def handle_create(self): try: vn_obj = self.vnc_lib().virtual_network_read( id=self.properties.get(self.NETWORK)) except vnc_api.NoIdError: vn_obj = self.vnc_lib().virtual_network_read( fq_name_str=self.properties.get(self.NETWORK)) try: policy_obj = self.vnc_lib().network_policy_read( id=self.properties.get(self.POLICY)) except vnc_api.NoIdError: policy_obj = self.vnc_lib().network_policy_read( fq_name_str=self.properties.get(self.POLICY)) if self.properties[self.SEQUENCE] is None: major = 0 minor = 0 else: major = self.properties[self.SEQUENCE][self.MAJOR] minor = self.properties[self.SEQUENCE][self.MINOR] policy_order = vnc_api.VirtualNetworkPolicyType(vnc_api.SequenceType(major, minor)) self.vnc_lib().ref_update('virtual-network', vn_obj.uuid, 'network-policy', policy_obj.uuid, None, 'ADD', policy_order) self.resource_id_set('%s|%s' % (vn_obj.uuid, policy_obj.uuid))
def add_NetworkPolicy(policy_name, network, vnc, domain, project_name): policy = vnc.network_policy_read(fq_name = [domain, project_name, policy_name]) policy_type = vnc_api.VirtualNetworkPolicyType(sequence = vnc_api.SequenceType(major = 0, minor = 0)) vn = vnc.virtual_network_read(fq_name = [domain, project_name, network]) vn.add_network_policy(ref_obj = policy, ref_data = policy_type) vnc.virtual_network_update(vn) print 'Policy {} attached to {}'.format(policy_name, network)
def attach_policy_to_vn(self, policy_name, vn_name): print "Attach network policy %s to virtual network %s" % (policy_name, vn_name) policy = self._vnc_lib.network_policy_read( fq_name=[self._domain, self._tenant_name, policy_name]) policy_type = vnc_api.VirtualNetworkPolicyType( sequence=vnc_api.SequenceType(major=0, minor=0)) vn = self._vnc_lib.virtual_network_read( fq_name=[self._domain, self._tenant_name, vn_name]) vn.add_network_policy(ref_obj=policy, ref_data=policy_type) self._vnc_lib.virtual_network_update(vn)
def add_NetworkPolicy(policy_name, network, vnc, domain, project_name): """ FUNCTION TO ATTACH NETWORK POLICY TO VIRTUAL_NETWORKS """ policy = vnc.network_policy_read( fq_name=[domain, project_name, policy_name]) policy_type = vnc_api.VirtualNetworkPolicyType( sequence=vnc_api.SequenceType(major=0, minor=0)) vn = vnc.virtual_network_read(fq_name=[domain, project_name, network]) vn.add_network_policy(ref_obj=policy, ref_data=policy_type) vnc.virtual_network_update(vn) print 'Policy "{}" attached to "{}"\n'.format(policy_name, network)
def setUp(self): super(VN_Policy_Fixture, self).setUp() policy_of_vn = self.api_s_inspect.get_cs_vn_policys( project=self.project_name, domain=self.domain_name, vn=self.vn, refresh=True) if policy_of_vn: for policy in policy_of_vn: if policy in self.vn_policys: self.logger.info("Policy:%s already Associated to VN:%s'" % (policy, self.vn)) self.already_present = True else: if self.policy_obj[self.vn]: self.logger.debug("Setup step: Associating the policy to VN'") if self.option == 'vro': policy_names = [ policy.name for policy in self.policy_obj[self.vn] ] self.orch.add_network_policy_to_vn(self.vn, policy_names) self.logger.info('Associated Policy to %s' % (self.vn)) elif self.option == 'openstack': policy_fq_names = [ self.quantum_h.get_policy_fq_name(x) for x in self.policy_obj[self.vn] ] if self.inputs.is_gui_based_config(): self.webui.bind_policies(self) else: self.vn_obj[self.vn].bind_policies( policy_fq_names, self.vn_obj[self.vn].vn_id) self.logger.debug('Associated Policy:%s to %s' % (policy_fq_names, self.vn)) elif self.option == 'contrail': ref_tuple = [] vn_update_rsp = None vnc_obj = self.vn_obj[self.vn].getObj() policys = self.policy_obj[self.vn] for seq, conf_policy in enumerate(policys): vnc_obj.add_network_policy( conf_policy, vnc_api.VirtualNetworkPolicyType( sequence=vnc_api.SequenceType(major=seq, minor=0))) vn_update_rsp = self.vnc_lib.virtual_network_update( vnc_obj) self.logger.info('Associated Policy to %s' % (self.vn)) return self
def neutron_dict_to_vn(self, vn_obj, network_q): net_name = network_q.get('name') if net_name: vn_obj.display_name = net_name id_perms = vn_obj.get_id_perms() if 'admin_state_up' in network_q: id_perms.enable = network_q['admin_state_up'] vn_obj.set_id_perms(id_perms) if 'policys' in network_q: policy_fq_names = network_q['policys'] # reset and add with newly specified list vn_obj.set_network_policy_list([], []) seq = 0 for p_fq_name in policy_fq_names: domain_name, project_name, policy_name = p_fq_name domain_obj = vnc_api.Domain(domain_name) project_obj = vnc_api.Project(project_name, domain_obj) policy_obj = vnc_api.NetworkPolicy(policy_name, project_obj) vn_obj.add_network_policy( policy_obj, vnc_api.VirtualNetworkPolicyType( sequence=vnc_api.SequenceType(seq, 0))) seq = seq + 1 if 'route_table' in network_q: rt_fq_name = network_q['route_table'] if rt_fq_name: try: rt_obj = self._vnc_lib.route_table_read(fq_name=rt_fq_name) vn_obj.set_route_table(rt_obj) except vnc_api.NoIdError: # TODO() add route table specific exception self._raise_contrail_exception( 'NetworkNotFound', net_id=vn_obj.uuid, resource='network') return vn_obj
