def delete_nsx_portgroups(resource, event, trigger, **kwargs): if not cfg.CONF.dvs.host_ip: LOG.info("Please configure the dvs section in the nsx configuration " "file") return dvs_id = cfg.CONF.nsxv.dvs_id portgroups = _get_nsx_portgroups(dvs_id) if not portgroups: LOG.info("No NSX portgroups found for %s", dvs_id) return if not kwargs.get('force'): #ask for the user confirmation confirm = admin_utils.query_yes_no( "Do you want to delete all NSX portgroups for %s" % dvs_id, default="no") if not confirm: LOG.info("NSX portgroups deletion aborted by user") return vcns = utils.get_nsxv_client() for portgroup in portgroups: try: vcns.delete_port_group(dvs_id, portgroup['moref']) except Exception as e: LOG.error("Failed to delete portgroup %(pg)s: %(e)s", {'pg': portgroup['moref'], 'e': e}) sys.exc_clear() else: LOG.info("Successfully deleted portgroup %(pg)s", {'pg': portgroup['moref']}) LOG.info("Done.")
def nsx_update_switch(resource, event, trigger, **kwargs): nsxv = utils.get_nsxv_client() if not kwargs.get('property'): LOG.error(_LE("Need to specify dvs-id parameter and " "attribute to update. Add --property dvs-id=<dvs-id> " "--property teamingpolicy=<policy>")) return properties = admin_utils.parse_multi_keyval_opt(kwargs['property']) dvs_id = properties.get('dvs-id') if not dvs_id: LOG.error(_LE("Need to specify dvs-id. " "Add --property dvs-id=<dvs-id>")) return h, switch = nsxv.get_vdn_switch(dvs_id) policy = properties.get('teamingpolicy') if policy: if switch['teamingPolicy'] == policy: LOG.info(_LI("Policy already set!")) return LOG.info(_LI("Updating NSXv switch %(dvs)s teaming policy to " "%(policy)s"), {'dvs': dvs_id, 'policy': policy}) switch['teamingPolicy'] = policy switch = nsxv.update_vdn_switch(switch) LOG.info(_LI("Switch value after update: %s"), switch) else: LOG.error(_LE("No teaming policy set. " "Add --property teamingpolicy=<policy>")) LOG.info(_LI("Current switch value is: %s"), switch)
def get_networks(): nsxv = utils.get_nsxv_client() so_list = nsxv.get_scoping_objects() networks = [] root = et.fromstring(so_list) for obj in root.iter('object'): if (obj.find('objectTypeName').text == 'Network' or obj.find('objectTypeName').text == 'VirtualWire' or obj.find('objectTypeName').text == 'DistributedVirtualPortgroup'): networks.append({'type': obj.find('objectTypeName').text, 'moref': obj.find('objectId').text, 'name': obj.find('name').text}) return networks
def delete_backend_network(resource, event, trigger, **kwargs): """Delete a backend network by its moref """ errmsg = ("Need to specify moref property. Add --property moref=<moref>") if not kwargs.get('property'): LOG.error("%s", errmsg) return properties = admin_utils.parse_multi_keyval_opt(kwargs['property']) moref = properties.get('moref') if not moref: LOG.error("%s", errmsg) return backend_name = get_networks_name_map().get(moref) if not backend_name: LOG.error("Failed to find the backend network %(moref)s", {'moref': moref}) return # Note: in case the backend network is attached to other backend objects, # like VM, the deleting may fail and through an exception nsxv = utils.get_nsxv_client() if moref.startswith(PORTGROUP_PREFIX): # get the dvs id from the backend name: dvs_id = get_dvs_id_from_backend_name(backend_name) if not dvs_id: LOG.error("Failed to find the DVS id of backend network " "%(moref)s", {'moref': moref}) else: try: nsxv.delete_port_group(dvs_id, moref) except Exception as e: LOG.error("Failed to delete backend network %(moref)s : " "%(e)s", {'moref': moref, 'e': e}) else: LOG.info("Backend network %(moref)s was deleted", {'moref': moref}) else: # Virtual wire try: nsxv.delete_virtual_wire(moref) except Exception as e: LOG.error("Failed to delete backend network %(moref)s : " "%(e)s", {'moref': moref, 'e': e}) else: LOG.info("Backend network %(moref)s was deleted", {'moref': moref})
