def create_leaf_intf_profile(apic, fabricNodes): """ "Core out of the box" setup method. No user input required. """ # Create new object if needed mo = aciInfra.Infra(aciPol.Uni('')) # Query APIC for leaf switches leafs = dict([n.name, n] for n in fabricNodes if n.role == 'leaf') # Loop over each leaf for name, node in leafs.items(): # Create Leaf Switch Interface Profile accPortP = aciInfra.AccPortP(mo, name='{0}-IntProf'.format(name)) nodeDn = str(node.dn) # Generate list of all interfaces (leaf type) interfaces = apic.lookupByClass('l1PhysIf', parentDn=nodeDn) intfName = [i.id for i in interfaces if i.portT == 'leaf'] for i, intf in enumerate(intfName): card, port = intf[3:].split('/') blockName = 'block{}'.format(i + 1) ifSelName = 'Eth{0}-{1}'.format(card, port) hPortS = aciInfra.HPortS(accPortP, name=ifSelName, type='range') aciInfra.PortBlk(hPortS, name=blockName, fromCard=card, toCard=card, fromPort=port, toPort=port) return mo
def createVlanPool(name, startVlan, endVlan, allocMode='static'): infraInfra = aciInfra.Infra(aciPol.Uni('')) fvnsVlanInstP = aciFvns.VlanInstP(infraInfra, name="{}_vlans".format(name), allocMode=allocMode) aciFvns.EncapBlk(fvnsVlanInstP, to="vlan-{}".format(endVlan), from_="vlan-{}".format(startVlan), name='encap') return fvnsVlanInstP
def create_oob_mgmt_policies(apic=None, policy=None, nodes=None): """ OOB Mgmt configuration """ # Build OOB Management Object fvTenant = aciFv.Tenant(aciPol.Uni(''), name='mgmt') mgmtMgmtP = aciMgmt.MgmtP(fvTenant, name='default') mgmtOoB = aciMgmt.OoB(mgmtMgmtP, prio='unspecified', name='default') nodeNames = dict([n.name, n.id] for n in nodes) podId = policy['podId'] for entry in policy['nodes']: nodeId = nodeNames[entry['name']] tDN = 'topology/pod-{}/node-{}'.format(podId, nodeId) if policy['v6Gw'] == '::': aciMgmt.RsOoBStNode(mgmtOoB, gw=policy['gw'], tDn=tDN, addr=entry['ipv4']) else: aciMgmt.RsOoBStNode(mgmtOoB, gw=policy['gw'], v6Gw=policy['v6Gw'], tDn=tDN, addr=entry['ipv4'], v6Addr=entry['ipv6']) return fvTenant
def configureBackupPolicy(config): fabricInst = aciFabric.Inst(aciPol.Uni('')) fileRemotePath = aciFile.RemotePath(fabricInst, userName=config['path']['user'], remotePort=config['path']['port'], protocol=config['path']['protocol'], name=config['path']['name'], descr=config['path']['descr'], userPasswd=config['path']['password'], host=config['path']['host'], remotePath=config['path']['remotePath'] ) aciFile.RsARemoteHostToEpg(fileRemotePath, tDn='uni/tn-mgmt/mgmtp-default/oob-default') trigSchedP = aciTrig.SchedP(fabricInst, name=config['schedule']['name']) aciTrig.RecurrWindowP(trigSchedP, name=config['schedule']['period'], hour=config['schedule']['hour']) configExportP = aciConfig.ExportP(fabricInst, name=config['name'], descr=config['descr'], adminSt='triggered') aciConfig.RsExportScheduler(configExportP, tnTrigSchedPName=config['schedule']['name']) aciConfig.RsRemotePath(configExportP, tnFileRemotePathName=config['path']['name']) return fabricInst
def create_ntp_policy(mo, policy): if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) datetimePol = aciNtp.Pol(mo, name=policy['name'], adminSt=policy['adminSt'], authSt=policy['authSt'], serverState=policy['serverState'], masterMode=policy['masterMode']) for id, prov in enumerate(policy['datetimeNtpProv']): # aciNtp.NtpAuthKey( # datetimePol, id=str(id+1), # key=prov['key'], keyType=prov['keyType'], trusted=prov['trusted'] # ) prov = aciNtp.NtpProv(datetimePol, name=prov['name'], preferred=prov['preferred'], minPoll=prov['minPoll'], maxPoll=prov['maxPoll'], keyId=str(id + 1)) # aciNtp.RsNtpProvToNtpAuthKey(prov, tnDatetimeNtpAuthKeyId=str(id+1)) aciNtp.RsNtpProvToEpg(prov, tDn='uni/tn-mgmt/mgmtp-default/oob-default') return mo