direction='<>', protocol=policy_protocol, action_list=vnc_api.ActionListType(simple_action=policy_action), src_addresses=[vnc_api.AddressType(virtual_network=source_network)], src_ports=[vnc_api.PortType(start_port=source_port, end_port=source_port)], dst_addresses=[vnc_api.AddressType(virtual_network=destination_network)], dst_ports=[ vnc_api.PortType(start_port=destination_port, end_port=destination_port) ]) policy = vnc_api.NetworkPolicy( name=policy_name, parent_obj=tenant, network_policy_entries=vnc_api.PolicyEntriesType([rule])) vnc.network_policy_create(policy) #add the policy to each network policy = vnc.network_policy_read( fq_name=['default-domain', tenant_name, policy_name]) policy_type = vnc_api.VirtualNetworkPolicyType( sequence=vnc_api.SequenceType(major=0, minor=0)) vn = vnc.virtual_network_read( fq_name=['default-domain', tenant_name, source_network]) vn.add_network_policy(ref_obj=policy, ref_data=policy_type) vnc.virtual_network_update(vn) vn = vnc.virtual_network_read( fq_name=['default-domain', tenant_name, destination_network]) vn.add_network_policy(ref_obj=policy, ref_data=policy_type) vnc.virtual_network_update(vn)
net2 = vnc_lib.virtual_network_read(id=args.net2_uuid) pol1 = vnc_api.NetworkPolicy( 'policy-%s-%s-any' % (net1.name, net2.name), network_policy_entries=vnc_api.PolicyEntriesType([ vnc_api.PolicyRuleType( direction='<>', action_list=vnc_api.ActionListType(simple_action='pass'), protocol='any', src_addresses=[ vnc_api.AddressType(virtual_network=net1.get_fq_name_str()) ], src_ports=[vnc_api.PortType(-1, -1)], dst_addresses=[ vnc_api.AddressType(virtual_network=net2.get_fq_name_str()) ], dst_ports=[vnc_api.PortType(-1, -1)]) ]), parent_obj=vnc_lib.project_read(fq_name=net1.get_parent_fq_name())) vnc_lib.network_policy_create(pol1) net1.add_network_policy( pol1, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0))) vnc_lib.virtual_network_update(net1) net2.add_network_policy( pol1, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0))) vnc_lib.virtual_network_update(net2)
net1 = vnc_lib.virtual_network_read(id = args.net1_uuid) net2 = vnc_lib.virtual_network_read(id = args.net2_uuid) pol1 = vnc_api.NetworkPolicy( 'policy-%s-%s-any' % (net1.name, net2.name), network_policy_entries = vnc_api.PolicyEntriesType( [vnc_api.PolicyRuleType( direction = '<>', action_list = vnc_api.ActionListType(simple_action='pass'), protocol = 'any', src_addresses = [ vnc_api.AddressType(virtual_network = net1.get_fq_name_str()) ], src_ports = [vnc_api.PortType(-1, -1)], dst_addresses = [ vnc_api.AddressType(virtual_network = net2.get_fq_name_str()) ], dst_ports = [vnc_api.PortType(-1, -1)]) ]), parent_obj=vnc_lib.project_read(fq_name=net1.get_parent_fq_name())) vnc_lib.network_policy_create(pol1) net1.add_network_policy(pol1, vnc_api.VirtualNetworkPolicyType( sequence = vnc_api.SequenceType(0, 0))) vnc_lib.virtual_network_update(net1) net2.add_network_policy(pol1, vnc_api.VirtualNetworkPolicyType( sequence = vnc_api.SequenceType(0, 0))) vnc_lib.virtual_network_update(net2)
from vnc_api import vnc_api vnc_lib = vnc_api.VncApi(api_server_host='10.10.7.149') vn_blue_obj = vnc_api.VirtualNetwork('vn-blue') vn_blue_obj.add_network_ipam(vnc_api.NetworkIpam(),vnc_api.VnSubnetsType([vnc_api.IpamSubnetType(subnet = vnc_api.SubnetType('10.0.2.0', 24))])) vnc_lib.virtual_network_create(vn_blue_obj) vn_red_obj = vnc_api.VirtualNetwork('vn-red') vn_red_obj.add_network_ipam(vnc_api.NetworkIpam(),vnc_api.VnSubnetsType([vnc_api.IpamSubnetType(subnet = vnc_api.SubnetType('10.0.3.0', 24))])) vnc_lib.virtual_network_create(vn_red_obj) policy_obj = vnc_api.NetworkPolicy('policy-red-blue',network_policy_entries = vnc_api.PolicyEntriesType([vnc_api.PolicyRuleType(direction='<>',action_list = vnc_api.ActionListType(simple_action='pass'), protocol = 'tcp',src_addresses = [vnc_api.AddressType(virtual_network = vn_blue_obj.get_fq_name_str())], src_ports = [vnc_api.PortType(-1, -1)],dst_addresses = [vnc_api.AddressType(virtual_network = vn_red_obj.get_fq_name_str())], dst_ports = [vnc_api.PortType(80, 80)])])) vnc_lib.network_policy_create(policy_obj) vn_blue_obj.add_network_policy(policy_obj, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0))) vn_red_obj.add_network_policy(policy_obj, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0))) vnc_lib.virtual_network_update(vn_blue_obj) vnc_lib.virtual_network_update(vn_red_obj) print vnc_lib.virtual_network_read(id = vn_blue_obj.uuid) print vnc_lib.virtual_networks_list()