def get_nsxlib_wrapper(nsx_username=None, nsx_password=None, basic_auth=False):
client_cert_provider = None
if not basic_auth:
# if basic auth requested, dont use cert file even if provided
client_cert_provider = get_client_cert_provider()
nsxlib_config = config.NsxLibConfig(
username=nsx_username or cfg.CONF.nsx_v3.nsx_api_user,
password=nsx_password or cfg.CONF.nsx_v3.nsx_api_password,
client_cert_provider=client_cert_provider,
retries=cfg.CONF.nsx_v3.http_retries,
insecure=cfg.CONF.nsx_v3.insecure,
ca_file=cfg.CONF.nsx_v3.ca_file,
concurrent_connections=cfg.CONF.nsx_v3.concurrent_connections,
http_timeout=cfg.CONF.nsx_v3.http_timeout,
http_read_timeout=cfg.CONF.nsx_v3.http_read_timeout,
conn_idle_timeout=cfg.CONF.nsx_v3.conn_idle_timeout,
http_provider=None,
max_attempts=cfg.CONF.nsx_v3.retries,
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
plugin_scope=OS_NEUTRON_ID_SCOPE,
plugin_tag=NSX_NEUTRON_PLUGIN,
plugin_ver=n_version.version_info.release_string(),
dns_nameservers=cfg.CONF.nsx_v3.nameservers,
dns_domain=cfg.CONF.nsx_v3.dns_domain)
return v3.NsxLib(nsxlib_config)
def __init__(self, args):
nsxlib_config = config.NsxLibConfig(username=args.mp_user,
password=args.mp_password,
nsx_api_managers=[args.mp_ip],
ca_file=args.mp_cert_file)
self.nsxlib = v3.NsxLib(nsxlib_config)
self.content_type = "application/json"
self.headers = {'content-type': self.content_type}
def get_nsxmanager_client(self):
"""Prepare agent for NSX Manager API calls"""
nsxlib_config = config.NsxLibConfig(
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
username=cfg.CONF.nsx_v3.nsx_api_user,
password=cfg.CONF.nsx_v3.nsx_api_password)
return v3.NsxLib(nsxlib_config).client
def setUp(self, *args, **kwargs):
super(NsxLibTestCase, self).setUp()
self.mocking = _mock_nsxlib()
if self.use_client_cert_auth():
nsxlib_config = get_nsxlib_config_with_client_cert()
else:
nsxlib_config = get_default_nsxlib_config()
self.nsxlib = v3.NsxLib(nsxlib_config)
# print diffs when assert comparisons fail
self.maxDiff = None
def __init__(self, host, username, password, db_connection):
self.host = host
self.username = username
self.password = password
self.neutron_db = (NeutronNsxDB(db_connection)
if db_connection else None)
nsxlib_config = config.NsxLibConfig(
username=self.username,
password=self.password,
nsx_api_managers=[self.host],
# allow admin user to delete entities created
# under openstack principal identity
allow_overwrite_header=True)
self.nsxlib = v3.NsxLib(nsxlib_config)
def _validate_con_mocks(self, nsx_version):
nsxlib_config = nsxlib_testcase.get_default_nsxlib_config()
nsxlib = v3.NsxLib(nsxlib_config)
nsxlib.nsx_version = nsx_version
mock_conn = mocks.MockRequestSessionApi()
mock_conn.default_headers = {}
mock_ep = mock.Mock()
mock_ep.provider.url = 'https://1.2.3.4'
conf = mock.Mock()
conf.url_base = 'abc'
conf.keepalive_section = 'transport-zones'
conf.validate_connection_method = nsxlib.validate_connection_method
mock_cluster = mock.Mock()
mock_cluster.nsxlib_config = conf
return (mock_cluster, mock_ep, mock_conn)
def __init__(self, host, username, password, nsx_cert, key, ca_cert,
cluster, read_only, shared_t0):
self.host = host
self.username = username
self.password = password
self.nsx_cert = nsx_cert
self.key = key
self.ca_cert = ca_cert
cert_provider = None
insecure = True
if nsx_cert and key:
self.fd, self.certpath = tempfile.mkstemp(dir='/tmp')
cert_provider = self._get_cert_provider(self.nsx_cert, self.key)
print("Authenticating with NSX using client certificate loaded "
"at %s and private key loaded at %s " % (nsx_cert, key))
if ca_cert:
insecure = False
else:
print("Authenticating with NSX using basic authentication")
nsxlib_config = config.NsxLibConfig(
username=self.username,
password=self.password,
client_cert_provider=cert_provider,
insecure=insecure,
ca_file=self.ca_cert,
nsx_api_managers=[self.host],
# allow admin user to delete entities created
# under openstack principal identity
allow_overwrite_header=True)
self._cluster = cluster
self._read_only = True if read_only == "yes" else False
self._shared_t0 = True if shared_t0 == "yes" else False
self.nsxlib = v3.NsxLib(nsxlib_config)
self._nsx_client = self.nsxlib.client
self._ip_pool_client = self._get_ip_pool_client(self._nsx_client)
self._router_port_client = self.nsxlib.logical_router_port
