# Actively connecting ot the VSD API nc.start() print ('Auth success') # Root User nuage_user = nc.user domain = nuage_user.domains.get_first(filter='name == "Default Domain"') doimain.fetch() print domain.id #domain.fetch() domain.name = 'Superx' ent = nuage_user.enterprises.get_first(filter='name == "Joe"') #print ('This is the enterprise ') + ent.name job = vsdk.NUJob(command='EXPORT') # Creating export job for the Main VSPK Domain domain.create_child(job) # Printing the export result while True: job.fetch() if job.status == 'SUCCESS': # Using the export copy of the domain details from above import_job = vsdk.NUJob(command='IMPORT', parameters=job.result) ent.create_child(import_job) break
def build_tenant(): if request.method == 'POST': # Get form variable and make them session variable enterprise = request.form.get('enterprise') domain_new = request.form.get('domain') number_of_zones = request.form.get('zones') number_of_subnets_per_zone = request.form.get('subs') number_of_vports_per_subnet = request.form.get('vports') # set variable as integers number_of_zones = int(number_of_zones) number_of_subnets_per_zone = int(number_of_subnets_per_zone) number_of_vports_per_subnet = int(number_of_vports_per_subnet) if (' ' in enterprise): flash('Spaces are not allowed in Tenant name') return render_template('newtenant.html') if (' ' in domain_new): flash('Spaces are not allowed in Domain name') return render_template('newtenant.html') # Copy from an existing 3-Tier domain # Rename to the new domain name domain = nuage_user.domains.get_first( filter='name == "Default Domain"') domain.fetch() job = vsdk.NUJob(command='EXPORT') # Creating export job for the Main VSPK Domain domain.create_child(job) # Printing the export result while True: job.fetch() if job.status == 'SUCCESS': # Copy domain details to new Enterprise enterprise = vsdk.NUEnterprise(name=enterprise) nuage_user.create_child(enterprise) job.result['parameters']['domain'][0]['modifyableAttributes'][ 'name']['value'] = domain_new # Using the export copy of the domain details from above import_job = vsdk.NUJob(command='IMPORT', parameters=job.result) enterprise.create_child(import_job) break if job.status == 'FAILED': return render_template('fail_domain.html', var=enterprise) time.sleep(1) # Verify the import job has finished successfully while True: import_job.fetch() if import_job.status == 'SUCCESS': # get the new domain and provision it dom = nuage_user.domains.get_first(filter="name == '%s'" % domain_new) dom.fetch() # Adjust these numbers as required for differnet use cases is_template = dom.is_template() zone_class = vsdk.NUZoneTemplate if is_template else vsdk.NUZone subnet_class = vsdk.NUSubnetTemplate if is_template else vsdk.NUSubnet # generate a network and subnets network = ipaddress.ip_network(u'10.0.0.0/8') subnets = network.subnets(new_prefix=24) # create zones for i in range(0, number_of_zones): zone = zone_class(name=enterprise.name + "Zone%d" % i) dom.create_child(zone) dom.add_child(zone) #creates subnets for j in range(0, number_of_subnets_per_zone): # pull a subnet and get information about it subnetwork = subnets.next() ip = "%s" % subnetwork.network_address gw = "%s" % subnetwork.hosts().next() nm = "%s" % subnetwork.netmask subnet = subnet_class(name="Subnet%d%d" % (i, j), address=ip, netmask=nm, gateway=gw) zone.create_child(subnet) zone.add_child(subnet) # if the given domain is a template, we stop if is_template: break # Otherwise we create the VPorts for k in range(0, number_of_vports_per_subnet): vport = vsdk.NUVPort(name="VPort%d-%d-%d" % (i, j, k), type="VM", address_spoofing="INHERITED", multicast="INHERITED") subnet.create_child(vport) subnet.add_child(vport) # Now add the default ACCESS Contol Lists for Ingress/egress # Creating the job to begin the policy changes job = vsdk.NUJob(command='BEGIN_POLICY_CHANGES') dom.create_child(job) # wait for the job to finish while True: job.fetch() if job.status == 'SUCCESS': break if job.status == 'FAILED': return render_template('fail_acls.html', domain=domain) break time.sleep(1) # can be done with a while loop # Creating a new Ingress ACL ingressacl = vsdk.NUIngressACLTemplate( name='Middle Ingress ACL', priority_type= 'NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE) priority=100, default_allow_non_ip=True, default_allow_ip=True, allow_l2_address_spoof=False, active=True) dom.create_child(ingressacl) # Creating a new egressgress ACL # TODO find out what the real element names are egressacl = vsdk.NUEgressACLTemplate( name='Middle Egress ACL', priority_type= 'NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE) priority=100, default_allow_non_ip=True, default_allow_ip=True, allow_l2_address_spoof=False, active=True) dom.create_child(egressacl) # Creating a new Ingress ACL rule to allow database connectivity # from the Web-Tier Zone to the DB-Tier Zone from_network = dom.zones.get_first(filter='name == "WEBZone2"') to_network = dom.zones.get_first(filter='name == "DBZone2"') db_ingressacl_rule = vsdk.NUIngressACLEntryTemplate( action='FORWARD', description='Allow MySQL DB connections from WebZone2', ether_type='0x0800', location_type='ZONE', location_id=from_network.id, network_type='ZONE', network_id=to_network.id, protocol='6', source_port='*', destination_port='3306', dscp='*') ingressacl.create_child(db_ingressacl_rule) # Applying the changes to the domain job = vsdk.NUJob(command='APPLY_POLICY_CHANGES') dom.create_child(job) break if import_job.status == 'FAILED': return render_template('fail_domain.html', enterprise=enterprise) break time.sleep(1) return render_template('add_tenant_success.html')
from vspk import v3_2 as vsdk import time # Root User Login nc = vsdk.NUVSDSession(username='******', password='******', enterprise='csp', api_url="https://10.132.0.126:8443") nuage_user = nc.user # Actively connecting ot the VSD API nc.start() print ('Auth success') # Get the domain domain = nc.user.domains.get_first(filter='name == "Conservatory"') # Creating the job to begin the policy changes job = vsdk.NUJob(command='BEGIN_POLICY_CHANGES') domain.create_child(job) # wait for the job to finish while True: job.fetch() if job.status == 'SUCCESS': break if job.status == 'FAILED': print "Job failed!" break time.sleep(1)# can be done with a while loop # Creating a new Ingress ACL ingressacl = vsdk.NUIngressACLTemplate( name='Middle Ingress ACL', priority_type='NONE', # Possible values: TOP, NONE, BOTTOM (domain only accepts NONE)