def cfgabort(session): """Abort pending Zone DB transaction. Example usage of the method:: result = cfgabort(session) :param session: session returned by login. :rtype: dictionary of return status matching rest response. *Use cases* Abort pending Zone DB changes. """ new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_ABORT) result = new_effective.patch(session) return result
def cfgclear(session): """Clear Zone DB Example usage of the method:: result = cfgcleare(session) :param session: session returned by login. :rtype: dictionary of return status matching rest response. *Use cases* Clear Zone DB. """ new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_CLEAR) result = new_effective.patch(session) return result
def cfgdisable(session, checksum): """Disable Zone DB enforcement. Example usage of the method:: result = cfgdisable(session, checksum) :param session: session returned by login. :param checksum: database checksum from effective configuration. :rtype: dictionary of return status matching rest response. *Use cases* Disable enforcement. """ new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_DISABLE) new_effective.set_checksum(checksum) result = new_effective.patch(session) return result
def cfgsave(session, checksum): """Save pending Zone DB transaction Example usage of the method:: result = cfgsave(session, checksum) :param session: session returned by login :param checksum: database checksum from effective configuration :rtype: dictionary of return status matching rest response *use cases* 1. save pending Zone DB changes """ new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_SAVE) new_effective.set_checksum(checksum) result = new_effective.patch(session) return result
def defzone(session, allaccess): """Set Default Zone mode to all access or not Example usage of the method:: result = defzone(session, True) :param session: session returned by login :param allaccess: boolean to indicate all access enabled or not :rtype: dictionary of return status matching rest response *use cases* 1. enable all access 2. disable all access """ new_effective = pyfos_zone.effective_configuration() new_effective.set_default_zone_access(allaccess) result = new_effective.patch(session) return result
def cfgenable(session, cfgname, checksum): """Start enforcing Zone DB with cfg specified Example usage of the method:: result = cfgenable(session, cfgname, checksum) :param session: session returned by login :param cfgname: name of the cfg to be enabled :param checksum: database checksum from effective configuration :rtype: dictionary of return status matching rest response *use cases* 1. enable cfg """ new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name(cfgname) new_effective.set_checksum(checksum) result = new_effective.patch(session) return result
def main(argv): global session atexit.register(exit_handler) args_file = sys.argv[1] args_data = open(args_file).read() vfid = None arguments = shlex.split(args_data) for arg in arguments: if "=" in arg: (key, value) = arg.split("=") if key == "zone_seed": ip_addr = value elif key == "user": user = value elif key == "password": password = value elif key == "checkmode": checkmode = ast.literal_eval(value) elif key == "target_list": target_list = ast.literal_eval(value) elif key == "zone_prefix": ZONE_PREFIX = value elif key == "vfid": vfid = ast.literal_eval(value) # print json.dumps({ # "ip_addr" : ip_addr, # "checkmode" : checkmode, # "zone_acl" : zone_acl # "zone_prefix" : zone_prefix # }) session = pyfos_auth.login(user, password, ip_addr, isHttps) if pyfos_auth.is_failed_login(session): print( json.dumps({ "changed": False, "login failed reason": session.get( pyfos_auth.CREDENTIAL_KEY)[pyfos_auth.LOGIN_ERROR_KEY] })) sys.exit() if vfid is not None: pyfos_auth.vfid_set(session, vfid) prezone_effective = pyfos_zone.effective_configuration.get(session) if pyfos_util.is_failed_resp(prezone_effective): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": prezone_effective })) sys.exit() prezone_defined = pyfos_zone.defined_configuration.get(session) if pyfos_util.is_failed_resp(prezone_defined): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": prezone_defined })) sys.exit() changed = False removed_from_defined_cfg = [] # walk through the zones and see if they show up in defined config # if not, add them. for target in target_list: for zone in prezone_defined.peek_zone(): if zone["zone-name"].startswith( ZONE_PREFIX) and target in zone["zone-name"]: changed = True removed_from_defined_cfg.append(zone["zone-name"]) if checkmode is False: zones = [{"zone-name": zone["zone-name"]}] new_defined = pyfos_zone.defined_configuration() new_defined.set_zone(zones) result = new_defined.delete(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() if changed: if prezone_effective.peek_cfg_name() == None: if checkmode is False: new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_SAVE) new_effective.set_checksum(prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() else: if checkmode is False: current_cfg = None for cfg in prezone_defined.peek_cfg(): if cfg["cfg-name"] == prezone_effective.peek_cfg_name(): current_cfg = cfg if result_in_empty_cfg(removed_from_defined_cfg, current_cfg): cfgs = [{"cfg-name": prezone_effective.peek_cfg_name()}] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.delete(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_DISABLE) new_effective.set_checksum( prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() else: cfgs = [{ "cfg-name": prezone_effective.peek_cfg_name(), "member-zone": { "zone-name": removed_from_defined_cfg } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.delete(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name( prezone_effective.peek_cfg_name()) new_effective.set_checksum( prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print( json.dumps({ "changed": False, "line": inspect.currentframe().f_lineno, "error": result })) sys.exit() print( json.dumps({ "changed": changed, "zones_removed": removed_from_defined_cfg, })) pyfos_auth.logout(session)
def zone_allow_pair_to_peer(session, prefix, hostport, targetname, targetport, if_no_cfg, checkmode): """Create/add a pair of hosts and targets to a peer Zone. Example usage of the method to create a new peer zone with a pair:: ret_code, result = zone_allow_pair_to_peer.zone_allow_pair_to_peer( session, "az__pz__", "11:22:33:44:55:66:77:88", "mytarget", "88:77:66:55:44:33:22:11", "cfg_if_there_is_non", True) if ret_code > 0: print ("zone db changed", ret_code, result) else: print ("zone db didn't change", ret_code, result) :param session: session returned by login. :param prefix: prefix for the peer Zone name. :param hostport: WWN of the host port. :param targetname: string name of the target. :param targetport: WWN of the target port. :param if_no_cfg: CFG name to be used if there are no enabled CFG. :param checkmode: indicate if Zone DB is to be updated or return status only. :rtype: Return code and dictionary of status description. *Use cases* 1. Pass in host/target pair to create peer zone. 2. Pass in host/target pair to create peer zone. """ cfgname = if_no_cfg zonename = prefix + targetname prezone_defined = pyfos_zone.defined_configuration.get(session) if pyfos_util.is_failed_resp(prezone_defined): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": prezone_defined }) prezone_effective = pyfos_zone.effective_configuration.get(session) if pyfos_util.is_failed_resp(prezone_effective): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": prezone_effective }) # check to see if we have a cfg for the zone already found_matching_cfg, found_matching_cfg_with_zone = find_matching_cfg( prezone_defined, cfgname, zonename) # check to see if we have a peer zone for the target already (found_matching_zone, found_matching_zone_with_target, found_matching_zone_with_host) = find_matching_zone( prezone_defined, zonename, hostport, targetport) # if didn't find the matching zone with the name, let's create one ZONE_EXISTED = 0 ZONE_CREATED = 1 ZONE_MODIFIED = 2 zone_action = ZONE_EXISTED if not found_matching_zone: if checkmode is False: zones = [{ "zone-name": zonename, "zone-type": pyfos_zone.ZONE_TYPE_PEER, "member-entry": { "principal-entry-name": [targetport], "entry-name": [hostport] } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_zone(zones) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) zone_action = ZONE_CREATED else: # I found zone. but it has unknown WWN for the principal target if not found_matching_zone_with_target: return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": "found expected zone but unexpected target WWN" }) else: # I found the zone & the target but the host is missing # let's add to it if not found_matching_zone_with_host: if checkmode is False: zones = [{ "zone-name": zonename, "zone-type": pyfos_zone.ZONE_TYPE_PEER, "member-entry": { "entry-name": [hostport] } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_zone(zones) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) zone_action = ZONE_MODIFIED # check to see if we have an enabled cfg # if nothing is enabled, just create a new cfg and add the # zone if prezone_effective.peek_cfg_name() is None: if checkmode is False: if (found_matching_cfg is False or found_matching_cfg_with_zone is False): # if cfg is not found or member is not found, post to create or # add to it. cfgs = [{ "cfg-name": cfgname, "member-zone": { "zone-name": [zonename] } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name(cfgname) new_effective.set_checksum(prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) if zone_action is ZONE_CREATED: return (RET_ZONE_CREATED_ADDED_TO_NEW_CFG, { "return_str": zonename + " created and added to new cfg of " + cfgname }) elif zone_action is ZONE_MODIFIED: return (RET_ZONE_UPDATED_ADDED_TO_NEW_CFG, { "return_str": "host added to " + zonename + " added to new cfg of " + cfgname }) else: return (RET_ZONE_EXIST_ADDED_TO_NEW_CFG, { "return_str": "existing " + zonename + " added to new cfg of " + cfgname }) else: # we have something that is already enabled # let's add to the existing cfg found_in_cfg = False for cfg in prezone_defined.peek_cfg(): if prezone_effective.peek_cfg_name() == cfg["cfg-name"]: for mem in cfg["member-zone"]["zone-name"]: if mem == zonename: found_in_cfg = True break if found_in_cfg: if zone_action is ZONE_EXISTED: return (RET_ZONE_EXIST_IN_CFG, { "return_str": "already zoned in " + zonename + " and effective in " + prezone_effective.peek_cfg_name() }) elif zone_action is ZONE_MODIFIED: # if zone is already part of cfg but modified, # just enable again if checkmode is False: new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name( prezone_effective.peek_cfg_name()) new_effective.set_checksum( prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) return (RET_ZONE_UPDATED_IN_CFG, { "return_str": "added to " + zonename + " and effective in " + prezone_effective.peek_cfg_name() }) else: # we have a new zone created but already in the cfg? # seems like an error case. but still works nevertheless # just return no change return (RET_ZONE_CREATED_IN_CFG, { "return_str": "created " + zonename + " and already effective in " + prezone_effective.peek_cfg_name() }) else: # not found in cfg. add to the existing cfg and enable if checkmode is False: cfgs = [{ "cfg-name": prezone_effective.peek_cfg_name(), "member-zone": { "zone-name": [zonename] } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name(prezone_effective.peek_cfg_name()) new_effective.set_checksum(prezone_effective.peek_checksum()) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) if zone_action is ZONE_CREATED: return (RET_ZONE_CREATED_ADDED_TO_CFG, { "return_str": zonename + " created and added to existing cfg of " + prezone_effective.peek_cfg_name() }) elif zone_action is ZONE_MODIFIED: return (RET_ZONE_UPDATED_ADDED_TO_CFG, { "return_str": "added to " + zonename + " and added to existing cfg of " + prezone_effective.peek_cfg_name() }) else: return (RET_ZONE_EXIST_ADDED_TO_CFG, { "return_str": "existing " + zonename + " added to existing cfg of " + prezone_effective.peek_cfg_name() })
def zone_allow_pair(session, prefix, hostname, hostport, targetname, targetport, if_no_cfg, checkmode): """Create/add a pair of hosts and targets to a tuple Zone. Example usage of the method to create a new tuple zone with a pair:: ret_code, result = zone_allow_pair.zone_allow_pair( session, "az__pz__", "myhost", "11:22:33:44:55:66:77:88", "mytarget", "88:77:66:55:44:33:22:11", "cfg_if_there_is_non", True) if ret_code > 0: print ("zone db changed", result) else: print ("zone db didn't change", result) :param session: session returned by login. :param prefix: prefix for the peer Zone name. :param hostname: string name of the host. :param hostport: WWN of the host port. :param targetname: string name of the target. :param targetport: WWN of the target port. :param if_no_cfg: CFG name to be used if there is no enabled CFG. :param checkmode: indicates if Zone DB is to be updated or return status only. :rtype: Return code and dictionary of status description. *Use cases* 1. Pass in host/target pair to create tuple zone. 2. Pass in host/target pair to create tuple zone. """ cfgname = if_no_cfg zonename = zonename_get(prefix, hostname, targetname) cfgmem = [zonename] zonemem = [hostport, targetport] prezonedb = pyfos_zone.effective_configuration.get(session) if