Code Review / groupbasedpolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Switch to use new ovs nsh version
[groupbasedpolicy.git] / demos / gbpsfc-env / demo-asymmetric-chain / rest.py
1 #!/usr/bin/python
2 import argparse
3 import requests,json
4 from requests.auth import HTTPBasicAuth
5 from subprocess import call
6 import time
7 import sys
8 import os
9
10
11 DEFAULT_PORT='8181'
12
13
14 USERNAME='admin'
15 PASSWORD='admin'
16
17
18 CONF_TENANT='/restconf/config/policy:tenants'
19
20 def get(host, port, uri):
21     url='http://'+host+":"+port+uri
22     r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))
23     return r
24
25 def put(host, port, uri, data, debug=False):
26     '''Perform a PUT rest operation, using the URL and data provided'''
27
28     url='http://'+host+":"+port+uri
29
30     headers = {'Content-type': 'application/yang.data+json',
31                'Accept': 'application/yang.data+json'}
32     if debug == True:
33         print "PUT %s" % url
34         print json.dumps(data, indent=4, sort_keys=True)
35     r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
36     if debug == True:
37         print r.text
38     r.raise_for_status()
39
40 def post(host, port, uri, data, debug=False):
41     '''Perform a POST rest operation, using the URL and data provided'''
42
43     url='http://'+host+":"+port+uri
44     headers = {'Content-type': 'application/yang.data+json',
45                'Accept': 'application/yang.data+json'}
46     if debug == True:
47         print "POST %s" % url
48         print json.dumps(data, indent=4, sort_keys=True)
49     r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
50     if debug == True:
51         print r.text
52     r.raise_for_status()
53
54 def wait_for_sff_in_datastore(url):
55     for i in xrange(30):
56         resp=get(controller, DEFAULT_PORT, url)
57         if ('192.168.50.71' in resp.text) and ('192.168.50.73' in resp.text):
58             break
59         time.sleep(3)
60     if ('192.168.50.71' not in resp.text):
61         print "ERROR: SFF1 has not been initialized!"
62         sys.exit(1)
63     if ('192.168.50.73' not in resp.text):
64         print "ERROR: SFF2 has not been initialized!"
65         sys.exit(1)
66
67
68
69 def get_service_functions_uri():
70     return "/restconf/config/service-function:service-functions"
71
72 def get_service_functions_data():
73     return {
74     "service-functions": {
75         "service-function": [
76             {
77                 "name": "firewall-72",
78                 "ip-mgmt-address": "192.168.50.72",
79                 "type": "service-function-type:firewall",
80                 "nsh-aware": "true",
81                 "sf-data-plane-locator": [
82                     {
83                         "name": "2",
84                         "port": 6633,
85                         "ip": "192.168.50.72",
86                         "transport": "service-locator:vxlan-gpe",
87                         "service-function-forwarder": "SFF1"
88                     }
89                 ]
90             },
91             {
92                 "name": "dpi-74",
93                 "ip-mgmt-address": "192.168.50.74",
94                 "type": "service-function-type:dpi",
95                 "nsh-aware": "true",
96                 "sf-data-plane-locator": [
97                     {
98                         "name": "3",
99                         "port": 6633,
100                         "ip": "192.168.50.74",
101                         "transport": "service-locator:vxlan-gpe",
102                         "service-function-forwarder": "SFF2"
103                     }
104                 ]
105             }
106         ]
107     }
108 }
109
110 def get_service_function_forwarders_uri():
111     return "/restconf/config/service-function-forwarder:service-function-forwarders"
112
113 def get_service_function_forwarders_data():
114     return {
115     "service-function-forwarders": {
116         "service-function-forwarder": [
117             {
118                 "name": "SFF1",
119                 "service-node": "OVSDB2",
120                 "service-function-forwarder-ovs:ovs-bridge": {
121                     "bridge-name": "sw2"
122                 },
123                 "service-function-dictionary": [
124                     {
125                         "name": "firewall-72",
126                         "sff-sf-data-plane-locator": {
127                             "sf-dpl-name": "2",
128                             "sff-dpl-name": "sfc-tun2"
129                         }
130                     }
131                 ],
132                 "sff-data-plane-locator": [
133                     {
134                         "name": "sfc-tun2",
135                         "data-plane-locator": {
136                             "transport": "service-locator:vxlan-gpe",
137                             "port": 6633,
138                             "ip": "192.168.50.71"
139                         },
140                         "service-function-forwarder-ovs:ovs-options": {
141                             "exts": "gpe",
142                             "remote-ip": "flow",
143                             "dst-port": "6633",
144                             "key": "flow",
145                             "nsp": "flow",
146                             "nsi": "flow",
147                             "nshc1": "flow",
148                             "nshc2": "flow",
149                             "nshc3": "flow",
150                             "nshc4": "flow"
151                         }
152                     }
153                 ]
154             },
155             {
156                 "name": "SFF2",
157                 "service-node": "OVSDB2",
158                 "service-function-forwarder-ovs:ovs-bridge": {
159                     "bridge-name": "sw4"
160                 },
