Code Review / groupbasedpolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Clean up permissions on demo
[groupbasedpolicy.git] / demos / gbpsfc-env / demo-asymmetric-chain / rest.py
1 #!/usr/bin/python
2 import argparse
3 import requests,json
4 from requests.auth import HTTPBasicAuth
5 from subprocess import call
6 import time
7 import sys
8 import os
9
10
11 DEFAULT_PORT='8181'
12
13
14 USERNAME='admin'
15 PASSWORD='admin'
16
17
18 CONF_TENANT='/restconf/config/policy:tenants'
19
20 def get(host, port, uri):
21     url='http://'+host+":"+port+uri
22     r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))
23     return r
24
25 def put(host, port, uri, data, debug=False):
26     '''Perform a PUT rest operation, using the URL and data provided'''
27
28     url='http://'+host+":"+port+uri
29
30     headers = {'Content-type': 'application/yang.data+json',
31                'Accept': 'application/yang.data+json'}
32     if debug == True:
33         print "PUT %s" % url
34         print json.dumps(data, indent=4, sort_keys=True)
35     r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
36     if debug == True:
37         print r.text
38     r.raise_for_status()
39
40 def post(host, port, uri, data, debug=False):
41     '''Perform a POST rest operation, using the URL and data provided'''
42
43     url='http://'+host+":"+port+uri
44     headers = {'Content-type': 'application/yang.data+json',
45                'Accept': 'application/yang.data+json'}
46     if debug == True:
47         print "POST %s" % url
48         print json.dumps(data, indent=4, sort_keys=True)
49     r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
50     if debug == True:
51         print r.text
52     r.raise_for_status()
53
54 def wait_for_sff_in_datastore(url):
55     for i in xrange(30):
56         resp=get(controller, DEFAULT_PORT, url)
57         if ('192.168.50.71' in resp.text) and ('192.168.50.73' in resp.text):
58             break
59         time.sleep(3)
60     if ('192.168.50.71' not in resp.text):
61         print "ERROR: SFF1 has not been initialized!"
62         sys.exit(1)
63     if ('192.168.50.73' not in resp.text):
64         print "ERROR: SFF2 has not been initialized!"
65         sys.exit(1)
66
67
68
69 def get_service_functions_uri():
70     return "/restconf/config/service-function:service-functions"
71
72 def get_service_functions_data():
73     return {
74     "service-functions": {
75         "service-function": [
76             {
77                 "name": "firewall-72",
78                 "ip-mgmt-address": "192.168.50.72",
79                 "type": "service-function-type:firewall",
80                 "nsh-aware": "true",
81                 "sf-data-plane-locator": [
82                     {
83                         "name": "2",
84                         "port": 6633,
85                         "ip": "192.168.50.72",
86                         "transport": "service-locator:vxlan-gpe",
87                         "service-function-forwarder": "SFF1"
88                     }
89                 ]
90             },
91             {
92                 "name": "dpi-74",
93                 "ip-mgmt-address": "192.168.50.74",
94                 "type": "service-function-type:dpi",
95                 "nsh-aware": "true",
96                 "sf-data-plane-locator": [
97                     {
98                         "name": "3",
99                         "port": 6633,
100                         "ip": "192.168.50.74",
101                         "transport": "service-locator:vxlan-gpe",
102                         "service-function-forwarder": "SFF2"
103                     }
104                 ]
105             }
106         ]
107     }
108 }
109
110 def get_service_function_forwarders_uri():
111     return "/restconf/config/service-function-forwarder:service-function-forwarders"
112
113 def get_service_function_forwarders_data():
114     return {
115     "service-function-forwarders": {
116         "service-function-forwarder": [
117             {
118                 "name": "SFF1",
119                 "service-node": "OVSDB2",
120                 "service-function-forwarder-ovs:ovs-bridge": {
121                     "bridge-name": "sw2"
122                 },
123                 "service-function-dictionary": [
124                     {
125                         "name": "firewall-72",
126                         "sff-sf-data-plane-locator": {
127                             "sf-dpl-name": "2",
128                             "sff-dpl-name": "sfc-tun2"
129                         }
130                     }
131                 ],
132                 "sff-data-plane-locator": [
133                     {
134                         "name": "sfc-tun2",
135                         "data-plane-locator": {
136                             "transport": "service-locator:vxlan-gpe",
137                             "port": 6633,
138                             "ip": "192.168.50.71"
139                         },
140                         "service-function-forwarder-ovs:ovs-options": {
141                             "remote-ip": "flow",
142                             "dst-port": "6633",
143                             "key": "flow",
144                             "nsp": "flow",
145                             "nsi": "flow",
146                             "nshc1": "flow",
147                             "nshc2": "flow",
148                             "nshc3": "flow",
149                             "nshc4": "flow"
150                         }
151                     }
152                 ]
153             },
154             {
155                 "name": "SFF2",
156                 "service-node": "OVSDB2",
157                 "service-function-forwarder-ovs:ovs-bridge": {
158                     "bridge-name": "sw4"
