Code Review / groupbasedpolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Clean up permissions on demo
[groupbasedpolicy.git] / demos / gbpsfc-env / demo-symmetric-chain / rest.py
1 #!/usr/bin/python
2 import argparse
3 import requests,json
4 from requests.auth import HTTPBasicAuth
5 from subprocess import call
6 import time
7 import sys
8 import os
9
10
11 DEFAULT_PORT='8181'
12
13
14 USERNAME='admin'
15 PASSWORD='admin'
16
17
18 OPER_NODES='/restconf/operational/opendaylight-inventory:nodes/'
19 CONF_TENANT='/restconf/config/policy:tenants'
20
21 def get(host, port, uri):
22     url='http://'+host+":"+port+uri
23     r = requests.get(url, auth=HTTPBasicAuth(USERNAME, PASSWORD))
24     return r
25
26 def put(host, port, uri, data, debug=False):
27     '''Perform a PUT rest operation, using the URL and data provided'''
28
29     url='http://'+host+":"+port+uri
30
31     headers = {'Content-type': 'application/yang.data+json',
32                'Accept': 'application/yang.data+json'}
33     if debug == True:
34         print "PUT %s" % url
35         print json.dumps(data, indent=4, sort_keys=True)
36     r = requests.put(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
37     if debug == True:
38         print r.text
39     r.raise_for_status()
40
41 def post(host, port, uri, data, debug=False):
42     '''Perform a POST rest operation, using the URL and data provided'''
43
44     url='http://'+host+":"+port+uri
45     headers = {'Content-type': 'application/yang.data+json',
46                'Accept': 'application/yang.data+json'}
47     if debug == True:
48         print "POST %s" % url
49         print json.dumps(data, indent=4, sort_keys=True)
50     r = requests.post(url, data=json.dumps(data), headers=headers, auth=HTTPBasicAuth(USERNAME, PASSWORD))
51     if debug == True:
52         print r.text
53     r.raise_for_status()
54
55 def wait_for_sff_in_datastore(url):
56     for i in xrange(30):
57         resp=get(controller, DEFAULT_PORT, url)
58         if ('192.168.50.71' in resp.text) and ('192.168.50.73' in resp.text):
59             break
60         time.sleep(3)
61     if ('192.168.50.71' not in resp.text):
62         print "ERROR: SFF1 has not been initialized!"
63         sys.exit(1)
64     if ('192.168.50.73' not in resp.text):
65         print "ERROR: SFF2 has not been initialized!"
66         sys.exit(1)
67
68
69
70
71 def get_service_functions_uri():
72     return "/restconf/config/service-function:service-functions"
73
74 def get_service_functions_data():
75     return {
76     "service-functions": {
77         "service-function": [
78             {
79                 "name": "firewall-72",
80                 "ip-mgmt-address": "192.168.50.72",
81                 "type": "service-function-type:firewall",
82                 "nsh-aware": "true",
83                 "sf-data-plane-locator": [
84                     {
85                         "name": "2",
86                         "port": 6633,
87                         "ip": "192.168.50.72",
88                         "transport": "service-locator:vxlan-gpe",
89                         "service-function-forwarder": "SFF1"
90                     }
91                 ]
92             },
93             {
94                 "name": "dpi-74",
95                 "ip-mgmt-address": "192.168.50.74",
96                 "type": "service-function-type:dpi",
97                 "nsh-aware": "true",
98                 "sf-data-plane-locator": [
99                     {
100                         "name": "3",
101                         "port": 6633,
102                         "ip": "192.168.50.74",
103                         "transport": "service-locator:vxlan-gpe",
104                         "service-function-forwarder": "SFF2"
105                     }
106                 ]
107             }
108         ]
109     }
110 }
111
112 def get_service_function_forwarders_uri():
113     return "/restconf/config/service-function-forwarder:service-function-forwarders"
114
115 def get_service_function_forwarders_data():
116     return {
117     "service-function-forwarders": {
118         "service-function-forwarder": [
119             {
120                 "name": "SFF1",
121                 "service-node": "OVSDB2",
122                 "service-function-forwarder-ovs:ovs-bridge": {
123                     "bridge-name": "sw2"
124                 },
125                 "service-function-dictionary": [
126                     {
127                         "name": "firewall-72",
128                         "sff-sf-data-plane-locator": {
129                             "sf-dpl-name": "2",
130                             "sff-dpl-name": "sfc-tun2"
131                         }
132                     }
