This Django application covers build, generation, validation and deployment processes of a netfilter/iptables configuration file lifecycle with common API calls. Project is developed as part of a Bachelor's thesis about NFV (Network Functions Virtualization). The application uses exceptions from the api_core submodule. An authentication introduced in api_core may be used as well, see section Deploying with authentication below for more details.
You may want to use a whole Django project implementing this application instead. You can find it at eszone_ipf repository.
A typical use case may include this module in a Django project placed within a virtual machine template running netfilter/iptables services. With the created template you can spawn virtual machines for your customers and then provide them with ways to configure it as they demand later on without need to access a virtual machine using ssh.
-
Submodule this application and api_core application into your Django project
git submodule add *repository-link*
-
Append 'api_ipf' and 'api_core' to INSTALLED_APPS in your Django project settings
-
Route submodules in a urls.py file in your Django project settings
url(r'^my-url-auth/', include('api_core.urls')),
url(r'^my-url/', include('api_ipf.urls')),
For testing and development purposes, running API with a web server shipped in Django is fine enough. For production though, you may want to consider a production-ready web server like uwsgi or gunicorn. Deploying a Django application within one of these web servers is a matter of pointing to a wsgi.py file, which should be contained in your project's directory. In order how to configure these servers you can start reading Django documentation on how to deploy a Django project using uwsgi or gunicorn.
API is intended to be used by a custom API client incorporated into your dashboard. For testing purposes, python httpie package can help a bit. Install it with a command:
pip install httpie
After installation, you can, for example, interact with an API using following commands:
http POST http://${IP}:${PORT}/v1/api_ipf/config/?files={'title': ('ipf.conf', ''), 'form': ('ipf', ''), 'directory': ('ipf.conf', '...'}
http PUT http://${IP}:${PORT}/v1/api_ipf/config/ipf.conf/?files={'directory': ('ipf.conf', '...'}
http GET http://${IP}:${PORT}/v1/api_ipf/config/activate/ipf.conf
Currently, authentication from the api_core application is not integrated into api_ipf. If you plan to use api_ipf in a private network behind NAT and firewalls, there is probably no need to have an authentication enabled at all. On the other hand, if you plan to have some kind of authentication, here are steps to integrate the simple token authentication from api_core application:
- submodule api_core into your Django project
git submodule add *repository-link*
- import permissions and authentication modules by adding following lines to the top of a views.py file
from rest_framework.permissions import IsAuthenticated
from api_core.authentication import SimpleTokenAuthentication
- add permissions and authentication classes as attributes to each APIView you want to authenticate. For example:
class TestAuthView(APIView):
authentication_classes = (SimpleTokenAuthentication, )
permission_classes = (IsAuthenticated, )
From now on, you can make HTTP requests with an authentication.token field in them, assuming you have created first token by hand.
- generation of a master token is accessible after running
python manage.py migrate
and submoduling an api_core app.
python manage.py shell
then, enter below listed commands in a sequence
> from api_core.models import SimpleTokenAuthModel
> token = SimpleTokenAuthModel()
> token.save()
> print token.token_uuid