def parse_vlan_id(vlan_type, vlan_id):
if not vlan_type or not vlan_id:
raise ValueError('vlan_id is empty')
if vlan_type == 'Access':
if represents_int(vlan_id):
return int(vlan_id)
raise KeyError('Access supports only int vlan id')
elif vlan_type == 'Trunk':
if not vlan_id:
raise Exception(
'VLAN should be a number or range in format 1-100')
vlan_parts = str(vlan_id).split("-")
if len(vlan_parts) > 2:
raise Exception(
'VLAN should be a number or range in format 1-100')
if len(vlan_parts) == 1:
return [
vim.NumericRange(start=int(vlan_parts[0]),
end=int(vlan_parts[0]))
]
if len(vlan_parts) == 2:
start_port = int(vlan_parts[0])
end_port = int(vlan_parts[1])
return [vim.NumericRange(start=start_port, end=end_port)]
raise KeyError('vlan type: {0} is not supported'.format(vlan_type))
def create_port_group(self):
config = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
# Basic config
config.name = self.module.params['portgroup_name']
config.numPorts = self.module.params['num_ports']
# Default port config
config.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
if self.module.params['vlan_trunk']:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
vlan_id_list = []
for vlan_id_splitted in self.module.params['vlan_id'].split(','):
try:
vlan_id_start, vlan_id_end = map(int, vlan_id_splitted.split('-'))
if vlan_id_start not in range(0, 4095) or vlan_id_end not in range(0, 4095):
self.module.fail_json(msg="vlan_id range %s specified is incorrect. The valid vlan_id range is from 0 to 4094." % vlan_id_splitted)
vlan_id_list.append(vim.NumericRange(start=vlan_id_start, end=vlan_id_end))
except ValueError:
vlan_id_list.append(vim.NumericRange(start=int(vlan_id_splitted.strip()), end=int(vlan_id_splitted.strip())))
config.defaultPortConfig.vlan.vlanId = vlan_id_list
else:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.VlanIdSpec()
config.defaultPortConfig.vlan.vlanId = int(self.module.params['vlan_id'])
config.defaultPortConfig.vlan.inherited = False
config.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy()
config.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(value=self.module.params['network_policy']['promiscuous'])
config.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(value=self.module.params['network_policy']['forged_transmits'])
config.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(value=self.module.params['network_policy']['mac_changes'])
# Teaming Policy
teamingPolicy = vim.dvs.VmwareDistributedVirtualSwitch.UplinkPortTeamingPolicy()
teamingPolicy.policy = vim.StringPolicy(value=self.module.params['teaming_policy']['load_balance_policy'])
teamingPolicy.reversePolicy = vim.BoolPolicy(value=self.module.params['teaming_policy']['inbound_policy'])
teamingPolicy.notifySwitches = vim.BoolPolicy(value=self.module.params['teaming_policy']['notify_switches'])
teamingPolicy.rollingOrder = vim.BoolPolicy(value=self.module.params['teaming_policy']['rolling_order'])
config.defaultPortConfig.uplinkTeamingPolicy = teamingPolicy
# PG policy (advanced_policy)
config.policy = vim.dvs.VmwareDistributedVirtualSwitch.VMwarePortgroupPolicy()
config.policy.blockOverrideAllowed = self.module.params['port_policy']['block_override']
config.policy.ipfixOverrideAllowed = self.module.params['port_policy']['ipfix_override']
config.policy.livePortMovingAllowed = self.module.params['port_policy']['live_port_move']
config.policy.networkResourcePoolOverrideAllowed = self.module.params['port_policy']['network_rp_override']
config.policy.portConfigResetAtDisconnect = self.module.params['port_policy']['port_config_reset_at_disconnect']
config.policy.securityPolicyOverrideAllowed = self.module.params['port_policy']['security_override']
config.policy.shapingOverrideAllowed = self.module.params['port_policy']['shaping_override']
