def create_contract(appProfileName):
aContract = Contract(appProfileName, theTenant)
aContract.set_scope('application-profile')
entry = FilterEntry('HTTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='80',
dToPort='80',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
entry = FilterEntry('Ping',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='ip',
prot='icmp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
entry = FilterEntry('SSH',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='23',
dToPort='23',
etherT='ip',
prot='tcp',
stateful='no',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
return aContract
def create_contract(appProfileName):
aContract = Contract(appProfileName, theTenant)
aContract.set_scope('application-profile')
entry = FilterEntry('HTTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='80',
dToPort='80',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
entry = FilterEntry('Ping',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='ip',
prot='icmp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
entry = FilterEntry('SSH',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='23',
dToPort='23',
etherT='ip',
prot='tcp',
stateful='no',
tcpRules='unspecified',
parent=aContract)
push_to_APIC()
return aContract
def create_base_contracts():
aContract = Contract('Outbound_Access', theTenant)
aContract.set_scope('context')
def create_base_contracts():
aContract = Contract('Outbound_Access', theTenant)
aContract.set_scope('context')
def main():
# Setup or credentials and session
description = ('Create 3 EPGs within the same Context, have them '
'provide and consume contracts and attach them to '
'a vmm domain.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
vdomain = EPGDomain.get_by_name(session, vmmdomain)
# Create the Tenant
tenant = Tenant(this_tenant)
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
'''
Define a contract with a single entry
Additional entries can be added by duplicating the FilterEntry
Push to APIC after each FilterEntry if it is not the last
'''
contract1 = Contract('mysql-contract', tenant)
entry1 = FilterEntry('SQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract1)
contract2 = Contract('app-contract', tenant)
contract2.set_scope('application-profile')
entry1 = FilterEntry('Flask',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
tenant.push_to_apic(session)
entry2 = FilterEntry('Flask2',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5050',
dToPort='5050',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
contract3 = Contract('web-contract', tenant)
contract3.set_scope('application-profile')
entry1 = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract3)
# Provide the contract from 1 EPG and consume from the other
t3_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract2)
t1_epg.consume(contract2)
t1_epg.provide(contract3)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
def create_all_contracts(theTenant, session):
''' Services and Outbound Server '''
aContract = Contract('Outbound_Server', theTenant)
aContract.set_scope('context')
entry = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('HTTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='80',
dToPort='80',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('DNS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='53',
dToPort='53',
etherT='ip',
prot='udp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('NTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='123',
dToPort='123',
etherT='ip',
prot='udp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='ip',
prot='icmp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
''' Web '''
aContract = Contract('Web', theTenant)
aContract.set_scope('context')
entry = FilterEntry('HTTPS', parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('HTTP', parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping', parent=aContract)
push_to_APIC(theTenant, session)
''' Management '''
aContract = Contract('Management', theTenant)
aContract.set_scope('context')
entry = FilterEntry('Telnet',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='22',
dToPort='22',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('SSH',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='23',
dToPort='23',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping', parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('RDP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3389',
dToPort='3389',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
aContract = Contract('Application', theTenant)
aContract.set_scope('application-profile')
entry = FilterEntry('HTTPS', parent=aContract)
push_to_APIC(theTenant, session)
''' Applications '''
entry = FilterEntry('FLASK',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('NODE',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='8000',
dToPort='8000',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
''' Database '''
aContract = Contract('DataBase', theTenant)
aContract.set_scope('context')
entry = FilterEntry('MySQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1521-22',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1521',
dToPort='1522',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1525',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1525',
