def create_subnet(modir, tenant, bridge_domain, subnet):
# Query a parent
fv_bd = modir.lookupByDn('uni/tn-' + tenant + '/BD-' + bridge_domain)
fv_subnet = Subnet(fv_bd, subnet)
print_query_xml(fv_bd)
commit_change(modir, fv_bd)
def create_3tier_application(modir, tenant_name):
policy_universe = modir.lookupByDn('uni')
fv_tenant = Tenant(policy_universe, tenant_name)
# create context
fv_ctx = Ctx(fv_tenant, CTX_NAME)
#
fv_bd = BD(fv_tenant, 'BD1')
#
fv_rs_ctx = RsCtx(fv_bd)
fv_rs_ctx.__setattr__('tnFvCtxName', 'Apple-Router')
fv_subnet_10 = Subnet(fv_bd,'10.0.0.1/24', scope='public')
fv_subnet_20 = Subnet(fv_bd, '20.0.0.1/24', scope='public')
fv_subnet_30 = Subnet(fv_bd, '30.0.0.1/24', scope='public')
fv_subnet_40 = Subnet(fv_bd, '40.0.0.1/24', scope='public')
#
fv_ap = Ap(fv_tenant, '3-TierApp')
fv_aepg_client = AEPg(fv_ap, 'Client')
fv_rs_bd_client = RsBd(fv_aepg_client, tnFvBDName='BD1')
# fv_rs_bd_client.__setattr__('tnFvBDName', 'BD1')
fv_rs_cons_webct_client = RsCons(fv_aepg_client, 'WebCt')
fv_aepg_web = AEPg(fv_ap, 'Web')
fv_rs_bd_web = RsBd(fv_aepg_web, tnFvBDName='BD1')
fv_rs_cons_webct_web = RsProv(fv_aepg_web, 'WebCt')
fv_rs_cons_appct_web = RsCons(fv_aepg_web, 'AppCt')
fv_aepg_app = AEPg(fv_ap, 'App')
fv_rs_bd_app = RsBd(fv_aepg_app, tnFvBDName='DB1')
fv_rs_cons_webct_app = RsProv(fv_aepg_app, 'WebCt')
fv_rs_cons_appct_app = RsCons(fv_aepg_app, 'AppCt')
fv_aepg_db = AEPg(fv_ap, 'DB')
fv_rs_bd_db = RsBd(fv_aepg_db, tnFvBDName='BD1')
fv_rs_prov_db = RsProv(fv_aepg_db, 'DbCt')
print toXMLStr(policy_universe, prettyPrint=True)
# Commit the change using a ConfigRequest object
configReq = ConfigRequest()
configReq.addMo(policy_universe)
modir.commit(configReq)
def createBridgeDomain(fv_tenant, bridge_domain, subnet_ip, private_network):
"""Create a Bridge Domain. A private layer 2 bridge domain (BD) consists of a set of physical or virtual ports. Each bridge domain must be linked to a context and have at least one subnet. """
# Create a bridge domain
fv_bd = BD(fv_tenant, bridge_domain)
# Create a subnet
fv_subnet = Subnet(fv_bd, subnet_ip)
# Connect the bridge domain to a network
fv_rsctx = RsCtx(fv_bd, tnFvCtxName=private_network)
def create_BD(tenant, bdName, vNum, vrf, subnet):
try:
fvBD = BD(tenant, name=bdName, arpFlood=u'true')
Subnet(fvBD, ctrl=u'unspecified', ip=subnet, virtual=u'true')
RsCtx(fvBD, tnFvCtxName=vrf)
CONFIG.addMo(fvBD)
print '[+] Bridge Domain %s created successfully' % bdName
except:
print '[-] Error creating Bridge Domain'
exit(1)
def createBridgeDomain(tenant, epgSpec, apicMoDir):
logging.debug('Inside createBridgeDomain function')
gw = epgSpec['gw-cidr']
netmask = gw.split('/')
if len(netmask) != 2:
return ['failed', 'invalid subnet']
# Check if gw ip is correct
bdIsL3 = True
if netmask[0] == '':
logging.info('Missing gateway in contiv network. Creating BD without Subnet (L2 only).')
