def main():
data = yaml_ops.read_yaml("vlan_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Delete all DHCP relays for interface
dhcp.delete_dhcp_relays(data['vlanportname'], "default",
**session_dict)
# Delete VLAN and SVI
vlan.delete_vlan_and_svi(data['vlanid'], data['vlanportname'],
**session_dict)
# Initialize L2 interface
interface.initialize_interface(data['physicalport'], **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("ospf_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
if not data['version']:
data['version'] = "v10.04"
base_url = "https://{0}/rest/{1}/".format(data['switchip'], data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'], data['password']), url=base_url)
# Create OSPFv2 ID
ospf.create_ospf_id(data['ospfv2vrf'], data['ospfv2id'], **session_dict)
# Create an OSPFv2 Area for OSPF ID
ospf.create_ospf_area(data['ospfv2vrf'], data['ospfv2id'], data['ospfv2area'], **session_dict)
# Create IPv4 L3 interface
interface.add_l3_ipv4_interface(data['l3interfacev2'], data['l3interfacev2ipaddress'], **session_dict)
interface.enable_disable_interface(data['l3interfacev2'], data['l3interfacestatusv2'], **session_dict)
# Attach L3 interface to OSPF ID
ospf.create_ospf_interface(data['ospfv2vrf'], data['ospfv2id'], data['ospfv2area'],
data['l3interfacev2'], **session_dict)
ospf.update_ospf_interface_authentication(data['ospfv2vrf'], data['ospfv2id'], data['l3interfacev2'],
data['ospfv2auth'], data['ospfv2digestkey'],
data['ospfv2password'], **session_dict)
# Create OSPFv3 ID
ospf.create_ospfv3_id(data['ospfv3vrf'], data['ospfv3id'], **session_dict)
# Create an OSPFv3 Area for OSPF ID
ospf.create_ospfv3_area(data['ospfv3vrf'], data['ospfv3id'], data['ospfv3area'], **session_dict)
# Create IPv6 L3 interface
interface.add_l3_ipv6_interface(data['l3interfacev3'], data['l3interfacev3ipaddress'], **session_dict)
interface.enable_disable_interface(data['l3interfacev3'], data['l3interfacestatusv3'],
**session_dict)
# Attach L3 interface to OSPFv3 ID
ospf.create_ospfv3_interface(data['ospfv3vrf'], data['ospfv3id'], data['ospfv3area'],
data['l3interfacev3'], **session_dict)
ospf.update_ospf_interface_authentication(data['ospfv3vrf'], data['ospfv3id'], data['l3interfacev2'],
data['ospfv3auth'], data['ospfv3digestkey'],
data['ospfv3password'], **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("lag_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
system_info_dict = system.get_system_info(**session_dict)
platform_name = system_info_dict['platform_name']
# Create VLANs and L2 LAG; assign VLANs as trunk VLANs on LAG
for l2_lag_data in data['l2_lags']:
# Create VLANs
for vlan_id in l2_lag_data['trunk_vlans']:
vlan.create_vlan(vlan_id, "vlan%s" % vlan_id, **session_dict)
# Create L2 LAG, add L2 ports to the LAG, and assign VLANs as trunk VLANs on the LAG
lag.create_l2_lag_interface(
l2_lag_data.get('name'),
l2_lag_data.get('interfaces'),
vlan_ids_list=l2_lag_data.get('trunk_vlans'),
lacp_mode=l2_lag_data.get('lacp_mode'),
mc_lag=l2_lag_data.get('mc_lag'),
**session_dict)
# Create L3 LAGs
for l3_lag_data in data['l3_lags']:
# Create L3 LAG and add L2 ports to the LAG
lag.create_l3_lag_interface(l3_lag_data.get('name'),
l3_lag_data.get('interfaces'),
l3_lag_data.get('ipv4'),
lacp_mode=l3_lag_data.get('lacp_mode'),
desc=l3_lag_data.get('description'),
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("vlan_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
vlan.create_vlan_and_svi(data['vlanid'],
data['vlanname'],
data['vlanportname'],
data['vlaninterfacename'],
data['vlandescription'],
data['vlanip'],
vlan_port_desc=data['vlanportdescription'],
**session_dict)
# Add DHCP helper IPv4 addresses for SVI
dhcp.add_dhcp_relays(data['vlanportname'], "default",
data['ipv4helperaddresses'], **session_dict)
# Add a new entry to the Port table if it doesn't yet exist
interface.add_l2_interface(data['physicalport'], **session_dict)
# Update the Interface table entry with "user-config": {"admin": "up"}
interface.enable_disable_interface(data['physicalport'],
**session_dict)
# Set the L2 port VLAN mode as 'access'
vlan.port_set_vlan_mode(data['physicalport'], "access", **session_dict)
# Set the access VLAN on the port
vlan.port_set_untagged_vlan(data['physicalport'], data['vlanid'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("loop_protect_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
system_info_dict = system.get_system_info(
params={"selector": "configuration"}, **session_dict)
# Clear Loop-protect settings on Interface
loop_protect.clear_port_loop_protect(data['interfacename'],
**session_dict)
# Initialize L2 Interface
interface.initialize_interface(data['interfacename'], **session_dict)
# Delete L2 LAGs:
for l2_lag_data in data['lags']:
# Delete VLANs
for vlan_id in l2_lag_data['trunk_vlans']:
vlan.delete_vlan(vlan_id, **session_dict)
# Clear Loop-protect settings on LAG
loop_protect.clear_port_loop_protect(l2_lag_data.get('name'),
**session_dict)
# Delete LAG
lag.delete_lag_interface(l2_lag_data['name'],
l2_lag_data.get('interfaces'),
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("vrf_vlan_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'], data['password']), url=base_url)
system_info_dict = system.get_system_info(params={"selector": "configuration"}, **session_dict)
pprint.pprint(system_info_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("lag_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Delete L2 LAGs:
for l2_lag_data in data['l2_lags']:
# Delete VLANs
for vlan_id in l2_lag_data['trunk_vlans']:
vlan.delete_vlan(vlan_id, **session_dict)
# Remove the L2 ports from the LAG and delete the LAG
lag.delete_lag_interface(l2_lag_data.get('name'),
l2_lag_data.get('interfaces'),
**session_dict)
# Delete L3 LAGs:
for l3_lag_data in data['l3_lags']:
# Remove the L2 ports from the LAG and delete the LAG
lag.delete_lag_interface(l3_lag_data.get('name'),
l3_lag_data.get('interfaces'),
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("ospf_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
if not data['version']:
data['version'] = "v1"
base_url = "https://{0}/rest/{1}/".format(data['switchip'],data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'], data['password']), url=base_url)
# Initialize L3 interfaces
interface.initialize_interface(data['l3interfacev3'], **session_dict)
interface.initialize_interface(data['l3interfacev2'], **session_dict)
# Remove an OSPFv3 Area for OSPF ID
ospf.delete_ospfv3_area(data['ospfv3vrf'], data['ospfv3id'], data['ospfv3area'], **session_dict)
