def create_contract(appProfileName): aContract = Contract(appProfileName, theTenant) aContract.set_scope('application-profile') entry = FilterEntry('HTTP', applyToFrag='no', arpOpc='unspecified', dFromPort='80', dToPort='80', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC() entry = FilterEntry('Ping', applyToFrag='no', arpOpc='unspecified', dFromPort='unspecified', dToPort='unspecified', etherT='ip', prot='icmp', tcpRules='unspecified', parent=aContract) push_to_APIC() entry = FilterEntry('SSH', applyToFrag='no', arpOpc='unspecified', dFromPort='23', dToPort='23', etherT='ip', prot='tcp', stateful='no', tcpRules='unspecified', parent=aContract) push_to_APIC() return aContract
def create_base_contracts(): aContract = Contract('Outbound_Access', theTenant) aContract.set_scope('context')
def main(): # Setup or credentials and session description = ('Create 3 EPGs within the same Context, have them ' 'provide and consume contracts and attach them to ' 'a vmm domain.') creds = Credentials('apic', description) args = creds.get() # Login to APIC session = Session(args.url, args.login, args.password) session.login() # Get the virtual domain we are going to use vdomain = EPGDomain.get_by_name(session, vmmdomain) # Create the Tenant tenant = Tenant(this_tenant) # Create the Application Profile app = AppProfile(this_app, tenant) # Create the EPGs t1_epg = EPG(tier1_epg, app) t2_epg = EPG(tier2_epg, app) t3_epg = EPG(tier3_epg, app) # Create a Context and BridgeDomain # Place all EPGs in the Context and in the same BD context = Context(private_net, tenant) bd = BridgeDomain(bridge_domain, tenant) bd.add_context(context) t1_epg.add_bd(bd) t1_epg.add_infradomain(vdomain) t2_epg.add_bd(bd) t2_epg.add_infradomain(vdomain) t3_epg.add_bd(bd) ''' Define a contract with a single entry Additional entries can be added by duplicating the FilterEntry Push to APIC after each FilterEntry if it is not the last ''' contract1 = Contract('mysql-contract', tenant) entry1 = FilterEntry('SQL', applyToFrag='no', arpOpc='unspecified', dFromPort='3306', dToPort='3306', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract1) contract2 = Contract('app-contract', tenant) contract2.set_scope('application-profile') entry1 = FilterEntry('Flask', applyToFrag='no', arpOpc='unspecified', dFromPort='5000', dToPort='5000', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract2) tenant.push_to_apic(session) entry2 = FilterEntry('Flask2', applyToFrag='no', arpOpc='unspecified', dFromPort='5050', dToPort='5050', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract2) contract3 = Contract('web-contract', tenant) contract3.set_scope('application-profile') entry1 = FilterEntry('HTTPS', applyToFrag='no', arpOpc='unspecified', dFromPort='443', dToPort='443', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract3) # Provide the contract from 1 EPG and consume from the other t3_epg.provide(contract1) t2_epg.consume(contract1) t2_epg.provide(contract2) t1_epg.consume(contract2) t1_epg.provide(contract3) # Finally, push all this to the APIC # Cleanup (uncomment the next line to delete the config) # CAUTION: The next line will DELETE the tenant # tenant.mark_as_deleted() resp = tenant.push_to_apic(session) if resp.ok: # Print some confirmation print('The configuration was sucessfully pushed to the APIC.')