dToPort='1525',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1529',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1529',
dToPort='1529',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
def create_all_contracts(theTenant, session):
''' Services and Outbound Server '''
aContract = Contract('Outbound_Server', theTenant)
aContract.set_scope('context')
entry = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('HTTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='80',
dToPort='80',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('DNS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='53',
dToPort='53',
etherT='ip',
prot='udp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('NTP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='123',
dToPort='123',
etherT='ip',
prot='udp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='unspecified',
dToPort='unspecified',
etherT='ip',
prot='icmp',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
''' Web '''
aContract = Contract('Web', theTenant)
aContract.set_scope('context')
entry = FilterEntry('HTTPS',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('HTTP',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping',
parent=aContract)
push_to_APIC(theTenant, session)
''' Management '''
aContract = Contract('Management', theTenant)
aContract.set_scope('context')
entry = FilterEntry('Telnet',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='22',
dToPort='22',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('SSH',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='23',
dToPort='23',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Ping',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('RDP',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3389',
dToPort='3389',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
aContract = Contract('Application', theTenant)
aContract.set_scope('application-profile')
entry = FilterEntry('HTTPS',
parent=aContract)
push_to_APIC(theTenant, session)
''' Applications '''
entry = FilterEntry('FLASK',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('NODE',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='8000',
dToPort='8000',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
''' Database '''
aContract = Contract('DataBase', theTenant)
aContract.set_scope('context')
entry = FilterEntry('MySQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1521-22',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1521',
dToPort='1522',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1525',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1525',
dToPort='1525',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
entry = FilterEntry('Oracle_1529',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='1529',
dToPort='1529',
etherT='ip',
prot='tcp',
stateful='yes',
tcpRules='unspecified',
parent=aContract)
push_to_APIC(theTenant, session)
def main():
# Setup or credentials and session
description = ('Create 3 EPGs within the same Context, have them '
'provide and consume contracts and attach them to '
'a vmm domain.')
creds = Credentials('apic', description)
args = creds.get()
# Login to APIC
session = Session(args.url, args.login, args.password)
session.login()
# Get the virtual domain we are going to use
vdomain = EPGDomain.get_by_name(session,vmmdomain)
# Create the Tenant
tenant = Tenant(this_tenant)
# Create the Application Profile
app = AppProfile(this_app, tenant)
# Create the EPGs
t1_epg = EPG(tier1_epg, app)
t2_epg = EPG(tier2_epg, app)
t3_epg = EPG(tier3_epg, app)
# Create a Context and BridgeDomain
# Place all EPGs in the Context and in the same BD
context = Context(private_net, tenant)
bd = BridgeDomain(bridge_domain, tenant)
bd.add_context(context)
t1_epg.add_bd(bd)
t1_epg.add_infradomain(vdomain)
t2_epg.add_bd(bd)
t2_epg.add_infradomain(vdomain)
t3_epg.add_bd(bd)
'''
Define a contract with a single entry
Additional entries can be added by duplicating the FilterEntry
Push to APIC after each FilterEntry if it is not the last
'''
contract1 = Contract('mysql-contract', tenant)
entry1 = FilterEntry('SQL',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='3306',
dToPort='3306',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract1)
contract2 = Contract('app-contract', tenant)
contract2.set_scope('application-profile')
entry1 = FilterEntry('Flask',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5000',
dToPort='5000',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
tenant.push_to_apic(session)
entry2 = FilterEntry('Flask2',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='5050',
dToPort='5050',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract2)
contract3 = Contract('web-contract', tenant)
contract3.set_scope('application-profile')
entry1 = FilterEntry('HTTPS',
applyToFrag='no',
arpOpc='unspecified',
dFromPort='443',
dToPort='443',
etherT='ip',
prot='tcp',
tcpRules='unspecified',
parent=contract3)
# Provide the contract from 1 EPG and consume from the other
t3_epg.provide(contract1)
t2_epg.consume(contract1)
t2_epg.provide(contract2)
t1_epg.consume(contract2)
t1_epg.provide(contract3)
# Finally, push all this to the APIC
# Cleanup (uncomment the next line to delete the config)
# CAUTION: The next line will DELETE the tenant
# tenant.mark_as_deleted()
resp = tenant.push_to_apic(session)
if resp.ok:
# Print some confirmation
print('The configuration was sucessfully pushed to the APIC.')