# Remove an OSPFv2 Area for OSPF ID
ospf.delete_ospf_area(data['ospfv2vrf'], data['ospfv2id'], data['ospfv2area'], **session_dict)
# Remove OSPFv3 ID
ospf.delete_ospfv3_id(data['ospfv3vrf'], data['ospfv3id'], **session_dict)
# Remove OSPFv2 ID
ospf.delete_ospf_id(data['ospfv2vrf'], data['ospfv2id'], **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("loop_protect_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Create VLANs and L2 LAG; assign VLANs as trunk VLANs on LAG
for l2_lag_data in data['lags']:
# Create VLANs
for vlan_id in l2_lag_data['trunk_vlans']:
vlan.create_vlan(vlan_id, "vlan%s" % vlan_id, **session_dict)
# Create L2 LAG and assign VLANs as trunk VLANs on the LAG
lag.create_l2_lag_interface(
data['lags'][0]['name'],
data['lags'][0]['interfaces'],
vlan_ids_list=data['lags'][0]['trunk_vlans'],
lacp_mode=data['lags'][0]['lacp_mode'],
mc_lag=data['lags'][0]['mc_lag'],
**session_dict)
# Add a new entry to the Port table if it doesn't yet exist
interface.add_l2_interface(data['interfacename'], **session_dict)
vlan.port_add_vlan_trunks(data['interfacename'],
data['lags'][0]['trunk_vlans'],
**session_dict)
# Update the Interface table entry with "user-config": {"admin": "up"}
interface.enable_disable_interface(data['interfacename'],
**session_dict)
# Enable Loop-protect on Interface
loop_protect.update_port_loop_protect(data['interfacename'],
action=None,
vlan_list=[],
**session_dict)
# Enable Loop-protect for specific VLANs on Interface
loop_protect.update_port_loop_protect(
data['interfacename'],
action=None,
vlan_list=data['lags'][0]['trunk_vlans'],
**session_dict)
# Enable Loop-protect on LAG
loop_protect.update_port_loop_protect(data['lags'][0]['name'],
action=None,
vlan_list=[],
**session_dict)
# Enable Loop-protect for specific VLANs on LAG
loop_protect.update_port_loop_protect(
data['lags'][0]['name'],
action=None,
vlan_list=data['lags'][0]['trunk_vlans'],
**session_dict)
# Update Loop-protect Actions on Interface
loop_protect.update_port_loop_protect(data['interfacename'],
action=data['interfaceaction'],
vlan_list=None,
**session_dict)
# Update Loop-protect Actions on LAG
loop_protect.update_port_loop_protect(l2_lag_data.get('name'),
action=data['lagaction'],
vlan_list=[],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
# This is the yaml file that will be used for the vsx_configuration
data = yaml_ops.read_yaml("vsx_data.yaml")
if not data['primarymgmtip']:
data['primarymgmtip'] = input("Switch Primary IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['primarymgmtip']
os.environ['NO_PROXY'] = data['primarymgmtip']
if not data['version']:
data['version'] = "v1"
# Clear VSX settings on Primary
base_url_1 = "https://{0}/rest/{1}/".format(data['primarymgmtip'], data['version'])
try:
session_dict_1 = dict(s=session.login(base_url_1, data['primaryusername'], data['primarypassword']),
url=base_url_1)
# Delete VSX settings from VLANs
vsx.delete_vsx_interface_vlan(data['vlanid'], **session_dict_1)
# Delete VSX Instance
vsx.delete_vsx(**session_dict_1)
# Delete VLANs
vlan.delete_vlan_and_svi(data['vlanid'], data['vlanportname'], **session_dict_1)
for islvlans in data['islvlans']:
vlan.delete_vlan_and_svi(islvlans, 'vlan%s' % islvlans, **session_dict_1)
# Delete Lag
lag.delete_lag_interface(data['islport'], data['peer1isllaginterfaces'], **session_dict_1)
lag.delete_lag_interface(data['mclagport'], data['peer1mclaginterfaces'], **session_dict_1)
# Disable and initialize Interfaces
for link in data['peer1isllaginterfaces']:
interface.enable_disable_interface(link, state="down", **session_dict_1)
interface.initialize_interface(link, **session_dict_1)
for mclink in data['peer1mclaginterfaces']:
interface.enable_disable_interface(mclink, state="down", **session_dict_1)
interface.initialize_interface(mclink, **session_dict_1)
interface.initialize_interface(data['primarykeepaliveinterface'], **session_dict_1)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict_1)
# Setup VSX on Secondary
if not data['secondarymgmtip']:
data['secondarymgmtip'] = input("Switch Secondary IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['secondarymgmtip']
os.environ['NO_PROXY'] = data['secondarymgmtip']
base_url_2 = "https://{0}/rest/{1}/".format(data['secondarymgmtip'], data['version'])
try:
session_dict_2 = dict(s=session.login(base_url_2, data['secondaryusername'], data['secondarypassword']),
url=base_url_2)
# Delete VSX settings from VLANs
vsx.delete_vsx_interface_vlan(data['vlanid'], **session_dict_2)
# Delete VSX Instance
vsx.delete_vsx(**session_dict_2)
# Delete VLANs
vlan.delete_vlan_and_svi(data['vlanid'], data['vlanportname'], **session_dict_2)
for islvlans in data['islvlans']:
vlan.delete_vlan_and_svi(islvlans, 'vlan%s' % islvlans, **session_dict_2)
# Delete Lag
lag.delete_lag_interface(data['islport'], data['peer2isllaginterfaces'], **session_dict_2)
lag.delete_lag_interface(data['mclagport'], data['peer2mclaginterfaces'], **session_dict_2)
# Disable and initialize Interfaces
for link in data['peer2isllaginterfaces']:
interface.enable_disable_interface(link, state="down", **session_dict_2)
interface.initialize_interface(link, **session_dict_2)
for mclink in data['peer2mclaginterfaces']:
interface.enable_disable_interface(mclink, state="down", **session_dict_2)
interface.initialize_interface(mclink, **session_dict_2)
interface.initialize_interface(data['secondarykeepaliveinterface'], **session_dict_2)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict_2)
def main():
data = yaml_ops.read_yaml("qos_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
system_info_dict = system.get_system_info(**session_dict)
platform_name = system_info_dict['platform_name']
# Create empty queue profile
qos.create_queue_profile(data['queueprofilename'], **session_dict)
# Add entries to queue profile
for i in range(0, 5):
qos.create_queue_profile_entry(data['queueprofilename'], i, [i],
**session_dict)
for i in range(5, 7):
qos.create_queue_profile_entry(data['queueprofilename'], i,
[i + 1], **session_dict)
qos.create_queue_profile_entry(data['queueprofilename'],
7, [5],
desc="VOICE",
**session_dict)
# Create empty schedule profile
qos.create_schedule_profile(data['scheduleprofilename'],
**session_dict)
# Add entries to schedule profile
# Scheduling algorithms: 8400 uses WFQ; other platforms use DWRR
if "8400" in platform_name:
algorithm = "wfq"
else:
algorithm = "dwrr"
for i in range(0, 7):
qos.create_schedule_profile_entry(data['scheduleprofilename'],
i,
algorithm,
weight=i + 1,
**session_dict)
qos.create_schedule_profile_entry(data['scheduleprofilename'], 7,
"strict", **session_dict)