def createLinkLevelPolicy(linkLevelPolicyList): infraInfra = aciInfra.Infra(aciPol.Uni('')) for linkLevelPolicy in linkLevelPolicyList: aciFabric.HIfPol(infraInfra, name=linkLevelPolicy['name'], fecMode='inherit', autoNeg=linkLevelPolicy['autoNeg'], speed=linkLevelPolicy['speed'], linkDebounce='100') return infraInfra
def createLldpPolicy(): infraInfra = aciInfra.Infra(aciPol.Uni('')) lldp.IfPol(infraInfra, name='LLDP_Enable', adminTxSt='enabled', adminRxSt='enabled') lldp.IfPol(infraInfra, name='LLDP_Disable', adminTxSt='disabled', adminRxSt='disabled') return infraInfra
def create_bgp_policy(mo, policy, nodes): """ If nodes is passed, it's a dictionary of "name": "id" info for the fabric nodes (non-controller) """ # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) # Create top level BGP policy bgpInstPol = aciBgp.InstPol(mo, name=policy['name']) # Add ASN daughter aciBgp.AsP(bgpInstPol, asn=policy['bgpAsP']['asn']) # Add BGP (Internal) RR Fabric Policy aciRRP = aciBgp.RRP(bgpInstPol) # Add BGP (Internal) RR node podId = policy['bgpRRP']['podId'] for rr in policy['bgpRRP']['bgpRRNodePEp']: nodeId = nodes[rr] aciBgp.RRNodePEp(aciRRP, id=nodeId, podId=podId) return mo
def create_snmp_policy(mo, policy): # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) snmpPol = snmp.Pol(mo, name=policy['name'], adminSt=policy['adminSt'], contact=policy['contact'], loc=policy['loc']) for user in policy['snmpUserP']: snmp.UserP(snmpPol, name=user['name'], authType=user['authType'], privType=user['privType'], authKey=user['authKey'], privkey=user['privKey']) for trap in policy['snmpTrapFwdServerP']: snmp.TrapFwdServerP(snmpPol, addr=trap['addr'], port=trap['port']) for comm in policy['snmpCommunityP']: snmp.CommunityP(snmpPol, name=comm['name']) for clientGrp in policy['snmpClientGrpP']: clntGrp = snmp.ClientGrpP(snmpPol, name=clientGrp['name']) snmp.RsEpg(clntGrp, tDn='uni/tn-mgmt/mgmtp-default/oob-default') for client in clientGrp['snmpClientP']: snmp.ClientP(clntGrp, name=client['name'], addr=client['addr']) return mo
def createVpcInterfacePolGroup(name, cdpPolName, lldpPolName, linkLevelPolName, lacpPolName, aaepDn): infraInfra = aciInfra.Infra(aciPol.Uni('')) infraFuncP = aciInfra.FuncP(infraInfra) infraAccBndlGrp = aciInfra.AccBndlGrp(infraFuncP, name="{}_PolGrp".format(name), lagT=u'node') # aciInfra.RsL2IfPol(infraAccBndlGrp, tnL2IfPolName=u'') # aciInfra.RsQosPfcIfPol(infraAccBndlGrp, tnQosPfcIfPolName=u'') aciInfra.RsHIfPol(infraAccBndlGrp, tnFabricHIfPolName=linkLevelPolName) # aciInfra.RsL2PortSecurityPol(infraAccBndlGrp, # tnL2PortSecurityPolName=u'') # aciInfra.RsMonIfInfraPol(infraAccBndlGrp, tnMonInfraPolName=u'') # aciInfra.RsStpIfPol(infraAccBndlGrp, tnStpIfPolName=u'') # aciInfra.RsQosSdIfPol(infraAccBndlGrp, tnQosSdIfPolName=u'') aciInfra.RsAttEntP(infraAccBndlGrp, tDn=aaepDn) # aciInfra.RsMcpIfPol(infraAccBndlGrp, tnMcpIfPolName=u'') aciInfra.RsLacpPol(infraAccBndlGrp, tnLacpLagPolName=lacpPolName) # aciInfra.RsQosDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'') # aciInfra.RsQosIngressDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'') # aciInfra.RsStormctrlIfPol(infraAccBndlGrp, tnStormctrlIfPolName=u'') # aciInfra.RsQosEgressDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'') # aciInfra.RsFcIfPol(infraAccBndlGrp, tnFcIfPolName=u'') aciInfra.RsLldpIfPol(infraAccBndlGrp, tnLldpIfPolName=lldpPolName) aciInfra.RsCdpIfPol(infraAccBndlGrp, tnCdpIfPolName=cdpPolName) return infraInfra
