def ensure_external_network_configured(self,
network_id,
address_scope_name,
delete=False):
tenant = self.get_tenant(network_id)
scope_config = self._get_address_scope_config(address_scope_name)
l3_outs = scope_config['l3_outs']
vrf_name = scope_config['vrf']
# prepare bridge domain
bd = fv.BD(tenant, network_id)
# We don't need the out profiles for now
# out_profile = RsBDToProfile(bd,tnL3extOutName=l3_out_name)
vrf = fv.RsCtx(bd, vrf_name, tnFvCtxName=vrf_name)
bd_outs = []
for l3_out in l3_outs.split(','):
out = self._find_l3_out(network_id, l3_out)
if out:
LOG.info('Configure L3 out for network, {}'.format(out.name))
bd_out = fv.RsBDToOut(bd, out.name)
if delete:
bd_out.delete()
bd_outs.append(bd_out)
else:
LOG.error(
'Cannot configure L3 out for BD, {} not found in ACI configuration'
.format(l3_out))
#if delete:
# vrf.delete() #TODO: the RsCtx object cannot be deleted, need to find out how to clear on the BD
# Prepare EPG
app = fv.Ap(tenant, self.apic_application_profile)
epg = fv.AEPg(app, network_id)
epg_contracts = []
contract_def = ast.literal_eval(scope_config['contracts'])
for type, contracts in contract_def.iteritems():
if type == 'consumed':
for contract in contracts:
contract = fv.RsCons(epg, contract)
if delete:
contract.delete()
epg_contracts.append(contract)
elif type == 'provided':
for contract in contracts:
contract = fv.RsProv(epg, contract)
if delete:
contract.delete()
epg_contracts.append(contract)
self.apic.commit([vrf] + bd_outs + epg_contracts)
def create_inb_mgmt_policies(apic=None, policy=None, nodes=None):
# First create the inband bridge domain, bind to inb context/VRF
fvTenant = aciFv.Tenant(aciPol.Uni(''), name='mgmt')
fvBD = aciFv.BD(fvTenant, name='inb')
aciFv.RsCtx(fvBD, tnFvCtxName='inb')
# Second create INB management contract to permit SSH
vzBrCp = aciVz.BrCP(fvTenant,
name=policy['inb_contract_name'],
scope='context',
prio='unspecified',
targetDscp='unspecified')
vzSubj = aciVz.Subj(vzBrCp,
name=policy['inb_subject_name'],
provMatchT='AtleastOne',
consMatchT='AtleastOne',
prio='unspecified',
targetDscp='unspecified',
revFltPorts='yes')
# Simply replicate this line for other filtername
aciVz.RsSubjFiltAtt(vzSubj,
action='permit',
tnVzFilterName='tcp_src_port_any_to_dst_port_22')
# Third, create inb mgmt EPG
mgmtMgmtP = aciMgmt.MgmtP(fvTenant, name='default')
mgmtInB = aciMgmt.InB(mgmtMgmtP,
name=policy['inb_epg_name'],
encap=policy['vlan'],
floodOnEncap='disabled',
matchT='AtleastOne',
prefGrMemb='exclude',
prio='unspecified')
# Bind to BD
aciMgmt.RsMgmtBD(mgmtInB, tnFvBDName='inb')
# Add the subnet/gateway
# aciFv.Subnet(
# mgmtInB, ip=policy['subnet'],
# ctrl='nd', preferred='no', virtual='no', scope='private'
# )
# Add consumer/provider
aciFv.RsProv(mgmtInB,
tnVzBrCPName=policy['inb_contract_name'],
prio='unspecified',
matchT='AtleastOne')
aciFv.RsCons(mgmtInB,
tnVzBrCPName=policy['inb_contract_name'],
prio='unspecified')
# FINALLY, create the maps of the nodes/IP/GW to the EPG
nodeNames = dict([n.name, n.id] for n in nodes)
podId = policy['podId']
for entry in policy['nodes']:
nodeId = nodeNames[entry['name']]
tDN = 'topology/pod-{}/node-{}'.format(podId, nodeId)
aciMgmt.RsInBStNode(mgmtInB,
tDn=tDN,
addr=entry['ipv4'],
gw=policy['gw'])
return fvTenant
l3extMember1 = l3ext.Member(l3extRsPathL3OutAtt, addr=extIP1, side='B')
l3extMember2 = l3ext.Member(l3extRsPathL3OutAtt, addr=extIP2, side='A')
l3secondaryIP = l3ext.Ip(l3extRsPathL3OutAtt, addr=secaddr)
l3secondaryIP1 = l3ext.Ip(l3extMember1, addr=secaddr)
l3secondaryIP2 = l3ext.Ip(l3extMember2, addr=secaddr)
# Associate to L3Domain
l3extRsL3DomAttMo = l3ext.RsL3DomAtt(l3outMo, tDn=l3outtDn)
# Build Contracts
l3extInstPMo = l3ext.InstP(l3outMo,
matchT='AtleastOne',
name=l3OutName,
prio='unspecified',
targetDscp='unspecified')
fv.RsCons(l3extInstPMo, tnVzBrCPName='xxxxx_AnyAny')
l3ext.Subnet(l3extInstPMo, ip='0.0.0.0/0')
fv.RsProv(l3extInstPMo, tnVzBrCPName='xxxxx_AnyAny')
vzBrCP = cobra.model.vz.BrCP(fvTenant, name='test_AnyAny')
vzSubj = cobra.model.vz.Subj(vzBrCP,
revFltPorts='yes',
name='subjectanyany',
provMatchT='AtleastOne')
vzRsSubjFiltAtt = cobra.model.vz.RsSubjFiltAtt(
vzSubj,
tRn='flt-any-any',
tDn='uni/tn-common/flt-any-any',
forceResolve='yes',
tnVzFilterName='any-any')
# OSPF Area
#ospf.ExtP(l3outMo, areaCtrl='redistribute,summary', areaType='regular', areaCost='1', areaId='backbone')