config.policy.trafficFilterOverrideAllowed = self.module.params['port_policy']['traffic_filter_override']
config.policy.uplinkTeamingOverrideAllowed = self.module.params['port_policy']['uplink_teaming_override']
config.policy.vendorConfigOverrideAllowed = self.module.params['port_policy']['vendor_config_override']
config.policy.vlanOverrideAllowed = self.module.params['port_policy']['vlan_override']
# PG Type
config.type = self.module.params['portgroup_type']
task = self.dv_switch.AddDVPortgroup_Task([config])
changed, result = wait_for_task(task)
return changed, result
def _get_vlan_range(self, raw_vlan_range):
vlan_range = []
for item in raw_vlan_range:
if '-' in item:
lan_range = map(int, item.split('-'))
vlan_range.append(vim.NumericRange(start=lan_range[0],
end=lan_range[1]))
else:
item = int(item)
vlan_range.append(vim.NumericRange(start=item, end=item))
return vlan_range
def update_dv_pg(args, dv_pg):
dv_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
dv_pg_spec.name = args.dv_pg_name
dv_pg_spec.numPorts = int(args.num_ports)
dv_pg_spec.configVersion = dv_pg.config.configVersion
dv_pg_spec.type = vim.dvs.DistributedVirtualPortgroup.PortgroupType.earlyBinding
dv_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy(
)
dv_pg_spec.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(
)
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
dv_pg_spec.defaultPortConfig.vlan.vlanId = [
vim.NumericRange(start=1, end=4094)
]
dv_pg_spec.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.vlan.inherited = False
dv_pg_spec.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(
value=False)
dv_pg_spec.defaultPortConfig.securityPolicy.inherited = False
task = dv_pg.ReconfigureDVPortgroup_Task(dv_pg_spec)
wait_for_task(task)
print "Successfully modified DV Port Group %s" % args.dv_pg_name
def integration_test_connect_A(self):
py_vmomi_service = pyVmomiService(SmartConnect, Disconnect)
cred = TestCredentials()
si = py_vmomi_service.connect(cred.host, cred.username, cred.password,
cred.port)
synchronous_task_waiter = SynchronousTaskWaiter()
mapper = VnicToNetworkMapper(DvPortGroupNameGenerator())
dv_port_group_creator = DvPortGroupCreator(py_vmomi_service,
synchronous_task_waiter)
port_group_name_generator = DvPortGroupNameGenerator()
virtual_machine_port_group_configurer = VirtualMachinePortGroupConfigurer(
py_vmomi_service, synchronous_task_waiter, mapper, VNicService(),
port_group_name_generator)
mapping = VmNetworkMapping()
mapping.vlan_id = [vim.NumericRange(start=65, end=65)]
mapping.dv_port_name = DvPortGroupNameGenerator(
).generate_port_group_name(65, 'Trunk')
mapping.dv_switch_name = 'dvSwitch'
mapping.dv_switch_path = 'QualiSB'
mapping.vlan_spec = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
connector = VirtualSwitchToMachineConnector(
dv_port_group_creator, virtual_machine_port_group_configurer)
vm = py_vmomi_service.find_vm_by_name(si, 'QualiSB/Raz', '2')
# Act
connector.connect_by_mapping(si, vm, [mapping], None, [])
pass
def create_dv_port_group(self, dv_port_name, dv_switch_name, dv_switch_path, si):
dv_switch = self.pyvmomi_service.find_network_by_name(si, dv_switch_path, dv_switch_name)
dv_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
dv_pg_spec.name = dv_port_name
dv_pg_spec.numPorts = 32
dv_pg_spec.type = vim.dvs.DistributedVirtualPortgroup.PortgroupType.earlyBinding
dv_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
dv_pg_spec.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy()
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
dv_pg_spec.defaultPortConfig.vlan.vlanId = [vim.NumericRange(start=1, end=4094)]
dv_pg_spec.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(value=True)
dv_pg_spec.defaultPortConfig.vlan.inherited = False
dv_pg_spec.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(value=False)
dv_pg_spec.defaultPortConfig.securityPolicy.inherited = False
task = dv_switch.AddDVPortgroup_Task([dv_pg_spec])
print "Successfully created DV Port Group ", dv_port_name
port_group = self.synchronous_task_waiter.wait_for_task(task)
return port_group
def add_dvPort_group(si, dv_switch, vlan_id, pg_name):
print("Creating DV Portgroup '" + pg_name + "' on DVS '" + dv_switch.name +
"'")
dv_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
dv_pg_spec.name = pg_name
dv_pg_spec.numPorts = 1
dv_pg_spec.type = vim.dvs.DistributedVirtualPortgroup.PortgroupType.earlyBinding
#VLAN attributes
start = int(vlan_id)
end = int(vlan_id)
dv_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy(
)
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
dv_pg_spec.defaultPortConfig.vlan.vlanId = [
vim.NumericRange(start=start, end=end)
]
dv_pg_spec.defaultPortConfig.vlan.inherited = False
#Security Policy
dv_pg_spec.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(
)
dv_pg_spec.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(
value=False)
dv_pg_spec.defaultPortConfig.securityPolicy.inherited = False
task = dv_switch.AddDVPortgroup_Task([dv_pg_spec])
wait_for_task(task, si)
print("Successfully created DV Portgroup: ", pg_name)
def dvs_pg_info(self, dv_pg_name, dv_pg_ports_num, vlan_type, vlan_list):
dv_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
dv_pg_spec.name = dv_pg_name
dv_pg_spec.numPorts = int(dv_pg_ports_num)
dv_pg_spec.type = vim.dvs.DistributedVirtualPortgroup.PortgroupType.earlyBinding
dv_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy(
)
dv_pg_spec.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(
)
if vlan_type == 'access':
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.VlanIdSpec(
)
dv_pg_spec.defaultPortConfig.vlan.vlanId = vlan_list[0]
elif vlan_type == 'trunk':
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
dv_pg_spec.defaultPortConfig.vlan.vlanId = [
vim.NumericRange(start=vlan_list[0], end=vlan_list[1])
]
dv_pg_spec.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(
value=True)
dv_pg_spec.defaultPortConfig.vlan.inherited = False
dv_pg_spec.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(
value=False)
dv_pg_spec.defaultPortConfig.securityPolicy.inherited = False
return dv_pg_spec
def create_port_group(self):
config = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
# Basic config
config.name = self.portgroup_name
config.numPorts = self.num_ports
# Default port config
config.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy(
)
if self.vlan_trunk:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
vlan_id_start, vlan_id_end = self.vlan_id.split('-')
config.defaultPortConfig.vlan.vlanId = [
vim.NumericRange(start=int(vlan_id_start.strip()),
end=int(vlan_id_end.strip()))
]
else:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.VlanIdSpec(
)
config.defaultPortConfig.vlan.vlanId = int(self.vlan_id)
config.defaultPortConfig.vlan.inherited = False
config.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(
)
config.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(
value=self.security_promiscuous)
config.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(
value=self.security_forged_transmits)
config.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(
value=self.security_mac_changes)
# PG policy (advanced_policy)
config.policy = vim.dvs.VmwareDistributedVirtualSwitch.VMwarePortgroupPolicy(
)
config.policy.blockOverrideAllowed = self.policy_block_override
config.policy.ipfixOverrideAllowed = self.policy_ipfix_override
config.policy.livePortMovingAllowed = self.policy_live_port_move
config.policy.networkResourcePoolOverrideAllowed = self.policy_network_rp_override
config.policy.portConfigResetAtDisconnect = self.policy_port_config_reset_at_disconnect
config.policy.securityPolicyOverrideAllowed = self.policy_security_override
config.policy.shapingOverrideAllowed = self.policy_shaping_override
config.policy.trafficFilterOverrideAllowed = self.policy_traffic_filter_override
config.policy.uplinkTeamingOverrideAllowed = self.policy_uplink_teaming_override
config.policy.vendorConfigOverrideAllowed = self.policy_vendor_config_override
config.policy.vlanOverrideAllowed = self.policy_vlan_override
# PG Type
config.type = self.portgroup_type
spec = [config]
task = self.dv_switch.AddDVPortgroup_Task(spec)
changed, result = wait_for_task(task)
return changed, result
def build_config(self):
config = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
# Basic config
config.name = self.module.params['portgroup_name']
config.numPorts = self.module.params['num_ports']
# Default port config
config.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
if self.module.params['vlan_trunk']:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
config.defaultPortConfig.vlan.vlanId = list(map(lambda x: vim.NumericRange(start=x[0], end=x[1]), self.create_vlan_list()))
else:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.VlanIdSpec()
config.defaultPortConfig.vlan.vlanId = int(self.module.params['vlan_id'])
config.defaultPortConfig.vlan.inherited = False
config.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy()
config.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(value=self.module.params['network_policy']['promiscuous'])
config.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(value=self.module.params['network_policy']['forged_transmits'])
config.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(value=self.module.params['network_policy']['mac_changes'])
# Teaming Policy
teamingPolicy = vim.dvs.VmwareDistributedVirtualSwitch.UplinkPortTeamingPolicy()
teamingPolicy.policy = vim.StringPolicy(value=self.module.params['teaming_policy']['load_balance_policy'])
teamingPolicy.reversePolicy = vim.BoolPolicy(value=self.module.params['teaming_policy']['inbound_policy'])
teamingPolicy.notifySwitches = vim.BoolPolicy(value=self.module.params['teaming_policy']['notify_switches'])
teamingPolicy.rollingOrder = vim.BoolPolicy(value=self.module.params['teaming_policy']['rolling_order'])
config.defaultPortConfig.uplinkTeamingPolicy = teamingPolicy
# PG policy (advanced_policy)
config.policy = vim.dvs.VmwareDistributedVirtualSwitch.VMwarePortgroupPolicy()
config.policy.blockOverrideAllowed = self.module.params['port_policy']['block_override']
config.policy.ipfixOverrideAllowed = self.module.params['port_policy']['ipfix_override']
config.policy.livePortMovingAllowed = self.module.params['port_policy']['live_port_move']
config.policy.networkResourcePoolOverrideAllowed = self.module.params['port_policy']['network_rp_override']
config.policy.portConfigResetAtDisconnect = self.module.params['port_policy']['port_config_reset_at_disconnect']
config.policy.securityPolicyOverrideAllowed = self.module.params['port_policy']['security_override']
config.policy.shapingOverrideAllowed = self.module.params['port_policy']['shaping_override']
config.policy.trafficFilterOverrideAllowed = self.module.params['port_policy']['traffic_filter_override']
config.policy.uplinkTeamingOverrideAllowed = self.module.params['port_policy']['uplink_teaming_override']
config.policy.vendorConfigOverrideAllowed = self.module.params['port_policy']['vendor_config_override']
config.policy.vlanOverrideAllowed = self.module.params['port_policy']['vlan_override']
# PG Type
config.type = self.module.params['portgroup_type']
return config
def add_dvPort_group(si, dv_switch):
dv_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
dv_pg_spec.name = inputs['dv_port_name']
dv_pg_spec.numPorts = 32
dv_pg_spec.type = vim.dvs.DistributedVirtualPortgroup.PortgroupType.earlyBinding
dv_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
dv_pg_spec.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy()
dv_pg_spec.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
dv_pg_spec.defaultPortConfig.vlan.vlanId = [vim.NumericRange(start=1, end=4094)]
dv_pg_spec.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(value=True)
dv_pg_spec.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(value=True)
dv_pg_spec.defaultPortConfig.vlan.inherited = False
dv_pg_spec.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(value=False)
dv_pg_spec.defaultPortConfig.securityPolicy.inherited = False
task = dv_switch.AddDVPortgroup_Task([dv_pg_spec])
wait_for_task(task, si)
print "Successfully created DV Port Group ", inputs['dv_port_name']
def ensure(self):
"""Manage uplink portgroup"""
changed = changed_uplink_pg_policy = changed_vlan_trunk_range = changed_lacp = False
results = dict(changed=changed)
results['dvswitch'] = self.switch_name
changed_list = []
uplink_pg_spec = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
# Use the same version in the new spec; The version will be increased by one by the API automatically
uplink_pg_spec.configVersion = self.dvs.config.uplinkPortgroup[0].config.configVersion
uplink_pg_config = self.dvs.config.uplinkPortgroup[0].config
# Check name
if self.uplink_pg_name:
results['name'] = self.uplink_pg_name
if uplink_pg_config.name != self.uplink_pg_name:
changed = True
changed_list.append("name")
results['name_previous'] = uplink_pg_config.name
uplink_pg_spec.name = self.uplink_pg_name
else:
results['name'] = uplink_pg_config.name
# Check description
results['description'] = self.uplink_pg_description
if uplink_pg_config.description != self.uplink_pg_description:
changed = True
changed_list.append("description")
results['description_previous'] = uplink_pg_config.description
uplink_pg_spec.description = self.uplink_pg_description
# Check port policies
results['adv_reset_at_disconnect'] = self.uplink_pg_reset
results['adv_block_ports'] = self.uplink_pg_block_ports
results['adv_vendor_conf'] = self.uplink_pg_vendor_conf
results['adv_vlan'] = self.uplink_pg_vlan
results['adv_netflow'] = self.uplink_pg_netflow
results['adv_traffic_filtering'] = self.uplink_pg_tf
uplink_pg_policy_spec = vim.dvs.VmwareDistributedVirtualSwitch.VMwarePortgroupPolicy()
uplink_pg_policy_spec.portConfigResetAtDisconnect = self.uplink_pg_reset
uplink_pg_policy_spec.blockOverrideAllowed = self.uplink_pg_block_ports
uplink_pg_policy_spec.vendorConfigOverrideAllowed = self.uplink_pg_vendor_conf
uplink_pg_policy_spec.vlanOverrideAllowed = self.uplink_pg_vlan
uplink_pg_policy_spec.ipfixOverrideAllowed = self.uplink_pg_netflow
uplink_pg_policy_spec.trafficFilterOverrideAllowed = self.uplink_pg_tf
# There's no information available if the following option are deprecated, but
# they aren't visible in the vSphere Client
uplink_pg_policy_spec.shapingOverrideAllowed = False
uplink_pg_policy_spec.livePortMovingAllowed = False
uplink_pg_policy_spec.uplinkTeamingOverrideAllowed = False
uplink_pg_policy_spec.securityPolicyOverrideAllowed = False
uplink_pg_policy_spec.networkResourcePoolOverrideAllowed = False
# Check policies
if uplink_pg_config.policy.portConfigResetAtDisconnect != self.uplink_pg_reset:
changed_uplink_pg_policy = True
results['adv_reset_at_disconnect_previous'] = uplink_pg_config.policy.portConfigResetAtDisconnect
if uplink_pg_config.policy.blockOverrideAllowed != self.uplink_pg_block_ports:
changed_uplink_pg_policy = True
results['adv_block_ports_previous'] = uplink_pg_config.policy.blockOverrideAllowed
if uplink_pg_config.policy.vendorConfigOverrideAllowed != self.uplink_pg_vendor_conf:
changed_uplink_pg_policy = True
results['adv_vendor_conf_previous'] = uplink_pg_config.policy.vendorConfigOverrideAllowed
if uplink_pg_config.policy.vlanOverrideAllowed != self.uplink_pg_vlan:
changed_uplink_pg_policy = True
results['adv_vlan_previous'] = uplink_pg_config.policy.vlanOverrideAllowed
if uplink_pg_config.policy.ipfixOverrideAllowed != self.uplink_pg_netflow:
changed_uplink_pg_policy = True
results['adv_netflow_previous'] = uplink_pg_config.policy.ipfixOverrideAllowed
if uplink_pg_config.policy.trafficFilterOverrideAllowed != self.uplink_pg_tf:
changed_uplink_pg_policy = True
results['adv_traffic_filtering_previous'] = uplink_pg_config.policy.trafficFilterOverrideAllowed
if changed_uplink_pg_policy:
changed = True
changed_list.append("advanced")
uplink_pg_spec.policy = uplink_pg_policy_spec
uplink_pg_spec.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy()
# Check VLAN trunk
results['vlan_trunk_range'] = self.uplink_pg_vlan_trunk_range
vlan_id_ranges = self.uplink_pg_vlan_trunk_range
trunk_vlan_spec = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec()
vlan_id_list = []
for vlan_id_range in vlan_id_ranges:
vlan_id_range_found = False
vlan_id_start, vlan_id_end = self.get_vlan_ids_from_range(vlan_id_range)
# Check if range is already configured
for current_vlan_id_range in uplink_pg_config.defaultPortConfig.vlan.vlanId:
if current_vlan_id_range.start == int(vlan_id_start) and current_vlan_id_range.end == int(vlan_id_end):
vlan_id_range_found = True
break
if vlan_id_range_found is False:
changed_vlan_trunk_range = True
vlan_id_list.append(
vim.NumericRange(start=int(vlan_id_start), end=int(vlan_id_end))
)
# Check if range needs to be removed
for current_vlan_id_range in uplink_pg_config.defaultPortConfig.vlan.vlanId:
vlan_id_range_found = False
for vlan_id_range in vlan_id_ranges:
vlan_id_start, vlan_id_end = self.get_vlan_ids_from_range(vlan_id_range)
if (current_vlan_id_range.start == int(vlan_id_start)
and current_vlan_id_range.end == int(vlan_id_end)):
vlan_id_range_found = True
break
if vlan_id_range_found is False:
changed_vlan_trunk_range = True
trunk_vlan_spec.vlanId = vlan_id_list
if changed_vlan_trunk_range:
changed = True
changed_list.append("vlan trunk range")
current_vlan_id_list = []
for current_vlan_id_range in uplink_pg_config.defaultPortConfig.vlan.vlanId:
if current_vlan_id_range.start == current_vlan_id_range.end:
current_vlan_id_range_string = current_vlan_id_range.start
else:
current_vlan_id_range_string = '-'.join(
[str(current_vlan_id_range.start), str(current_vlan_id_range.end)]
)
current_vlan_id_list.append(current_vlan_id_range_string)
results['vlan_trunk_range_previous'] = current_vlan_id_list
uplink_pg_spec.defaultPortConfig.vlan = trunk_vlan_spec
# Check LACP
lacp_support_mode = self.get_lacp_support_mode(self.support_mode)
if lacp_support_mode == 'basic':
results['lacp_status'] = self.lacp_status
lacp_spec = vim.dvs.VmwareDistributedVirtualSwitch.UplinkLacpPolicy()
lacp_enabled = False
if self.lacp_status == 'enabled':
lacp_enabled = True
if uplink_pg_config.defaultPortConfig.lacpPolicy.enable.value != lacp_enabled:
changed_lacp = True
changed_list.append("lacp status")
if uplink_pg_config.defaultPortConfig.lacpPolicy.enable.value:
results['lacp_status_previous'] = 'enabled'
else:
results['lacp_status_previous'] = 'disabled'
lacp_spec.enable = vim.BoolPolicy()
lacp_spec.enable.inherited = False
lacp_spec.enable.value = lacp_enabled
if lacp_enabled and uplink_pg_config.defaultPortConfig.lacpPolicy.mode.value != self.lacp_mode:
results['lacp_mode'] = self.lacp_mode
changed_lacp = True
changed_list.append("lacp mode")
results['lacp_mode_previous'] = uplink_pg_config.defaultPortConfig.lacpPolicy.mode.value
lacp_spec.mode = vim.StringPolicy()
lacp_spec.mode.inherited = False
lacp_spec.mode.value = self.lacp_mode
if changed_lacp:
changed = True
uplink_pg_spec.defaultPortConfig.lacpPolicy = lacp_spec
# Check NetFlow
results['netflow_enabled'] = self.uplink_pg_netflow_enabled
netflow_enabled_spec = vim.BoolPolicy()
netflow_enabled_spec.inherited = False
netflow_enabled_spec.value = self.uplink_pg_netflow_enabled
if uplink_pg_config.defaultPortConfig.ipfixEnabled.value != self.uplink_pg_netflow_enabled:
changed = True
results['netflow_enabled_previous'] = uplink_pg_config.defaultPortConfig.ipfixEnabled.value
changed_list.append("netflow")
uplink_pg_spec.defaultPortConfig.ipfixEnabled = netflow_enabled_spec
# TODO: Check Traffic filtering and marking
# Check Block all ports
results['block_all_ports'] = self.uplink_pg_block_all_ports
block_all_ports_spec = vim.BoolPolicy()
block_all_ports_spec.inherited = False
block_all_ports_spec.value = self.uplink_pg_block_all_ports
if uplink_pg_config.defaultPortConfig.blocked.value != self.uplink_pg_block_all_ports:
changed = True
changed_list.append("block all ports")
results['block_all_ports_previous'] = uplink_pg_config.defaultPortConfig.blocked.value
uplink_pg_spec.defaultPortConfig.blocked = block_all_ports_spec
if changed:
if self.module.check_mode:
changed_suffix = ' would be changed'
else:
changed_suffix = ' changed'
if len(changed_list) > 2:
message = ', '.join(changed_list[:-1]) + ', and ' + str(changed_list[-1])
elif len(changed_list) == 2:
message = ' and '.join(changed_list)
elif len(changed_list) == 1:
message = changed_list[0]
message += changed_suffix
if not self.module.check_mode:
try:
task = self.dvs.config.uplinkPortgroup[0].ReconfigureDVPortgroup_Task(uplink_pg_spec)
wait_for_task(task)
except TaskError as invalid_argument:
self.module.fail_json(msg="Failed to update uplink portgroup : %s" % to_native(invalid_argument))
else:
message = "Uplink portgroup already configured properly"
results['changed'] = changed
results['result'] = message
self.module.exit_json(**results)
def build_config(self):
config = vim.dvs.DistributedVirtualPortgroup.ConfigSpec()
# Basic config
config.name = self.module.params['portgroup_name']
if self.module.params[
'port_allocation'] != 'elastic' and self.module.params[
'port_binding'] != 'ephemeral':
config.numPorts = self.module.params['num_ports']
# Default port config
config.defaultPortConfig = vim.dvs.VmwareDistributedVirtualSwitch.VmwarePortConfigPolicy(
)
if self.module.params['vlan_trunk']:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.TrunkVlanSpec(
)
config.defaultPortConfig.vlan.vlanId = list(
map(lambda x: vim.NumericRange(start=x[0], end=x[1]),
self.create_vlan_list()))
elif self.module.params['vlan_private']:
# Check that private VLAN exists in dvs
if self.module.params['vlan_private']:
pvlan_exists = self.check_dvs_pvlan()
if not pvlan_exists:
self.module.fail_json(
msg=
"No private vlan with id %s in distributed vSwitch %s"
% (self.module.params['vlan_id'],
self.module.params['switch_name']))
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.PvlanSpec(
)
config.defaultPortConfig.vlan.pvlanId = int(
self.module.params['vlan_id'])
else:
config.defaultPortConfig.vlan = vim.dvs.VmwareDistributedVirtualSwitch.VlanIdSpec(
)
config.defaultPortConfig.vlan.vlanId = int(
self.module.params['vlan_id'])
config.defaultPortConfig.vlan.inherited = False
# If the dvSwitch supports MAC learning, it's a version where securityPolicy is deprecated
if self.supports_mac_learning():
config.defaultPortConfig.macManagementPolicy = vim.dvs.VmwareDistributedVirtualSwitch.MacManagementPolicy(
)
config.defaultPortConfig.macManagementPolicy.allowPromiscuous = self.module.params[
'network_policy']['promiscuous']
config.defaultPortConfig.macManagementPolicy.forgedTransmits = self.module.params[
'network_policy']['forged_transmits']
config.defaultPortConfig.macManagementPolicy.macChanges = self.module.params[
'network_policy']['mac_changes']
macLearning = self.module.params['mac_learning']
if macLearning:
macLearningPolicy = vim.dvs.VmwareDistributedVirtualSwitch.MacLearningPolicy(
)
