Variables ../../../variables/Variables.py
Resource ../../../libraries/Utils.robot
-*** Variables ***
-${GBP_TENENT_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
-${GBP_TENANT1_API} /restconf/config/policy:tenants/tenant/${GBP_TENENT_ID}
-${GBP_TENANT1_FILE} ${CURDIR}/../../../variables/gbp/tenant1.json
-
*** Test Cases ***
+Init Variables
+ [Documentation] Initialize ODL version specific variables
+ log ${ODL_VERSION}
+ Run Keyword If '${ODL_VERSION}' == 'stable-lithium' Init Variables Lithium
+ ... ELSE Init Variables Master
+
Add Tenant to one node
[Documentation] Add one Tenant from JSON file
Create Session session http://${CONTROLLER}:${RESTCONFPORT} auth=${AUTH} headers=${HEADERS}
${body} OperatingSystem.Get File ${filepath}
${jsonbody} To Json ${body}
[Return] ${jsonbody}
+
+Init Variables Master
+ [Documentation] Sets variables specific to latest(master) version
+ Set Suite Variable ${GBP_TENANT_ID} tenant-red
+ Set Suite Variable ${GBP_TENANT1_API} /restconf/config/policy:tenants/tenant/${GBP_TENANT_ID}
+ Set Suite Variable ${GBP_TENANT1_FILE} ${CURDIR}/../../../variables/gbp/master/tenant1.json
+
+Init Variables Lithium
+ [Documentation] Sets variables specific to Lithium version
+ Set Suite Variable ${GBP_TENANT_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
+ Set Suite Variable ${GBP_TENANT1_API} /restconf/config/policy:tenants/tenant/${GBP_TENANT_ID}
+ Set Suite Variable ${GBP_TENANT1_FILE} ${CURDIR}/../../../variables/gbp/lithium/tenant1.json
*** Settings ***
-Documentation Global variables for GBPSFC 6-node topology
+Documentation Global variables for GBPSFC 3-node topology
Variables ../../../../variables/Variables.py
*** Variables ***
${GBP2} ${TOOLS_SYSTEM_2_IP}
${GBP3} ${TOOLS_SYSTEM_3_IP}
@{GBPs} ${GBP1} ${GBP2} ${GBP3}
-${GBP_TENANT1_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
-${GBP_TENANT2_ID} 25c7d344-d1c7-4208-8531-2c2693657e12
-${TENANT1_PATH} ${GBP_TENANTS_API}/tenant/${GBP_TENANT1_ID}
-${TENANT2_PATH} ${GBP_TENANTS_API}/tenant/${GBP_TENANT2_ID}
${TUNNELS_PATH} ${CONFIG_NODES_API}
${ENDPOINT_REG_PATH} ${GBP_REGEP_API}
${ENDPOINT_UNREG_PATH} ${GBP_UNREGEP_API}
${ENDPOINTS_OPER_PATH} /restconf/operational/endpoint:endpoints
${OF_OVERLAY_CONFIG_PATH} /restconf/config/ofoverlay:of-overlay-config
-${TENANT1_FILE} ${CURDIR}/../../../../variables/gbp/3node/tenant1.json
-${TENANT2_FILE} ${CURDIR}/../../../../variables/gbp/3node/tenant2.json
${TUNNELS_FILE} ${CURDIR}/../../../../variables/gbp/3node/tunnels.json
-${ENDPOINTS_GBP1_DIR} ${CURDIR}/../../../../variables/gbp/3node/demo-gbp1
-${ENDPOINTS_GBP2_DIR} ${CURDIR}/../../../../variables/gbp/3node/demo-gbp2
*** Keywords ***
Set Test Variables
Set Global Variable ${DIFF_WEBSERVER_DOCKER} ${diff_webserver_docker}
Set Global Variable ${DIFF_WEBSERVER_IP} ${diff_webserver_ip}
Set Global Variable ${DIFF_WEBSERVER_MAC} ${diff_webserver_mac}
+
+Init Variables
+ [Documentation] Initialize ODL version specific variables
+ log ${ODL_VERSION}
+ Run Keyword If '${ODL_VERSION}' == 'stable-lithium' Init Variables Lithium
+ ... ELSE Init Variables Master
+
+Init Variables Master
+ [Documentation] Sets variables specific to latest(master) version
+ Set Global Variable ${GBP_TENANT1_ID} tenant-red
+ Set Global Variable ${GBP_TENANT2_ID} tenant-blue
+ Set Global Variable ${TENANT1_PATH} ${GBP_TENANTS_API}/policy:tenant/${GBP_TENANT1_ID}
+ Set Global Variable ${TENANT2_PATH} ${GBP_TENANTS_API}/policy:tenant/${GBP_TENANT2_ID}
+ Set Global Variable ${TENANT1_FILE} ${CURDIR}/../../../../variables/gbp/3node/master/tenant1.json