def nsx_update_switch(resource, event, trigger, **kwargs): nsxv = utils.get_nsxv_client() if not kwargs.get('property'): LOG.error("Need to specify dvs-id parameter and " "attribute to update. Add --property dvs-id=<dvs-id> " "--property teamingpolicy=<policy>") return properties = admin_utils.parse_multi_keyval_opt(kwargs['property']) dvs_id = properties.get('dvs-id') if not dvs_id: LOG.error("Need to specify dvs-id. " "Add --property dvs-id=<dvs-id>") return try: h, switch = nsxv.get_vdn_switch(dvs_id) except exceptions.ResourceNotFound: LOG.error("DVS %s not found", dvs_id) return supported_policies = ['ETHER_CHANNEL', 'LOADBALANCE_LOADBASED', 'LOADBALANCE_SRCID', 'LOADBALANCE_SRCMAC', 'FAILOVER_ORDER', 'LACP_ACTIVE', 'LACP_PASSIVE', 'LACP_V2'] policy = properties.get('teamingpolicy') if policy in supported_policies: if switch['teamingPolicy'] == policy: LOG.info("Policy already set!") return LOG.info("Updating NSXv switch %(dvs)s teaming policy to " "%(policy)s", {'dvs': dvs_id, 'policy': policy}) switch['teamingPolicy'] = policy try: switch = nsxv.update_vdn_switch(switch) except exceptions.VcnsApiException as e: desc = jsonutils.loads(e.response) details = desc.get('details') if details.startswith("No enum constant"): LOG.error("Unknown teaming policy %s", policy) else: LOG.error("Unexpected error occurred: %s", details) return LOG.info("Switch value after update: %s", switch) else: LOG.info("Current switch value is: %s", switch) LOG.error("Invalid teaming policy. " "Add --property teamingpolicy=<policy>") LOG.error("Possible values: %s", ', '.join(supported_policies))
def delete_old_edge(context, old_edge_id): LOG.info("Deleting the old edge: %s", old_edge_id) # clean it up from the DB nsxv_db.clean_edge_router_binding(context.session, old_edge_id) nsxv_db.clean_edge_vnic_binding(context.session, old_edge_id) nsxv_db.cleanup_nsxv_edge_firewallrule_binding(context.session, old_edge_id) with locking.LockManager.get_lock(old_edge_id): # Delete from NSXv backend # Note - If we will not delete the edge, but free it - it will be # immediately used as the new one, So it is better to delete it. try: nsxv = utils.get_nsxv_client() nsxv.delete_edge(old_edge_id) except Exception as e: LOG.warning("Failed to delete the old edge %(id)s: %(e)s", {'id': old_edge_id, 'e': e})
def sync_lbaas_dfw_rules(resource, event, trigger, **kwargs): vcns = utils.get_nsxv_client() with locking.LockManager.get_lock('lbaas-fw-section'): fw_section_id = vcns.get_section_id(LBAAS_FW_SECTION_NAME) if not fw_section_id: section = et.Element('section') section.attrib['name'] = LBAAS_FW_SECTION_NAME sect = vcns.create_section('ip', et.tostring(section))[1] fw_section_id = et.fromstring(sect).attrib['id'] if not fw_section_id: LOG.error('No LBaaS FW Section id found') return neutron_db = utils.NeutronDbClient() pools = neutron_db.context.session.query(nlbaas_v2.PoolV2).all() pool_ids = [pool['id'] for pool in pools] section_uri = '%s/%s/%s' % (nsxv_api.FIREWALL_PREFIX, 'layer3sections', fw_section_id) xml_section_data = vcns.get_section(section_uri) if xml_section_data: xml_section = xml_section_data[1] else: LOG.info('LBaaS XML section was not found!') return section = et.fromstring(xml_section) for rule in section.findall('.//rule'): if rule.find('name').text in pool_ids: LOG.info('Rule %s found and valid', rule.find('name').text) else: section.remove(rule) LOG.info('Rule %s is stale and removed', rule.find('name').text) vcns.update_section(section_uri, et.tostring(section, encoding="us-ascii"), None)
