def add_vmm_domain_association(fv_epg, vmm_domain, **args): """Add Vmm Domain Association""" args = args['optional_args'] if 'optional_args' in args.keys() else args fv_rsdomatt = RsDomAtt(fv_epg, 'uni/vmmp-VMware/dom-' + vmm_domain, instrImedcy=get_value(args, 'deployment_immediacy', DEFAULT_IMMEDIACY), resImedcy=get_value(args, 'resolution_immediacy', DEFAULT_IMMEDIACY))
def add_domain_to_epg(mo, dName=DOMAIN, dType='phys'): dName = 'uni/' + dType + '-' + dName try: RsDomAtt(mo, tDn=dName, resImedcy='immediate') print '[+] EPG successfully attached to Domain %s' % DOMAIN CONFIG.addMo(mo) except: print '[-] Error attaching EPG to Domain %s' % DOMAIN exit(1)
def create_application_epg(fv_ap, epg, **args): """Create a Application. A set of requirements for the application-level EPG instance. The policy regulates connectivity and visibility among the end points within the scope of the policy. """ args = args['optional_args'] if 'optional_args' in args.keys() else args fv_aepg = AEPg(fv_ap, epg, prio=get_value(args, 'prio', 'unspecified').lower()) # Provide bridge_domain to the EPG. if is_valid_key(args, 'bridge_domain'): fv_rsbd = RsBd(fv_aepg, tnFvBDName=args['bridge_domain']) if is_valid_key(args, 'custom_qos'): fv_rscustqospol = RsCustQosPol(fv_aepg, tnQosCustomPolName=args['custom_qos']) if is_valid_key(args, 'monitoring'): fv_rsaepgmonpol = RsAEPgMonPol(fv_aepg, tnMonEPGPolName=args['monitoring']) if is_valid_key(args, 'associated_domain_profile'): for profile in args['associated_domain_profile']: fv_rsdomatt = RsDomAtt( fv_aepg, 'uni/phys-' + profile['domain_profile'], instrImedcy=get_value(profile, 'deployment_immediacy', DEFAULT_IMMEDIACY), resImedcy=get_value(profile, 'resolution_immediacy', DEFAULT_IMMEDIACY)) if is_valid_key(args, 'statically_link') and args['statically_link']: if is_valid_key(args, 'leaf') and is_valid_key( args['leaf'], 'node_id', ban=['None']): fv_rsnodeatt = RsNodeAtt( fv_aepg, 'topology/pod-1/node-' + str(args['leaf']['node_id']), encap=args['leaf']['encap'], mode=get_value(args['leaf'], 'mode', DEFAULT_MODE), instrImedcy=get_value(args['leaf'], 'deployment_immediacy', DEFAULT_IMMEDIACY)) if is_valid_key(args, 'path') and is_valid_key( args['path'], 'node_id', ban=['None']): fv_rsnodeatt = RsPathAtt( fv_aepg, 'topology/pod-1/paths-' + str(args['path']['node_id']) + '/pathep-[eth' + args['path']['eth'] + ']', encap=args['path']['encap'], mode=get_value(args['path'], 'mode', DEFAULT_MODE), instrImedcy=get_value(args['path'], 'deployment_immediacy', DEFAULT_IMMEDIACY)) return fv_aepg
def add_vmm_domain_association(modir, tenant_name, application, epg, vmm_domain, **args): fv_epg = modir.lookupByDn('uni/tn-' + tenant_name + '/ap-' + application + '/epg-' + epg) args = args['args_from_CLI'] if 'args_from_CLI' in args.keys() else args if isinstance(fv_epg, AEPg): fv_rsdomatt = RsDomAtt(fv_epg, 'uni/vmmp-VMware/dom-' + vmm_domain, instrImedcy=get_value(args, 'deployment_immediacy', 'lazy'), resImedcy=get_value(args, 'resolution_immediacy', 'lazy')) else: print 'Fail to find EPG', epg, 'Please make sure you have the EPG in application', application return print_query_xml(fv_epg) commit_change(modir, fv_epg)