def create_vpc_protection_groups(policies, fabricNodes): mo = aciFabric.Inst(aciPol.Uni('')) for policy in policies: # Create the VPC Protection Policy fabricProtPol = aciFabric.ProtPol(mo, name=policy['name'], pairT=policy['pairT']) # Information passed are node names, we need node IDs leafs = dict([n.name, n.id] for n in fabricNodes if n.role == 'leaf') # Create the specific pairing for vpc_id, members in policy['vpc_pairs'].items(): vpc_name = 'VPC-EPG-{0}'.format('-'.join(members)) vpcEpg = aciFabric.ExplicitGEp(fabricProtPol, name=vpc_name, id=vpc_id) # Bind the domain policy to it aciFabric.RsVpcInstPol( vpcEpg, tnVpcInstPolName=policy['vpc_domain_policy']) # Add the node members to it for node in members: aciFabric.NodePEp(vpcEpg, id=leafs[node], podId=policy['podId']) return mo
def createPodPolicy(config): fabricInst = aciFabric.Inst(aciPol.Uni('')) aciDateTime.Format(fabricInst, name='default', tz=config.timezone) datetimePol = aciDateTime.Pol(fabricInst, name='default') for ntp in config.ntpList: datetimeNtpProv = aciDateTime.NtpProv(datetimePol, preferred=ntp['preferred'], name=ntp['name'], descr=ntp['descr']) aciDateTime.RsNtpProvToEpg(datetimeNtpProv, tDn='uni/tn-mgmt/mgmtp-default/oob-default') bgpInstPol = aciBgp.InstPol(fabricInst, name='default') aciBgp.AsP(bgpInstPol, name='aspn', asn=config.bgpAsn) bgpRRP = aciBgp.RRP(bgpInstPol, name='route-reflector') for rrNodeId in getRrNodeIdList(config.fabricNodes): aciBgp.RRNodePEp(bgpRRP, id=rrNodeId) fabricFuncP = aciFabric.FuncP(fabricInst) fabricPodPGrp = aciFabric.PodPGrp(fabricFuncP, name='default-PodPolicyGroup') aciFabric.RsPodPGrpBGPRRP(fabricPodPGrp, tnBgpInstPolName='default') aciFabric.RsTimePol(fabricPodPGrp, tnDatetimePolName='default') aciFabric.RsPodPGrpIsisDomP(fabricPodPGrp, tnIsisDomPolName='default') aciFabric.RsPodPGrpCoopP(fabricPodPGrp, tnCoopPolName='default') aciFabric.RsCommPol(fabricPodPGrp, tnCommPolName='default') aciFabric.RsSnmpPol(fabricPodPGrp, tnSnmpPolName='default') fabricPodP = aciFabric.PodP(fabricInst, name='default') fabricPodS = aciFabric.PodS(fabricPodP, type='ALL', name='default') aciFabric.RsPodPGrp(fabricPodS, tDn=fabricPodPGrp.dn) return fabricInst
def createIpnOspfIfPolicy(name): "Create OSPF Policy for MPod" fvTenant = aciFv.Tenant(aciPol.Uni(''), 'infra') aciOspf.IfPol(fvTenant, pfxSuppress='inherit', nwT='p2p', name=name, prio='1', ctrl='advert-subnet', helloIntvl='10', rexmitIntvl='5', xmitDelay='1', cost='unspecified', deadIntvl='40') return fvTenant
def createSpineInterfacePolGroup(name, cdpPolName, linkLevelPolName, aaepDn): infraInfra = aciInfra.Infra(aciPol.Uni('')) infraFuncP = aciInfra.FuncP(infraInfra) infraSpAccPortGrp = aciInfra.SpAccPortGrp(infraFuncP, name=name) aciInfra.RsCdpIfPol(infraSpAccPortGrp, tnCdpIfPolName=cdpPolName) aciInfra.RsAttEntP(infraSpAccPortGrp, tDn=aaepDn) aciInfra.RsHIfPol(infraSpAccPortGrp, tnFabricHIfPolName=linkLevelPolName) return infraInfra
def create_mcp_policy(mo, policy): # Validate input required_attributes(mcp_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciInfra.Infra(aciPol.Uni('')) mcp.IfPol(mo, name=policy['name'], adminSt=policy['adminSt']) return mo
