def create_leaf_intf_profile(apic, fabricNodes):
"""
"Core out of the box" setup method. No user input required.
"""
# Create new object if needed
mo = aciInfra.Infra(aciPol.Uni(''))
# Query APIC for leaf switches
leafs = dict([n.name, n] for n in fabricNodes if n.role == 'leaf')
# Loop over each leaf
for name, node in leafs.items():
# Create Leaf Switch Interface Profile
accPortP = aciInfra.AccPortP(mo, name='{0}-IntProf'.format(name))
nodeDn = str(node.dn)
# Generate list of all interfaces (leaf type)
interfaces = apic.lookupByClass('l1PhysIf', parentDn=nodeDn)
intfName = [i.id for i in interfaces if i.portT == 'leaf']
for i, intf in enumerate(intfName):
card, port = intf[3:].split('/')
blockName = 'block{}'.format(i + 1)
ifSelName = 'Eth{0}-{1}'.format(card, port)
hPortS = aciInfra.HPortS(accPortP, name=ifSelName, type='range')
aciInfra.PortBlk(hPortS,
name=blockName,
fromCard=card,
toCard=card,
fromPort=port,
toPort=port)
return mo
def createVlanPool(name, startVlan, endVlan, allocMode='static'):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
fvnsVlanInstP = aciFvns.VlanInstP(infraInfra, name="{}_vlans".format(name),
allocMode=allocMode)
aciFvns.EncapBlk(fvnsVlanInstP, to="vlan-{}".format(endVlan),
from_="vlan-{}".format(startVlan), name='encap')
return fvnsVlanInstP
def create_oob_mgmt_policies(apic=None, policy=None, nodes=None):
"""
OOB Mgmt configuration
"""
# Build OOB Management Object
fvTenant = aciFv.Tenant(aciPol.Uni(''), name='mgmt')
mgmtMgmtP = aciMgmt.MgmtP(fvTenant, name='default')
mgmtOoB = aciMgmt.OoB(mgmtMgmtP, prio='unspecified', name='default')
nodeNames = dict([n.name, n.id] for n in nodes)
podId = policy['podId']
for entry in policy['nodes']:
nodeId = nodeNames[entry['name']]
tDN = 'topology/pod-{}/node-{}'.format(podId, nodeId)
if policy['v6Gw'] == '::':
aciMgmt.RsOoBStNode(mgmtOoB,
gw=policy['gw'],
tDn=tDN,
addr=entry['ipv4'])
else:
aciMgmt.RsOoBStNode(mgmtOoB,
gw=policy['gw'],
v6Gw=policy['v6Gw'],
tDn=tDN,
addr=entry['ipv4'],
v6Addr=entry['ipv6'])
return fvTenant
def configureBackupPolicy(config):
fabricInst = aciFabric.Inst(aciPol.Uni(''))
fileRemotePath = aciFile.RemotePath(fabricInst,
userName=config['path']['user'],
remotePort=config['path']['port'],
protocol=config['path']['protocol'],
name=config['path']['name'],
descr=config['path']['descr'],
userPasswd=config['path']['password'],
host=config['path']['host'],
remotePath=config['path']['remotePath']
)
aciFile.RsARemoteHostToEpg(fileRemotePath,
tDn='uni/tn-mgmt/mgmtp-default/oob-default')
trigSchedP = aciTrig.SchedP(fabricInst, name=config['schedule']['name'])
aciTrig.RecurrWindowP(trigSchedP, name=config['schedule']['period'],
hour=config['schedule']['hour'])
configExportP = aciConfig.ExportP(fabricInst, name=config['name'],
descr=config['descr'],
adminSt='triggered')
aciConfig.RsExportScheduler(configExportP,
tnTrigSchedPName=config['schedule']['name'])
aciConfig.RsRemotePath(configExportP,
tnFileRemotePathName=config['path']['name'])
return fabricInst
def create_ntp_policy(mo, policy):
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
datetimePol = aciNtp.Pol(mo,
name=policy['name'],
adminSt=policy['adminSt'],
authSt=policy['authSt'],
serverState=policy['serverState'],
masterMode=policy['masterMode'])
for id, prov in enumerate(policy['datetimeNtpProv']):
# aciNtp.NtpAuthKey(
# datetimePol, id=str(id+1),
# key=prov['key'], keyType=prov['keyType'], trusted=prov['trusted']
# )
prov = aciNtp.NtpProv(datetimePol,
name=prov['name'],
preferred=prov['preferred'],
