def handle_create(self):
try:
vn_obj = self.vnc_lib().virtual_network_read(
id=self.properties.get(self.NETWORK))
except vnc_api.NoIdError:
vn_obj = self.vnc_lib().virtual_network_read(
fq_name_str=self.properties.get(self.NETWORK))
try:
policy_obj = self.vnc_lib().network_policy_read(
id=self.properties.get(self.POLICY))
except vnc_api.NoIdError:
policy_obj = self.vnc_lib().network_policy_read(
fq_name_str=self.properties.get(self.POLICY))
if self.properties[self.SEQUENCE] is None:
major = 0
minor = 0
else:
major = self.properties[self.SEQUENCE][self.MAJOR]
minor = self.properties[self.SEQUENCE][self.MINOR]
policy_order = vnc_api.VirtualNetworkPolicyType(vnc_api.SequenceType(major, minor))
self.vnc_lib().ref_update('virtual-network', vn_obj.uuid,
'network-policy', policy_obj.uuid, None, 'ADD', policy_order)
self.resource_id_set('%s|%s' % (vn_obj.uuid, policy_obj.uuid))
def add_NetworkPolicy(policy_name, network, vnc, domain, project_name):
policy = vnc.network_policy_read(fq_name = [domain, project_name, policy_name])
policy_type = vnc_api.VirtualNetworkPolicyType(sequence = vnc_api.SequenceType(major = 0, minor = 0))
vn = vnc.virtual_network_read(fq_name = [domain, project_name, network])
vn.add_network_policy(ref_obj = policy, ref_data = policy_type)
vnc.virtual_network_update(vn)
print 'Policy {} attached to {}'.format(policy_name, network)
def attach_policy_to_vn(self, policy_name, vn_name):
print "Attach network policy %s to virtual network %s" % (policy_name,
vn_name)
policy = self._vnc_lib.network_policy_read(
fq_name=[self._domain, self._tenant_name, policy_name])
policy_type = vnc_api.VirtualNetworkPolicyType(
sequence=vnc_api.SequenceType(major=0, minor=0))
vn = self._vnc_lib.virtual_network_read(
fq_name=[self._domain, self._tenant_name, vn_name])
vn.add_network_policy(ref_obj=policy, ref_data=policy_type)
self._vnc_lib.virtual_network_update(vn)
def add_NetworkPolicy(policy_name, network, vnc, domain, project_name):
""" FUNCTION TO ATTACH NETWORK POLICY TO VIRTUAL_NETWORKS """
policy = vnc.network_policy_read(
fq_name=[domain, project_name, policy_name])
policy_type = vnc_api.VirtualNetworkPolicyType(
sequence=vnc_api.SequenceType(major=0, minor=0))
vn = vnc.virtual_network_read(fq_name=[domain, project_name, network])
vn.add_network_policy(ref_obj=policy, ref_data=policy_type)
vnc.virtual_network_update(vn)
print 'Policy "{}" attached to "{}"\n'.format(policy_name, network)
def setUp(self):
super(VN_Policy_Fixture, self).setUp()
policy_of_vn = self.api_s_inspect.get_cs_vn_policys(
project=self.project_name,
domain=self.domain_name,
vn=self.vn,
refresh=True)
if policy_of_vn:
for policy in policy_of_vn:
if policy in self.vn_policys:
self.logger.info("Policy:%s already Associated to VN:%s'" %
(policy, self.vn))
self.already_present = True
else:
if self.policy_obj[self.vn]:
self.logger.debug("Setup step: Associating the policy to VN'")
if self.option == 'vro':
policy_names = [
policy.name for policy in self.policy_obj[self.vn]
]
self.orch.add_network_policy_to_vn(self.vn, policy_names)
self.logger.info('Associated Policy to %s' % (self.vn))
elif self.option == 'openstack':
policy_fq_names = [
self.quantum_h.get_policy_fq_name(x)