# Apply profiles globally
qos.apply_profiles_globally(data['queueprofilename'],
data['scheduleprofilename'],
**session_dict)
# Set trust globally
qos.set_trust_globally('dscp', **session_dict)
# Remap DSCP code points' priorities
qos.remap_dscp_entry(40,
color='green',
local_priority=6,
desc='CS5',
**session_dict)
for i in range(41, 46):
qos.remap_dscp_entry(i,
color='green',
local_priority=6,
**session_dict)
qos.remap_dscp_entry(47,
color='green',
local_priority=6,
**session_dict)
# Create empty traffic class
qos.create_traffic_class(data['trafficclass']['name'],
data['trafficclass']['type'], **session_dict)
# Create traffic class entry
qos.create_traffic_class_entry(data['trafficclass']['name'],
data['trafficclass']['type'], "match",
10, **session_dict)
# Version-up the traffic class to complete the change
qos.update_traffic_class(data['trafficclass']['name'],
data['trafficclass']['type'], **session_dict)
# Create empty classifier policy
qos.create_policy(data['policy']['name'], **session_dict)
# Add entry to classifier policy
qos.create_policy_entry(data['policy']['name'],
data['trafficclass']['name'],
data['trafficclass']['type'], 10,
**session_dict)
# Set action on the policy entry
qos.create_policy_entry_action(data['policy']['name'],
10,
dscp=0,
pcp=0,
**session_dict)
# Version-up the policy to complete the change
qos.update_policy(data['policy']['name'], **session_dict)
# Create LAGs and set trust mode on the LAG interfaces
for lag_data in data['lags']:
lag.create_l2_lag_interface(lag_data['name'],
lag_data['interfaces'], **session_dict)
qos.set_trust_interface(lag_data['name'], lag_data['qostrust'],
**session_dict)
# Create L2 interface
interface.add_l2_interface(data['portrateinterface'], **session_dict)
if platform_name.startswith("6"):
unknown_unicast_limit = None
unknown_unicast_units = None
else:
unknown_unicast_limit = 30
unknown_unicast_units = 'pps'
# Set rate limits on the L2 interface
qos.update_port_rate_limits(
data['portrateinterface'],
broadcast_limit=50,
broadcast_units='pps',
multicast_limit=40,
multicast_units='pps',
unknown_unicast_limit=unknown_unicast_limit,
unknown_unicast_units=unknown_unicast_units,
**session_dict)
# Create L2 interface
interface.add_l2_interface(data['portpolicyinterface'], **session_dict)
# Apply policy to L2 interface
qos.update_port_policy(data['portpolicyinterface'],
data['policy']['name'], **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("acl_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
if not data['version']:
data['version'] = "v10.04"
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
session_dict['platform_name'] = system.get_system_info(
**session_dict).get('platform_name')
# Clear Egress ACLs from L3 interface
acl.clear_interface_acl(data['L3egressinterface'],
acl_type="aclv4_out",
**session_dict)
# Clear Ingress ACLs from L2 interface
acl.clear_interface_acl(data['ipv4L2ingressinterface'],
acl_type="aclv4_in",
**session_dict)
acl.clear_interface_acl(data['ipv6L2ingressinterface'],
acl_type="aclv6_in",
**session_dict)
# Clear Ingress ACLs from LAG interface
acl.clear_interface_acl(data['LAGname'],
acl_type="aclv4_in",
**session_dict)
# Detach ACL from VLAN
vlan.detach_vlan_acl(data['aclVLANid'], "ipv4", **session_dict)
# Remove and initialize L2 and L3 interfaces
interface.initialize_interface(data['L3egressinterface'],
**session_dict)
interface.initialize_interface(data['ipv4L2ingressinterface'],
**session_dict)
interface.initialize_interface(data['ipv6L2ingressinterface'],
**session_dict)
interface.initialize_interface(data['interfaceVLAN'], **session_dict)
# Remove LAG and initialize associated L2 interfaces
lag.delete_lag_interface(data['LAGname'], data['LAGinterfaces'],
**session_dict)
for LAGinterface in data['LAGinterfaces']:
interface.initialize_interface(LAGinterface, **session_dict)
# Delete VLAN
vlan.delete_vlan(data['aclVLANid'], **session_dict)
# For each ACL that was configured
for pair_dict in [{
"name": data['ipv4aclname'],
"type": "ipv4"
}, {
"name": data['ipv6aclname'],
"type": "ipv6"
}, {
"name": data['macaclname'],
"type": "mac"
}]:
# Delete ACL entries
for i in range(10, 60, 10):
acl.delete_acl_entry(pair_dict["name"], pair_dict["type"], i,
**session_dict)
# Delete the ACL
acl.delete_acl(pair_dict["name"], pair_dict["type"],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("vrf_vlan_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Add new VRF with optional route distinguisher to VRF table
vrf.add_vrf(data['vrfname'], data['vrfrd'], **session_dict)
vlan.create_vlan_and_svi(data['vlan1id'], data['vlan1name'],
data['vlan1portname'],
data['vlan1interfacename'],
data['vlan1description'], data['vlan1ip'],
data['vrfname'], data['vlan1portdescription'],
**session_dict)
vlan.create_vlan_and_svi(data['vlan2id'], data['vlan2name'],
data['vlan2portname'],
data['vlan2interfacename'],
data['vlan2description'], data['vlan2ip'],
data['vrfname'], data['vlan2portdescription'],
**session_dict)
# Add DHCP helper IPv4 addresses for SVI
dhcp.add_dhcp_relays(data['vlan1portname'], data['vrfname'],
data['ipv4helperaddresses'], **session_dict)
# Add a new entry to the Port table if it doesn't yet exist
interface.add_l2_interface(data['systemportname'], **session_dict)
# Update the Interface table entry with "user-config": {"admin": "up"}
interface.enable_disable_interface(data['systeminterfacename'],
**session_dict)
# Set the L2 port VLAN mode as 'access'
src.vlan.port_set_vlan_mode(data['systemportname'], "access",
**session_dict)
# Set the access VLAN on the port
src.vlan.port_set_untagged_vlan(data['systemportname'],
data['vlan1id'], **session_dict)
# Print ARP entries of VRF
arp_entries = arp.get_arp_entries(data['vrfname'], **session_dict)
print("VRF '%s' ARP entries: %s" %
(data['vrfname'], repr(arp_entries)))
# Modify the created VLANs
vlan.modify_vlan(data['vlan1id'],
"New Name for VLAN %s" % data['vlan1id'],
"New Description for VLAN %s" % data['vlan1id'],
**session_dict)
vlan.modify_vlan(data['vlan2id'],
"New Name for VLAN %s" % data['vlan2id'],
"New Description for VLAN %s" % data['vlan2id'],
**session_dict)
# Print modified VLANs' data
vlan_data1 = vlan.get_vlan(data['vlan1id'], **session_dict)
print("VLAN '%d' data: %s" % (data['vlan1id'], repr(vlan_data1)))
vlan_data2 = vlan.get_vlan(data['vlan2id'], **session_dict)
print("VLAN '%d' data: %s" % (data['vlan2id'], repr(vlan_data2)))
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("access_security_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
system_info_dict = system.get_system_info(**session_dict)
platform_name = system_info_dict['platform_name']