def create_coop_policy(mo, policy): # Validate input required_attributes(coop_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) aciCoop.Pol(mo, name=policy['name'], type=policy['type']) return mo
def create_attachable_aep(apic, policies): infraInfra = aciInfra.Infra(aciPol.Uni('')) physDomP = apic.lookupByClass('physDomP') doms = dict([d.name, str(d.dn)] for d in physDomP) for policy in policies: infraAttEntityP = aciInfra.AttEntityP(infraInfra, name=policy['name']) tDN = doms[policy['domain']] aciInfra.RsDomP(infraAttEntityP, tDn=tDN) return infraInfra
def create_wide_policy(mo, policy): # Validate input required_attributes(fabric_wide_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciInfra.Infra(aciPol.Uni('')) aciInfra.SetPol(mo, name=policy['name'], domainValidation=policy['domainValidation'], enforceSubnetCheck=policy['enforceSubnetCheck']) return mo
def configOobMgmt(config): "Configure the Out of Band management addresses for given fabric nodes" fvTenant = aciFv.Tenant(aciPol.Uni(''), name='mgmt') mgmtMgmtP = aciMgmt.MgmtP(fvTenant, name='default') mgmtOoB = aciMgmt.OoB(mgmtMgmtP, prio='unspecified', name='default') for podId, nodes in config.fabricNodes['pods'].iteritems(): for node in nodes: aciMgmt.RsOoBStNode(mgmtOoB, gw=config.mgmtOob['gw'], v6Gw=config.mgmtOob['v6Gw'], v6Addr=node['v6Addr'], addr=node['addr'], tDn=getDnFromPodIdNodeId(podId, node['nodeId'])) return fvTenant
def createSpineSwitchProfile(fabricNodes, intProfileDn): infraInfra = aciInfra.Infra(aciPol.Uni('')) infraSpineProfile = aciInfra.SpineP(infraInfra, name='Spines') for podId, nodes in fabricNodes['pods'].iteritems(): infraSpineS = aciInfra.SpineS(infraSpineProfile, type='range', name="Spines_pod{}".format(podId)) for node in nodes: if 'l3Out' in node: aciInfra.NodeBlk(infraSpineS, from_=node['nodeId'], name=node['name'], to_=node['nodeId']) aciInfra.RsSpAccPortP(infraSpineProfile, tDn=intProfileDn) return infraInfra
def createLacpPolicy(): infraInfra = aciInfra.Infra(aciPol.Uni('')) lacp.LagPol(infraInfra, name='LACP_Active', minLinks='1', ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual', maxLinks='16', mode='active') lacp.LagPol(infraInfra, name='LACP_Passive', minLinks='1', ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual', maxLinks='16', mode='passive') lacp.LagPol(infraInfra, name='LACP_On', minLinks='1', ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual', maxLinks='16', mode='off') return infraInfra
def create_vlan_pool_policies(policies): infraInfra = aciInfra.Infra(aciPol.Uni('')) for policy in policies: fvnsVlanInstP = aciFvns.VlanInstP(infraInfra, name=policy['name'], allocMode=policy['allocMode']) aciFvns.EncapBlk(fvnsVlanInstP, name='encap', role=policy['role'], from_="vlan-{}".format(policy['start']), to="vlan-{}".format(policy['end'])) return fvnsVlanInstP
def create_link_level_policy(mo, policy): # Validate input required_attributes(link_level_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciInfra.Infra(aciPol.Uni('')) aciFabric.HIfPol(mo, name=policy['name'], autoNeg=policy['autoNeg'], speed=policy['speed'], fecMode=policy['fecMode'], linkDebounce=policy['linkDebounce']) return mo
def create_rogue_policy(mo, policy): # Validate input required_attributes(rogue_endpoint_attributes, list(policy.keys())) # Create new object if needed if mo is None: mo = aciInfra.Infra(aciPol.Uni('')) aciEp.ControlP(mo, name=policy['name'], adminSt=policy['adminSt'], holdIntvl=policy['holdIntvl'], rogueEpDetectIntvl=policy['rogueEpDetectIntvl'], rogueEpDetectMult=policy['rogueEpDetectMult']) return mo
