def delete(**kwargs): use_existing, dynamic_member = common.get_properties( 'dynamic_member', kwargs) if use_existing: common.remove_properties('dynamic_member') ctx.logger.info("Used existed") return resource_id = ctx.instance.runtime_properties.get('resource_id') if not resource_id: common.remove_properties('dynamic_member') ctx.logger.info("Not fully created, skip") return # credentials client_session = common.nsx_login(kwargs) common.attempt_with_rerun(nsx_security_group.del_dynamic_member, client_session=client_session, security_group_id=resource_id) ctx.logger.info("delete %s" % resource_id) common.remove_properties('dynamic_member')
def create(**kwargs): validation_rules = { "dlr_id": { "required": True }, "relayServer": { "default": {} }, "relayAgents": { "default": {} } } use_existing, relay_dict = common.get_properties_and_validate( 'relay', kwargs, validation_rules ) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) cfy_dlr.update_dhcp_relay( client_session, relay_dict['dlr_id'], relay_dict['relayServer'], relay_dict['relayAgents'] ) resource_id = relay_dict['dlr_id'] ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def _create(kwargs, validation_rules): use_existing, neighbour = common.get_properties_and_validate( 'neighbour', kwargs, validation_rules) if use_existing: ctx.logger.info("Used existed, no changes made") return resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = cfy_dlr.add_bgp_neighbour( client_session, neighbour['dlr_id'], use_existing, neighbour['ipAddress'], neighbour['remoteAS'], neighbour['weight'], neighbour['holdDownTimer'], neighbour['keepAliveTimer'], neighbour['password'], neighbour.get('protocolAddress'), neighbour.get('forwardingAddress')) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "dlr_id": { "required": True }, "address": { "required": True } } use_existing, gateway = common.get_properties_and_validate( 'gateway', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) result_raw = nsx_router.dlr_set_dgw(client_session, gateway['dlr_id'], gateway['address']) common.check_raw_result(result_raw) ctx.instance.runtime_properties['resource_id'] = gateway['dlr_id'] ctx.logger.info("created %s" % gateway['dlr_id'])
def create(**kwargs): validation_rules = { "dlr_id": { "required": True }, "name": { "required": True }, "ipAddress": { "required": True } } use_existing, prefix = common.get_properties_and_validate( 'prefix', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) if not use_existing: return # credentials client_session = common.nsx_login(kwargs) resource_id = cfy_dlr.add_routing_prefix(client_session, use_existing, prefix['dlr_id'], prefix['name'], prefix['ipAddress']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "tag_id": { "required": True }, "vm_id": { "required": True } } use_existing, vm_tag = common.get_properties_and_validate( 'vm_tag', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_security_tag.add_tag_vm( client_session, vm_tag['tag_id'], vm_tag['vm_id'], ) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def setUp(self): super(SecurityTest, self).setUp() self.local_env = None self.ext_inputs = { # prefix for run 'node_name_prefix': os.environ.get('NODE_NAME_PREFIX', ""), # nsx inputs 'nsx_ip': os.environ.get('NSX_IP'), 'nsx_user': os.environ.get('NSX_USER'), 'nsx_password': os.environ.get('NSX_PASSWORD'), } if ( not self.ext_inputs['nsx_ip'] or not self.ext_inputs['nsx_ip'] or not self.ext_inputs['nsx_password'] ): self.skipTest("You dont have credentials for nsx") blueprints_path = os.path.split(os.path.abspath(__file__))[0] self.blueprints_path = os.path.join( blueprints_path, 'resources' ) self._regen_ctx() # credentials self.client_session = common.nsx_login({ 'nsx_auth': { 'username': self.ext_inputs['nsx_user'], 'password': self.ext_inputs['nsx_password'], 'host': self.ext_inputs['nsx_ip'] } })