# Only execute workflow if the platform is in the 6xxx series
if platform_name.startswith("6"):
# Configure RADIUS server host
access_security.create_radius_host_config(
data['radius_server_host']['vrf'],
data['radius_server_host']['hostname'],
passkey=data['radius_server_host']['passkey'],
**session_dict)
# Enable 802.1x globally
access_security.enable_disable_dot1x_globally(enable=True,
**session_dict)
# Create L2 interface
interface.add_l2_interface(data['802.1x']['port'], **session_dict)
# Configure 802.1x on the L2 interface
access_security.configure_dot1x_interface(
data['802.1x']['port'],
auth_enable=data['802.1x']['auth_enable'],
cached_reauth_enable=data['802.1x']['cached_reauth_enable'],
cached_reauth_period=data['802.1x']['cached_reauth_period'],
discovery_period=data['802.1x']['discovery_period'],
eapol_timeout=data['802.1x']['eapol_timeout'],
max_requests=data['802.1x']['max_requests'],
max_retries=data['802.1x']['max_retries'],
quiet_period=data['802.1x']['quiet_period'],
reauth_enable=data['802.1x']['reauth_enable'],
reauth_period=data['802.1x']['reauth_period'],
**session_dict)
# Enable MAC authentication globally
access_security.enable_disable_mac_auth_globally(enable=True,
**session_dict)
# Create L2 interface
interface.add_l2_interface(data['mac_auth']['port'],
**session_dict)
# Configure MAC authentication on the L2 interface
access_security.configure_mac_auth_interface(
data['mac_auth']['port'],
auth_enable=data['mac_auth']['auth_enable'],
cached_reauth_enable=data['mac_auth']['cached_reauth_enable'],
cached_reauth_period=data['mac_auth']['cached_reauth_period'],
quiet_period=data['mac_auth']['quiet_period'],
reauth_enable=data['mac_auth']['reauth_enable'],
reauth_period=data['mac_auth']['reauth_period'],
**session_dict)
# Enable port security globally
access_security.enable_disable_port_security_globally(
enable=True, **session_dict)
# Create reserved VLAN for tunneled clients
vlan.create_vlan(data['vlan']['id'], data['vlan']['name'],
**session_dict)
# Set reserved VLAN for tunneled clients
access_security.set_ubt_client_vlan(data['vlan']['id'],
**session_dict)
# Create user-based-tunneling (UBT) zone
access_security.create_ubt_zone(
data['zone']['name'],
data['zone']['vrf_name'],
enable=data['zone']['enable'],
pri_ctrlr_ip_addr=data['zone']['pri_ctrlr_ip_addr'],
sac_heartbeat_interval=data['zone']['sac_heartbeat_interval'],
uac_keepalive_interval=data['zone']['uac_keepalive_interval'],
**session_dict)
# Create port access role
access_security.create_port_access_role(
data['role']['name'],
gateway_zone=data['role']['gateway_zone'],
ubt_gateway_role=data['role']['ubt_gateway_role'],
vlan_mode=data['role']['vlan_mode'],
vlan_tag=data['role']['vlan_tag'],
**session_dict)
# Create L2 interface
interface.add_l2_interface(data['client_port']['port'],
**session_dict)
# Enable MAC authentication on client port
access_security.configure_mac_auth_interface(
data['client_port']['port'],
auth_enable=data['client_port']['auth_enable'],
reauth_enable=data['client_port']['reauth_enable'],
cached_reauth_enable=data['client_port']
['cached_reauth_enable'],
**session_dict)
# Set maximum limit of allowable authorized clients on the client port
access_security.set_port_access_clients_limit(
data['client_port']['port'],
data['client_port']['clients_limit'], **session_dict)
# Set source IP address for UBT
access_security.set_source_ip_ubt(
data['ubt_source_ip']['vrf_name'],
data['ubt_source_ip']['ip_addr'], **session_dict)
else:
print("This workflow only applies to access platforms!")
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("evpn_vxlan_data.yaml")
if not data['version']:
data['version'] = "v10.04"
# Cleanup Border Leaf
print("Cleaning up Border Leaf configuration...")
border_data = data['borderleaf'][0]
if data['bypassproxy']:
os.environ['no_proxy'] = border_data['mgmtip']
os.environ['NO_PROXY'] = border_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(border_data['mgmtip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, border_data['username'],
border_data['password']),
url=base_url)
# Delete external facing Interface settings
for border_vlan in border_data['interfacevlans']:
vlan.delete_vlan_and_svi(border_vlan['vlanid'],
"vlan%d" % border_vlan['vlanid'],
**session_dict)
# Delete Tenant VRFs
for tenants in border_data['tenantvrfs']:
bgp.delete_bgp_asn(tenants['name'], border_data['bgpasn'],
**session_dict)
vrf.delete_vrf(tenants['name'], **session_dict)
# Remove Interface Settings to Core
interface.initialize_interface(border_data['interfacetocore'],
**session_dict)
# Delete Router BGP Settings
bgp.delete_bgp_asn(border_data['vrftocore'],
border_data['neighbortocoreasn'], **session_dict)
# Delete VRF to Core
vrf.delete_vrf(border_data['vrftocore'], **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
# Cleaning up Leafs for Fabric Infrastructure
print("Cleaning up Leafs for Fabric Infrastructure...")
for leaf_data in data['leafs']:
if data['bypassproxy']:
os.environ['no_proxy'] = leaf_data['mgmtip']
os.environ['NO_PROXY'] = leaf_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(leaf_data['mgmtip'],
data['version'])
try:
print("Cleaning up Leaf at %s" % leaf_data['mgmtip'])
session_dict = dict(s=session.login(base_url,
leaf_data['username'],
leaf_data['password']),
url=base_url)
# Remove BGP info
# Delete EVPN instance
evpn.delete_evpn_instance(**session_dict)
# Delete VNI to VLAN
for vni_list in leaf_data['vnivlans']:
vxlan.delete_vni_mapping(vni_list, **session_dict)
# Delete VXLAN
interface.delete_interface(leaf_data['vxlanname'], **session_dict)
# Delete LAGs to Downstream Servers
for lag_data in leaf_data['lagtoserver']:
lag.delete_lag_interface(lag_data['name'],
lag_data['interfaces'],
**session_dict)
# Delete VLANs
for vlan_id in leaf_data['vnivlans']:
vlan.delete_vlan(vlan_id, **session_dict)
# Delete BGP ASN and Router ID
bgp.delete_bgp_asn(leaf_data['ospfvrf'], leaf_data['bgpasn'],
**session_dict)
# Remove OSPF and Interfaces
# Initialize upstream L2 interfaces
for upstream in leaf_data['upstreaminterface']:
interface.initialize_interface(upstream['interface'],
**session_dict)
# Delete Loopback interface
interface.delete_interface(leaf_data['loopbackinterface'],
**session_dict)
# Delete an OSPFv2 Area for OSPF ID
ospf.delete_ospf_area(leaf_data['ospfvrf'], leaf_data['ospfid'],
leaf_data['ospfarea'], **session_dict)
# Delete OSPFv2 ID
ospf.delete_ospf_id(leaf_data['ospfvrf'], leaf_data['ospfid'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
# Cleaning up Spines for Fabric Infrastructure
print("Cleaning up Spines of Fabric Infrastructure...")