minPoll=prov['minPoll'],
maxPoll=prov['maxPoll'],
keyId=str(id + 1))
# aciNtp.RsNtpProvToNtpAuthKey(prov, tnDatetimeNtpAuthKeyId=str(id+1))
aciNtp.RsNtpProvToEpg(prov,
tDn='uni/tn-mgmt/mgmtp-default/oob-default')
return mo
def createLinkLevelPolicy(linkLevelPolicyList):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
for linkLevelPolicy in linkLevelPolicyList:
aciFabric.HIfPol(infraInfra, name=linkLevelPolicy['name'],
fecMode='inherit', autoNeg=linkLevelPolicy['autoNeg'],
speed=linkLevelPolicy['speed'], linkDebounce='100')
return infraInfra
def createLldpPolicy():
infraInfra = aciInfra.Infra(aciPol.Uni(''))
lldp.IfPol(infraInfra, name='LLDP_Enable',
adminTxSt='enabled', adminRxSt='enabled')
lldp.IfPol(infraInfra, name='LLDP_Disable',
adminTxSt='disabled', adminRxSt='disabled')
return infraInfra
def create_bgp_policy(mo, policy, nodes):
"""
If nodes is passed, it's a dictionary of "name": "id" info for the
fabric nodes (non-controller)
"""
# Create new object if needed
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
# Create top level BGP policy
bgpInstPol = aciBgp.InstPol(mo, name=policy['name'])
# Add ASN daughter
aciBgp.AsP(bgpInstPol, asn=policy['bgpAsP']['asn'])
# Add BGP (Internal) RR Fabric Policy
aciRRP = aciBgp.RRP(bgpInstPol)
# Add BGP (Internal) RR node
podId = policy['bgpRRP']['podId']
for rr in policy['bgpRRP']['bgpRRNodePEp']:
nodeId = nodes[rr]
aciBgp.RRNodePEp(aciRRP, id=nodeId, podId=podId)
return mo
def create_snmp_policy(mo, policy):
# Create new object if needed
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
snmpPol = snmp.Pol(mo,
name=policy['name'],
adminSt=policy['adminSt'],
contact=policy['contact'],
loc=policy['loc'])
for user in policy['snmpUserP']:
snmp.UserP(snmpPol,
name=user['name'],
authType=user['authType'],
privType=user['privType'],
authKey=user['authKey'],
privkey=user['privKey'])
for trap in policy['snmpTrapFwdServerP']:
snmp.TrapFwdServerP(snmpPol, addr=trap['addr'], port=trap['port'])
for comm in policy['snmpCommunityP']:
snmp.CommunityP(snmpPol, name=comm['name'])
for clientGrp in policy['snmpClientGrpP']:
clntGrp = snmp.ClientGrpP(snmpPol, name=clientGrp['name'])
snmp.RsEpg(clntGrp, tDn='uni/tn-mgmt/mgmtp-default/oob-default')
for client in clientGrp['snmpClientP']:
snmp.ClientP(clntGrp, name=client['name'], addr=client['addr'])
return mo
def createVpcInterfacePolGroup(name, cdpPolName, lldpPolName, linkLevelPolName,
lacpPolName, aaepDn):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
infraFuncP = aciInfra.FuncP(infraInfra)
infraAccBndlGrp = aciInfra.AccBndlGrp(infraFuncP,
name="{}_PolGrp".format(name),
lagT=u'node')
# aciInfra.RsL2IfPol(infraAccBndlGrp, tnL2IfPolName=u'')
# aciInfra.RsQosPfcIfPol(infraAccBndlGrp, tnQosPfcIfPolName=u'')
aciInfra.RsHIfPol(infraAccBndlGrp, tnFabricHIfPolName=linkLevelPolName)
# aciInfra.RsL2PortSecurityPol(infraAccBndlGrp,
# tnL2PortSecurityPolName=u'')
# aciInfra.RsMonIfInfraPol(infraAccBndlGrp, tnMonInfraPolName=u'')
# aciInfra.RsStpIfPol(infraAccBndlGrp, tnStpIfPolName=u'')
# aciInfra.RsQosSdIfPol(infraAccBndlGrp, tnQosSdIfPolName=u'')
aciInfra.RsAttEntP(infraAccBndlGrp, tDn=aaepDn)
# aciInfra.RsMcpIfPol(infraAccBndlGrp, tnMcpIfPolName=u'')
aciInfra.RsLacpPol(infraAccBndlGrp, tnLacpLagPolName=lacpPolName)
# aciInfra.RsQosDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'')
# aciInfra.RsQosIngressDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'')
# aciInfra.RsStormctrlIfPol(infraAccBndlGrp, tnStormctrlIfPolName=u'')
# aciInfra.RsQosEgressDppIfPol(infraAccBndlGrp, tnQosDppPolName=u'')
# aciInfra.RsFcIfPol(infraAccBndlGrp, tnFcIfPolName=u'')
aciInfra.RsLldpIfPol(infraAccBndlGrp, tnLldpIfPolName=lldpPolName)