159                 },
160                 "service-function-dictionary": [
161                     {
162                         "name": "dpi-74",
163                         "sff-sf-data-plane-locator": {
164                             "sf-dpl-name": "3",
165                             "sff-dpl-name": "sfc-tun4"
166                         }
167                     }
168                 ],
169                 "sff-data-plane-locator": [
170                     {
171                         "name": "sfc-tun4",
172                         "data-plane-locator": {
173                             "transport": "service-locator:vxlan-gpe",
174                             "port": 6633,
175                             "ip": "192.168.50.73"
176                         },
177                         "service-function-forwarder-ovs:ovs-options": {
178                             "remote-ip": "flow",
179                             "dst-port": "6633",
180                             "key": "flow",
181                             "nsp": "flow",
182                             "nsi": "flow",
183                             "nshc1": "flow",
184                             "nshc2": "flow",
185                             "nshc3": "flow",
186                             "nshc4": "flow"
187                         }
188                     }
189                 ]
190             }
191         ]
192     }
193 }
194
195 def get_service_function_chains_uri():
196     return "/restconf/config/service-function-chain:service-function-chains/"
197
198 def get_service_function_chains_data():
199     return {
200     "service-function-chains": {
201         "service-function-chain": [
202             {
203                 "name": "SFCGBP",
204                 "symmetric": "false",
205                 "sfc-service-function": [
206                     {
207                         "name": "firewall-abstract1",
208                         "type": "service-function-type:firewall"
209                     },
210                     {
211                         "name": "dpi-abstract1",
212                         "type": "service-function-type:dpi"
213                     }
214                 ]
215             }
216         ]
217     }
218 }
219
220 def get_service_function_paths_uri():
221     return "/restconf/config/service-function-path:service-function-paths/"
222
223 def get_service_function_paths_data():
224     return {
225     "service-function-paths": {
226         "service-function-path": [
227             {
228                 "name": "SFCGBP-Path",
229                 "service-chain-name": "SFCGBP",
230                 "starting-index": 255,
231                 "symmetric": "false"
232
233             }
234         ]
235     }
236 }
237
238 def get_tenant_data():
239     return {
240         "tenant": [
241           {
242             "id": "tenant-dobre",
243             "name": "DockerTenant",
244             "forwarding-context": {
245               "l2-flood-domain": [
246                 {
247                   "id": "flood-domain-1",
248                   "parent": "bridge-domain1"
249                 },
250                 {
251                   "id": "flood-domain-2",
252                   "parent": "bridge-domain1"
253                 }
254               ],
255               "l3-context": [
256                 {
257                   "id": "l3-context-vrf-red"
258                 }
259               ],
260               "l2-bridge-domain": [
261                 {
262                   "id": "bridge-domain1",
263                   "parent": "l3-context-vrf-red"
264                 }
265               ],
266               "subnet": [
267                 {
268                   "id": "subnet-10.0.36.0/24",
269                   "virtual-router-ip": "10.0.36.1",
270                   "parent": "flood-domain-2",
271                   "ip-prefix": "10.0.36.1/24"
272                 },
273                 {
274                   "id": "subnet-10.0.35.0/24",
275                   "virtual-router-ip": "10.0.35.1",
276                   "parent": "flood-domain-1",
277                   "ip-prefix": "10.0.35.1/24"
278                 }
279               ]
280             },
281             "policy": {
282               "endpoint-group": [
283                 {
284                   "id": "webservers",
285                   "name": "webservers",
286                   "provider-named-selector": [
287                     {
288                       "name": "webservers-clients-icmp-http-contract",
289                       "contract": [
290                         "icmp-http-contract"
291                       ]
292                     }
293                   ]
294                 },
295                 {
296                   "id": "clients",
297                   "name": "clients",
298                   "consumer-named-selector": [
299                     {
300                       "name": "webservers-clients-icmp-http-contract",
301                       "contract": [
302                         "icmp-http-contract"
303                       ]
304                     }
305                   ]
306                 }
307               ],
308               "subject-feature-instances": {
309                 "classifier-instance": [
310                   {
311                     "name": "icmp",
312                     "classifier-definition-id": "Classifier-IP-Protocol",
313                     "parameter-value": [
314                       {
315                         "name": "proto",
316                         "int-value": 1
317                       }
318                     ]
319                   },
320                   {
321                     "name": "http-dest",
322                     "classifier-definition-id": "Classifier-L4",