133                 ],
134                 "sff-data-plane-locator": [
135                     {
136                         "name": "sfc-tun2",
137                         "data-plane-locator": {
138                             "transport": "service-locator:vxlan-gpe",
139                             "port": 6633,
140                             "ip": "192.168.50.71"
141                         },
142                         "service-function-forwarder-ovs:ovs-options": {
143                             "remote-ip": "flow",
144                             "dst-port": "6633",
145                             "key": "flow",
146                             "nsp": "flow",
147                             "nsi": "flow",
148                             "nshc1": "flow",
149                             "nshc2": "flow",
150                             "nshc3": "flow",
151                             "nshc4": "flow"
152                         }
153                     }
154                 ]
155             },
156             {
157                 "name": "SFF2",
158                 "service-node": "OVSDB2",
159                 "service-function-forwarder-ovs:ovs-bridge": {
160                     "bridge-name": "sw4"
161                 },
162                 "service-function-dictionary": [
163                     {
164                         "name": "dpi-74",
165                         "sff-sf-data-plane-locator": {
166                             "sf-dpl-name": "3",
167                             "sff-dpl-name": "sfc-tun4"
168                         }
169                     }
170                 ],
171                 "sff-data-plane-locator": [
172                     {
173                         "name": "sfc-tun4",
174                         "data-plane-locator": {
175                             "transport": "service-locator:vxlan-gpe",
176                             "port": 6633,
177                             "ip": "192.168.50.73"
178                         },
179                         "service-function-forwarder-ovs:ovs-options": {
180                             "remote-ip": "flow",
181                             "dst-port": "6633",
182                             "key": "flow",
183                             "nsp": "flow",
184                             "nsi": "flow",
185                             "nshc1": "flow",
186                             "nshc2": "flow",
187                             "nshc3": "flow",
188                             "nshc4": "flow"
189                         }
190                     }
191                 ]
192             }
193         ]
194     }
195 }
196
197 def get_service_function_chains_uri():
198     return "/restconf/config/service-function-chain:service-function-chains/"
199
200 def get_service_function_chains_data():
201     return {
202     "service-function-chains": {
203         "service-function-chain": [
204             {
205                 "name": "SFCGBP",
206                 "symmetric": "true",
207                 "sfc-service-function": [
208                     {
209                         "name": "firewall-abstract1",
210                         "type": "service-function-type:firewall"
211                     },
212                     {
213                         "name": "dpi-abstract1",
214                         "type": "service-function-type:dpi"
215                     }
216                 ]
217             }
218         ]
219     }
220 }
221
222 def get_service_function_paths_uri():
223     return "/restconf/config/service-function-path:service-function-paths/"
224
225 def get_service_function_paths_data():
226     return {
227     "service-function-paths": {
228         "service-function-path": [
229             {
230                 "name": "SFCGBP-Path",
231                 "service-chain-name": "SFCGBP",
232                 "starting-index": 255,
233                 "symmetric": "true"
234
235             }
236         ]
237     }
238 }
239
240 def get_tenant_data():
241     return {
242         "tenant": [
243           {
244             "id": "tenant-dobre",
245             "name": "DockerTenant",
246             "forwarding-context": {
247               "l2-flood-domain": [
248                 {
249                   "id": "flood-domain-1",
250                   "parent": "bridge-domain1"
251                 },
252                 {
253                   "id": "flood-domain-2",
254                   "parent": "bridge-domain1"
255                 }
256               ],
257               "l3-context": [
258                 {
259                   "id": "l3-context-vrf-red"
260                 }
261               ],
262               "l2-bridge-domain": [
263                 {