def create(**kwargs): kwargs = common.get_properties_update( 'dynamic_member', "security_group_id", kwargs, target_relationship="cloudify.nsx.relationships.contained_in", target_property="resource_id") validation_rules = { "security_group_id": { "required": True }, # dynamic member definition "dynamic_set": { "required": True } } use_existing, dynamic_member = common.get_properties_and_validate( 'dynamic_member', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_security_group.set_dynamic_member( client_session, dynamic_member['security_group_id'], dynamic_member['dynamic_set']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % (resource_id))
def test_nsx_login_without_raml(self): """Check nsx_common.attempt_with_rerun func: withour raml""" self._regen_ctx() fake_client = mock.MagicMock(return_value='Called') with mock.patch( 'cloudify_nsx.library.nsx_common.NsxClient', fake_client ): with mock.patch( 'cloudify_nsx.library.nsx_common.resource_filename', mock.MagicMock(return_value='other_raml') ): # without raml self.assertEqual( common.nsx_login({ 'nsx_auth': { 'username': '******', 'password': '******', 'host': 'ip' } }), 'Called' ) fake_client.assert_called_with( 'other_raml/nsxvapi.raml', 'ip', 'username', 'password' )
def delete(**kwargs): use_existing, router_dict = common.get_properties('router', kwargs) if use_existing: nsx_dlr.remove_properties_edges() ctx.logger.info("Used pre existed!") return resource_id = ctx.instance.runtime_properties.get('resource_id') if not resource_id: nsx_dlr.remove_properties_edges() ctx.logger.info("We dont have resource_id") return # credentials client_session = common.nsx_login(kwargs) common.attempt_with_rerun( nsx_dlr.del_edge, client_session=client_session, resource_id=resource_id ) ctx.logger.info("deleted %s" % resource_id) nsx_dlr.remove_properties_edges()
def delete(**kwargs): use_existing, interface = common.get_properties('interface', kwargs) if use_existing: common.remove_properties('interface') common.remove_properties('ifindex') ctx.logger.info("Used existed") return resource_id = ctx.instance.runtime_properties.get('resource_id') if not resource_id: common.remove_properties('interface') common.remove_properties('ifindex') ctx.logger.info("Not fully created, skip") return # credentials client_session = common.nsx_login(kwargs) common.attempt_with_rerun(nsx_esg.esg_clear_interface, client_session=client_session, resource_id=resource_id) ctx.logger.info("delete %s" % resource_id) common.remove_properties('interface') common.remove_properties('ifindex')
def create(**kwargs): validation_rules = { "security_policy_id": { "required": True }, "security_group_id": { "required": True } } use_existing, policy_group_bind = common.get_properties_and_validate( 'policy_group_bind', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_security_policy.add_policy_group_bind( client_session, policy_group_bind['security_policy_id'], policy_group_bind['security_group_id'], ) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % (resource_id))
def test_nsx_login_no_credentials(self): """Check nsx_common.attempt_with_rerun func: no credentials""" self._regen_ctx() fake_client = mock.MagicMock() with mock.patch( 'cloudify_nsx.library.nsx_common.NsxClient', fake_client ): # no credentials with self.assertRaises(cfy_exc.NonRecoverableError) as error: common.nsx_login({}) fake_client.assert_not_called() self.assertEqual( str(error.exception), "please check your credentials" )
def create(**kwargs): validation_rules = { "name": { "required": True }, "description": { "set_none": True }, "precedence": { "type": "string", "required": True }, "parent": { "set_none": True }, "securityGroupBinding": { "set_none": True }, "actionsByCategory": { "set_none": True } } use_existing, policy = common.get_properties_and_validate( 'policy', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) if not resource_id: resource_id, exist_policy = nsx_security_policy.get_policy( client_session, policy['name']) if use_existing and resource_id: ctx.instance.runtime_properties['resource_id'] = resource_id _update_policy(exist_policy) ctx.logger.info("Used existed %s" % resource_id) elif resource_id: raise cfy_exc.NonRecoverableError( "Security policy '%s' already exists" % policy['name']) elif use_existing: raise cfy_exc.NonRecoverableError( "Security policy '%s' does not exist" % policy['name']) if not resource_id: resource_id = nsx_security_policy.add_policy( client_session, policy['name'], policy['description'], policy['precedence'], policy['parent'], policy['securityGroupBinding'], policy['actionsByCategory']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "dlr_id": { "required": True }, "areaId": { "required": True }, # must be vnic with uplink "vnic": { "required": True }, "helloInterval": { "default": 10, "type": "string" }, "deadInterval": { "default": 40, "type": "string", }, "priority": { "default": 128, "type": "string" }, "cost": { "set_none": True } } use_existing, interface = common.get_properties_and_validate( 'interface', kwargs, validation_rules ) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) if not use_existing: return # credentials client_session = common.nsx_login(kwargs) resource_id = cfy_dlr.add_esg_ospf_interface( client_session, interface['dlr_id'], interface['areaId'], interface['vnic'], use_existing, interface['helloInterval'], interface['deadInterval'], interface['priority'], interface['cost'] ) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validations_rules = { "esg_id": { "required": True }, "ip_range": { "required": True }, "default_gateway": { "set_none": True }, "subnet_mask": { "set_none": True }, "domain_name": { "set_none": True }, "dns_server_1": { "set_none": True }, "dns_server_2": { "set_none": True }, "lease_time": { "set_none": True }, "auto_dns": { "set_none": True } } use_existing, pool_dict = common.get_properties_and_validate( 'pool', kwargs, validations_rules) if use_existing: ctx.logger.info("Used pre existed!") return resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_dhcp.add_dhcp_pool( client_session, pool_dict['esg_id'], pool_dict['ip_range'], pool_dict['default_gateway'], pool_dict['subnet_mask'], pool_dict['domain_name'], pool_dict['dns_server_1'], pool_dict['dns_server_2'], pool_dict['lease_time'], pool_dict['auto_dns']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s | %s" % (resource_id, pool_dict['esg_id']))
def create(**kwargs): validation_rules = { "name": { "required": True }, "type": { "required": True, "values": [ 'group', 'policy', 'tag', 'lswitch', 'router' ] }, "scopeId": { "default": "globalroot-0", "required": True } } _, nsx_object = common.get_properties_and_validate( 'nsx_object', kwargs, validation_rules ) # credentials client_session = common.nsx_login(kwargs) if nsx_object['type'] == 'group': resource_id, _ = nsx_security_group.get_group( client_session, nsx_object['scopeId'], nsx_object['name'] ) elif nsx_object['type'] == 'policy': resource_id, _ = nsx_security_policy.get_policy( client_session, nsx_object['name'] ) elif nsx_object['type'] == 'tag': resource_id, _ = nsx_security_tag.get_tag( client_session, nsx_object['name'] ) elif nsx_object['type'] == 'lswitch': resource_id, switch_params = nsx_logical_switch.logical_switch_read( client_session, nsx_object['name'] ) elif nsx_object['type'] == 'router': resource_id, _ = nsx_router.dlr_read( client_session, nsx_object['name'] ) runtime_properties = ctx.instance.runtime_properties runtime_properties['resource_id'] = resource_id runtime_properties['use_external_resource'] = resource_id is not None
def unlink(**kwargs): vm_id = ctx.source.instance.runtime_properties.get('vsphere_server_id') tag_id = ctx.target.instance.runtime_properties.get('resource_id') ctx.logger.info("Deattach %s from %s" % (str(tag_id), str(vm_id))) # credentials reused from target kwargs.update(ctx.target.instance.runtime_properties) client_session = common.nsx_login(kwargs) resource_id = nsx_security_tag.tag_vm_to_resource_id(tag_id, vm_id) nsx_security_tag.delete_tag_vm(client_session, resource_id) ctx.logger.info("delete %s" % resource_id)
def unlink(**kwargs): policy_id = ctx.source.instance.runtime_properties.get('resource_id') group_id = ctx.target.instance.runtime_properties.get('resource_id') ctx.logger.info("Deattach %s from %s" % (str(policy_id), str(group_id))) # credentials reused from target kwargs.update(ctx.target.instance.runtime_properties) client_session = common.nsx_login(kwargs) resource_id = nsx_security_policy.policy_group_to_resource_id( group_id, policy_id) nsx_security_policy.del_policy_group_bind(client_session, resource_id) ctx.logger.info("delete %s" % resource_id)
