# Actively connecting ot the VSD API
nc.start()
print ('Auth success')
# Root User
nuage_user = nc.user
domain = nuage_user.domains.get_first(filter='name == "Default Domain"')
doimain.fetch()
print domain.id
#domain.fetch()
domain.name = 'Superx'
ent = nuage_user.enterprises.get_first(filter='name == "Joe"')
#print ('This is the enterprise ') + ent.name
job = vsdk.NUJob(command='EXPORT')
# Creating export job for the Main VSPK Domain
domain.create_child(job)
# Printing the export result
while True:
job.fetch()
if job.status == 'SUCCESS':
# Using the export copy of the domain details from above
import_job = vsdk.NUJob(command='IMPORT', parameters=job.result)
ent.create_child(import_job)
break
def build_tenant():
if request.method == 'POST':
# Get form variable and make them session variable
enterprise = request.form.get('enterprise')
domain_new = request.form.get('domain')
number_of_zones = request.form.get('zones')
number_of_subnets_per_zone = request.form.get('subs')
number_of_vports_per_subnet = request.form.get('vports')
# set variable as integers
number_of_zones = int(number_of_zones)
number_of_subnets_per_zone = int(number_of_subnets_per_zone)
number_of_vports_per_subnet = int(number_of_vports_per_subnet)
if (' ' in enterprise):
flash('Spaces are not allowed in Tenant name')
return render_template('newtenant.html')
if (' ' in domain_new):
flash('Spaces are not allowed in Domain name')
return render_template('newtenant.html')
# Copy from an existing 3-Tier domain
# Rename to the new domain name
domain = nuage_user.domains.get_first(
filter='name == "Default Domain"')
domain.fetch()
job = vsdk.NUJob(command='EXPORT')
# Creating export job for the Main VSPK Domain
domain.create_child(job)
# Printing the export result
while True:
job.fetch()
if job.status == 'SUCCESS':
# Copy domain details to new Enterprise
enterprise = vsdk.NUEnterprise(name=enterprise)
nuage_user.create_child(enterprise)
job.result['parameters']['domain'][0]['modifyableAttributes'][
'name']['value'] = domain_new
# Using the export copy of the domain details from above
import_job = vsdk.NUJob(command='IMPORT',
parameters=job.result)
enterprise.create_child(import_job)
break
if job.status == 'FAILED':
return render_template('fail_domain.html', var=enterprise)
time.sleep(1)
# Verify the import job has finished successfully
while True:
import_job.fetch()
if import_job.status == 'SUCCESS':
# get the new domain and provision it
dom = nuage_user.domains.get_first(filter="name == '%s'" %
domain_new)
dom.fetch()
# Adjust these numbers as required for differnet use cases
is_template = dom.is_template()
zone_class = vsdk.NUZoneTemplate if is_template else vsdk.NUZone
subnet_class = vsdk.NUSubnetTemplate if is_template else vsdk.NUSubnet
# generate a network and subnets
network = ipaddress.ip_network(u'10.0.0.0/8')
subnets = network.subnets(new_prefix=24)
# create zones
for i in range(0, number_of_zones):
zone = zone_class(name=enterprise.name + "Zone%d" % i)
dom.create_child(zone)
dom.add_child(zone)
#creates subnets
for j in range(0, number_of_subnets_per_zone):
# pull a subnet and get information about it
subnetwork = subnets.next()
ip = "%s" % subnetwork.network_address
gw = "%s" % subnetwork.hosts().next()
nm = "%s" % subnetwork.netmask
subnet = subnet_class(name="Subnet%d%d" % (i, j),
address=ip,
netmask=nm,
gateway=gw)
zone.create_child(subnet)
zone.add_child(subnet)
# if the given domain is a template, we stop
if is_template:
break
# Otherwise we create the VPorts
for k in range(0, number_of_vports_per_subnet):
vport = vsdk.NUVPort(name="VPort%d-%d-%d" %
(i, j, k),
type="VM",
address_spoofing="INHERITED",
multicast="INHERITED")
subnet.create_child(vport)
subnet.add_child(vport)
# Now add the default ACCESS Contol Lists for Ingress/egress
# Creating the job to begin the policy changes
job = vsdk.NUJob(command='BEGIN_POLICY_CHANGES')
dom.create_child(job)
# wait for the job to finish
while True:
job.fetch()
if job.status == 'SUCCESS':
break
if job.status == 'FAILED':
return render_template('fail_acls.html', domain=domain)
break
time.sleep(1) # can be done with a while loop
# Creating a new Ingress ACL
ingressacl = vsdk.NUIngressACLTemplate(
name='Middle Ingress ACL',
priority_type=
'NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE)
priority=100,
default_allow_non_ip=True,
default_allow_ip=True,
allow_l2_address_spoof=False,
active=True)
dom.create_child(ingressacl)
# Creating a new egressgress ACL
# TODO find out what the real element names are
egressacl = vsdk.NUEgressACLTemplate(
name='Middle Egress ACL',
priority_type=
'NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE)
priority=100,
default_allow_non_ip=True,
default_allow_ip=True,
allow_l2_address_spoof=False,
active=True)
dom.create_child(egressacl)
# Creating a new Ingress ACL rule to allow database connectivity
# from the Web-Tier Zone to the DB-Tier Zone
from_network = dom.zones.get_first(filter='name == "WEBZone2"')
to_network = dom.zones.get_first(filter='name == "DBZone2"')
db_ingressacl_rule = vsdk.NUIngressACLEntryTemplate(
action='FORWARD',
description='Allow MySQL DB connections from WebZone2',
ether_type='0x0800',
location_type='ZONE',
location_id=from_network.id,
network_type='ZONE',
network_id=to_network.id,
protocol='6',
source_port='*',
destination_port='3306',
dscp='*')
ingressacl.create_child(db_ingressacl_rule)
# Applying the changes to the domain
job = vsdk.NUJob(command='APPLY_POLICY_CHANGES')
dom.create_child(job)
break
if import_job.status == 'FAILED':
return render_template('fail_domain.html',
enterprise=enterprise)
break
time.sleep(1)
return render_template('add_tenant_success.html')
from vspk import v3_2 as vsdk
import time
# Root User Login
nc = vsdk.NUVSDSession(username='******', password='******', enterprise='csp', api_url="https://10.132.0.126:8443")
nuage_user = nc.user
# Actively connecting ot the VSD API
nc.start()
print ('Auth success')
# Get the domain
domain = nc.user.domains.get_first(filter='name == "Conservatory"')
# Creating the job to begin the policy changes
job = vsdk.NUJob(command='BEGIN_POLICY_CHANGES')
domain.create_child(job)
# wait for the job to finish
while True:
job.fetch()
if job.status == 'SUCCESS':
break
if job.status == 'FAILED':
print "Job failed!"
break
time.sleep(1)# can be done with a while loop
# Creating a new Ingress ACL
ingressacl = vsdk.NUIngressACLTemplate(
name='Middle Ingress ACL',
priority_type='NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE)