def _create_np_vn_policy(self, policy_name, proj_obj, dst_vn_obj): policy_exists = False policy = NetworkPolicy(name=policy_name, parent_obj=proj_obj) try: policy_obj = self.vnc_lib.network_policy_read( fq_name=policy.get_fq_name()) policy_exists = True except NoIdError: # policy does not exist. Create one. policy_obj = policy network_policy_entries = PolicyEntriesType() policy_entry = self._create_policy_entry(None, dst_vn_obj, policy) network_policy_entries.add_policy_rule(policy_entry) policy_obj.set_network_policy_entries(network_policy_entries) if policy_exists: self.vnc_lib.network_policy_update(policy) else: self.vnc_lib.network_policy_create(policy) return policy_obj
def _create_vn_vn_policy(self, policy_name, proj_obj, *vn_obj): policy_exists = False policy = NetworkPolicy(name=policy_name, parent_obj=proj_obj) try: policy_obj = self.vnc_lib.network_policy_read( fq_name=policy.get_fq_name()) policy_exists = True except NoIdError: # policy does not exist. Create one. policy_obj = policy network_policy_entries = PolicyEntriesType() total_vn = len(vn_obj) for i in range(0, total_vn): for j in range(i + 1, total_vn): policy_entry = self._create_policy_entry(vn_obj[i], vn_obj[j]) network_policy_entries.add_policy_rule(policy_entry) policy_obj.set_network_policy_entries(network_policy_entries) if policy_exists: self.vnc_lib.network_policy_update(policy) else: self.vnc_lib.network_policy_create(policy) return policy_obj
def add_properties(self, props): left_vn_str, right_vn_str = self.get_virtual_networks(props) ret = (self.auto_policy == props.auto_policy) if (left_vn_str, right_vn_str) != (self.left_vn_str, self.right_vn_str): self.left_vn_str = left_vn_str self.right_vn_str = right_vn_str ret = True if not props.auto_policy: self.delete_properties() return ret self.auto_policy = True if (not self.left_vn_str or not self.right_vn_str): self._logger.error( "%s: route table next hop service instance must " "have left and right virtual networks" % self.name) self.delete_properties() return ret policy_name = "_internal_" + self.name addr1 = AddressType(virtual_network=self.left_vn_str) addr2 = AddressType(virtual_network=self.right_vn_str) action_list = ActionListType(apply_service=[self.name]) prule = PolicyRuleType(direction="<>", protocol="any", src_addresses=[addr1], dst_addresses=[addr2], src_ports=[PortType()], dst_ports=[PortType()], action_list=action_list) pentry = PolicyEntriesType([prule]) policy_obj = NetworkPolicy(policy_name, network_policy_entries=pentry) policy = ResourceBaseST.get_obj_type_map().get( 'network_policy').locate(policy_name, policy_obj) policy.virtual_networks = set([self.left_vn_str, self.right_vn_str]) policy.set_internal() vn1 = ResourceBaseST.get_obj_type_map().get('virtual_network').get( self.left_vn_str) if vn1: vn1.add_policy(policy_name) vn2 = ResourceBaseST.get_obj_type_map().get('virtual_network').get( self.right_vn_str) if vn2: vn2.add_policy(policy_name)
def gen_network_policy(project, entries): """ Returns a configured vnc_api.gen.resource_client.NetworkPolicy """ pol = NetworkPolicy(name='default', parent_obj=project, network_policy_entries=entries) return pol