get_network_on_vc(options)
name = get_network_name(options)
config_spec = Vim.Dvs.DistributedVirtualPortgroup.ConfigSpec()
config_info = network.GetConfig()
config_spec.description = config_info.name
config_spec.name = name
config_spec.configVersion = config_info.configVersion
true_policy = Vim.BoolPolicy()
true_policy.value = True
dvs_port_setting = Vim.VMwareDVSPortSetting()
security_policy = Vim.DVSSecurityPolicy()
security_policy.allowPromiscuous = true_policy
security_policy.forgedTransmits = true_policy
security_policy.macChanges = true_policy
security_policy.inherited = False
dvs_port_setting.securityPolicy = security_policy
config_spec.defaultPortConfig = dvs_port_setting
network.ReconfigureDVPortgroup_Task(config_spec)