pyfos_util.is_failed_resp(prezonedb): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": prezonedb }) # check to see if we have an enabled cfg if prezonedb.peek_cfg_name() is None: if checkmode is False: zones = [{ "zone-name": zonename, "member-entry": { "entry-name": zonemem } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_zone(zones) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) cfgs = [{ "cfg-name": cfgname, "member-zone": { "zone-name": cfgmem } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name(cfgname) checksum = prezonedb.peek_checksum() new_effective.set_checksum(checksum) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) return (RET_ZONE_CREATED_ADDED_TO_NEW_CFG, { "return_str": zonename + " created and added to new cfg of " + cfgname }) else: # we have something that is already enabled found_in_effective_zone = False found_in_zone = None found_in_cfg = None for zone in prezonedb.peek_enabled_zone(): found_host = False found_target = False for mem in zone["member-entry"]["entry-name"]: if mem == hostport: found_host = True elif mem == targetport: found_target = True if found_host and found_target: found_in_effective_zone = True found_in_zone = zone found_in_cfg = prezonedb.peek_cfg_name() break if found_in_effective_zone is True: return (RET_ZONE_EXIST_IN_CFG, { "return_str": "already zoned in " + found_in_zone["zone-name"] + " and effective in " + found_in_cfg }) else: if checkmode is False: zones = [{ "zone-name": zonename, "member-entry": { "entry-name": zonemem } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_zone(zones) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) cfgs = [{ "cfg-name": prezonedb.peek_cfg_name(), "member-zone": { "zone-name": [zonename] } }] new_defined = pyfos_zone.defined_configuration() new_defined.set_cfg(cfgs) result = new_defined.post(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_name(prezonedb.peek_cfg_name()) checksum = prezonedb.peek_checksum() new_effective.set_checksum(checksum) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): return (RET_ERR, { "line": inspect.currentframe().f_lineno, "error": result }) return (RET_ZONE_CREATED_ADDED_TO_CFG, { "return_str": zonename + " created and added to existing cfg of " + prezonedb.peek_cfg_name() })
def main(argv): valid_options = [] inputs = brcd_util.generic_input(argv, usage, valid_options) session = pyfos_auth.login(inputs["login"], inputs["password"], inputs["ipaddr"], inputs["secured"], verbose=inputs["verbose"]) if pyfos_auth.is_failed_login(session): print( "login failed because", session.get(pyfos_auth.CREDENTIAL_KEY)[pyfos_auth.LOGIN_ERROR_KEY]) usage() sys.exit() brcd_util.exit_register(session) vfid = None if 'vfid' in inputs: vfid = inputs['vfid'] if vfid is not None: pyfos_auth.vfid_set(session, vfid) hanging_zones, online_zones, checksum = process_all_zones(session) if hanging_zones: print(" ") print("hanging zone(s):") for zone in hanging_zones: print(zone) else: print(" ") print("no hanging zones") if online_zones: print(" ") print("zone(s) with at least one online device or special zones:") for zone in online_zones: print(zone) else: print(" ") print("no zones with at least one online device or special zones") if len(hanging_zones) != 0: print("") user_input = input("Delete all hanging zones? (YES in all caps or " "anything else to skip) ") if user_input == "YES": print("Deleting hanging zones") new_defined = pyfos_zone.defined_configuration() delete_zones = [] for zone in hanging_zones: delete_zones.append({"zone-name": zone}) new_defined.set_zone(delete_zones) result = new_defined.delete(session) if pyfos_util.is_failed_resp(result): print("Failed to delete. \n\nAborting transaction", result) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_ABORT) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print("Failed to abort", result) else: print("Aborted") else: print("Deleted hanging zones") print("CFG Save") new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_SAVE) new_effective.set_checksum(checksum) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print("Failed to CFG Save. \n\nAborting transaction", result) new_effective = pyfos_zone.effective_configuration() new_effective.set_cfg_action(pyfos_zone.CFG_ACTION_ABORT) result = new_effective.patch(session) if pyfos_util.is_failed_resp(result): print("Failed to abort", result) else: print("Aborted") else: print("CFG Save success") else: print("No changes to Zone DB") pyfos_auth.logout(session)