for x in self.policy_obj[self.vn]
]
if self.inputs.is_gui_based_config():
self.webui.bind_policies(self)
else:
self.vn_obj[self.vn].bind_policies(
policy_fq_names, self.vn_obj[self.vn].vn_id)
self.logger.debug('Associated Policy:%s to %s' %
(policy_fq_names, self.vn))
elif self.option == 'contrail':
ref_tuple = []
vn_update_rsp = None
vnc_obj = self.vn_obj[self.vn].getObj()
policys = self.policy_obj[self.vn]
for seq, conf_policy in enumerate(policys):
vnc_obj.add_network_policy(
conf_policy,
vnc_api.VirtualNetworkPolicyType(
sequence=vnc_api.SequenceType(major=seq,
minor=0)))
vn_update_rsp = self.vnc_lib.virtual_network_update(
vnc_obj)
self.logger.info('Associated Policy to %s' % (self.vn))
return self
def neutron_dict_to_vn(self, vn_obj, network_q):
net_name = network_q.get('name')
if net_name:
vn_obj.display_name = net_name
id_perms = vn_obj.get_id_perms()
if 'admin_state_up' in network_q:
id_perms.enable = network_q['admin_state_up']
vn_obj.set_id_perms(id_perms)
if 'policys' in network_q:
policy_fq_names = network_q['policys']
# reset and add with newly specified list
vn_obj.set_network_policy_list([], [])
seq = 0
for p_fq_name in policy_fq_names:
domain_name, project_name, policy_name = p_fq_name
domain_obj = vnc_api.Domain(domain_name)
project_obj = vnc_api.Project(project_name, domain_obj)
policy_obj = vnc_api.NetworkPolicy(policy_name, project_obj)
vn_obj.add_network_policy(
policy_obj,
vnc_api.VirtualNetworkPolicyType(
sequence=vnc_api.SequenceType(seq, 0)))
seq = seq + 1
if 'route_table' in network_q:
rt_fq_name = network_q['route_table']
if rt_fq_name:
try:
rt_obj = self._vnc_lib.route_table_read(fq_name=rt_fq_name)
vn_obj.set_route_table(rt_obj)
except vnc_api.NoIdError:
# TODO() add route table specific exception
self._raise_contrail_exception(
'NetworkNotFound', net_id=vn_obj.uuid,
resource='network')
return vn_obj
direction='<>',
protocol=policy_protocol,
action_list=vnc_api.ActionListType(simple_action=policy_action),
src_addresses=[vnc_api.AddressType(virtual_network=source_network)],
src_ports=[vnc_api.PortType(start_port=source_port, end_port=source_port)],
dst_addresses=[vnc_api.AddressType(virtual_network=destination_network)],
dst_ports=[
vnc_api.PortType(start_port=destination_port,
end_port=destination_port)
])
policy = vnc_api.NetworkPolicy(
name=policy_name,
parent_obj=tenant,
network_policy_entries=vnc_api.PolicyEntriesType([rule]))
vnc.network_policy_create(policy)
#add the policy to each network
policy = vnc.network_policy_read(
fq_name=['default-domain', tenant_name, policy_name])
policy_type = vnc_api.VirtualNetworkPolicyType(
sequence=vnc_api.SequenceType(major=0, minor=0))
vn = vnc.virtual_network_read(
fq_name=['default-domain', tenant_name, source_network])
vn.add_network_policy(ref_obj=policy, ref_data=policy_type)
vnc.virtual_network_update(vn)
vn = vnc.virtual_network_read(
fq_name=['default-domain', tenant_name, destination_network])
vn.add_network_policy(ref_obj=policy, ref_data=policy_type)
vnc.virtual_network_update(vn)
net2 = vnc_lib.virtual_network_read(id=args.net2_uuid)
pol1 = vnc_api.NetworkPolicy(
'policy-%s-%s-any' % (net1.name, net2.name),
network_policy_entries=vnc_api.PolicyEntriesType([