def create_all_contracts(theTenant, session): ''' Services and Outbound Server ''' aContract = Contract('Outbound_Server', theTenant) aContract.set_scope('context') entry = FilterEntry('HTTPS', applyToFrag='no', arpOpc='unspecified', dFromPort='443', dToPort='443', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('HTTP', applyToFrag='no', arpOpc='unspecified', dFromPort='80', dToPort='80', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('DNS', applyToFrag='no', arpOpc='unspecified', dFromPort='53', dToPort='53', etherT='ip', prot='udp', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('NTP', applyToFrag='no', arpOpc='unspecified', dFromPort='123', dToPort='123', etherT='ip', prot='udp', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Ping', applyToFrag='no', arpOpc='unspecified', dFromPort='unspecified', dToPort='unspecified', etherT='ip', prot='icmp', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) ''' Web ''' aContract = Contract('Web', theTenant) aContract.set_scope('context') entry = FilterEntry('HTTPS', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('HTTP', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Ping', parent=aContract) push_to_APIC(theTenant, session) ''' Management ''' aContract = Contract('Management', theTenant) aContract.set_scope('context') entry = FilterEntry('Telnet', applyToFrag='no', arpOpc='unspecified', dFromPort='22', dToPort='22', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('SSH', applyToFrag='no', arpOpc='unspecified', dFromPort='23', dToPort='23', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Ping', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('RDP', applyToFrag='no', arpOpc='unspecified', dFromPort='3389', dToPort='3389', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) aContract = Contract('Application', theTenant) aContract.set_scope('application-profile') entry = FilterEntry('HTTPS', parent=aContract) push_to_APIC(theTenant, session) ''' Applications ''' entry = FilterEntry('FLASK', applyToFrag='no', arpOpc='unspecified', dFromPort='5000', dToPort='5000', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('NODE', applyToFrag='no', arpOpc='unspecified', dFromPort='8000', dToPort='8000', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) ''' Database ''' aContract = Contract('DataBase', theTenant) aContract.set_scope('context') entry = FilterEntry('MySQL', applyToFrag='no', arpOpc='unspecified', dFromPort='3306', dToPort='3306', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Oracle_1521-22', applyToFrag='no', arpOpc='unspecified', dFromPort='1521', dToPort='1522', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Oracle_1525', applyToFrag='no', arpOpc='unspecified', dFromPort='1525', dToPort='1525', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session) entry = FilterEntry('Oracle_1529', applyToFrag='no', arpOpc='unspecified', dFromPort='1529', dToPort='1529', etherT='ip', prot='tcp', stateful='yes', tcpRules='unspecified', parent=aContract) push_to_APIC(theTenant, session)
def main(): # Setup or credentials and session description = ('Create 3 EPGs within the same Context, have them ' 'provide and consume contracts and attach them to ' 'a vmm domain.') creds = Credentials('apic', description) args = creds.get() # Login to APIC session = Session(args.url, args.login, args.password) session.login() # Get the virtual domain we are going to use vdomain = EPGDomain.get_by_name(session,vmmdomain) # Create the Tenant tenant = Tenant(this_tenant) # Create the Application Profile app = AppProfile(this_app, tenant) # Create the EPGs t1_epg = EPG(tier1_epg, app) t2_epg = EPG(tier2_epg, app) t3_epg = EPG(tier3_epg, app) # Create a Context and BridgeDomain # Place all EPGs in the Context and in the same BD context = Context(private_net, tenant) bd = BridgeDomain(bridge_domain, tenant) bd.add_context(context) t1_epg.add_bd(bd) t1_epg.add_infradomain(vdomain) t2_epg.add_bd(bd) t2_epg.add_infradomain(vdomain) t3_epg.add_bd(bd) ''' Define a contract with a single entry Additional entries can be added by duplicating the FilterEntry Push to APIC after each FilterEntry if it is not the last ''' contract1 = Contract('mysql-contract', tenant) entry1 = FilterEntry('SQL', applyToFrag='no', arpOpc='unspecified', dFromPort='3306', dToPort='3306', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract1) contract2 = Contract('app-contract', tenant) contract2.set_scope('application-profile') entry1 = FilterEntry('Flask', applyToFrag='no', arpOpc='unspecified', dFromPort='5000', dToPort='5000', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract2) tenant.push_to_apic(session) entry2 = FilterEntry('Flask2', applyToFrag='no', arpOpc='unspecified', dFromPort='5050', dToPort='5050', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract2) contract3 = Contract('web-contract', tenant) contract3.set_scope('application-profile') entry1 = FilterEntry('HTTPS', applyToFrag='no', arpOpc='unspecified', dFromPort='443', dToPort='443', etherT='ip', prot='tcp', tcpRules='unspecified', parent=contract3) # Provide the contract from 1 EPG and consume from the other t3_epg.provide(contract1) t2_epg.consume(contract1) t2_epg.provide(contract2) t1_epg.consume(contract2) t1_epg.provide(contract3) # Finally, push all this to the APIC # Cleanup (uncomment the next line to delete the config) # CAUTION: The next line will DELETE the tenant # tenant.mark_as_deleted() resp = tenant.push_to_apic(session) if resp.ok: # Print some confirmation print('The configuration was sucessfully pushed to the APIC.')