161                 "service-function-dictionary": [
162                     {
163                         "name": "dpi-74",
164                         "sff-sf-data-plane-locator": {
165                             "sf-dpl-name": "3",
166                             "sff-dpl-name": "sfc-tun4"
167                         }
168                     }
169                 ],
170                 "sff-data-plane-locator": [
171                     {
172                         "name": "sfc-tun4",
173                         "data-plane-locator": {
174                             "transport": "service-locator:vxlan-gpe",
175                             "port": 6633,
176                             "ip": "192.168.50.73"
177                         },
178                         "service-function-forwarder-ovs:ovs-options": {
179                             "exts": "gpe",
180                             "remote-ip": "flow",
181                             "dst-port": "6633",
182                             "key": "flow",
183                             "nsp": "flow",
184                             "nsi": "flow",
185                             "nshc1": "flow",
186                             "nshc2": "flow",
187                             "nshc3": "flow",
188                             "nshc4": "flow"
189                         }
190                     }
191                 ]
192             }
193         ]
194     }
195 }
196
197 def get_service_function_chains_uri():
198     return "/restconf/config/service-function-chain:service-function-chains/"
199
200 def get_service_function_chains_data():
201     return {
202     "service-function-chains": {
203         "service-function-chain": [
204             {
205                 "name": "SFCGBP",
206                 "symmetric": "false",
207                 "sfc-service-function": [
208                     {
209                         "name": "firewall-abstract1",
210                         "type": "service-function-type:firewall"
211                     },
212                     {
213                         "name": "dpi-abstract1",
214                         "type": "service-function-type:dpi"
215                     }
216                 ]
217             }
218         ]
219     }
220 }
221
222 def get_service_function_paths_uri():
223     return "/restconf/config/service-function-path:service-function-paths/"
224
225 def get_service_function_paths_data():
226     return {
227     "service-function-paths": {
228         "service-function-path": [
229             {
230                 "name": "SFCGBP-Path",
231                 "service-chain-name": "SFCGBP",
232                 "starting-index": 255,
233                 "symmetric": "false"
234
235             }
236         ]
237     }
238 }
239
240 def get_tenant_data():
241     return {
242         "tenant": [
243           {
244             "id": "tenant-red",
245             "name": "DockerTenant",
246             "forwarding-context": {
247               "l2-flood-domain": [
248                 {
249                   "id": "flood-domain-1",
250                   "parent": "bridge-domain1"
251                 },
252                 {
253                   "id": "flood-domain-2",
254                   "parent": "bridge-domain1"
255                 }
256               ],
257               "l3-context": [
258                 {
259                   "id": "l3-context-vrf-red"
260                 }
261               ],
262               "l2-bridge-domain": [
263                 {
264                   "id": "bridge-domain1",
265                   "parent": "l3-context-vrf-red"
266                 }
267               ],
268               "subnet": [
269                 {
270                   "id": "subnet-10.0.36.0/24",
271                   "virtual-router-ip": "10.0.36.1",
272                   "parent": "flood-domain-2",
273                   "ip-prefix": "10.0.36.1/24"
274                 },
275                 {
276                   "id": "subnet-10.0.35.0/24",
277                   "virtual-router-ip": "10.0.35.1",
278                   "parent": "flood-domain-1",
279                   "ip-prefix": "10.0.35.1/24"
280                 }
281               ]
282             },
283             "policy": {
284               "endpoint-group": [
285                 {
286                   "id": "webservers",
287                   "name": "webservers",
288                   "provider-named-selector": [
289                     {
290                       "name": "webservers-clients-icmp-http-contract",
291                       "contract": [
292                         "icmp-http-contract"
293                       ]
294                     }
295                   ]
296                 },
297                 {
298                   "id": "clients",
299                   "name": "clients",
300                   "consumer-named-selector": [
301                     {
302                       "name": "webservers-clients-icmp-http-contract",
303                       "contract": [
304                         "icmp-http-contract"
305                       ]
306                     }
307                   ]
308                 }
309               ],
310               "subject-feature-instances": {
311                 "classifier-instance": [
312                   {
313                     "name": "icmp",
314                     "classifier-definition-id": "Classifier-IP-Protocol",
315                     "parameter-value": [
316                       {
317                         "name": "proto",
318                         "int-value": 1
319                       }
320                     ]
321                   },
322                   {
323                     "name": "http-dest",
324                     "classifier-definition-id": "Classifier-L4",
325                     "parameter-value": [
326                       {