def associate_epg_physical_domain(self, epg_dn, physical_domain_name): """ Associate a physical domain to an end point group :param epg_dn: :param physical_domain_name: :return: """ # Query the physical domain according to an specific name class_query = ClassQuery('physDomP') class_query.propFilter = 'eq(physDomP.name, "' + PD_PREFIX + physical_domain_name + '")' pd_list = self.moDir.query(class_query) # If the physical domain does not exists, create it with the vlan pool and the attachable entity profile if len(pd_list) == 0: vlan_pool_mo = self.create_vlan_pool(VLAN_POOL_PREFIX + physical_domain_name, 'static') DomP_mo = self.create_physical_domain(PD_PREFIX + physical_domain_name, str(vlan_pool_mo.dn)) self.create_attachable_entity_profile(AEP_PREFIX + physical_domain_name, str(DomP_mo.dn)) else: DomP_mo = pd_list[0] # Creates and commits the association rsdom = RsDomAtt(epg_dn, str(DomP_mo.dn)) self.commit(rsdom)
def main(host, port, user, password): # CONNECT TO APIC print('Initializing connection to APIC...') apicUrl = 'http://%s:%d' % (host, port) moDir = MoDirectory(LoginSession(apicUrl, user, password)) moDir.login() # Get the top level Policy Universe Directory uniMo = moDir.lookupByDn('uni') uniInfraMo = moDir.lookupByDn('uni/infra') # Create Vlan Namespace nsInfo = VMM_DOMAIN_INFO['namespace'] print("Creating namespace %s.." % (nsInfo['name'])) fvnsVlanInstPMo = VlanInstP(uniInfraMo, nsInfo['name'], 'dynamic') #fvnsArgs = {'from': nsInfo['from'], 'to': nsInfo['to']} EncapBlk(fvnsVlanInstPMo, nsInfo['from'], nsInfo['to'], name=nsInfo['name']) nsCfg = ConfigRequest() nsCfg.addMo(fvnsVlanInstPMo) moDir.commit(nsCfg) # Create VMM Domain print('Creating VMM domain...') vmmpVMwareProvPMo = moDir.lookupByDn('uni/vmmp-VMware') vmmDomPMo = DomP(vmmpVMwareProvPMo, VMM_DOMAIN_INFO['name']) vmmUsrMo = [] for usrp in VMM_DOMAIN_INFO['usrs']: usrMo = UsrAccP(vmmDomPMo, usrp['name'], usr=usrp['usr'], pwd=usrp['pwd']) vmmUsrMo.append(usrMo) # Create Controllers under domain for ctrlr in VMM_DOMAIN_INFO['ctrlrs']: vmmCtrlrMo = CtrlrP(vmmDomPMo, ctrlr['name'], scope=ctrlr['scope'], hostOrIp=ctrlr['ip']) # Associate Ctrlr to UserP RsAcc(vmmCtrlrMo, tDn=vmmUsrMo[0].dn) # Associate Domain to Namespace RsVlanNs(vmmDomPMo, tDn=fvnsVlanInstPMo.dn) vmmCfg = ConfigRequest() vmmCfg.addMo(vmmDomPMo) moDir.commit(vmmCfg) print("VMM Domain Creation Completed.") print("Starting Tenant Creation..") for tenant in TENANT_INFO: print("Creating tenant %s.." % (tenant['name'])) fvTenantMo = Tenant(uniMo, tenant['name']) # Create Private Network Ctx(fvTenantMo, tenant['pvn']) # Create Bridge Domain fvBDMo = BD(fvTenantMo, name=tenant['bd']) # Create association to private network RsCtx(fvBDMo, tnFvCtxName=tenant['pvn']) # Create Application Profile for app in tenant['ap']: print('Creating Application Profile: %s' % app['name']) fvApMo = Ap(fvTenantMo, app['name']) # Create EPGs for epg in app['epgs']: print("Creating EPG: %s..." % (epg['name'])) fvAEPgMo = AEPg(fvApMo, epg['name']) # Associate EPG to Bridge Domain RsBd(fvAEPgMo, tnFvBDName=tenant['bd']) # Associate EPG to VMM Domain RsDomAtt(fvAEPgMo, vmmDomPMo.dn) # Commit each tenant seperately tenantCfg = ConfigRequest() tenantCfg.addMo(fvTenantMo) moDir.commit(tenantCfg) print('All done!')