264                   "id": "bridge-domain1",
265                   "parent": "l3-context-vrf-red"
266                 }
267               ],
268               "subnet": [
269                 {
270                   "id": "subnet-10.0.36.0/24",
271                   "virtual-router-ip": "10.0.36.1",
272                   "parent": "flood-domain-2",
273                   "ip-prefix": "10.0.36.1/24"
274                 },
275                 {
276                   "id": "subnet-10.0.35.0/24",
277                   "virtual-router-ip": "10.0.35.1",
278                   "parent": "flood-domain-1",
279                   "ip-prefix": "10.0.35.1/24"
280                 }
281               ]
282             },
283             "policy": {
284               "endpoint-group": [
285                 {
286                   "id": "webservers",
287                   "name": "webservers",
288                   "provider-named-selector": [
289                     {
290                       "name": "webservers-clients-icmp-http-contract",
291                       "contract": [
292                         "icmp-http-contract"
293                       ]
294                     }
295                   ]
296                 },
297                 {
298                   "id": "clients",
299                   "name": "clients",
300                   "consumer-named-selector": [
301                     {
302                       "name": "webservers-clients-icmp-http-contract",
303                       "contract": [
304                         "icmp-http-contract"
305                       ]
306                     }
307                   ]
308                 }
309               ],
310               "subject-feature-instances": {
311                 "classifier-instance": [
312                   {
313                     "name": "icmp",
314                     "classifier-definition-id": "Classifier-IP-Protocol",
315                     "parameter-value": [
316                       {
317                         "name": "proto",
318                         "int-value": 1
319                       }
320                     ]
321                   },
322                   {
323                     "name": "http-dest",
324                     "classifier-definition-id": "Classifier-L4",
325                     "parameter-value": [
326                       {
327                         "int-value": "6",
328                         "name": "proto"
329                       },
330                       {
331                         "int-value": "80",
332                         "name": "destport"
333                       }
334                     ]
335                   },
336                   {
337                     "name": "http-src",
338                     "classifier-definition-id": "Classifier-L4",
339                     "parameter-value": [
340                       {
341                         "int-value": "6",
342                         "name": "proto"
343                       },
344                       {
345                         "int-value": "80",
346                         "name": "sourceport"
347                       }
348                     ]
349                   }
350                 ],
351                 "action-instance": [
352                   {
353                     "name": "chain1",
354                     "action-definition-id": "Action-Chain",
355                     "parameter-value": [
356                       {
357                         "name": "sfc-chain-name",
358                         "string-value": "SFCGBP"
359                       }
360                     ]
361                   },
362                   {
363                     "name": "allow1",
364                     "action-definition-id": "Action-Allow"
365                   }
366                 ]
367               },
368               "contract": [
369                 {
370                   "id": "icmp-http-contract",
371                   "subject": [
372                     {
373                       "name": "icmp-subject",
374                       "rule": [
375                         {
376                           "name": "allow-icmp-rule",
377                           "order": 0,
378                           "classifier-ref": [
379                             {
380                               "name": "icmp",
381                               "instance-name": "icmp"
382                             }
383                           ],
384                           "action-ref": [
385                             {
386                               "name": "allow1",
387                               "order": 0
388                             }
389                           ]