for spine_data in data['spines']:
if data['bypassproxy']:
os.environ['no_proxy'] = spine_data['mgmtip']
os.environ['NO_PROXY'] = spine_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(spine_data['mgmtip'],
data['version'])
try:
print("Setting up Spine at %s" % spine_data['mgmtip'])
session_dict = dict(s=session.login(base_url,
spine_data['username'],
spine_data['password']),
url=base_url)
# Remove BGP configuration
# Delete BGP ASN and Router ID
bgp.delete_bgp_asn(spine_data['ospfvrf'], spine_data['bgpasn'],
**session_dict)
# Initialize downstream L2 interfaces
for downstream in spine_data['downstreaminterface']:
interface.initialize_interface(downstream['interface'],
**session_dict)
# Create Loopback interface
interface.delete_interface(spine_data['loopbackinterface'],
**session_dict)
# Create an OSPFv2 Area for OSPF ID
ospf.delete_ospf_area(spine_data['ospfvrf'], spine_data['ospfid'],
spine_data['ospfarea'], **session_dict)
# Create OSPFv2 ID
ospf.delete_ospf_id(spine_data['ospfvrf'], spine_data['ospfid'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("evpn_vxlan_data.yaml")
if not data['version']:
data['version'] = "v1"
# Setting up Spines for Fabric Infrastructure
print("Setting up Spines for Fabric Infrastructure...")
for spine_data in data['spines']:
if data['bypassproxy']:
os.environ['no_proxy'] = spine_data['mgmtip']
os.environ['NO_PROXY'] = spine_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(spine_data['mgmtip'],
data['version'])
try:
print("Setting up Spine at %s" % spine_data['mgmtip'])
session_dict = dict(s=session.login(base_url,
spine_data['username'],
spine_data['password']),
url=base_url)
# Create OSPFv2 ID
ospf.create_ospf_id(spine_data['ospfvrf'], spine_data['ospfid'],
**session_dict)
# Create an OSPFv2 Area for OSPF ID
ospf.create_ospf_area(spine_data['ospfvrf'], spine_data['ospfid'],
spine_data['ospfarea'], **session_dict)
# Create Loopback interface
interface.create_loopback_interface(
spine_data['loopbackinterface'], spine_data['ospfvrf'],
spine_data['loopbackip'], **session_dict)
ospf.create_ospf_interface(spine_data['ospfvrf'],
spine_data['ospfid'],
spine_data['ospfarea'],
spine_data['loopbackinterface'],
**session_dict)
# Create downstream interfaces
for downstream in spine_data['downstreaminterface']:
interface.add_l3_ipv4_interface(downstream['interface'],
downstream['ipaddress'],
**session_dict)
interface.enable_disable_interface(downstream['interface'],
"up", **session_dict)
# Attach downstream interface to OSPF ID
ospf.create_ospf_interface(spine_data['ospfvrf'],
spine_data['ospfid'],
spine_data['ospfarea'],
downstream['interface'],
**session_dict)
ospf.update_ospf_interface_type(spine_data['ospfvrf'],
spine_data['ospfid'],
downstream['interface'],
spine_data['ospftype'],
**session_dict)
# Create BGP ASN and Router ID
bgp.create_bgp_asn(spine_data['ospfvrf'], spine_data['bgpasn'],
spine_data['bgprouterid'], **session_dict)
# Set BGP Neighbors
for neighbors in spine_data['neighborips']:
bgp.create_bgp_neighbors(
spine_data['ospfvrf'],
spine_data['bgpasn'],
neighbors,
spine_data['addressfamilytype'],
reflector=True,
send_community=True,
local_interface=spine_data['loopbackinterface'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
# Setting up Leafs for Fabric Infrastructure
print("Setting up Leafs for Fabric Infrastructure...")
for leaf_data in data['leafs']:
if data['bypassproxy']:
os.environ['no_proxy'] = leaf_data['mgmtip']
os.environ['NO_PROXY'] = leaf_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(leaf_data['mgmtip'],
data['version'])
try:
print("Setting up Leaf at %s" % leaf_data['mgmtip'])
session_dict = dict(s=session.login(base_url,
leaf_data['username'],
leaf_data['password']),
url=base_url)
# Create OSPFv2 ID
ospf.create_ospf_id(leaf_data['ospfvrf'], leaf_data['ospfid'],
**session_dict)
# Create an OSPFv2 Area for OSPF ID
ospf.create_ospf_area(leaf_data['ospfvrf'], leaf_data['ospfid'],
leaf_data['ospfarea'], **session_dict)
# Create Loopback interface
interface.create_loopback_interface(leaf_data['loopbackinterface'],
leaf_data['ospfvrf'],
leaf_data['loopbackip'],
**session_dict)
ospf.create_ospf_interface(leaf_data['ospfvrf'],
leaf_data['ospfid'],
leaf_data['ospfarea'],
leaf_data['loopbackinterface'],
**session_dict)
# Create upstream interfaces
for upstream in leaf_data['upstreaminterface']:
interface.add_l3_ipv4_interface(upstream['interface'],
upstream['ipaddress'],
**session_dict)
interface.enable_disable_interface(upstream['interface'], "up",
**session_dict)
# Attach upstream interface to OSPF ID
ospf.create_ospf_interface(leaf_data['ospfvrf'],
leaf_data['ospfid'],
leaf_data['ospfarea'],
upstream['interface'],
**session_dict)
ospf.update_ospf_interface_type(leaf_data['ospfvrf'],
leaf_data['ospfid'],
upstream['interface'],
leaf_data['ospftype'],
**session_dict)
# Create BGP ASN and Router ID
bgp.create_bgp_asn(leaf_data['ospfvrf'], leaf_data['bgpasn'],
leaf_data['bgprouterid'], **session_dict)
# Set BGP Neighbors
for neighbors in leaf_data['neighborips']:
bgp.create_bgp_neighbors(
leaf_data['ospfvrf'],
leaf_data['bgpasn'],
neighbors,
leaf_data['addressfamilytype'],
reflector=False,
send_community=True,
local_interface=leaf_data['loopbackinterface'],
**session_dict)
# Create VLANs
for vlan_id in leaf_data['vnivlans']:
vlan.create_vlan(vlan_id, "VLAN%d" % vlan_id, **session_dict)
# Create LAGs to Downstream Servers
for lag_data in leaf_data['lagtoserver']:
lag.create_l2_lag_interface(lag_data['name'],
lag_data['interfaces'],
lag_data['lacp_mode'],
lag_data['mc_lag'], False,
lag_data['trunk_vlans'],
**session_dict)
# Create VXLAN
vxlan.create_vxlan_interface(leaf_data['vxlanname'],
leaf_data['vxlanip'], **session_dict)
# Map VNI to VLAN
for vni_list in leaf_data['vnivlans']:
vxlan.add_vni_mapping(vni_list, leaf_data['vxlanname'],
vni_list, **session_dict)
# Create EVPN instance
evpn.create_evpn_instance(**session_dict)
# Configure EVPN Routes
for vlan_id in leaf_data['vnivlans']:
evpn.add_evpn_vlan(vlan_id, **session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
# Setup Border Leaf
print("Setting up Border Leaf...")