327                         "int-value": "6",
328                         "name": "proto"
329                       },
330                       {
331                         "int-value": "80",
332                         "name": "destport"
333                       }
334                     ]
335                   },
336                   {
337                     "name": "http-src",
338                     "classifier-definition-id": "Classifier-L4",
339                     "parameter-value": [
340                       {
341                         "int-value": "6",
342                         "name": "proto"
343                       },
344                       {
345                         "int-value": "80",
346                         "name": "sourceport"
347                       }
348                     ]
349                   }
350                 ],
351                 "action-instance": [
352                   {
353                     "name": "chain1",
354                     "action-definition-id": "Action-Chain",
355                     "parameter-value": [
356                       {
357                         "name": "sfc-chain-name",
358                         "string-value": "SFCGBP"
359                       }
360                     ]
361                   },
362                   {
363                     "name": "allow1",
364                     "action-definition-id": "Action-Allow"
365                   }
366                 ]
367               },
368               "contract": [
369                 {
370                   "id": "icmp-http-contract",
371                   "subject": [
372                     {
373                       "name": "icmp-subject",
374                       "rule": [
375                         {
376                           "name": "allow-icmp-rule",
377                           "order": 0,
378                           "classifier-ref": [
379                             {
380                               "name": "icmp-in",
381                               "instance-name": "icmp",
382                               "direction": "in"
383                             },
384                             {
385                               "name": "icmp-out",
386                               "instance-name": "icmp",
387                               "direction": "out"
388                             }
389                           ],
390                           "action-ref": [
391                             {
392                               "name": "allow1",
393                               "order": 0
394                             }
395                           ]
396                         }
397                       ]
398                     },
399                     {
400                       "name": "http-subject",
401                       "rule": [
402                         {
403                           "name": "http-chain-rule",
404                           "classifier-ref": [
405                             {
406                               "name": "http-dest",
407                               "instance-name": "http-dest",
408                               "direction": "in"
409                             }
410                           ],
411                           "action-ref": [
412                             {
413                               "name": "chain1",
414                               "order": 0
415                             }
416                           ]
417                         },
418                         {
419                           "name": "http-out-rule",
420                           "classifier-ref": [
421                             {
422                               "name": "http-src",
423                               "instance-name": "http-src",
424                               "direction": "out"
425                             }
426                           ],
427                           "action-ref": [
428                             {
429                               "name": "allow1",
430                               "order": 0
431                             }
432                           ]
433                         }
434                       ]
435                     }
436                   ],
437                   "clause": [
438                     {
439                       "name": "icmp-http-clause",
440                       "subject-refs": [
441                         "icmp-subject",
442                         "http-subject"
443                       ]
444                     }
445                   ]
446                 }
447               ]
448             }
449           }
450         ]
451     }
452
453 # Main definition - constants
454
455 # =======================
456 #     MENUS FUNCTIONS
457 # =======================
458
459 # Main menu
460
461 # =======================
462 #      MAIN PROGRAM
463 # =======================
464
465 # Main Program
466
467 def get_tenant_uri():
468     return "/restconf/config/policy:tenants/policy:tenant/tenant-red"
469
470 def get_tunnel_data_1():
471     return {
472     "node": [
473       {
474         "id": "openflow:1",
475         "ofoverlay:tunnel": [
476           {
477             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
478             "node-connector-id": "openflow:1:1",
479             "ip": "192.168.50.70",
480             "port": 6633
481           },
482           {
483             "tunnel-type": "overlay:tunnel-type-vxlan",
484             "node-connector-id": "openflow:1:2",
485             "ip": "192.168.50.70",
486             "port": 4789
487           }
488         ]
489       }
490     ]
491   }
492
493 def get_tunnel_uri_1():
494     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"
495
496 def get_tunnel_data_6():
497     return {
498     "node": [
499       {
500         "id": "openflow:6",
501         "ofoverlay:tunnel": [
