def _create_np_vn_policy(self, policy_name, proj_obj, dst_vn_obj):
policy_exists = False
policy = NetworkPolicy(name=policy_name, parent_obj=proj_obj)
try:
policy_obj = self.vnc_lib.network_policy_read(
fq_name=policy.get_fq_name())
policy_exists = True
except NoIdError:
# policy does not exist. Create one.
policy_obj = policy
network_policy_entries = PolicyEntriesType()
policy_entry = self._create_policy_entry(None, dst_vn_obj, policy)
network_policy_entries.add_policy_rule(policy_entry)
policy_obj.set_network_policy_entries(network_policy_entries)
if policy_exists:
self.vnc_lib.network_policy_update(policy)
else:
self.vnc_lib.network_policy_create(policy)
return policy_obj
def _create_vn_vn_policy(self, policy_name, proj_obj, *vn_obj):
policy_exists = False
policy = NetworkPolicy(name=policy_name, parent_obj=proj_obj)
try:
policy_obj = self.vnc_lib.network_policy_read(
fq_name=policy.get_fq_name())
policy_exists = True
except NoIdError:
# policy does not exist. Create one.
policy_obj = policy
network_policy_entries = PolicyEntriesType()
total_vn = len(vn_obj)
for i in range(0, total_vn):
for j in range(i + 1, total_vn):
policy_entry = self._create_policy_entry(vn_obj[i], vn_obj[j])
network_policy_entries.add_policy_rule(policy_entry)
policy_obj.set_network_policy_entries(network_policy_entries)
if policy_exists:
self.vnc_lib.network_policy_update(policy)
else:
self.vnc_lib.network_policy_create(policy)
return policy_obj
def add_properties(self, props):
left_vn_str, right_vn_str = self.get_virtual_networks(props)
ret = (self.auto_policy == props.auto_policy)
if (left_vn_str, right_vn_str) != (self.left_vn_str,
self.right_vn_str):
self.left_vn_str = left_vn_str
self.right_vn_str = right_vn_str
ret = True
if not props.auto_policy:
self.delete_properties()
return ret
self.auto_policy = True
if (not self.left_vn_str or not self.right_vn_str):
self._logger.error(
"%s: route table next hop service instance must "
"have left and right virtual networks" % self.name)
self.delete_properties()
return ret
policy_name = "_internal_" + self.name
addr1 = AddressType(virtual_network=self.left_vn_str)
addr2 = AddressType(virtual_network=self.right_vn_str)
action_list = ActionListType(apply_service=[self.name])
prule = PolicyRuleType(direction="<>",
protocol="any",
src_addresses=[addr1],
dst_addresses=[addr2],
src_ports=[PortType()],
dst_ports=[PortType()],
action_list=action_list)
pentry = PolicyEntriesType([prule])
policy_obj = NetworkPolicy(policy_name, network_policy_entries=pentry)
policy = ResourceBaseST.get_obj_type_map().get(
'network_policy').locate(policy_name, policy_obj)
policy.virtual_networks = set([self.left_vn_str, self.right_vn_str])
policy.set_internal()
vn1 = ResourceBaseST.get_obj_type_map().get('virtual_network').get(
self.left_vn_str)
if vn1:
vn1.add_policy(policy_name)
vn2 = ResourceBaseST.get_obj_type_map().get('virtual_network').get(
self.right_vn_str)
if vn2:
vn2.add_policy(policy_name)
def gen_network_policy(project, entries):
""" Returns a configured vnc_api.gen.resource_client.NetworkPolicy """
pol = NetworkPolicy(name='default',
parent_obj=project,
network_policy_entries=entries)
return pol