323                     "parameter-value": [
324                       {
325                         "int-value": "6",
326                         "name": "proto"
327                       },
328                       {
329                         "int-value": "80",
330                         "name": "destport"
331                       }
332                     ]
333                   },
334                   {
335                     "name": "http-src",
336                     "classifier-definition-id": "Classifier-L4",
337                     "parameter-value": [
338                       {
339                         "int-value": "6",
340                         "name": "proto"
341                       },
342                       {
343                         "int-value": "80",
344                         "name": "sourceport"
345                       }
346                     ]
347                   }
348                 ],
349                 "action-instance": [
350                   {
351                     "name": "chain1",
352                     "action-definition-id": "Action-Chain",
353                     "parameter-value": [
354                       {
355                         "name": "sfc-chain-name",
356                         "string-value": "SFCGBP"
357                       }
358                     ]
359                   },
360                   {
361                     "name": "allow1",
362                     "action-definition-id": "Action-Allow"
363                   }
364                 ]
365               },
366               "contract": [
367                 {
368                   "id": "icmp-http-contract",
369                   "subject": [
370                     {
371                       "name": "icmp-subject",
372                       "rule": [
373                         {
374                           "name": "allow-icmp-rule",
375                           "order": 0,
376                           "classifier-ref": [
377                             {
378                               "name": "icmp",
379                               "instance-name": "icmp"
380                             }
381                           ],
382                           "action-ref": [
383                             {
384                               "name": "allow1",
385                               "order": 0
386                             }
387                           ]
388                         }
389                       ]
390                     },
391                     {
392                       "name": "http-subject",
393                       "rule": [
394                         {
395                           "name": "http-chain-rule",
396                           "classifier-ref": [
397                             {
398                               "name": "http-dest",
399                               "instance-name": "http-dest",
400                               "direction": "in"
401                             }
402                           ],
403                           "action-ref": [
404                             {
405                               "name": "chain1",
406                               "order": 0
407                             }
408                           ]
409                         },
410                         {
411                           "name": "http-out-rule",
412                           "classifier-ref": [
413                             {
414                               "name": "http-src",
415                               "instance-name": "http-src",
416                               "direction": "out"
417                             }
418                           ],
419                           "action-ref": [
420                             {
421                               "name": "allow1",
422                               "order": 0
423                             }
424                           ]
425                         }
426                       ]
427                     }
428                   ],
429                   "clause": [
430                     {
431                       "name": "icmp-http-clause",
432                       "subject-refs": [
433                         "icmp-subject",
434                         "http-subject"
435                       ]
436                     }
437                   ]
438                 }
439               ]
440             }
441           }
442         ]
443     }
444
445 # Main definition - constants
446
447 # =======================
448 #     MENUS FUNCTIONS
449 # =======================
450
451 # Main menu
452
453 # =======================
454 #      MAIN PROGRAM
455 # =======================
456
457 # Main Program
458
459 def get_tenant_uri():
460     return "/restconf/config/policy:tenants/policy:tenant/tenant-dobre"
461
462 def get_tunnel_data_1():
463     return {
464     "node": [
465       {
466         "id": "openflow:1",
467         "ofoverlay:tunnel": [
468           {
469             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
470             "node-connector-id": "openflow:1:1",
471             "ip": "192.168.50.70",
472             "port": 6633
473           },
474           {
475             "tunnel-type": "overlay:tunnel-type-vxlan",
476             "node-connector-id": "openflow:1:2",
477             "ip": "192.168.50.70",
478             "port": 4789
479           }
480         ]
481       }
482     ]
483   }
484
485 def get_tunnel_uri_1():
486     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"
487
488 def get_tunnel_data_6():
489     return {
490     "node": [
491       {
492         "id": "openflow:6",
493         "ofoverlay:tunnel": [
494           {
495             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