def link(**kwargs): vm_id = ctx.source.instance.runtime_properties.get('vsphere_server_id') tag_id = ctx.target.instance.runtime_properties.get('resource_id') ctx.logger.info("Attach %s to %s" % (str(tag_id), str(vm_id))) # credentials reused from target kwargs.update(ctx.target.instance.runtime_properties) client_session = common.nsx_login(kwargs) resource_id = nsx_security_tag.add_tag_vm( client_session, tag_id, vm_id, ) ctx.logger.info("created %s" % resource_id)
def link(**kwargs): policy_id = ctx.source.instance.runtime_properties.get('resource_id') group_id = ctx.target.instance.runtime_properties.get('resource_id') ctx.logger.info("Attach %s to %s" % (str(policy_id), str(group_id))) # credentials reused from target kwargs.update(ctx.target.instance.runtime_properties) client_session = common.nsx_login(kwargs) resource_id = nsx_security_policy.add_policy_group_bind( client_session, policy_id, group_id, ) ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "name": { "required": True }, "description": { "set_none": True } } use_existing, tag = common.get_properties_and_validate( 'tag', kwargs, validation_rules ) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) if not resource_id: resource_id, _ = nsx_security_tag.get_tag(client_session, tag['name']) if use_existing and resource_id: ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("Used existed %s" % resource_id) elif resource_id: raise cfy_exc.NonRecoverableError( "Security tag '%s' already exists" % tag['name'] ) elif use_existing: raise cfy_exc.NonRecoverableError( "Security tag '%s' does not exist" % tag['name'] ) if not resource_id: resource_id = nsx_security_tag.add_tag( client_session, tag['name'], tag['description'], ) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "esg_id": { "required": True }, "network": { "required": True }, "next_hop": { "required": True }, "vnic": { "set_none": True, "type": "string" }, "mtu": { "set_none": True, "type": "string" }, "admin_distance": { "set_none": True, "type": "string" }, "description": { "set_none": True } } use_existing, route = common.get_properties_and_validate( 'route', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_esg.esg_route_add(client_session, route['esg_id'], route['network'], route['next_hop'], route['vnic'], route['mtu'], route['admin_distance'], route['description']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "dlr_id": { "required": True }, "areaId": { "required": True }, "type": { "required": True, "values": ["normal", "nssa"] }, "authentication": { "set_none": True, "sub": { "type": { "required": True, "values": ["none", "password", "md5"] }, "value": { "set_none": True, "required": False } } } } use_existing, area = common.get_properties_and_validate( 'area', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) if not use_existing: return # credentials client_session = common.nsx_login(kwargs) resource_id = cfy_dlr.add_esg_ospf_area(client_session, area['dlr_id'], area['areaId'], use_existing, area['type'], area['authentication']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): validation_rules = { "esg_id": { "required": True }, "dgw_ip": { "required": True }, "vnic": { "set_none": True, "type": "string" }, "mtu": { "set_none": True, "type": "string" }, "admin_distance": { "set_none": True, "type": "string" } } use_existing, gateway = common.get_properties_and_validate( 'gateway', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_esg.esg_dgw_set(client_session, gateway['esg_id'], gateway['dgw_ip'], gateway['vnic'], gateway['mtu'], gateway['admin_distance']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def test_nsx_login_ip_from_inputs(self): """Check nsx_common.attempt_with_rerun func:ip from inputs""" self._regen_ctx() fake_client = mock.MagicMock(return_value='Called') with mock.patch( 'cloudify_nsx.library.nsx_common.NsxClient', fake_client ): # with ip from params self.assertEqual( common.nsx_login({ 'nsx_auth': { 'username': '******', 'password': '******', 'raml': 'raml', 'host': 'ip' } }), 'Called' ) fake_client.assert_called_with( 'raml', 'ip', 'username', 'password' )