502           {
503             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
504             "node-connector-id": "openflow:6:1",
505             "ip": "192.168.50.75",
506             "port": 6633
507           },
508           {
509             "tunnel-type": "overlay:tunnel-type-vxlan",
510             "node-connector-id": "openflow:6:2",
511             "ip": "192.168.50.75",
512             "port": 4789
513           }
514         ]
515       }
516     ]
517   }
518
519 def get_tunnel_uri_6():
520     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"
521
522 def get_endpoint_data():
523     return [
524 {
525 "input": {
526
527     "endpoint-group": "webservers",
528
529     "network-containment" : "subnet-10.0.36.0/24",
530
531     "l2-context": "bridge-domain1",
532     "mac-address": "00:00:00:00:36:02",
533
534     "l3-address": [
535         {
536             "ip-address": "10.0.36.2",
537             "l3-context": "l3-context-vrf-red"
538         }
539     ],
540     "port-name": "vethl-h36-2",
541     "tenant": "tenant-red"
542 }
543 },
544 {
545 "input": {
546     "endpoint-group": "clients",
547 "network-containment" : "subnet-10.0.35.0/24",
548 "l2-context": "bridge-domain1",
549 "mac-address": "00:00:00:00:35:02",
550 "l3-address": [
551     {
552         "ip-address": "10.0.35.2",
553         "l3-context": "l3-context-vrf-red"
554     }
555 ],
556 "port-name": "vethl-h35-2",
557 "tenant": "tenant-red"
558 }
559 },
560 {
561 "input": {
562
563     "endpoint-group": "clients",
564
565     "network-containment" : "subnet-10.0.35.0/24",
566
567     "l2-context": "bridge-domain1",
568     "mac-address": "00:00:00:00:35:03",
569
570     "l3-address": [
571         {
572             "ip-address": "10.0.35.3",
573             "l3-context": "l3-context-vrf-red"
574         }
575     ],
576     "port-name": "vethl-h35-3",
577     "tenant": "tenant-red"
578 }
579 },
580 {
581 "input": {
582
583     "endpoint-group": "webservers",
584
585     "network-containment" : "subnet-10.0.36.0/24",
586
587     "l2-context": "bridge-domain1",
588     "mac-address": "00:00:00:00:36:03",
589
590     "l3-address": [
591         {
592             "ip-address": "10.0.36.3",
593             "l3-context": "l3-context-vrf-red"
594         }
595     ],
596     "port-name": "vethl-h36-3",
597     "tenant": "tenant-red"
598 }
599 },
600 {
601 "input": {
602
603     "endpoint-group": "webservers",
604
605     "network-containment" : "subnet-10.0.36.0/24",
606
607     "l2-context": "bridge-domain1",
608     "mac-address": "00:00:00:00:36:04",
609
610     "l3-address": [
611         {
612             "ip-address": "10.0.36.4",
613             "l3-context": "l3-context-vrf-red"
614         }
615     ],
616     "port-name": "vethl-h36-4",
617     "tenant": "tenant-red"
618 }
619 },
620 {
621 "input": {
622
623     "endpoint-group": "clients",
624
625     "network-containment" : "subnet-10.0.35.0/24",
626
627     "l2-context": "bridge-domain1",
628     "mac-address": "00:00:00:00:35:04",
629
630     "l3-address": [
631         {
632             "ip-address": "10.0.35.4",
633             "l3-context": "l3-context-vrf-red"
634         }
635     ],
636     "port-name": "vethl-h35-4",
637     "tenant": "tenant-red"
638 }
639 },
640 {
641 "input": {
642
643     "endpoint-group": "clients",
644
645     "network-containment" : "subnet-10.0.35.0/24",
646
647     "l2-context": "bridge-domain1",
648     "mac-address": "00:00:00:00:35:05",
649
650     "l3-address": [
651         {
652             "ip-address": "10.0.35.5",
653             "l3-context": "l3-context-vrf-red"
654         }
655     ],
656     "port-name": "vethl-h35-5",
657     "tenant": "tenant-red"
658 }
659 },
660 {
661 "input": {
662
663     "endpoint-group": "webservers",
664
665     "network-containment" : "subnet-10.0.36.0/24",
666
667     "l2-context": "bridge-domain1",
668     "mac-address": "00:00:00:00:36:05",
669
670     "l3-address": [
671         {
672             "ip-address": "10.0.36.5",
673             "l3-context": "l3-context-vrf-red"
674         }
675     ],
676     "port-name": "vethl-h36-5",
677     "tenant": "tenant-red"
678 }
679 }]
680
681
682 def get_endpoint_uri():
683     return "/restconf/operations/endpoint:register-endpoint"
684
685 def get_tunnel_oper_uri():
686     return "/restconf/operational/opendaylight-inventory:nodes/"
687
688 def get_topology_oper_uri():
689     return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"
690
691 if __name__ == "__main__":
692     # Launch main menu
693
694
695     # Some sensible defaults
696     controller=os.environ.get('ODL')
697     if controller == None:
698         sys.exit("No controller set.")
699
700     print "Contacting controller at %s" % controller
701     print "waiting for manager on SFFs..."
702     wait_for_sff_in_datastore(get_topology_oper_uri())
703     print "sending service functions"
704     put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)
705     print "sending service function forwarders"
706     put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)
707     print "waiting for switches on SFFs..."
708     wait_for_sff_in_datastore(get_tunnel_oper_uri())
709     print "sending service function chains"
710     put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)
711     print "sending service function paths"
712     put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)
713     print "sending tunnel"
714     put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)
715     print "sending tenant"
716     put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)
717     print "sending tenant"
718     put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)
719     print "registering endpoints"
720     for endpoint in get_endpoint_data():
721         post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)
OpenDaylight Group Based Policy Plugin