def createPodPolicy(config): fabricInst = aciFabric.Inst(aciPol.Uni('')) aciDateTime.Format(fabricInst, name='default', tz=config.timezone) datetimePol = aciDateTime.Pol(fabricInst, name='default') for ntp in config.ntpList: datetimeNtpProv = aciDateTime.NtpProv(datetimePol, preferred=ntp['preferred'], name=ntp['name'], descr=ntp['descr']) aciDateTime.RsNtpProvToEpg(datetimeNtpProv, tDn='uni/tn-mgmt/mgmtp-default/oob-default') bgpInstPol = aciBgp.InstPol(fabricInst, name='default') aciBgp.AsP(bgpInstPol, name='aspn', asn=config.bgpAsn) bgpRRP = aciBgp.RRP(bgpInstPol, name='route-reflector') for rrNodeId in getRrNodeIdList(config.fabricNodes): aciBgp.RRNodePEp(bgpRRP, id=rrNodeId) fabricFuncP = aciFabric.FuncP(fabricInst) fabricPodPGrp = aciFabric.PodPGrp(fabricFuncP, name='default-PodPolicyGroup') aciFabric.RsPodPGrpBGPRRP(fabricPodPGrp, tnBgpInstPolName='default') aciFabric.RsTimePol(fabricPodPGrp, tnDatetimePolName='default') aciFabric.RsPodPGrpIsisDomP(fabricPodPGrp, tnIsisDomPolName='default') aciFabric.RsPodPGrpCoopP(fabricPodPGrp, tnCoopPolName='default') aciFabric.RsCommPol(fabricPodPGrp, tnCommPolName='default') aciFabric.RsSnmpPol(fabricPodPGrp, tnSnmpPolName='default') fabricPodP = aciFabric.PodP(fabricInst, name='default') fabricPodS = aciFabric.PodS(fabricPodP, type='ALL', name='default') aciFabric.RsPodPGrp(fabricPodS, tDn=fabricPodPGrp.dn) return fabricInst
def create_vpc_protection_groups(policies, fabricNodes): mo = aciFabric.Inst(aciPol.Uni('')) for policy in policies: # Create the VPC Protection Policy fabricProtPol = aciFabric.ProtPol(mo, name=policy['name'], pairT=policy['pairT']) # Information passed are node names, we need node IDs leafs = dict([n.name, n.id] for n in fabricNodes if n.role == 'leaf') # Create the specific pairing for vpc_id, members in policy['vpc_pairs'].items(): vpc_name = 'VPC-EPG-{0}'.format('-'.join(members)) vpcEpg = aciFabric.ExplicitGEp(fabricProtPol, name=vpc_name, id=vpc_id) # Bind the domain policy to it aciFabric.RsVpcInstPol( vpcEpg, tnVpcInstPolName=policy['vpc_domain_policy']) # Add the node members to it for node in members: aciFabric.NodePEp(vpcEpg, id=leafs[node], podId=policy['podId']) return mo
def configureBackupPolicy(config): fabricInst = aciFabric.Inst(aciPol.Uni('')) fileRemotePath = aciFile.RemotePath(fabricInst, userName=config['path']['user'], remotePort=config['path']['port'], protocol=config['path']['protocol'], name=config['path']['name'], descr=config['path']['descr'], userPasswd=config['path']['password'], host=config['path']['host'], remotePath=config['path']['remotePath'] ) aciFile.RsARemoteHostToEpg(fileRemotePath, tDn='uni/tn-mgmt/mgmtp-default/oob-default') trigSchedP = aciTrig.SchedP(fabricInst, name=config['schedule']['name']) aciTrig.RecurrWindowP(trigSchedP, name=config['schedule']['period'], hour=config['schedule']['hour']) configExportP = aciConfig.ExportP(fabricInst, name=config['name'], descr=config['descr'], adminSt='triggered') aciConfig.RsExportScheduler(configExportP, tnTrigSchedPName=config['schedule']['name']) aciConfig.RsRemotePath(configExportP, tnFileRemotePathName=config['path']['name']) return fabricInst
def create_ntp_policy(mo, policy): if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) datetimePol = aciNtp.Pol(mo, name=policy['name'], adminSt=policy['adminSt'], authSt=policy['authSt'], serverState=policy['serverState'], masterMode=policy['masterMode']) for id, prov in enumerate(policy['datetimeNtpProv']): # aciNtp.NtpAuthKey( # datetimePol, id=str(id+1), # key=prov['key'], keyType=prov['keyType'], trusted=prov['trusted'] # ) prov = aciNtp.NtpProv(datetimePol, name=prov['name'], preferred=prov['preferred'], minPoll=prov['minPoll'], maxPoll=prov['maxPoll'], keyId=str(id + 1)) # aciNtp.RsNtpProvToNtpAuthKey(prov, tnDatetimeNtpAuthKeyId=str(id+1)) aciNtp.RsNtpProvToEpg(prov, tDn='uni/tn-mgmt/mgmtp-default/oob-default') return mo
