add security group crud samples

Signed-off-by: Tianhao He <[email protected]>

Author: Tianhao He

samples/vmc/networks_nsxt/security_group_create.py

@@ -0,0 +1,89 @@
+#!/usr/bin/env python
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc'
+__vcenter_version__ = 'VMware Cloud on AWS'
+
+import argparse
+import random
+
+import requests
+from com.vmware.nsx_policy.infra_client import Domains
+from com.vmware.nsx_policy.model_client import (Expression, Group,
+                                                IPAddressExpression)
+from com.vmware.nsx_policy_client_for_vmc import \
+    create_nsx_policy_client_for_vmc
+from vmware.vapi.bindings.struct import PrettyPrinter
+from vmware.vapi.lib import connect
+from vmware.vapi.security.user_password import \
+    create_user_password_security_context
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+"""
+Create a new NSX-T Group on MGW or CGW
+
+Sample Prerequisites:
+    - SDDC deployed in VMware Cloud on AWS
+"""
+parser = argparse.ArgumentParser(
+    formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+
+parser.add_argument('--refresh_token',
+                    required=True,
+                    help='Refresh token obtained from CSP')
+
+parser.add_argument('--org_id',
+                    required=True,
+                    help='Orgization ID')
+
+parser.add_argument('--sddc_id',
+                    required=True,
+                    help='Sddc ID')
+
+parser.add_argument('--gateway_type',
+                    default='mgw',
+                    help='Gateway type. Either mgw or cgw')
+
+parser.add_argument('--name',
+                    required=True,
+                    help='Name of the security group to be created')
+
+parser.add_argument('--ip_address',
+                    default='172.31.0.0/24',
+                    help='IP address for the expression')
+
+parser.add_argument('--group_id',
+                    help='ID of the group. A random ID will be used by default')
+
+args = parser.parse_args()
+
+gateway_type = args.gateway_type.lower()
+
+id = args.group_id or 'AppGroup-{}'.format(random.randint(1, 10))
+
+nsx_client = create_nsx_policy_client_for_vmc(
+    refresh_token=args.refresh_token, org_id=args.org_id, sddc_id=args.sddc_id)
+
+print('Create a new NSX-T security group for "{}" with id "{}" and name "{}" \n'
+      .format(gateway_type, id, args.name))
+
+ipa = IPAddressExpression(ip_addresses=[args.ip_address])
+group = Group(display_name=args.name, expression=[ipa])
+
+nsx_client.infra.domains.Groups.update(gateway_type, id, group)
+
+print('Successfully created the security group\n')
+
+print('Retrieve security group properties\n')
+security_group = nsx_client.infra.domains.Groups.get(gateway_type, id)
+print(security_group)

samples/vmc/networks_nsxt/security_group_delete.py

@@ -0,0 +1,87 @@
+#!/usr/bin/env python
+
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc'
+__vcenter_version__ = 'VMware Cloud on AWS'
+
+import argparse
+import random
+
+import requests
+from com.vmware.nsx_policy.infra_client import Domains
+from com.vmware.nsx_policy.model_client import (Expression, Group,
+                                                IPAddressExpression)
+from com.vmware.nsx_policy_client_for_vmc import \
+    create_nsx_policy_client_for_vmc
+from com.vmware.vapi.std.errors_client import NotFound
+from vmware.vapi.bindings.struct import PrettyPrinter
+from vmware.vapi.lib import connect
+from vmware.vapi.security.user_password import \
+    create_user_password_security_context
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+
+"""
+Delete a NSX-T Group on MGW or CGW
+
+Sample Prerequisites:
+    - SDDC deployed in VMware Cloud on AWS
+    - A NSX-T security group
+"""
+parser = argparse.ArgumentParser(
+        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+
+parser.add_argument('--refresh_token',
+                    required=True,
+                    help='Refresh token obtained from CSP')
+
+parser.add_argument('--org_id',
+                    required=True,
+                    help='Orgization ID')
+
+parser.add_argument('--sddc_id',
+                    required=True,
+                    help='Sddc ID')
+
+parser.add_argument('--gateway_type',
+                    default='mgw',
+                    help='Gateway type. Either mgw or cgw')
+
+parser.add_argument('--group_id',
+                    help='ID of the group to be deleted')
+
+args = parser.parse_args()
+
+gateway_type = args.gateway_type.lower()
+
+nsx_client = create_nsx_policy_client_for_vmc(
+        refresh_token=args.refresh_token,
+        org_id=args.org_id,
+        sddc_id=args.sddc_id)
+
+try:
+    security_group = nsx_client.infra.domains.Groups.get(gateway_type, args.group_id)
+except NotFound:
+    raise ValueError('Security group "{}" not found'.format(args.group_id))
+
+print('Deleting the NSX-T security group "{}"\n'.format(args.group_id))
+
+nsx_client.infra.domains.Groups.delete(gateway_type, args.group_id)
+
+groups = nsx_client.infra.domains.Groups.list(gateway_type).results
+
+if any(g.id == args.group_id for g in groups):
+    raise Exception('Failed to delete the security group')
+
+print('Successfully deleted the security group\n')