aciInfra.RsCdpIfPol(infraAccBndlGrp, tnCdpIfPolName=cdpPolName)
return infraInfra
def create_vpc_protection_groups(policies, fabricNodes):
mo = aciFabric.Inst(aciPol.Uni(''))
for policy in policies:
# Create the VPC Protection Policy
fabricProtPol = aciFabric.ProtPol(mo,
name=policy['name'],
pairT=policy['pairT'])
# Information passed are node names, we need node IDs
leafs = dict([n.name, n.id] for n in fabricNodes if n.role == 'leaf')
# Create the specific pairing
for vpc_id, members in policy['vpc_pairs'].items():
vpc_name = 'VPC-EPG-{0}'.format('-'.join(members))
vpcEpg = aciFabric.ExplicitGEp(fabricProtPol,
name=vpc_name,
id=vpc_id)
# Bind the domain policy to it
aciFabric.RsVpcInstPol(
vpcEpg, tnVpcInstPolName=policy['vpc_domain_policy'])
# Add the node members to it
for node in members:
aciFabric.NodePEp(vpcEpg,
id=leafs[node],
podId=policy['podId'])
return mo
def createPodPolicy(config):
fabricInst = aciFabric.Inst(aciPol.Uni(''))
aciDateTime.Format(fabricInst, name='default', tz=config.timezone)
datetimePol = aciDateTime.Pol(fabricInst, name='default')
for ntp in config.ntpList:
datetimeNtpProv = aciDateTime.NtpProv(datetimePol,
preferred=ntp['preferred'],
name=ntp['name'],
descr=ntp['descr'])
aciDateTime.RsNtpProvToEpg(datetimeNtpProv,
tDn='uni/tn-mgmt/mgmtp-default/oob-default')
bgpInstPol = aciBgp.InstPol(fabricInst, name='default')
aciBgp.AsP(bgpInstPol, name='aspn', asn=config.bgpAsn)
bgpRRP = aciBgp.RRP(bgpInstPol, name='route-reflector')
for rrNodeId in getRrNodeIdList(config.fabricNodes):
aciBgp.RRNodePEp(bgpRRP, id=rrNodeId)
fabricFuncP = aciFabric.FuncP(fabricInst)
fabricPodPGrp = aciFabric.PodPGrp(fabricFuncP,
name='default-PodPolicyGroup')
aciFabric.RsPodPGrpBGPRRP(fabricPodPGrp, tnBgpInstPolName='default')
aciFabric.RsTimePol(fabricPodPGrp, tnDatetimePolName='default')
aciFabric.RsPodPGrpIsisDomP(fabricPodPGrp, tnIsisDomPolName='default')
aciFabric.RsPodPGrpCoopP(fabricPodPGrp, tnCoopPolName='default')
aciFabric.RsCommPol(fabricPodPGrp, tnCommPolName='default')
aciFabric.RsSnmpPol(fabricPodPGrp, tnSnmpPolName='default')
fabricPodP = aciFabric.PodP(fabricInst, name='default')
fabricPodS = aciFabric.PodS(fabricPodP, type='ALL', name='default')
aciFabric.RsPodPGrp(fabricPodS, tDn=fabricPodPGrp.dn)
return fabricInst
def createIpnOspfIfPolicy(name):
"Create OSPF Policy for MPod"
fvTenant = aciFv.Tenant(aciPol.Uni(''), 'infra')
aciOspf.IfPol(fvTenant, pfxSuppress='inherit', nwT='p2p', name=name,
prio='1', ctrl='advert-subnet', helloIntvl='10',
rexmitIntvl='5', xmitDelay='1', cost='unspecified',
deadIntvl='40')
return fvTenant
def createSpineInterfacePolGroup(name, cdpPolName, linkLevelPolName, aaepDn):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
infraFuncP = aciInfra.FuncP(infraInfra)
infraSpAccPortGrp = aciInfra.SpAccPortGrp(infraFuncP, name=name)
aciInfra.RsCdpIfPol(infraSpAccPortGrp, tnCdpIfPolName=cdpPolName)
aciInfra.RsAttEntP(infraSpAccPortGrp, tDn=aaepDn)
aciInfra.RsHIfPol(infraSpAccPortGrp, tnFabricHIfPolName=linkLevelPolName)
return infraInfra
def create_mcp_policy(mo, policy):
# Validate input
required_attributes(mcp_attributes, list(policy.keys()))
# Create new object if needed
if mo is None:
mo = aciInfra.Infra(aciPol.Uni(''))
mcp.IfPol(mo, name=policy['name'], adminSt=policy['adminSt'])
return mo
def create_coop_policy(mo, policy):