def create_bgp_policy(mo, policy, nodes): """ If nodes is passed, it's a dictionary of "name": "id" info for the fabric nodes (non-controller) """ # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) # Create top level BGP policy bgpInstPol = aciBgp.InstPol(mo, name=policy['name']) # Add ASN daughter aciBgp.AsP(bgpInstPol, asn=policy['bgpAsP']['asn']) # Add BGP (Internal) RR Fabric Policy aciRRP = aciBgp.RRP(bgpInstPol) # Add BGP (Internal) RR node podId = policy['bgpRRP']['podId'] for rr in policy['bgpRRP']['bgpRRNodePEp']: nodeId = nodes[rr] aciBgp.RRNodePEp(aciRRP, id=nodeId, podId=podId) return mo
def create_snmp_policy(mo, policy): # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) snmpPol = snmp.Pol(mo, name=policy['name'], adminSt=policy['adminSt'], contact=policy['contact'], loc=policy['loc']) for user in policy['snmpUserP']: snmp.UserP(snmpPol, name=user['name'], authType=user['authType'], privType=user['privType'], authKey=user['authKey'], privkey=user['privKey']) for trap in policy['snmpTrapFwdServerP']: snmp.TrapFwdServerP(snmpPol, addr=trap['addr'], port=trap['port']) for comm in policy['snmpCommunityP']: snmp.CommunityP(snmpPol, name=comm['name']) for clientGrp in policy['snmpClientGrpP']: clntGrp = snmp.ClientGrpP(snmpPol, name=clientGrp['name']) snmp.RsEpg(clntGrp, tDn='uni/tn-mgmt/mgmtp-default/oob-default') for client in clientGrp['snmpClientP']: snmp.ClientP(clntGrp, name=client['name'], addr=client['addr']) return mo
def create_coop_policy(mo, policy): # Validate input required_attributes(coop_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) aciCoop.Pol(mo, name=policy['name'], type=policy['type']) return mo
def create_snmp_group_policy(mo, policy): # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) snmpGroup = snmp.Group(mo, name=policy['name']) for dest in policy['snmpTrapDest']: trapDest = snmp.TrapDest(snmpGroup, host=dest['host'], port=dest['port'], notifT=dest['notifT'], ver=dest['ver'], secName=dest['secName'], v3SecLvl=dest['v3SecLvl']) aciFile.RsARemoteHostToEpg(trapDest, tDn='uni/tn-mgmt/mgmtp-default/oob-default') return mo
def create_dns_policy(mo, policy): if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) dnsProfile = aciDNS.Profile(mo, name=policy['name']) aciDNS.RsProfileToEpg(dnsProfile, tDn='uni/tn-mgmt/mgmtp-default/oob-default') for provider in policy['dnsProv']: aciDNS.Prov(dnsProfile, addr=provider['addr'], preferred=provider['preferred']) for domain in policy['dnsDomain']: aciDNS.Domain(dnsProfile, name=domain['name'], isDefault=domain['isDefault']) return mo
def create_syslog_policy(mo, policy): if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) slGrp = aciSyslog.Group(mo, name=policy['name'], format=policy['format'], includeMilliSeconds=policy['includeMilliSeconds']) p = policy['syslogProf'] aciSyslog.Prof(slGrp, name=p['name'], adminState=p['adminState']) p = policy['syslogFile'] aciSyslog.File(slGrp, adminState=p['adminState'], format=p['format'], severity=p['severity']) p = policy['syslogConsole'] aciSyslog.Console(slGrp, adminState=p['adminState'], format=p['format'], severity=p['severity']) # Remote destinations for d in policy['syslogRemoteDest']: dest = aciSyslog.RemoteDest(slGrp, name=d['name'], host=d['host'], port=d['port'], adminState=d['adminState'], format=d['format'], severity=d['severity'], forwardingFacility=d['forwardingFacility']) aciFile.RsARemoteHostToEpg(dest, tDn='uni/tn-mgmt/mgmtp-default/oob-default') return mo