vnc_api.PolicyRuleType(
direction='<>',
action_list=vnc_api.ActionListType(simple_action='pass'),
protocol='any',
src_addresses=[
vnc_api.AddressType(virtual_network=net1.get_fq_name_str())
],
src_ports=[vnc_api.PortType(-1, -1)],
dst_addresses=[
vnc_api.AddressType(virtual_network=net2.get_fq_name_str())
],
dst_ports=[vnc_api.PortType(-1, -1)])
]),
parent_obj=vnc_lib.project_read(fq_name=net1.get_parent_fq_name()))
vnc_lib.network_policy_create(pol1)
net1.add_network_policy(
pol1,
vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0)))
vnc_lib.virtual_network_update(net1)
net2.add_network_policy(
pol1,
vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0)))
vnc_lib.virtual_network_update(net2)
net1 = vnc_lib.virtual_network_read(id = args.net1_uuid)
net2 = vnc_lib.virtual_network_read(id = args.net2_uuid)
pol1 = vnc_api.NetworkPolicy(
'policy-%s-%s-any' % (net1.name, net2.name),
network_policy_entries = vnc_api.PolicyEntriesType(
[vnc_api.PolicyRuleType(
direction = '<>',
action_list = vnc_api.ActionListType(simple_action='pass'),
protocol = 'any',
src_addresses = [
vnc_api.AddressType(virtual_network = net1.get_fq_name_str())
],
src_ports = [vnc_api.PortType(-1, -1)],
dst_addresses = [
vnc_api.AddressType(virtual_network = net2.get_fq_name_str())
],
dst_ports = [vnc_api.PortType(-1, -1)])
]),
parent_obj=vnc_lib.project_read(fq_name=net1.get_parent_fq_name()))
vnc_lib.network_policy_create(pol1)
net1.add_network_policy(pol1, vnc_api.VirtualNetworkPolicyType(
sequence = vnc_api.SequenceType(0, 0)))
vnc_lib.virtual_network_update(net1)
net2.add_network_policy(pol1, vnc_api.VirtualNetworkPolicyType(
sequence = vnc_api.SequenceType(0, 0)))
vnc_lib.virtual_network_update(net2)
from vnc_api import vnc_api
vnc_lib = vnc_api.VncApi(api_server_host='10.10.7.149')
vn_blue_obj = vnc_api.VirtualNetwork('vn-blue')
vn_blue_obj.add_network_ipam(vnc_api.NetworkIpam(),vnc_api.VnSubnetsType([vnc_api.IpamSubnetType(subnet = vnc_api.SubnetType('10.0.2.0', 24))]))
vnc_lib.virtual_network_create(vn_blue_obj)
vn_red_obj = vnc_api.VirtualNetwork('vn-red')
vn_red_obj.add_network_ipam(vnc_api.NetworkIpam(),vnc_api.VnSubnetsType([vnc_api.IpamSubnetType(subnet = vnc_api.SubnetType('10.0.3.0', 24))]))
vnc_lib.virtual_network_create(vn_red_obj)
policy_obj = vnc_api.NetworkPolicy('policy-red-blue',network_policy_entries = vnc_api.PolicyEntriesType([vnc_api.PolicyRuleType(direction='<>',action_list = vnc_api.ActionListType(simple_action='pass'), protocol = 'tcp',src_addresses = [vnc_api.AddressType(virtual_network = vn_blue_obj.get_fq_name_str())], src_ports = [vnc_api.PortType(-1, -1)],dst_addresses = [vnc_api.AddressType(virtual_network = vn_red_obj.get_fq_name_str())], dst_ports = [vnc_api.PortType(80, 80)])]))
vnc_lib.network_policy_create(policy_obj)
vn_blue_obj.add_network_policy(policy_obj, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0)))
vn_red_obj.add_network_policy(policy_obj, vnc_api.VirtualNetworkPolicyType(sequence=vnc_api.SequenceType(0, 0)))
vnc_lib.virtual_network_update(vn_blue_obj)
vnc_lib.virtual_network_update(vn_red_obj)
print vnc_lib.virtual_network_read(id = vn_blue_obj.uuid)
print vnc_lib.virtual_networks_list()