496             "node-connector-id": "openflow:6:1",
497             "ip": "192.168.50.75",
498             "port": 6633
499           },
500           {
501             "tunnel-type": "overlay:tunnel-type-vxlan",
502             "node-connector-id": "openflow:6:2",
503             "ip": "192.168.50.75",
504             "port": 4789
505           }
506         ]
507       }
508     ]
509   }
510
511 def get_tunnel_uri_6():
512     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"
513
514 def get_endpoint_data():
515     return [
516 {
517 "input": {
518
519     "endpoint-group": "webservers",
520
521     "network-containment" : "subnet-10.0.36.0/24",
522
523     "l2-context": "bridge-domain1",
524     "mac-address": "00:00:00:00:36:02",
525
526     "l3-address": [
527         {
528             "ip-address": "10.0.36.2",
529             "l3-context": "l3-context-vrf-red"
530         }
531     ],
532     "port-name": "vethl-h36_2",
533     "tenant": "tenant-dobre"
534 }
535 },
536 {
537 "input": {
538     "endpoint-group": "clients",
539 "network-containment" : "subnet-10.0.35.0/24",
540 "l2-context": "bridge-domain1",
541 "mac-address": "00:00:00:00:35:02",
542 "l3-address": [
543     {
544         "ip-address": "10.0.35.2",
545         "l3-context": "l3-context-vrf-red"
546     }
547 ],
548 "port-name": "vethl-h35_2",
549 "tenant": "tenant-dobre"
550 }
551 },
552 {
553 "input": {
554
555     "endpoint-group": "clients",
556
557     "network-containment" : "subnet-10.0.35.0/24",
558
559     "l2-context": "bridge-domain1",
560     "mac-address": "00:00:00:00:35:03",
561
562     "l3-address": [
563         {
564             "ip-address": "10.0.35.3",
565             "l3-context": "l3-context-vrf-red"
566         }
567     ],
568     "port-name": "vethl-h35_3",
569     "tenant": "tenant-dobre"
570 }
571 },
572 {
573 "input": {
574
575     "endpoint-group": "webservers",
576
577     "network-containment" : "subnet-10.0.36.0/24",
578
579     "l2-context": "bridge-domain1",
580     "mac-address": "00:00:00:00:36:03",
581
582     "l3-address": [
583         {
584             "ip-address": "10.0.36.3",
585             "l3-context": "l3-context-vrf-red"
586         }
587     ],
588     "port-name": "vethl-h36_3",
589     "tenant": "tenant-dobre"
590 }
591 },
592 {
593 "input": {
594
595     "endpoint-group": "webservers",
596
597     "network-containment" : "subnet-10.0.36.0/24",
598
599     "l2-context": "bridge-domain1",
600     "mac-address": "00:00:00:00:36:04",
601
602     "l3-address": [
603         {
604             "ip-address": "10.0.36.4",
605             "l3-context": "l3-context-vrf-red"
606         }
607     ],
608     "port-name": "vethl-h36_4",
609     "tenant": "tenant-dobre"
610 }
611 },
612 {
613 "input": {
614
615     "endpoint-group": "clients",
616
617     "network-containment" : "subnet-10.0.35.0/24",
618
619     "l2-context": "bridge-domain1",
620     "mac-address": "00:00:00:00:35:04",
621
622     "l3-address": [
623         {
624             "ip-address": "10.0.35.4",
625             "l3-context": "l3-context-vrf-red"
626         }
627     ],
628     "port-name": "vethl-h35_4",
629     "tenant": "tenant-dobre"
630 }
631 },
632 {
633 "input": {
634
635     "endpoint-group": "clients",
636
637     "network-containment" : "subnet-10.0.35.0/24",
638
639     "l2-context": "bridge-domain1",
640     "mac-address": "00:00:00:00:35:05",
641
642     "l3-address": [
643         {
644             "ip-address": "10.0.35.5",
645             "l3-context": "l3-context-vrf-red"
646         }
647     ],
648     "port-name": "vethl-h35_5",
649     "tenant": "tenant-dobre"
650 }
651 },
652 {
653 "input": {
654
655     "endpoint-group": "webservers",
656
657     "network-containment" : "subnet-10.0.36.0/24",
658
659     "l2-context": "bridge-domain1",
660     "mac-address": "00:00:00:00:36:05",
661
662     "l3-address": [
663         {
664             "ip-address": "10.0.36.5",
665             "l3-context": "l3-context-vrf-red"
666         }
667     ],
668     "port-name": "vethl-h36_5",
669     "tenant": "tenant-dobre"
670 }
671 }]
672
673
674 def get_endpoint_uri():
675     return "/restconf/operations/endpoint:register-endpoint"
676
677 def get_tunnel_oper_uri():
678     return "/restconf/operational/opendaylight-inventory:nodes/"
679
680 def get_topology_oper_uri():
681     return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"
682
683 if __name__ == "__main__":
684     # Launch main menu
685
686
687     # Some sensible defaults
688     controller=os.environ.get('ODL')
689     if controller == None:
690         sys.exit("No controller set.")
691
692     print "Contacting controller at %s" % controller
693     print "waiting for manager on SFFs..."
694     wait_for_sff_in_datastore(get_topology_oper_uri())
695     print "sending service functions"
696     put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)
697     print "sending service function forwarders"
698     put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)
699     print "waiting for switches on SFFs..."
700     wait_for_sff_in_datastore(get_tunnel_oper_uri())
701     print "sending service function chains"
702     put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)
703     print "sending service function paths"
704     put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)
705     print "sending tunnel"
706     put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)
707     print "sending tenant"
708     put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)
709     print "sending tenant"
710     put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)
711     print "registering endpoints"
712     for endpoint in get_endpoint_data():
713         post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)
OpenDaylight Group Based Policy Plugin