390                         }
391                       ]
392                     },
393                     {
394                       "name": "http-subject",
395                       "rule": [
396                         {
397                           "name": "http-chain-rule-in",
398                           "classifier-ref": [
399                             {
400                               "name": "http-dest",
401                               "instance-name": "http-dest",
402                               "direction": "in"
403                             }
404                           ],
405                           "action-ref": [
406                             {
407                               "name": "chain1",
408                               "order": 0
409                             }
410                           ]
411                         },
412                         {
413                           "name": "http-chain-rule-out",
414                           "classifier-ref": [
415                             {
416                               "name": "http-src",
417                               "instance-name": "http-src",
418                               "direction": "out"
419                             }
420                           ],
421                           "action-ref": [
422                             {
423                               "name": "chain1",
424                               "order": 0
425                             }
426                           ]
427                         }
428                       ]
429                     }
430                   ],
431                   "clause": [
432                     {
433                       "name": "icmp-http-clause",
434                       "subject-refs": [
435                         "icmp-subject",
436                         "http-subject"
437                       ]
438                     }
439                   ]
440                 }
441               ]
442             }
443           }
444         ]
445     }
446
447 # Main definition - constants
448
449 # =======================
450 #     MENUS FUNCTIONS
451 # =======================
452
453 # Main menu
454
455 # =======================
456 #      MAIN PROGRAM
457 # =======================
458
459 # Main Program
460
461 def get_tenant_uri():
462     return "/restconf/config/policy:tenants/policy:tenant/tenant-dobre"
463
464 def get_tunnel_data_1():
465     return {
466     "node": [
467       {
468         "id": "openflow:1",
469         "ofoverlay:tunnel": [
470           {
471             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
472             "node-connector-id": "openflow:1:1",
473             "ip": "192.168.50.70",
474             "port": 6633
475           },
476           {
477             "tunnel-type": "overlay:tunnel-type-vxlan",
478             "node-connector-id": "openflow:1:2",
479             "ip": "192.168.50.70",
480             "port": 4789
481           }
482         ]
483       }
484     ]
485   }
486
487 def get_tunnel_uri_1():
488     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:1"
489
490 def get_tunnel_data_6():
491     return {
492     "node": [
493       {
494         "id": "openflow:6",
495         "ofoverlay:tunnel": [
496           {
497             "tunnel-type": "overlay:tunnel-type-vxlan-gpe",
498             "node-connector-id": "openflow:6:1",
499             "ip": "192.168.50.75",
500             "port": 6633
501           },
502           {
503             "tunnel-type": "overlay:tunnel-type-vxlan",
504             "node-connector-id": "openflow:6:2",
505             "ip": "192.168.50.75",
506             "port": 4789
507           }
508         ]
509       }
510     ]
511 }
512
513 def get_tunnel_uri_6():
514     return "/restconf/config/opendaylight-inventory:nodes/node/openflow:6"
515
516 def get_endpoint_data():
517     return [
518 {
519 "input": {
520
521     "endpoint-group": "webservers",
522
523     "network-containment" : "subnet-10.0.36.0/24",
524
525     "l2-context": "bridge-domain1",
526     "mac-address": "00:00:00:00:36:02",
527
528     "l3-address": [
529         {
530             "ip-address": "10.0.36.2",
531             "l3-context": "l3-context-vrf-red"
532         }
533     ],
534     "port-name": "vethl-h36_2",
535     "tenant": "tenant-dobre"
536 }
537 },
538 {
539 "input": {
540     "endpoint-group": "clients",
541 "network-containment" : "subnet-10.0.35.0/24",
542 "l2-context": "bridge-domain1",
543 "mac-address": "00:00:00:00:35:02",
544 "l3-address": [
545     {
546         "ip-address": "10.0.35.2",
547         "l3-context": "l3-context-vrf-red"
548     }
549 ],
550 "port-name": "vethl-h35_2",
