def create_address_group(cls, name, cidr, parent_obj=None):
if not name:
name = cidr
if not parent_obj:
pm_obj = PolicyManagement(cls.default_policy_management_name)
try:
parent_uuid = cls.vnc_lib.policy_management_create(pm_obj)
except RefsExistError:
pass
pm_obj = cls.vnc_lib.policy_management_read(
fq_name=pm_obj.get_fq_name())
PolicyManagementKM.locate(pm_obj.get_uuid())
else:
pm_obj = parent_obj
ip_prefix = cidr.split('/')
subnet_list = SubnetListType()
subnet = SubnetType(ip_prefix=ip_prefix[0], ip_prefix_len=ip_prefix[1])
subnet_list.add_subnet(subnet)
addr_grp_obj = AddressGroup(name=name,
parent_obj=pm_obj,
address_group_prefix=subnet_list)
try:
addr_grp_uuid = cls.vnc_lib.address_group_create(addr_grp_obj)
except RefsExistError:
cls.vnc_lib.address_group_update(addr_grp_obj)
addr_grp_uuid = addr_grp_obj.get_uuid()
# Update application policy set in our cache.
AddressGroupKM.locate(addr_grp_uuid)
addr_grp_obj = cls.vnc_lib.address_group_read(id=addr_grp_uuid)
return addr_grp_obj
def get_firewall_rule_uuid(cls, rule_name):
if not cls.cluster_aps_uuid:
raise Exception("Cluster Application Policy Set not available.")
aps = ApplicationPolicySetKM.locate(cls.cluster_aps_uuid)
pm = PolicyManagementKM.locate(aps.parent_uuid)
rule_fq_name = pm.fq_name + [rule_name]
rule_uuid = FirewallRuleKM.get_fq_name_to_uuid(rule_fq_name)
return rule_uuid
def get_firewall_policy_rule_uuid(cls, name, namespace, is_global=False):
if not cls.cluster_aps_uuid:
raise Exception("Cluster Application Policy Set not available.")
aps = ApplicationPolicySetKM.locate(cls.cluster_aps_uuid)
pm = PolicyManagementKM.locate(aps.parent_uuid)
fw_policy_fq_name = pm.fq_name +\
[cls.get_firewall_policy_name(name, namespace, is_global)]
fw_policy_uuid = FirewallPolicyKM.get_fq_name_to_uuid(fw_policy_fq_name)
return fw_policy_uuid
def create_application_policy_set(cls, name, parent_obj=None):
if not parent_obj:
pm_obj = PolicyManagement(cls.default_policy_management_name)
try:
parent_uuid = cls.vnc_lib.policy_management_create(pm_obj)
except RefsExistError:
pass
pm_obj = cls.vnc_lib.policy_management_read(
fq_name=pm_obj.get_fq_name())
PolicyManagementKM.locate(pm_obj.get_uuid())
else:
pm_obj = parent_obj
aps_obj = ApplicationPolicySet(name=name, parent_obj=pm_obj)
try:
aps_uuid = cls.vnc_lib.application_policy_set_create(aps_obj)
except RefsExistError:
cls.vnc_lib.application_policy_set_update(aps_obj)
aps_uuid = aps_obj.get_uuid()
# Update application policy set in our cache.
ApplicationPolicySetKM.locate(aps_uuid)
cls.cluster_aps_uuid = aps_uuid
return aps_uuid