border_data = data['borderleaf'][0]
if data['bypassproxy']:
os.environ['no_proxy'] = border_data['mgmtip']
os.environ['NO_PROXY'] = border_data['mgmtip']
base_url = "https://{0}/rest/{1}/".format(border_data['mgmtip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, border_data['username'],
border_data['password']),
url=base_url)
# Create VRF to Core
vrf.add_vrf(border_data['vrftocore'], border_data['rd'],
**session_dict)
vrf.add_vrf_address_family(border_data['vrftocore'],
border_data['addressfamilytype'],
border_data['addressfamilyexports'],
border_data['addressfamilyimports'],
**session_dict)
# Setup link to Core
interface.add_l3_ipv4_interface(
border_data['interfacetocore'],
ip_address=border_data['interfacetocoreip'],
vrf=border_data['vrftocore'],
**session_dict)
# Setup BGP to Core
bgp.create_bgp_asn(border_data['vrftocore'],
border_data['neighbortocoreasn'], **session_dict)
bgp.create_bgp_neighbors(border_data['vrftocore'],
border_data['neighbortocoreasn'],
border_data['neighbortocoreip'],
border_data['addressfamilytype'],
reflector=False,
send_community=False,
**session_dict)
# Configure Leaf VRF Routes and Address-family
for tenants in border_data['tenantvrfs']:
vrf.add_vrf(tenants['name'], tenants['rd'], **session_dict)
vrf.add_vrf_address_family(tenants['name'],
border_data['addressfamilytype'],
tenants['addressfamilyexports'],
tenants['addressfamilyimports'],
**session_dict)
bgp.create_bgp_asn(tenants['name'], border_data['bgpasn'],
**session_dict)
bgp.create_bgp_vrf(tenants['name'], border_data['bgpasn'],
tenants['redistribute'], **session_dict)
# Attach Leaf VRFs and give IP Addresses to VLANs
for border_vlan in border_data['interfacevlans']:
vlan.create_vlan_and_svi(border_vlan['vlanid'],
"VLAN%d" % border_vlan['vlanid'],
"vlan%d" % border_vlan['vlanid'],
"vlan%d" % border_vlan['vlanid'],
vlan_desc=None,
ipv4=border_vlan['vlanip'],
vrf_name=border_vlan['vlanvrf'],
**session_dict)
vsx.update_vsx_interface_vlan(border_vlan['vlanid'], False, [],
border_vlan['activegatewaymac'],
border_vlan['activegatewayip'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("access_security_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
system_info_dict = system.get_system_info(**session_dict)
platform_name = system_info_dict['platform_name']
# Only execute workflow if the platform is in the 6xxx series
if platform_name.startswith("6"):
# Unconfigure RADIUS server host
access_security.delete_radius_host_config(
data['radius_server_host']['vrf'],
data['radius_server_host']['hostname'],
passkey=data['radius_server_host']['passkey'],
**session_dict)
# Disable 802.1x globally
access_security.enable_disable_dot1x_globally(enable=False,
**session_dict)
# Remove 802.1x from the L2 interface
access_security.remove_auth_method_interface(
data['802.1x']['port'], "802.1x", **session_dict)
# Initialize L2 interface
interface.initialize_interface(data['802.1x']['port'],
**session_dict)
# Disable MAC authentication globally
access_security.enable_disable_mac_auth_globally(enable=False,
**session_dict)
# Remove MAC authentication from the L2 interface
access_security.remove_auth_method_interface(
data['mac_auth']['port'], "mac-auth", **session_dict)
# Initialize L2 interface
interface.initialize_interface(data['mac_auth']['port'],
**session_dict)
# Disable port security globally
access_security.enable_disable_port_security_globally(
enable=False, **session_dict)
# Clear reserved VLAN value for tunneled clients
access_security.clear_ubt_client_vlan(**session_dict)
# Delete reserved VLAN for tunneled clients
vlan.delete_vlan(data['vlan']['id'], **session_dict)
# Delete user-based-tunneling (UBT) zone
access_security.remove_ubt_zone(data['zone']['vrf_name'],
**session_dict)
# Remove port access role
access_security.remove_port_access_role(data['role']['name'],
**session_dict)
# Remove MAC authentication from the client port
access_security.remove_auth_method_interface(
data['client_port']['port'], "mac-auth", **session_dict)
# Clear limit of maximum allowable authorized clients on the client port
access_security.clear_port_access_clients_limit(
data['client_port']['port'], **session_dict)
# Initialize L2 interface
interface.initialize_interface(data['client_port']['port'],
**session_dict)
# Remove source IP address for UBT
access_security.remove_source_ip_ubt(
data['ubt_source_ip']['vrf_name'], **session_dict)
else:
print("This workflow only applies to access platforms!")