# Validate input
required_attributes(coop_attributes, list(policy.keys()))
# Create new object if needed
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
aciCoop.Pol(mo, name=policy['name'], type=policy['type'])
return mo
def create_attachable_aep(apic, policies):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
physDomP = apic.lookupByClass('physDomP')
doms = dict([d.name, str(d.dn)] for d in physDomP)
for policy in policies:
infraAttEntityP = aciInfra.AttEntityP(infraInfra, name=policy['name'])
tDN = doms[policy['domain']]
aciInfra.RsDomP(infraAttEntityP, tDn=tDN)
return infraInfra
def create_wide_policy(mo, policy):
# Validate input
required_attributes(fabric_wide_attributes, list(policy.keys()))
# Create new object if needed
if mo is None:
mo = aciInfra.Infra(aciPol.Uni(''))
aciInfra.SetPol(mo,
name=policy['name'],
domainValidation=policy['domainValidation'],
enforceSubnetCheck=policy['enforceSubnetCheck'])
return mo
def configOobMgmt(config):
"Configure the Out of Band management addresses for given fabric nodes"
fvTenant = aciFv.Tenant(aciPol.Uni(''), name='mgmt')
mgmtMgmtP = aciMgmt.MgmtP(fvTenant, name='default')
mgmtOoB = aciMgmt.OoB(mgmtMgmtP, prio='unspecified', name='default')
for podId, nodes in config.fabricNodes['pods'].iteritems():
for node in nodes:
aciMgmt.RsOoBStNode(mgmtOoB,
gw=config.mgmtOob['gw'],
v6Gw=config.mgmtOob['v6Gw'],
v6Addr=node['v6Addr'], addr=node['addr'],
tDn=getDnFromPodIdNodeId(podId,
node['nodeId']))
return fvTenant
def createSpineSwitchProfile(fabricNodes, intProfileDn):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
infraSpineProfile = aciInfra.SpineP(infraInfra, name='Spines')
for podId, nodes in fabricNodes['pods'].iteritems():
infraSpineS = aciInfra.SpineS(infraSpineProfile, type='range',
name="Spines_pod{}".format(podId))
for node in nodes:
if 'l3Out' in node:
aciInfra.NodeBlk(infraSpineS, from_=node['nodeId'],
name=node['name'], to_=node['nodeId'])
aciInfra.RsSpAccPortP(infraSpineProfile, tDn=intProfileDn)
return infraInfra
def createLacpPolicy():
infraInfra = aciInfra.Infra(aciPol.Uni(''))
lacp.LagPol(infraInfra, name='LACP_Active', minLinks='1',
ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual',
maxLinks='16',
mode='active')
lacp.LagPol(infraInfra, name='LACP_Passive', minLinks='1',
ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual',
maxLinks='16',
mode='passive')
lacp.LagPol(infraInfra, name='LACP_On', minLinks='1',
ctrl='fast-sel-hot-stdby,graceful-conv,susp-individual',
maxLinks='16',
mode='off')
return infraInfra
def create_vlan_pool_policies(policies):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
for policy in policies:
fvnsVlanInstP = aciFvns.VlanInstP(infraInfra,
name=policy['name'],
allocMode=policy['allocMode'])
aciFvns.EncapBlk(fvnsVlanInstP,
name='encap',
role=policy['role'],
from_="vlan-{}".format(policy['start']),
to="vlan-{}".format(policy['end']))
return fvnsVlanInstP
def create_link_level_policy(mo, policy):
# Validate input
required_attributes(link_level_attributes, list(policy.keys()))
# Create new object if needed
if mo is None:
mo = aciInfra.Infra(aciPol.Uni(''))
aciFabric.HIfPol(mo,
name=policy['name'],
autoNeg=policy['autoNeg'],
speed=policy['speed'],
fecMode=policy['fecMode'],
linkDebounce=policy['linkDebounce'])
return mo
def create_rogue_policy(mo, policy):
# Validate input
required_attributes(rogue_endpoint_attributes, list(policy.keys()))
# Create new object if needed
if mo is None:
mo = aciInfra.Infra(aciPol.Uni(''))