def migrate_distributed_routers_dhcp(resource, event, trigger, **kwargs): context = n_context.get_admin_context() nsxv = utils.get_nsxv_client() with utils.NsxVPluginWrapper() as plugin: routers = plugin.get_routers(context) for router in routers: if router.get('distributed', False): binding = nsxv_db.get_nsxv_router_binding(context.session, router['id']) if binding: edge_id = binding['edge_id'] with locking.LockManager.get_lock(edge_id): route_obj = nsxv.get_routes(edge_id)[1] routes = route_obj.get('staticRoutes', {} ).get('staticRoutes', []) new_routes = [route for route in routes if route.get( 'network') != '169.254.169.254/32'] route_obj['staticRoutes']['staticRoutes'] = new_routes nsxv.update_routes(edge_id, route_obj)
def nsx_delete_orphaned_edges(resource, event, trigger, **kwargs): """Delete orphaned edges from NSXv backend""" orphaned_edges = get_orphaned_edges() LOG.info(_LI("Before delete; Orphaned Edges: %s"), orphaned_edges) if not kwargs['force']: if len(orphaned_edges): user_confirm = admin_utils.query_yes_no("Do you want to delete " "orphaned edges", default="no") if not user_confirm: LOG.info(_LI("NSXv Edge deletion aborted by user")) return nsxv = utils.get_nsxv_client() for edge in orphaned_edges: LOG.info(_LI("Deleting edge: %s"), edge) nsxv.delete_edge(edge) LOG.info(_LI("After delete; Orphaned Edges: \n%s"), pprint.pformat(get_orphaned_edges()))
def __init__(self): self.vcns = utils.get_nsxv_client()
def get_networks_from_backend(): nsxv = utils.get_nsxv_client() so_list = nsxv.get_scoping_objects() return et.fromstring(so_list)
import logging import xml.etree.ElementTree as et from vmware_nsx._i18n import _LE, _LI from vmware_nsx.shell.admin.plugins.common import constants from vmware_nsx.shell.admin.plugins.common import formatters from vmware_nsx.shell.admin.plugins.common import utils as admin_utils from vmware_nsx.shell.admin.plugins.nsxv.resources import utils as utils from vmware_nsx.shell import nsxadmin as shell from neutron.callbacks import registry LOG = logging.getLogger(__name__) nsxv = utils.get_nsxv_client() def get_networks(): nsxv = utils.get_nsxv_client() so_list = nsxv.get_scoping_objects() networks = [] root = et.fromstring(so_list) for obj in root.iter('object'): if (obj.find('objectTypeName').text == 'Network' or obj.find('objectTypeName').text == 'VirtualWire' or obj.find('objectTypeName').text == 'DistributedVirtualPortgroup'): networks.append({'type': obj.find('objectTypeName').text, 'moref': obj.find('objectId').text, 'name': obj.find('name').text}) return networks
def get_spoofguard_policies(): nsxv = utils.get_nsxv_client() return nsxv.get_spoofguard_policies()[1].get("policies")
from vmware_nsx.shell.admin.plugins.common import constants from vmware_nsx.shell.admin.plugins.common import formatters import vmware_nsx.shell.admin.plugins.common.utils as admin_utils import vmware_nsx.shell.admin.plugins.nsxv.resources.utils as utils import vmware_nsx.shell.resources as shell from neutron_lib.callbacks import registry from neutron_lib import exceptions from vmware_nsx.db import nsxv_db from oslo_log import log as logging LOG = logging.getLogger(__name__) nsxv = utils.get_nsxv_client() def get_spoofguard_policies(): nsxv = utils.get_nsxv_client() return nsxv.get_spoofguard_policies()[1].get("policies") @admin_utils.output_header def nsx_list_spoofguard_policies(resource, event, trigger, **kwargs): """List spoofguard policies from NSXv backend""" policies = get_spoofguard_policies() LOG.info(formatters.output_formatter(constants.SPOOFGUARD_POLICY, policies, ['policyId', 'name']))
def __init__(self): self.vcns = utils.get_nsxv_client()
def get_spoofguard_policy_data(policy_id): nsxv = utils.get_nsxv_client() return nsxv.get_spoofguard_policy_data(policy_id)[1].get( 'spoofguardList', [])
def get_networks_from_backend(): nsxv = utils.get_nsxv_client() so_list = nsxv.get_scoping_objects() return et.fromstring(so_list)
def get_spoofguard_policy_data(policy_id): nsxv = utils.get_nsxv_client() return nsxv.get_spoofguard_policy_data(policy_id)[1].get( 'spoofguardList', [])
def get_spoofguard_policies(): nsxv = utils.get_nsxv_client() return nsxv.get_spoofguard_policies()[1].get("policies")