bdIsL3 = False
bdName = epgSpec['nw-name']
bdDn = formBDDn(tenant, bdName)
logging.info('Creating BD %s under tenant %s' % (bdName, tenant))
# Check if there is a VRF to tie the BD. If not, create one.
tenMo = tenantDict[tenant]
ctxMos = findTenantVrfContexts(tenant, apicMoDir)
logging.debug('Fetched context mos:')
logging.debug(ctxMos)
if len(ctxMos) == 0:
# No VRFs found. Need to create one.
tenVrfName = formTenantVRFName(tenant)
ctxMo = Ctx(tenMo, tenVrfName)
cR = ConfigRequest()
cR.addMo(ctxMo)
apicMoDir.commit(cR)
elif len(ctxMos) > 1:
logging.error('Multi VRF scenario requires pre-created BDs')
return ['failed', 'Multiple VRFs under tenant not supported yet']
else:
for ctxMo in ctxMos:
tenVrfName = ctxMo.name
fvBDMo = BD(tenMo, name=bdName)
RsCtx(fvBDMo, tnFvCtxName=tenVrfName)
if bdIsL3:
# create subnet
Subnet(fvBDMo, gw)
cR = ConfigRequest()
cR.addMo(fvBDMo)
apicMoDir.commit(cR)
if bdIsL3:
subnetDict[gw] = fvBDMo
logging.info('Created BD {}'.format(bdName))
return ['success', 'ok']
def create_bd(self, bd_name, tenant_dn, default_gw, **creation_props):
"""
Creates a BD object. Creates a subnet for the default gateway if it is not None
:param bd_name:
:param tenant_dn:
:param default_gw:
:param creation_props:
:return:
"""
fv_bd_mo = BD(tenant_dn, bd_name, creation_props)
self.commit(fv_bd_mo)
if default_gw is not None and len(default_gw) > 0:
fv_subnet_mo = Subnet(fv_bd_mo, default_gw)
self.commit(fv_subnet_mo)
return fv_bd_mo
def add_bridge_domain_subnet(modir, tenant_name, bridge_domain, subnet_ip, network_name):
"""Build a bridge domain and its associated subnet"""
# Query to a tenant
fv_tenant = modir.lookupByDn('uni/tn-' + tenant_name)
# Create a bridge domain
fv_bd = BD(fv_tenant, bridge_domain)
# Create a subnet
fv_subnet = Subnet(fv_bd, subnet_ip)
# Connect the bridge domain to a network
if isinstance(modir.lookupByDn('uni/tn-' + tenant_name + '/ctx-' + network_name), Ctx):
fv_rsctx = RsCtx(fv_bd, tnFvCtxName=network_name)
else:
print 'Network', network_name, 'does not existe.'