def create_endpoint_groups(delete=''): epg_df = pd.read_excel("input-data/ACI_DD_Workbook.xlsx", sheet_name='End_Point_Groups') file = open("EPG_Configuration.log", "w") logon = apic_logon() uniMo = logon.lookupByDn('uni') for index, row in epg_df.iterrows(): fvTenant = Tenant(uniMo, row['Tenant']) fvAp = Ap(fvTenant, row['Application Profile']) if delete == 'yes': fvAEPg = AEPg(fvAp, name=row['Name'], status='deleted') else: fvAEPg = AEPg(fvAp, name=row['EPG Name'], description=row['EPG Description'], prefGrMemb=row['prefGrMemb']) if pd.isnull(row['Associated Bridge Domain']) == False: fvRsBD = RsBd(fvAEPg, tnFvBDName=row['Associated Bridge Domain']) if pd.isnull(row['Physical Domain']) == False: fvRsDomAtt = RsDomAtt(fvAEPg, tDn='uni/phys-%s' % row['Physical Domain']) if pd.isnull(row['Static Path']) == False: fvRsPathAtt = RsPathAtt(fvAEPg, tDn=row['Static Path'], encap='vlan-%s' % row['VLAN Encap']) if pd.isnull(row['Associated VMM1']) == False: fvRsDomAtt1 = RsDomAtt(fvAEPg, tDn='uni/vmmp-VMware/dom-' + row['Associated VMM1'], primaryEncap=u'unknown', classPref=u'encap', delimiter=u'', instrImedcy=u'lazy', encap=u'unknown', encapMode=u'auto', resImedcy=u'immediate') vmmSecP = SecP(fvRsDomAtt1, ownerKey=u'', name=u'', descr=u'', forgedTransmits=u'reject', ownerTag=u'', allowPromiscuous=u'reject', macChanges=u'reject') if pd.isnull(row['Associated VMM2']) == False: fvRsDomAtt2 = RsDomAtt(fvAEPg, tDn='uni/vmmp-VMware/dom-' + row['Associated VMM2'], primaryEncap=u'unknown', classPref=u'encap', delimiter=u'', instrImedcy=u'lazy', encap=u'unknown', encapMode=u'auto', resImedcy=u'immediate') vmmSecP2 = SecP(fvRsDomAtt2, ownerKey=u'', name=u'', descr=u'', forgedTransmits=u'reject', ownerTag=u'', allowPromiscuous=u'reject', macChanges=u'reject') cfgRequest = ConfigRequest() cfgRequest.addMo(fvAp) logon.commit(cfgRequest) json_data = toJSONStr(fvAp, prettyPrint=True) file.write( '\n-------------------------------------------------------------------\n' ) file.write(json_data) file.close()
def setupApp(spec, apicMoDir, gwConfig): logging.debug('Inside setupApp function') # create an app prof if it does not exist. appName = spec['app-prof'] tenant = spec['tenant'] tenMo = tenantDict[tenant] epgList = spec['epgs'] logging.debug('Nodes : %s' % gwConfig.nodes) logging.debug('Paths : %s' % gwConfig.paths) physDom = gwConfig.physDom vmmDom = gwConfig.vmmDom if physDom == "not_specified" and vmmDom == "not_specified": return ['failed', 'Physical and VMM domain not specified'] # Check if the APIC already knows about this application profile # within this tenant context appProfDn = formAppProfDn(tenant, appName) exists, fvApMo = checkDnExists(apicMoDir, appProfDn) if exists: # The appProfile already exists in the APIC. Stash what we got. logging.info('App-prof %s,%s already exists.' % (tenant, appName)) appDict[appName] = fvApMo else: logging.info('Creating application profile %s in tenant %s' % (appName, tenant)) fvApMo = Ap(tenMo, appName) appDict[appName] = fvApMo cR = ConfigRequest() cR.addMo(fvApMo) # Walk the EPG list and create them. for epg in epgList: # Get the bridge domain for this epg, will create if needed comTen = gwConfig.includeCommonTenant bdName = getBridgeDomain(tenant, epg, apicMoDir, comTen) epgName = epg['name'] fvEpg = AEPg(fvApMo, epgName) # associate to BD RsBd(fvEpg, tnFvBDName=bdName) vlan = epg['vlan-tag'] encapid = 'vlan-' + vlan if vmmDom != "not_specified": # associate to vmm domain logging.info("VMM Domain: {}".format(vmmDom)) contivClusterDom = 'uni/vmmp-VMware/dom-' + vmmDom logging.debug("Bind VMM : {} on {}".format(vmmDom, encapid)) rsDomAtt = RsDomAtt(fvEpg, tDn=contivClusterDom, instrImedcy='immediate', encap=encapid, resImedcy='immediate') SecP(rsDomAtt, forgedTransmits='accept', allowPromiscuous='accept', macChanges='accept') if physDom != "not_specified": # associate to phy domain contivClusterDom = 'uni/phys-' + physDom RsDomAtt(fvEpg, contivClusterDom) # TODO: add static binding logging.info('Nodes : %s' % gwConfig.nodes) for leaf in gwConfig.nodes: logging.debug('Bind Leaf : %s' % leaf) RsNodeAtt(fvEpg, tDn=leaf, encap=encapid) logging.info('Paths : %s' % gwConfig.paths) for path in gwConfig.paths: logging.debug('Path = %s' % path) RsPathAtt(fvEpg, tDn=path, instrImedcy='immediate', encap=encapid) apicMoDir.commit(cR) enforce = gwConfig.enforcePolicies if enforce.lower() == "no": logging.info('Setting up EPG in un-enforced mode.') setupUnenforcedMode(spec, apicMoDir) else: logging.debug('Establishing policy contracts.') addDefinedContracts(spec, apicMoDir) logging.debug('Establishing consumer/provider links.') ret = addContractLinks(spec, apicMoDir) if ret[0] != 'success': return ret return ['success', 'ok']