551 "tenant": "tenant-dobre"
552 }
553 },
554 {
555 "input": {
556
557     "endpoint-group": "clients",
558
559     "network-containment" : "subnet-10.0.35.0/24",
560
561     "l2-context": "bridge-domain1",
562     "mac-address": "00:00:00:00:35:03",
563
564     "l3-address": [
565         {
566             "ip-address": "10.0.35.3",
567             "l3-context": "l3-context-vrf-red"
568         }
569     ],
570     "port-name": "vethl-h35_3",
571     "tenant": "tenant-dobre"
572 }
573 },
574 {
575 "input": {
576
577     "endpoint-group": "webservers",
578
579     "network-containment" : "subnet-10.0.36.0/24",
580
581     "l2-context": "bridge-domain1",
582     "mac-address": "00:00:00:00:36:03",
583
584     "l3-address": [
585         {
586             "ip-address": "10.0.36.3",
587             "l3-context": "l3-context-vrf-red"
588         }
589     ],
590     "port-name": "vethl-h36_3",
591     "tenant": "tenant-dobre"
592 }
593 },
594 {
595 "input": {
596
597     "endpoint-group": "webservers",
598
599     "network-containment" : "subnet-10.0.36.0/24",
600
601     "l2-context": "bridge-domain1",
602     "mac-address": "00:00:00:00:36:04",
603
604     "l3-address": [
605         {
606             "ip-address": "10.0.36.4",
607             "l3-context": "l3-context-vrf-red"
608         }
609     ],
610     "port-name": "vethl-h36_4",
611     "tenant": "tenant-dobre"
612 }
613 },
614 {
615 "input": {
616
617     "endpoint-group": "clients",
618
619     "network-containment" : "subnet-10.0.35.0/24",
620
621     "l2-context": "bridge-domain1",
622     "mac-address": "00:00:00:00:35:04",
623
624     "l3-address": [
625         {
626             "ip-address": "10.0.35.4",
627             "l3-context": "l3-context-vrf-red"
628         }
629     ],
630     "port-name": "vethl-h35_4",
631     "tenant": "tenant-dobre"
632 }
633 },
634 {
635 "input": {
636
637     "endpoint-group": "clients",
638
639     "network-containment" : "subnet-10.0.35.0/24",
640
641     "l2-context": "bridge-domain1",
642     "mac-address": "00:00:00:00:35:05",
643
644     "l3-address": [
645         {
646             "ip-address": "10.0.35.5",
647             "l3-context": "l3-context-vrf-red"
648         }
649     ],
650     "port-name": "vethl-h35_5",
651     "tenant": "tenant-dobre"
652 }
653 },
654 {
655 "input": {
656
657     "endpoint-group": "webservers",
658
659     "network-containment" : "subnet-10.0.36.0/24",
660
661     "l2-context": "bridge-domain1",
662     "mac-address": "00:00:00:00:36:05",
663
664     "l3-address": [
665         {
666             "ip-address": "10.0.36.5",
667             "l3-context": "l3-context-vrf-red"
668         }
669     ],
670     "port-name": "vethl-h36_5",
671     "tenant": "tenant-dobre"
672 }
673 }]
674
675 def get_endpoint_uri():
676     return "/restconf/operations/endpoint:register-endpoint"
677
678 def get_tunnel_oper_uri():
679     return "/restconf/operational/opendaylight-inventory:nodes/"
680
681 def get_topology_oper_uri():
682     return "/restconf/operational/network-topology:network-topology/topology/ovsdb:1/"
683
684 if __name__ == "__main__":
685     # Launch main menu
686
687
688     # Some sensible defaults
689     controller=os.environ.get('ODL')
690     if controller == None:
691         sys.exit("No controller set.")
692
693     print "Contacting controller at %s" % controller
694     print "waiting for manager on SFFs..."
695     wait_for_sff_in_datastore(get_topology_oper_uri())
696     print "sending service functions"
697     put(controller, DEFAULT_PORT, get_service_functions_uri(), get_service_functions_data(), True)
698     print "sending service function forwarders"
699     put(controller, DEFAULT_PORT, get_service_function_forwarders_uri(), get_service_function_forwarders_data(), True)
700     print "waiting for switches on SFFs..."
701     wait_for_sff_in_datastore(get_tunnel_oper_uri())
702     print "sending service function chains"
703     put(controller, DEFAULT_PORT, get_service_function_chains_uri(), get_service_function_chains_data(), True)
704     print "sending service function paths"
705     put(controller, DEFAULT_PORT, get_service_function_paths_uri(), get_service_function_paths_data(), True)
706     print "sending tunnel"
707     put(controller, DEFAULT_PORT, get_tunnel_uri_1(), get_tunnel_data_1(), True)
708     print "sending tenant"
709     put(controller, DEFAULT_PORT, get_tunnel_uri_6(), get_tunnel_data_6(), True)
710     print "sending tenant"
711     put(controller, DEFAULT_PORT, get_tenant_uri(), get_tenant_data(),True)
712     print "registering endpoints"
713     for endpoint in get_endpoint_data():
714         post(controller, DEFAULT_PORT, get_endpoint_uri(),endpoint,True)
OpenDaylight Group Based Policy Plugin