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
data = yaml_ops.read_yaml("qos_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Remove global application of QoS queue profile and schedule profile
qos.unapply_profiles_globally(**session_dict)
# Delete queue profile entries
for i in range(0, 8):
qos.delete_queue_profile_entry(data['queueprofilename'], i,
**session_dict)
# Delete queue profile
qos.delete_queue_profile(data['queueprofilename'], **session_dict)
# Delete schedule profile entries
for i in range(0, 8):
qos.delete_schedule_profile_entry(data['scheduleprofilename'], i,
**session_dict)
# Delete schedule profile
qos.delete_schedule_profile(data['scheduleprofilename'],
**session_dict)
# Remove global setting of QoS trust mode
qos.clear_trust_globally(**session_dict)
# Reset DSCP code points to defaults
qos.reset_dscp_entry(40, **session_dict)
for i in range(41, 46):
qos.reset_dscp_entry(i, **session_dict)
qos.reset_dscp_entry(47, **session_dict)
# Delete action on policy entry
qos.delete_policy_entry_action(data['policy']['name'], 10,
**session_dict)
# Delete policy entry
qos.delete_policy_entry(data['policy']['name'], 10, **session_dict)
# Version-up the policy to complete the change
qos.update_policy(data['policy']['name'], **session_dict)
# Delete classifier policy
qos.delete_policy(data['policy']['name'], **session_dict)
# Delete traffic class entry
qos.delete_traffic_class_entry(data['trafficclass']['name'],
data['trafficclass']['type'], 10,
**session_dict)
# Version-up the traffic class to complete the change
qos.update_traffic_class(data['trafficclass']['name'],
data['trafficclass']['type'], **session_dict)
# Delete traffic class
qos.delete_traffic_class(data['trafficclass']['name'],
data['trafficclass']['type'], **session_dict)
# Clear trust mode on LAG interfaces and delete LAG interfaces
for lag_data in data['lags']:
qos.clear_trust_interface(lag_data['name'], **session_dict)
lag.delete_lag_interface(lag_data['name'], lag_data['interfaces'],
**session_dict)
# Clear policy from L2 interface
qos.clear_port_policy(data['portpolicyinterface'], **session_dict)
interface.initialize_interface(data['portpolicyinterface'],
**session_dict)
# Clear rate limits from L2 interface
qos.clear_port_rate_limits(data['portrateinterface'], **session_dict)
interface.initialize_interface(data['portrateinterface'],
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
def main():
# This is the yaml file that will be used for the vsx_configuration
data = yaml_ops.read_yaml("vsx_data.yaml")
if not data['primarymgmtip']:
data['primarymgmtip'] = input("Switch Primary IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['primarymgmtip']
os.environ['NO_PROXY'] = data['primarymgmtip']
if not data['version']:
data['version'] = "v10.04"
# Setup VSX on Primary
base_url_1 = "https://{0}/rest/{1}/".format(data['primarymgmtip'],
data['version'])
try:
session_dict_1 = dict(s=session.login(base_url_1,
data['primaryusername'],
data['primarypassword']),
url=base_url_1)
# Create VLANs
for vlans in data['islvlans']:
vlan.create_vlan_and_svi(vlans,
"VLAN%s" % vlans,
"vlan%s" % vlans,
"vlan%s" % vlans,
vlan_port_desc="ISL VLAN",
**session_dict_1)
vlan.create_vlan_and_svi(data['vlanid'], data['vlanname'],
data['vlanportname'], data['vlanportname'],
data['vlanportdescription'],
data['primaryvlanip'], **session_dict_1)
# Create LAG for ISL
for link in data['peer1isllaginterfaces']:
interface.enable_disable_interface(link,
state="up",
**session_dict_1)
lag.create_l2_lag_interface(data['islport'],
data['peer1isllaginterfaces'],
lacp_mode=data['isllacp'],
mc_lag=False,
fallback_enabled=False,
vlan_ids_list=(data['islvlans'] +
[data['vlanid']]),
desc="ISL LAG",
**session_dict_1)
# Create Downstream MCLAG
for mclink in data['peer1mclaginterfaces']:
interface.enable_disable_interface(mclink,
state="up",
**session_dict_1)
lag.create_l2_lag_interface(data['mclagport'],
data['peer1mclaginterfaces'],
lacp_mode=data['mclaglacp'],
mc_lag=True,
fallback_enabled=True,
vlan_ids_list=data['mclagvlans'],
desc="Downstream MCLAG",
**session_dict_1)
# Create VSX Instance
vsx.create_vsx("primary", data['islport'],
data['secondarykeepaliveip'],
data['primarykeepaliveip'], data['keepalivevrf'],
data['vsxmac'], **session_dict_1)
interface.add_l3_ipv4_interface(data['primarykeepaliveinterface'],
data['primarykeepaliveip'],
desc="Keepalive Link",
**session_dict_1)
interface.enable_disable_interface(data['primarykeepaliveinterface'],
state="up",
**session_dict_1)
# Assign VSX Active-Gateways and synchronization options to VLANs
vsx.update_vsx_interface_vlan(data['vlanid'], False,
{'active-gateways', 'policies'},
data['activegatewaymac'],
data['activegatewayip'],
**session_dict_1)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict_1)
# Setup VSX on Secondary
if not data['secondarymgmtip']:
data['secondarymgmtip'] = input("Switch Secondary IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['secondarymgmtip']
os.environ['NO_PROXY'] = data['secondarymgmtip']
base_url_2 = "https://{0}/rest/{1}/".format(data['secondarymgmtip'],
data['version'])
try:
session_dict_2 = dict(s=session.login(base_url_2,
data['secondaryusername'],
data['secondarypassword']),
url=base_url_2)
# Create VLANs
for vlans in data['islvlans']:
vlan.create_vlan_and_svi(vlans,
"VLAN%s" % vlans,
"vlan%s" % vlans,
"vlan%s" % vlans,
vlan_port_desc="ISL VLAN",
**session_dict_2)
vlan.create_vlan_and_svi(data['vlanid'], data['vlanname'],
data['vlanportname'], data['vlanportname'],
data['vlanportdescription'],
data['secondaryvlanip'], **session_dict_2)
# Create LAG for ISL
for link in data['peer2isllaginterfaces']:
interface.enable_disable_interface(link,
state="up",
**session_dict_2)
lag.create_l2_lag_interface(data['islport'],
data['peer2isllaginterfaces'],
lacp_mode=data['isllacp'],
mc_lag=False,
fallback_enabled=False,
vlan_ids_list=(data['islvlans'] +
[data['vlanid']]),
desc="ISL LAG",
**session_dict_2)
# Create Downstream MCLAG
for mclink in data['peer2mclaginterfaces']:
interface.enable_disable_interface(mclink,
state="up",
**session_dict_2)
lag.create_l2_lag_interface(data['mclagport'],
data['peer2mclaginterfaces'],
lacp_mode=data['mclaglacp'],
mc_lag=True,
fallback_enabled=True,
vlan_ids_list=data['mclagvlans'],
desc="Downstream MCLAG",
**session_dict_2)
# Create VSX Instance
vsx.create_vsx("secondary", data['islport'],
data['primarykeepaliveip'],
data['secondarykeepaliveip'], data['keepalivevrf'],
data['vsxmac'], **session_dict_2)
interface.add_l3_ipv4_interface(data['secondarykeepaliveinterface'],
data['secondarykeepaliveip'],
desc="Keepalive Link",
