def ensure_bgp_pod_policy_created_on_apic(args): apic = apic_client.RestClient(log, "", [args.apic_ip], args.apic_username, args.apic_password, args.ssl) bgp_pol_name = 'default' asn = args.asn pp_group_name = 'default' p_selector_name = 'default' with apic.transaction() as trs: apic.bgpInstPol.create(bgp_pol_name, transaction=trs) if not apic.bgpRRP.get_subtree(bgp_pol_name): for node in [ x for x in apic.fabricNode.list_all() if x['role'] == 'spine' ]: apic.bgpRRNodePEp.create(bgp_pol_name, node['id'], transaction=trs) apic.bgpAsP.create(bgp_pol_name, asn=asn, transaction=trs) apic.fabricPodPGrp.create(pp_group_name, transaction=trs) reference = apic.fabricRsPodPGrpBGPRRP.get(pp_group_name) if not reference or not reference['tnBgpInstPolName']: apic.fabricRsPodPGrpBGPRRP.update( pp_group_name, tnBgpInstPolName=apic.bgpInstPol.name(bgp_pol_name), transaction=trs) apic.fabricPodS__ALL.create(p_selector_name, type='ALL', transaction=trs) apic.fabricRsPodPGrp.create(p_selector_name, tDn=POD_POLICY_GROUP_DN_PATH % pp_group_name, transaction=trs)
def setUp(self): super(TestCiscoApicClient, self).setUp() self.set_up_mocks() self.apic = apic.RestClient(self.log, mocked.APIC_SYSTEM_ID, mocked.APIC_HOSTS) self.transaction = apic.Transaction(self.apic) self.addCleanup(mock.patch.stopall) self.addCleanup(self.clean_up_pvt_key_file)
def test_login_by_instantiation(self): self.reset_reponses() self.mock_apic_manager_login_responses() apic2 = apic.RestClient(self.log, mocked.APIC_SYSTEM_ID, mocked.APIC_HOSTS, usr=mocked.APIC_USR, pwd=mocked.APIC_PWD) self.assertIsNotNone(apic2.authentication) self.assertEqual(apic2.username, mocked.APIC_USR)
def test_client_certificate_login(self): self.reset_reponses() self.enable_signature_check() pk = self.create_pvt_key_file() self.mock_response_for_certificate_fetch(mocked.APIC_USR) apic.RestClient(self.log, mocked.APIC_SYSTEM_ID, mocked.APIC_HOSTS, usr=mocked.APIC_USR, cert_name=mocked.APIC_USR_CERT_NAME, private_key_file=pk)
def test_client_session_login_ok(self): self._mock_authenticate() self.assertEqual( self.apic.authentication['userName'], mocked.APIC_USR) self.assertTrue(self.apic.api_base[0].startswith('https://')) self.assertEqual(self.apic.username, mocked.APIC_USR) self.assertIsNotNone(self.apic.authentication) self.apic = apic.RestClient(self.log, mocked.APIC_SYSTEM_ID, mocked.APIC_HOSTS, mocked.APIC_PORT, ssl=False) self.assertTrue(self.apic.api_base[0].startswith('http://'))
def inner(*args, **kwargs): try: apic = apic_client.RestClient(log, "", [kwargs['apic_ip']], kwargs['apic_username'], kwargs['apic_password'], kwargs['ssl'], verify=kwargs['secure']) except apic_client.rexc.SSLError as e: raise click.UsageError( "Command failed with error: %s \nTry using option " "'--no-secure' to skip certificate validation" % e.message) return f(apic, *args, **kwargs)
def clean(args): apic_session = apic_client.RestClient(log, "", [args.apic_ip], args.apic_username, args.apic_password, args.ssl) apic_session.login() classes = ['infraNodeP', 'infraAccPortP', 'fvTenant', 'physDomP', 'infraNodeP', 'infraLeafS', 'infraNodeBlk', 'infraRsAccPortP', 'infraAccPortP', 'infraHPortS', 'infraPortBlk', 'infraAccPortGrp', 'infraRsAttEntP', 'infraAttEntityP', 'infraRsDomP', 'infraRsVlanNs', 'infraAccBndlGrp', 'infraRsAttEntP', 'infraRsLacpPol', 'lacpLagPol', 'fvnsVlanInstP', 'bgpRRP', 'bgpRRNodePEp', 'bgpAsP', 'fabricFuncP', 'infraAccNodePGrp'] [apic_session.delete_class(x) for x in classes]
def establish_aci_session(apic_config): return apic_client.RestClient( logging, '', apic_config.get_option('apic_hosts', group='apic'), apic_config.get_option('apic_username', group='apic'), apic_config.get_option('apic_password', group='apic'), apic_config.get_option('apic_use_ssl', group='apic'), scope_names=False, scope_infra=False, renew_names=False, verify=apic_config.get_option('verify_ssl_certificate', group='apic'), request_timeout=apic_config.get_option('apic_request_timeout', group='apic'), cert_name=apic_config.get_option('certificate_name', group='apic'), private_key_file=apic_config.get_option('private_key_file', group='apic'), sign_algo=apic_config.get_option( 'signature_verification_algorithm', group='apic'), sign_hash=apic_config.get_option( 'signature_hash_type', group='apic'))
def test_build_dn(self): clnt = apic.RestClient(self.log, mocked.APIC_SYSTEM_ID, mocked.APIC_HOSTS, scope_names=False) manager = clnt.dn_manager self.assertEqual('uni/tn-amit1/brc-c/subj-s2/rsfiltAtt-h', manager.build([('fvTenant', 'amit1'), ('vzBrCP', 'c'), ('vzSubj', 's2'), ('vzRsFiltAtt', 'h')])) self.assertEqual('uni/tn-amit1/brc-c/subj-s2/intmnl/rsfiltAtt-f', manager.build([('fvTenant', 'amit1'), ('vzBrCP', 'c'), ('vzSubj', 's2'), ('vzInTerm', 'intmnl'), ('vzRsFiltAtt', 'f')])) self.assertEqual( 'topology/pod-1/node-301/sys/br-[eth1/33]/odev-167776320', manager.build([('fabricTopology', 'topology'), ('fabricPod', '1'), ('fabricNode', '301'), ('topSystem', 'sys'), ('l2BrIf', 'eth1/33'), ('opflexODev', '167776320')]))