if macLearning['allow_unicast_flooding'] is not None:
macLearningPolicy.allowUnicastFlooding = macLearning[
'allow_unicast_flooding']
if macLearning['enabled'] is not None:
macLearningPolicy.enabled = macLearning['enabled']
if macLearning['limit'] is not None:
macLearningPolicy.limit = macLearning['limit']
if macLearning['limit_policy']:
macLearningPolicy.limitPolicy = macLearning['limit_policy']
config.defaultPortConfig.macManagementPolicy.macLearningPolicy = macLearningPolicy
else:
config.defaultPortConfig.securityPolicy = vim.dvs.VmwareDistributedVirtualSwitch.SecurityPolicy(
)
config.defaultPortConfig.securityPolicy.allowPromiscuous = vim.BoolPolicy(
value=self.module.params['network_policy']['promiscuous'])
config.defaultPortConfig.securityPolicy.forgedTransmits = vim.BoolPolicy(
value=self.module.params['network_policy']['forged_transmits'])
config.defaultPortConfig.securityPolicy.macChanges = vim.BoolPolicy(
value=self.module.params['network_policy']['mac_changes'])
# Teaming Policy
teamingPolicy = vim.dvs.VmwareDistributedVirtualSwitch.UplinkPortTeamingPolicy(
)
teamingPolicy.policy = vim.StringPolicy(
value=self.module.params['teaming_policy']['load_balance_policy'])
if self.module.params['teaming_policy']['inbound_policy'] is not None:
teamingPolicy.reversePolicy = vim.BoolPolicy(
value=self.module.params['teaming_policy']['inbound_policy'])
teamingPolicy.notifySwitches = vim.BoolPolicy(
value=self.module.params['teaming_policy']['notify_switches'])
teamingPolicy.rollingOrder = vim.BoolPolicy(
value=self.module.params['teaming_policy']['rolling_order'])
if self.module.params['teaming_policy'][
'active_uplinks'] or self.module.params['teaming_policy'][
'standby_uplinks']:
teamingPolicy.uplinkPortOrder = vim.dvs.VmwareDistributedVirtualSwitch.UplinkPortOrderPolicy(
)
if self.module.params['teaming_policy']['active_uplinks']:
teamingPolicy.uplinkPortOrder.activeUplinkPort = self.module.params[
'teaming_policy']['active_uplinks']
if self.module.params['teaming_policy']['standby_uplinks']:
teamingPolicy.uplinkPortOrder.standbyUplinkPort = self.module.params[
'teaming_policy']['standby_uplinks']
config.defaultPortConfig.uplinkTeamingPolicy = teamingPolicy
# PG policy (advanced_policy)
config.policy = vim.dvs.VmwareDistributedVirtualSwitch.VMwarePortgroupPolicy(
)
config.policy.blockOverrideAllowed = self.module.params['port_policy'][
'block_override']
config.policy.ipfixOverrideAllowed = self.module.params['port_policy'][
'ipfix_override']
config.policy.livePortMovingAllowed = self.module.params[
'port_policy']['live_port_move']
config.policy.networkResourcePoolOverrideAllowed = self.module.params[
'port_policy']['network_rp_override']
config.policy.portConfigResetAtDisconnect = self.module.params[
'port_policy']['port_config_reset_at_disconnect']
config.policy.securityPolicyOverrideAllowed = self.module.params[
'port_policy']['security_override']
config.policy.shapingOverrideAllowed = self.module.params[
'port_policy']['shaping_override']
config.policy.trafficFilterOverrideAllowed = self.module.params[
'port_policy']['traffic_filter_override']
config.policy.uplinkTeamingOverrideAllowed = self.module.params[
'port_policy']['uplink_teaming_override']
config.policy.vendorConfigOverrideAllowed = self.module.params[
'port_policy']['vendor_config_override']
config.policy.vlanOverrideAllowed = self.module.params['port_policy'][
'vlan_override']
# PG Type
# NOTE: 'portgroup_type' is deprecated.
if self.module.params['portgroup_type']:
config.type = self.module.params['portgroup_type']
elif self.module.params['port_binding'] == 'ephemeral':
config.type = 'ephemeral'
else:
config.type = 'earlyBinding'
if self.module.params['port_allocation']:
if self.module.params['port_allocation'] == 'elastic':
config.autoExpand = True
else:
config.autoExpand = False
return config