aciEp.ControlP(mo,
name=policy['name'],
adminSt=policy['adminSt'],
holdIntvl=policy['holdIntvl'],
rogueEpDetectIntvl=policy['rogueEpDetectIntvl'],
rogueEpDetectMult=policy['rogueEpDetectMult'])
return mo
def create_physical_domain(apic, policies):
mo = aciPol.Uni('')
vlanPools = apic.lookupByClass('fvnsVlanInstP')
pools = dict([v.name, v.allocMode] for v in vlanPools)
for policy in policies:
physDomP = phys.DomP(mo, name=policy['name'])
pool = policy['vlan_pool']
mode = pools[pool]
vlan_pool_name = 'uni/infra/vlanns-[{0}]-{1}'.format(pool, mode)
aciInfra.RsVlanNs(physDomP, tDn=vlan_pool_name)
return mo
def createLeafInterfaceProfile(name, interfaceList):
polGroupDn = getLeafVpcIntPolGroupDnFromName("{}_PolGrp".format(name))
infraInfra = aciInfra.Infra(aciPol.Uni(''))
infraAccPortP = aciInfra.AccPortP(infraInfra,
name="{}_IntProfile".format(name))
infraHPortS = aciInfra.HPortS(infraAccPortP, type=u'range',
name="{}_IfSel".format(name))
aciInfra.RsAccBaseGrp(infraHPortS, fexId=u'101', tDn=polGroupDn)
i = 1
for interface in interfaceList:
(intCard, intPort) = interface['name'][3:].split('/')
blockName = "block{}".format(i)
aciInfra.PortBlk(infraHPortS, name=blockName,
fromPort=str(intPort), fromCard=str(intCard),
toPort=str(intPort), toCard=str(intCard))
i += 1
return infraAccPortP
def createSpineInterfaceProfile(name, polGroupName, interfaceList):
polGroupDn = getSpineIntPolGroupDnFromName(polGroupName)
infraInfra = aciInfra.Infra(aciPol.Uni(''))
infraSpAccPortP = aciInfra.SpAccPortP(infraInfra, name=name)
infraSHPortS = aciInfra.SHPortS(infraSpAccPortP,
type='range',
name='Interface')
i = 1
for interface in interfaceList:
(intCard, intPort) = interface['name'][3:].split('/')
blockName = "block{}".format(i)
aciInfra.PortBlk(infraSHPortS, name=blockName,
fromPort=str(intPort), fromCard=str(intCard),
toPort=str(intPort), toCard=str(intCard))
i += 1
aciInfra.RsSpAccGrp(infraSHPortS, tDn=polGroupDn)
return infraInfra
def createLeafSwitchProfile(leafIds, intProfileNameList):
infraInfra = aciInfra.Infra(aciPol.Uni(''))
leafIdString = "-".join(map(str, leafIds))
name = "Leaf{}_Profile".format(leafIdString)
infraNodeP = aciInfra.NodeP(infraInfra, name=name)
infraLeafS = aciInfra.LeafS(infraNodeP, type=u'range',
name="{}_selector".format(name))
count = 0
for leafId in leafIds:
aciInfra.NodeBlk(infraLeafS, from_=leafId,
name="single{}".format(count), to_=leafId)
count += 1
for intProfileName in intProfileNameList:
intProfileDn = getLeafIntProfileDnFromName(intProfileName)
aciInfra.RsAccPortP(infraNodeP, tDn=intProfileDn)
return infraInfra
def create_dns_policy(mo, policy):
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
dnsProfile = aciDNS.Profile(mo, name=policy['name'])
aciDNS.RsProfileToEpg(dnsProfile,
tDn='uni/tn-mgmt/mgmtp-default/oob-default')
for provider in policy['dnsProv']:
aciDNS.Prov(dnsProfile,
addr=provider['addr'],
preferred=provider['preferred'])
for domain in policy['dnsDomain']:
aciDNS.Domain(dnsProfile,
name=domain['name'],
isDefault=domain['isDefault'])
return mo
def create_snmp_group_policy(mo, policy):
# Create new object if needed
if mo is None:
mo = aciFabric.Inst(aciPol.Uni(''))
snmpGroup = snmp.Group(mo, name=policy['name'])
for dest in policy['snmpTrapDest']:
trapDest = snmp.TrapDest(snmpGroup,
host=dest['host'],
port=dest['port'],
notifT=dest['notifT'],
ver=dest['ver'],
secName=dest['secName'],
v3SecLvl=dest['v3SecLvl'])
aciFile.RsARemoteHostToEpg(trapDest,
tDn='uni/tn-mgmt/mgmtp-default/oob-default')
return mo