self._router_client = self._get_router_client(self._nsx_client)
self._routerlib = router.RouterLib(self._router_client,
self._router_port_client,
self.nsxlib)
def get_nsxlib_wrapper():
nsxlib_config = config.NsxLibConfig(
username=cfg.CONF.nsx_v3.nsx_api_user,
password=cfg.CONF.nsx_v3.nsx_api_password,
retries=cfg.CONF.nsx_v3.http_retries,
insecure=cfg.CONF.nsx_v3.insecure,
ca_file=cfg.CONF.nsx_v3.ca_file,
concurrent_connections=cfg.CONF.nsx_v3.concurrent_connections,
http_timeout=cfg.CONF.nsx_v3.http_timeout,
http_read_timeout=cfg.CONF.nsx_v3.http_read_timeout,
conn_idle_timeout=cfg.CONF.nsx_v3.conn_idle_timeout,
http_provider=None,
max_attempts=cfg.CONF.nsx_v3.retries,
nsx_api_managers=cfg.CONF.nsx_v3.nsx_api_managers,
plugin_scope=OS_NEUTRON_ID_SCOPE,
plugin_tag=NSX_NEUTRON_PLUGIN,
plugin_ver=n_version.version_info.release_string(),
dns_nameservers=cfg.CONF.nsx_v3.nameservers,
dns_domain=cfg.CONF.nsx_v3.dns_domain,
dhcp_profile_uuid=cfg.CONF.nsx_v3.dhcp_profile)
return v3.NsxLib(nsxlib_config)
def init_api(self):
# Initialize the policy client
# TODO(annak): move the API class to separate file
self.policy_api = core_defs.NsxPolicyApi(self.client)
# NSX manager api will be used as a pass-through for apis which are
# not implemented by the policy manager yet
if self.nsxlib_config.allow_passthrough:
config = copy.deepcopy(self.nsxlib_config)
# X-Allow-Overwrite must be set for passthrough apis
config.allow_overwrite_header = True
self.nsx_api = v3.NsxLib(config)
else:
self.nsx_api = None
self.nsx_version = self.get_version()
args = (self.policy_api, self.nsx_api, self.nsx_version,
self.nsxlib_config)
# Initialize all the different resources
self.domain = core_resources.NsxPolicyDomainApi(*args)
self.group = core_resources.NsxPolicyGroupApi(*args)
self.service = core_resources.NsxPolicyL4ServiceApi(*args)
self.icmp_service = core_resources.NsxPolicyIcmpServiceApi(
*args)
self.ip_protocol_service = (
core_resources.NsxPolicyIPProtocolServiceApi(*args))
self.mixed_service = core_resources.NsxPolicyMixedServiceApi(*args)
self.tier0 = core_resources.NsxPolicyTier0Api(*args)
self.tier0_nat_rule = core_resources.NsxPolicyTier0NatRuleApi(
*args)
self.tier1 = core_resources.NsxPolicyTier1Api(*args)
self.tier1_segment = core_resources.NsxPolicyTier1SegmentApi(*args)
self.tier1_nat_rule = core_resources.NsxPolicyTier1NatRuleApi(
*args)
self.tier1_static_route = (
core_resources.NsxPolicyTier1StaticRouteApi(*args))
self.segment = core_resources.NsxPolicySegmentApi(*args)
self.segment_port = core_resources.NsxPolicySegmentPortApi(
*args)
self.tier1_segment_port = (
core_resources.NsxPolicyTier1SegmentPortApi(*args))
self.comm_map = core_resources.NsxPolicyCommunicationMapApi(*args)
self.gateway_policy = core_resources.NsxPolicyGatewayPolicyApi(*args)
self.enforcement_point = core_resources.NsxPolicyEnforcementPointApi(
*args)
self.transport_zone = core_resources.NsxPolicyTransportZoneApi(
*args)
self.edge_cluster = core_resources.NsxPolicyEdgeClusterApi(
*args)
self.deployment_map = core_resources.NsxPolicyDeploymentMapApi(
*args)
self.ip_block = core_resources.NsxPolicyIpBlockApi(*args)
self.ip_pool = core_resources.NsxPolicyIpPoolApi(*args)
self.segment_security_profile = (
core_resources.NsxSegmentSecurityProfileApi(*args))
self.qos_profile = (
core_resources.NsxQosProfileApi(*args))
self.spoofguard_profile = (
core_resources.NsxSpoofguardProfileApi(*args))
self.ip_discovery_profile = (
core_resources.NsxIpDiscoveryProfileApi(*args))
self.mac_discovery_profile = (
core_resources.NsxMacDiscoveryProfileApi(*args))
self.waf_profile = (
core_resources.NsxWAFProfileApi(*args))
self.segment_port_security_profiles = (
core_resources.SegmentPortSecurityProfilesBindingMapApi(
*args))
self.segment_port_discovery_profiles = (
core_resources.SegmentPortDiscoveryProfilesBindingMapApi(
*args))
self.segment_port_qos_profiles = (
core_resources.SegmentPortQosProfilesBindingMapApi(
*args))
self.ipv6_ndra_profile = (
core_resources.NsxIpv6NdraProfileApi(*args))
self.dhcp_relay_config = core_resources.NsxDhcpRelayConfigApi(*args)
self.certificate = core_resources.NsxPolicyCertApi(*args)
self.exclude_list = core_resources.NsxPolicyExcludeListApi(*args)
self.load_balancer = lb_resources.NsxPolicyLoadBalancerApi(*args)