**session_dict_2)
interface.enable_disable_interface(data['secondarykeepaliveinterface'],
state="up",
**session_dict_2)
# Assign VSX Active-Gateways to VLANs
vsx.update_vsx_interface_vlan(data['vlanid'], False,
{'active-gateways', 'policies'},
data['activegatewaymac'],
data['activegatewayip'],
**session_dict_2)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict_2)
def main():
data = yaml_ops.read_yaml("acl_data.yaml")
if not data['switchip']:
data['switchip'] = input("Switch IP Address: ")
if data['bypassproxy']:
os.environ['no_proxy'] = data['switchip']
os.environ['NO_PROXY'] = data['switchip']
if not data['version']:
data['version'] = "v10.04"
base_url = "https://{0}/rest/{1}/".format(data['switchip'],
data['version'])
try:
session_dict = dict(s=session.login(base_url, data['username'],
data['password']),
url=base_url)
# Create empty IPv4 ACL
acl.create_acl(data['ipv4aclname'], "ipv4", **session_dict)
# Add entry 10 to IPv4 ACL
acl.create_acl_entry(data['ipv4aclname'],
"ipv4",
10,
action="deny",
count=data['hitcount'],
ip_protocol=6,
src_ip="10.1.2.1/255.255.255.0",
**session_dict)
# Add entry 20 to IPv4 ACL
acl.create_acl_entry(data['ipv4aclname'],
"ipv4",
20,
action="deny",
count=data['hitcount'],
ip_protocol=17,
dst_ip="10.33.12.3/255.255.255.255",
dst_l4_port_min=80,
dst_l4_port_max=80,
**session_dict)
# Add entry 30 to IPv4 ACL
acl.create_acl_entry(data['ipv4aclname'],
"ipv4",
30,
action="permit",
count=data['hitcount'],
src_ip="10.2.4.2/255.255.255.255",
dst_ip="10.33.25.34/255.255.255.0",
**session_dict)
# Add entry 40 to IPv4 ACL
acl.create_acl_entry(data['ipv4aclname'],
"ipv4",
40,
action="deny",
count=data['hitcount'],
**session_dict)
# Add entry 50 to IPv4 ACL
acl.create_acl_entry(data['ipv4aclname'],
"ipv4",
50,
action="permit",
count=data['hitcount'],
**session_dict)
# Version-up the IPv4 ACL to complete the change
acl.update_acl(data['ipv4aclname'], "ipv4", **session_dict)
# Create empty IPv6 ACL
acl.create_acl(data['ipv6aclname'], "ipv6", **session_dict)
# Add entry 10 to IPv6 ACL
acl.create_acl_entry(data['ipv6aclname'],
"ipv6",
10,
action="deny",
count=data['hitcount'],
ip_protocol=6,
dst_ip="22f4:23::1/ffff:ffff:ffff:ffff::",
**session_dict)
# Add entry 20 to IPv6 ACL
acl.create_acl_entry(data['ipv6aclname'],
"ipv6",
20,
action="permit",
count=data['hitcount'],
ip_protocol=6,
src_ip="3000:323:1221::88/ffff:ffff:ffff:ffff::",
**session_dict)
# Add entry 30 to IPv6 ACL
acl.create_acl_entry(
data['ipv6aclname'],
"ipv6",
30,
action="permit",
count=data['hitcount'],
ip_protocol=89,
dst_ip=
"3999:929:fa98:00f0::4/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00",
**session_dict)
# Add entry 40 to IPv6 ACL
acl.create_acl_entry(data['ipv6aclname'],
"ipv6",
40,
action="deny",
count=data['hitcount'],
**session_dict)
# Add entry 50 to IPv6 ACL
acl.create_acl_entry(data['ipv6aclname'],
"ipv6",
50,
action="permit",
count=data['hitcount'],
**session_dict)
# Version-up the IPv6 ACL to complete the change
acl.update_acl(data['ipv6aclname'], "ipv6", **session_dict)
# Create empty MAC ACL
acl.create_acl(data['macaclname'], "mac", **session_dict)
# Add entry 10 to MAC ACL
acl.create_acl_entry(data['macaclname'],
"mac",
10,
action="permit",
count=data['hitcount'],
ethertype=2054,
src_mac="ff33.244c.aabb/ffff.ffff.ffff",
**session_dict)
# Add entry 20 to MAC ACL
acl.create_acl_entry(data['macaclname'],
"mac",
20,
action="permit",
count=data['hitcount'],
ethertype=34525,
src_mac="1f33.cc4c.aaff/ffff.ffff.ffff",
dst_mac="ff33.244c.aa11/ffff.ffff.ffff",
**session_dict)
# Add entry 30 to MAC ACL
acl.create_acl_entry(data['macaclname'],
"mac",
30,
action="permit",
count=data['hitcount'],
ethertype=35020,
src_mac="1f33.cc4c.aaff/ffff.ffff.ffff",
dst_mac="ff33.244c.aa11/ffff.ffff.ffff",
**session_dict)
# Add entry 40 to MAC ACL
acl.create_acl_entry(data['macaclname'],
"mac",
40,
action="permit",
count=data['hitcount'],
ethertype=32923,
src_mac="1f33.cc4c.aaff/ffff.ffff.ffff",
dst_mac="ff33.244c.aa11/ffff.ffff.ffff",
**session_dict)
# Add entry 50 to MAC ACL
acl.create_acl_entry(data['macaclname'],
"mac",
50,
action="deny",
count=data['hitcount'],
**session_dict)
# Version-up the ACL to complete the change
acl.update_acl(data['macaclname'], "mac", **session_dict)
# Create VLAN and L2 System interfaces
interface.add_l2_interface(data['interfaceVLAN'], **session_dict)
interface.enable_disable_interface(data['interfaceVLAN'], "up",
**session_dict)
interface.add_l2_interface(data['ipv4L2ingressinterface'],
**session_dict)
interface.enable_disable_interface(data['ipv4L2ingressinterface'],
"up", **session_dict)
vlan.port_set_vlan_mode(data['ipv4L2ingressinterface'],
"native-tagged", **session_dict)
vlan.port_add_vlan_trunks(data['ipv4L2ingressinterface'],
**session_dict)
interface.add_l2_interface(data['ipv6L2ingressinterface'],
**session_dict)
interface.enable_disable_interface(data['ipv6L2ingressinterface'],
"up", **session_dict)
vlan.port_set_vlan_mode(data['ipv6L2ingressinterface'],
"native-tagged", **session_dict)
vlan.port_add_vlan_trunks(data['ipv6L2ingressinterface'],
**session_dict)
# Create LAG Interfaces
for LAGinterface in data['LAGinterfaces']:
interface.add_l2_interface(LAGinterface, **session_dict)
interface.enable_disable_interface(LAGinterface, "up",
**session_dict)
# Create L3 interface
interface.add_l3_ipv4_interface(data['L3egressinterface'],
**session_dict)
interface.enable_disable_interface(data['L3egressinterface'], "up",
**session_dict)
# Create LAG interfaces
lag.create_l2_lag_interface(data['LAGname'], data['LAGinterfaces'],
**session_dict)
# Create VLAN
vlan.create_vlan(data['aclVLANid'], "vlan%d" % data['aclVLANid'],
**session_dict)
# Attach the ACL to VLAN
vlan.attach_vlan_acl(data['aclVLANid'], data['ipv4aclname'], "ipv4",
**session_dict)
# Attach VLAN to interface
vlan.port_set_vlan_mode(data['interfaceVLAN'], "native-tagged",
**session_dict)
vlan.port_add_vlan_trunks(data['interfaceVLAN'], [data['aclVLANid']],
**session_dict)
# Apply IPv4 ACL to L2 interface on ingress
acl.update_port_acl_in(data['ipv4L2ingressinterface'],
data['ipv4aclname'], 'ipv4', **session_dict)
# Apply IPv6 ACL to L2 interface on ingress
acl.update_port_acl_in(data['ipv6L2ingressinterface'],
data['ipv6aclname'], 'ipv6', **session_dict)
# Apply IPv4 ACL to L3 interface on egress
acl.update_port_acl_out(data['L3egressinterface'], data['ipv4aclname'],
**session_dict)
# Apply IPv4 ACL to L2 LAG on ingress
acl.update_port_acl_in(data['LAGname'], data['ipv4aclname'], 'ipv4',
**session_dict)
except Exception as error:
print('Ran into exception: {}. Logging out..'.format(error))
session.logout(**session_dict)