samples/vmc/networks_nsxt/security_group_list.py

@@ -0,0 +1,71 @@
+#!/usr/bin/env python
+
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc'
+__vcenter_version__ = 'VMware Cloud on AWS'
+
+import requests
+import argparse
+
+from com.vmware.nsx_policy.infra_client import Domains
+from com.vmware.nsx_policy_client_for_vmc import create_nsx_policy_client_for_vmc
+from vmware.vapi.bindings.struct import PrettyPrinter
+from vmware.vapi.lib import connect
+from vmware.vapi.security.user_password import \
+    create_user_password_security_context
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+
+
+"""
+List all Network Security Groups
+
+Sample Prerequisites:
+    - SDDC deployed in VMware Cloud on AWS
+"""
+parser = argparse.ArgumentParser(
+        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+
+parser.add_argument('--refresh_token',
+                    required=True,
+                    help='Refresh token obtained from CSP')
+
+parser.add_argument('--org_id',
+                    required=True,
+                    help='Orgization ID')
+
+parser.add_argument('--sddc_id',
+                    required=True,
+                    help='Sddc ID')
+
+parser.add_argument('--gateway_type',
+                    default='mgw',
+                    help='Gateway type. Either mgw or cgw')
+
+args = parser.parse_args()
+
+gateway_type = args.gateway_type.lower()
+
+nsx_client = create_nsx_policy_client_for_vmc(
+        refresh_token=args.refresh_token,
+        org_id=args.org_id,
+        sddc_id=args.sddc_id)
+
+print('Listing all security groups for "{}"\n'.format(gateway_type))
+
+security_groups = nsx_client.infra.domains.Groups.list(gateway_type).results
+
+for group in security_groups:
+    print('* Group "{}":'.format(group.id))
+    print('{}\n'.format(group))

samples/vmc/networks_nsxt/security_group_update.py

@@ -0,0 +1,93 @@
+#!/usr/bin/env python
+
+"""
+* *******************************************************
+* Copyright (c) VMware, Inc. 2019. All Rights Reserved.
+* SPDX-License-Identifier: MIT
+* *******************************************************
+*
+* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
+* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
+* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
+* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
+"""
+
+__author__ = 'VMware, Inc'
+__vcenter_version__ = 'VMware Cloud on AWS'
+
+import argparse
+import random
+
+import requests
+from com.vmware.nsx_policy.infra_client import Domains
+from com.vmware.nsx_policy.model_client import (Expression, Group,
+                                                IPAddressExpression)
+from com.vmware.nsx_policy_client_for_vmc import \
+    create_nsx_policy_client_for_vmc
+from com.vmware.vapi.std.errors_client import NotFound
+from vmware.vapi.bindings.struct import PrettyPrinter
+from vmware.vapi.lib import connect
+from vmware.vapi.security.user_password import \
+    create_user_password_security_context
+from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
+
+
+"""
+Update a NSX-T Group on MGW or CGW
+
+Sample Prerequisites:
+    - SDDC deployed in VMware Cloud on AWS
+    - A NSX-T security group
+"""
+parser = argparse.ArgumentParser(
+        formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+
+parser.add_argument('--refresh_token',
+                    required=True,
+                    help='Refresh token obtained from CSP')
+
+parser.add_argument('--org_id',
+                    required=True,
+                    help='Orgization ID')
+
+parser.add_argument('--sddc_id',
+                    required=True,
+                    help='Sddc ID')
+
+parser.add_argument('--gateway_type',
+                    default='mgw',
+                    help='Gateway type. Either mgw or cgw')
+
+parser.add_argument('--group_id',
+                    help='ID of the group to be updated')
+
+parser.add_argument('--name',
+                    required=True,
+                    help='New name of the security group to be updated')
+
+args = parser.parse_args()
+
+gateway_type = args.gateway_type.lower()
+
+nsx_client = create_nsx_policy_client_for_vmc(
+        refresh_token=args.refresh_token,
+        org_id=args.org_id,
+        sddc_id=args.sddc_id)
+
+try:
+    security_group = nsx_client.infra.domains.Groups.get(gateway_type, args.group_id)
+except NotFound:
+    raise ValueError('Security group "{}" not found'.format(args.group_id))
+
+print('Updating NSX-T security group\'s name from "{}" to "{}"\n'.format(
+    security_group.display_name, args.name))
+
+new_description = 'new description'
+security_group.description = new_description
+security_group.display_name = args.name
+
+group_updated = nsx_client.infra.domains.Groups.update(gateway_type, args.group_id, security_group)
+assert group_updated.description == new_description
+assert group_updated.display_name == args.name
+print('Successfully updated the security group\n')