print_query_xml(fv_tenant)
commit_change(modir, fv_tenant)
def create_subnet(fv_bd, subnet):
"""Configures the Endpoint Group (EPG) as a portion of the network that shares the same subnet address. The context defined IP address space can consist of multiple subnets. Those subnets are defined in one or more bridge domains that reference the corresponding context. Subnets can span multiple EPGs. """
fv_subnet = Subnet(fv_bd, subnet)
def tenant_policy(host, user, password):
print('[BEG] Tenant Configuration')
moDir = apic_login(host, user, password)
uniMo = moDir.lookupByDn('uni')
fvTenantMo = Tenant(uniMo, 'Cobra-Demo')
print('--- Building VRF(s)')
# Create Private Network
vrf1 = Ctx(fvTenantMo, "DC_INSIDE")
vrf2 = Ctx(fvTenantMo, "DC_OUTISDE")
print('--- Building Bridge Domain(s)')
# Create Bridge Domain & Subnets
fvBDMo1 = BD(fvTenantMo, "SERVER_BD1")
fvSubnet = Subnet(fvBDMo1,
name=u'Sub1',
ip=u'106.0.1.1/24',
preferred=u'no',
virtual=u'no')
fvSubnet = Subnet(fvBDMo1,
name=u'Sub2',
ip=u'106.0.2.1/24',
preferred=u'no',
virtual=u'no')
print('--- Adding Subnets to Bridge Domain(s)')
# Create Bridge Domain & Subnets
fvBDMo2 = BD(fvTenantMo, "SERVER_BD2")
fvSubnet = Subnet(fvBDMo2,
name=u'Sub3',
ip=u'106.0.3.1/24',
preferred=u'no',
virtual=u'no',
scope=u'public')
fvSubnet = Subnet(fvBDMo2,
name=u'Sub4',
ip=u'106.0.4.1/24',
preferred=u'no',
virtual=u'yes')
fvSubnet = Subnet(fvBDMo2,
name=u'Sub5',
ip=u'106.0.5.1/24',
preferred=u'no',
virtual=u'no',
scope=u'public')
print('--- Adding Bridge Domain(s) to VRF(s)')
# Create association to private network
fv1RsCtx = RsCtx(fvBDMo1, tnFvCtxName=vrf1.name)
fv2RsCtx = RsCtx(fvBDMo2, tnFvCtxName=vrf1.name)
print('--- Building Web Filter')
# Build Web Filters
vzFilter1 = Filter(fvTenantMo, name=u'Web-Filters')
vzEntry = Entry(vzFilter1,
applyToFrag=u'no',
dToPort=u'https',
prot=u'tcp',
stateful=u'no',
etherT=u'ip',
dFromPort=u'https',
name=u'https')
vzEntry2 = Entry(vzFilter1,
applyToFrag=u'no',
dToPort=u'https',
prot=u'tcp',
stateful=u'no',
etherT=u'ip',
dFromPort=u'https',
name=u'https')
print('--- Building App Filter')
# Build App Filters
vzFilter2 = Filter(fvTenantMo, name=u'App-Filters')
vzEntry = Entry(vzFilter2,
applyToFrag=u'no',
dToPort=u'8080',
prot=u'tcp',
stateful=u'no',
etherT=u'ip',
dFromPort=u'8080',
name=u'tcp8080')
vzEntry2 = Entry(vzFilter2,
dToPort=u'8443',
prot=u'tcp',
stateful=u'no',
etherT=u'ip',
dFromPort=u'8443',
name=u'tcp8443')
print('--- Creating Contract(s)')
#Create Contracts
httpContract = BrCP(fvTenantMo, 'WEB')
vzSubjMo = Subj(httpContract, 'Web-Ports')
RsSubjFiltAtt(vzSubjMo, tnVzFilterName=vzFilter1.name)
RsSubjFiltAtt(vzSubjMo, tnVzFilterName='icmp')
appContract = BrCP(fvTenantMo, 'APP')
vzSubjMo = Subj(appContract, 'App-Ports')