def create_physical_domain(apic, policies): mo = aciPol.Uni('') vlanPools = apic.lookupByClass('fvnsVlanInstP') pools = dict([v.name, v.allocMode] for v in vlanPools) for policy in policies: physDomP = phys.DomP(mo, name=policy['name']) pool = policy['vlan_pool'] mode = pools[pool] vlan_pool_name = 'uni/infra/vlanns-[{0}]-{1}'.format(pool, mode) aciInfra.RsVlanNs(physDomP, tDn=vlan_pool_name) return mo
def createLeafInterfaceProfile(name, interfaceList): polGroupDn = getLeafVpcIntPolGroupDnFromName("{}_PolGrp".format(name)) infraInfra = aciInfra.Infra(aciPol.Uni('')) infraAccPortP = aciInfra.AccPortP(infraInfra, name="{}_IntProfile".format(name)) infraHPortS = aciInfra.HPortS(infraAccPortP, type=u'range', name="{}_IfSel".format(name)) aciInfra.RsAccBaseGrp(infraHPortS, fexId=u'101', tDn=polGroupDn) i = 1 for interface in interfaceList: (intCard, intPort) = interface['name'][3:].split('/') blockName = "block{}".format(i) aciInfra.PortBlk(infraHPortS, name=blockName, fromPort=str(intPort), fromCard=str(intCard), toPort=str(intPort), toCard=str(intCard)) i += 1 return infraAccPortP
def createSpineInterfaceProfile(name, polGroupName, interfaceList): polGroupDn = getSpineIntPolGroupDnFromName(polGroupName) infraInfra = aciInfra.Infra(aciPol.Uni('')) infraSpAccPortP = aciInfra.SpAccPortP(infraInfra, name=name) infraSHPortS = aciInfra.SHPortS(infraSpAccPortP, type='range', name='Interface') i = 1 for interface in interfaceList: (intCard, intPort) = interface['name'][3:].split('/') blockName = "block{}".format(i) aciInfra.PortBlk(infraSHPortS, name=blockName, fromPort=str(intPort), fromCard=str(intCard), toPort=str(intPort), toCard=str(intCard)) i += 1 aciInfra.RsSpAccGrp(infraSHPortS, tDn=polGroupDn) return infraInfra
def createLeafSwitchProfile(leafIds, intProfileNameList): infraInfra = aciInfra.Infra(aciPol.Uni('')) leafIdString = "-".join(map(str, leafIds)) name = "Leaf{}_Profile".format(leafIdString) infraNodeP = aciInfra.NodeP(infraInfra, name=name) infraLeafS = aciInfra.LeafS(infraNodeP, type=u'range', name="{}_selector".format(name)) count = 0 for leafId in leafIds: aciInfra.NodeBlk(infraLeafS, from_=leafId, name="single{}".format(count), to_=leafId) count += 1 for intProfileName in intProfileNameList: intProfileDn = getLeafIntProfileDnFromName(intProfileName) aciInfra.RsAccPortP(infraNodeP, tDn=intProfileDn) return infraInfra
def create_dns_policy(mo, policy): if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) dnsProfile = aciDNS.Profile(mo, name=policy['name']) aciDNS.RsProfileToEpg(dnsProfile, tDn='uni/tn-mgmt/mgmtp-default/oob-default') for provider in policy['dnsProv']: aciDNS.Prov(dnsProfile, addr=provider['addr'], preferred=provider['preferred']) for domain in policy['dnsDomain']: aciDNS.Domain(dnsProfile, name=domain['name'], isDefault=domain['isDefault']) return mo
def create_snmp_group_policy(mo, policy): # Create new object if needed if mo is None: mo = aciFabric.Inst(aciPol.Uni('')) snmpGroup = snmp.Group(mo, name=policy['name']) for dest in policy['snmpTrapDest']: trapDest = snmp.TrapDest(snmpGroup, host=dest['host'], port=dest['port'], notifT=dest['notifT'], ver=dest['ver'], secName=dest['secName'], v3SecLvl=dest['v3SecLvl']) aciFile.RsARemoteHostToEpg(trapDest, tDn='uni/tn-mgmt/mgmtp-default/oob-default') return mo