def create(**kwargs): kwargs = common.get_properties_update( 'group_exclude_member', "security_group_id", kwargs, target_relationship="cloudify.nsx.relationships.contained_in", target_property="resource_id" ) validate_rules = { "security_group_id": { "required": True }, # member id "objectId": { "required": True } } use_existing, group_exclude_member = common.get_properties_and_validate( 'group_exclude_member', kwargs, validate_rules ) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_security_group.add_group_exclude_member( client_session, group_exclude_member['security_group_id'], group_exclude_member['objectId'], ) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id)
def create(**kwargs): kwargs = common.get_properties_update( 'policy_section', "security_policy_id", kwargs, target_relationship="cloudify.nsx.relationships.contained_in", target_property="resource_id") validation_rules = { "security_policy_id": { "required": True }, "category": { "required": True }, "action": { "required": True } } use_existing, policy_section = common.get_properties_and_validate( 'policy_section', kwargs, validation_rules) resource_id = ctx.instance.runtime_properties.get('resource_id') if resource_id: ctx.logger.info("Reused %s" % resource_id) return # credentials client_session = common.nsx_login(kwargs) resource_id = nsx_security_policy.add_policy_section( client_session, policy_section['security_policy_id'], policy_section['category'], policy_section['action']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % (resource_id))
def delete(**kwargs): use_existing, area = common.get_properties('prefix', kwargs) if use_existing: common.remove_properties('prefix') ctx.logger.info("Used existed") return resource_id = ctx.instance.runtime_properties.get('resource_id') if not resource_id: common.remove_properties('prefix') ctx.logger.info("Not fully created, skip") return # credentials client_session = common.nsx_login(kwargs) common.attempt_with_rerun(cfy_dlr.del_routing_prefix, client_session=client_session, resource_id=resource_id) ctx.logger.info("deleted %s" % resource_id) common.remove_properties('prefix')
def create(**kwargs): validation_rules = { "name": { "required": True }, "dlr_pwd": { "required": True }, "dlr_size": { "default": "compact", "values": [ "compact", "large", "quadlarge", "xlarge" ] }, "ha_ls_id": { "required": True }, "uplink_ls_id": { "required": True }, "uplink_ip": { "required": True }, "uplink_subnet": { "required": True }, "uplink_dgw": { "required": True } } use_existing, router_dict = common.get_properties_and_validate( 'router', kwargs, validation_rules ) ctx.logger.info("checking %s" % router_dict["name"]) # credentials client_session = common.nsx_login(kwargs) resource_id = ctx.instance.runtime_properties.get('resource_id') if not use_existing and not resource_id: resource_id, _ = nsx_router.dlr_read( client_session, router_dict["name"] ) if use_existing: ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("Used existed %s" % resource_id) elif resource_id: raise cfy_exc.NonRecoverableError( "Router '%s' already exists" % router_dict["name"] ) if not resource_id: # update properties with vcenter specific values, # required only on create router_dict = common.possibly_assign_vm_creation_props(router_dict) resource_id, _ = nsx_router.dlr_create( client_session, router_dict['name'], router_dict['dlr_pwd'], router_dict['dlr_size'], router_dict['datacentermoid'], router_dict['datastoremoid'], router_dict['resourcepoolid'], router_dict['ha_ls_id'], router_dict['uplink_ls_id'], router_dict['uplink_ip'], router_dict['uplink_subnet'], router_dict['uplink_dgw']) ctx.instance.runtime_properties['resource_id'] = resource_id ctx.logger.info("created %s" % resource_id) uplink_vnic = nsx_dlr.get_uplink_vnic( client_session, resource_id, router_dict['uplink_ls_id']) ctx.instance.runtime_properties['router']['uplink_vnic'] = uplink_vnic nsx_dlr.update_common_edges(client_session, resource_id, kwargs, False)