RsSubjFiltAtt(vzSubjMo, tnVzFilterName=vzFilter2.name)
RsSubjFiltAtt(vzSubjMo, tnVzFilterName='icmp')
dbContract = BrCP(fvTenantMo, 'DB')
vzSubjMo = Subj(dbContract, 'DB-Ports')
RsSubjFiltAtt(vzSubjMo, tnVzFilterName='icmp')
print('--- Creating Application Profile')
#Create Application Profile
fvApMo = Ap(fvTenantMo, 'DemoAppProfile')
print('--- Building EPG: App')
#Build AEPg APP
fvAEPg1 = AEPg(fvApMo, 'APP')
fvAEPgBD1 = RsBd(fvAEPg1, tnFvBDName=fvBDMo1.name)
#Attach Static AEPg to Interface
fvRsPathAtt1 = RsPathAtt(fvAEPg1,
tDn=u'topology/pod-1/paths-101/pathep-[eth1/15]',
primaryEncap=u'unknown',
instrImedcy=u'lazy',
mode=u'regular',
encap=u'vlan-2005')
AppProv1 = RsProv(fvAEPg1, tnVzBrCPName=appContract.name)
AppCons1 = RsCons(fvAEPg1, tnVzBrCPName=dbContract.name)
print('--- Building EPG: Web')
#Build AEPg WEB
fvAEPg2 = AEPg(fvApMo, 'WEB')
fvAEPgBD1 = RsBd(fvAEPg2, tnFvBDName=fvBDMo2.name)
#Attach Static AEPg to Interface
fvRsPathAtt2 = RsPathAtt(fvAEPg2,
tDn=u'topology/pod-1/paths-101/pathep-[eth1/16]',
primaryEncap=u'unknown',
instrImedcy=u'lazy',
mode=u'regular',
encap=u'vlan-2006')
WebProv1 = RsProv(fvAEPg2, tnVzBrCPName=httpContract.name)
WebCons1 = RsCons(fvAEPg2, tnVzBrCPName=appContract.name)
print('--- Building EPG: DB')
#Build AEPg DB
fvAEPg3 = AEPg(fvApMo, 'DB')
print(' --- Attaching DB to Bridge Domain: ' + fvBDMo2.name)
fvAEPgBD1 = RsBd(fvAEPg3, tnFvBDName=fvBDMo2.name)
#Attach Static AEPg to Interface
fvRsPathAtt3 = RsPathAtt(fvAEPg3,
tDn=u'topology/pod-1/paths-101/pathep-[eth1/17]',
primaryEncap=u'unknown',
instrImedcy=u'lazy',
mode=u'regular',
encap=u'vlan-2007')
DbProv1 = RsProv(fvAEPg3, tnVzBrCPName=dbContract.name)
print('--- Building L3 Out')
# Configure L3 Out
l3extOut = Out(fvTenantMo, name=u'L3Ext-Cobra', enforceRtctrl=u'export')
l3extRsEctx = RsEctx(l3extOut, tnFvCtxName=vrf1.name)
l3extLNodeP = LNodeP(l3extOut, name=u'Leaf102')
l3extRsNodeL3OutAtt = RsNodeL3OutAtt(l3extLNodeP,
rtrIdLoopBack=u'no',
rtrId=u'10.10.15.250',
tDn=u'topology/pod-1/node-102')
l3extLIfP = LIfP(l3extLNodeP, name=u'port1-Cobra')
ospfIfP = IfP(l3extLIfP, authKeyId=u'1')
ospfRsIfPol = RsIfPol(ospfIfP, tnOspfIfPolName=u'OSPF-P2P')
l3extRsPathL3OutAtt = RsPathL3OutAtt(
l3extLIfP,
addr=u'10.10.100.9/30',
encapScope=u'local',
mode=u'regular',
ifInstT=u'l3-port',
mtu=u'1500',
tDn=u'topology/pod-1/paths-102/pathep-[eth1/1]')
l3extInstP = l3ext.InstP(l3extOut, name=u'L3-OUT-EPG')
fvRsCons = RsCons(l3extInstP, tnVzBrCPName=httpContract.name)
l3extSubnet = L3Sub(l3extInstP, ip=u'0.0.0.0/0')
ospfExtP = ExtP(l3extOut,
areaCtrl=u'redistribute,summary',
areaId=u'0.0.0.1',
areaType=u'regular',
areaCost=u'1')
BDAttL3Out1 = RsBDToOut(fvBDMo2, tnL3extOutName=l3extOut.name)
cfg_commit(moDir, fvTenantMo)
print('[END] Tenant Configuration')