+ Set Global Variable ${TENANT2_FILE} ${CURDIR}/../../../../variables/gbp/3node/master/tenant2.json
+ Set Global Variable ${ENDPOINTS_GBP1_DIR} ${CURDIR}/../../../../variables/gbp/3node/master/demo-gbp1
+ Set Global Variable ${ENDPOINTS_GBP2_DIR} ${CURDIR}/../../../../variables/gbp/3node/master/demo-gbp2
+
+Init Variables Lithium
+ [Documentation] Sets variables specific to Lithium version
+ Set Global Variable ${GBP_TENANT1_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
+ Set Global Variable ${GBP_TENANT2_ID} 25c7d344-d1c7-4208-8531-2c2693657e12
+ Set Global Variable ${TENANT1_PATH} ${GBP_TENANTS_API}/policy:tenant/${GBP_TENANT1_ID}
+ Set Global Variable ${TENANT2_PATH} ${GBP_TENANTS_API}/policy:tenant/${GBP_TENANT2_ID}
+ Set Global Variable ${TENANT1_FILE} ${CURDIR}/../../../../variables/gbp/3node/lithium/tenant1.json
+ Set Global Variable ${TENANT2_FILE} ${CURDIR}/../../../../variables/gbp/3node/lithium/tenant2.json
+ Set Global Variable ${ENDPOINTS_GBP1_DIR} ${CURDIR}/../../../../variables/gbp/3node/lithium/demo-gbp1
+ Set Global Variable ${ENDPOINTS_GBP2_DIR} ${CURDIR}/../../../../variables/gbp/3node/lithium/demo-gbp2
\ ${stdout} ${stderr} ${rc} ConnUtils.Execute in VE pip freeze | grep ipaddr -q || pip install ipaddr timeout=${timeout}
\ Should Be Equal As Numbers ${rc} 0
\ SSHLibrary.Close Connection
+ Init Variables
Teardown Everything
Log stop_suite_in_3_node
Variables ../../../variables/Variables.py
Resource ../../../libraries/Utils.robot
-*** Variables ***
-${GBP_TENANTS_FILE} ../../../variables/gbp/tenants.json
-${GBP_TENENT_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
-${GBP_TENANT1_API} /restconf/config/policy:tenants/policy:tenant/${GBP_TENENT_ID}
-${GBP_TENANT1_FILE} ../../../variables/gbp/tenant1.json
-
*** Test Cases ***
+Init Variables
+ [Documentation] Initialize ODL version specific variables
+ log ${ODL_VERSION}
+ Run Keyword If '${ODL_VERSION}' == 'stable-lithium' Init Variables Lithium
+ ... ELSE Init Variables Master
+
Add Tenants
[Documentation] Add Tenants from JSON file
Add Elements To URI From File ${GBP_TENANTS_API} ${GBP_TENANTS_FILE}
Remove All Elements At URI ${GBP_TENANT1_API}
${resp} RequestsLibrary.Get session ${GBP_TENANTS_API}
Should Be Equal As Strings ${resp.status_code} 200
- Should Not Contain ${resp.content} ${GBP_TENENT_ID}
+ Should Not Contain ${resp.content} ${GBP_TENANT_ID}
Clean Datastore After Tests
[Documentation] Clean All Tenants In Datastore After Tests
Remove All Elements At URI ${GBP_TENANTS_API}
+
+
+*** Keywords ***
+Init Variables Master
+ [Documentation] Sets variables specific to latest(master) version
+ Set Suite Variable ${GBP_TENANT_ID} tenant-red
+ Set Suite Variable ${GBP_TENANT1_API} /restconf/config/policy:tenants/policy:tenant/${GBP_TENANT_ID}
+ Set Suite Variable ${GBP_TENANTS_FILE} ${CURDIR}../../../variables/gbp/master/tenants.json
+ Set Suite Variable ${GBP_TENANT1_FILE} ${CURDIR}../../../variables/gbp/master/tenant1.json
+
+Init Variables Lithium
+ [Documentation] Sets variables specific to Lithium version
+ Set Suite Variable ${GBP_TENANT_ID} f5c7d344-d1c7-4208-8531-2c2693657e12
+ Set Suite Variable ${GBP_TENANT1_API} /restconf/config/policy:tenants/policy:tenant/${GBP_TENANT_ID}
+ Set Suite Variable ${GBP_TENANTS_FILE} ${CURDIR}../../../variables/gbp/lithium/tenants.json
+ Set Suite Variable ${GBP_TENANT1_FILE} ${CURDIR}../../../variables/gbp/lithium/tenant1.json
{
- "tenant": {
+ "policy:tenant": {
"contract": [
{
"clause": [
"classifier-ref": [
{
"direction": "in",
- "name": "http-dest"
+ "name": "http-dest",
+ "instance-name": "http-dest"
},
{
"direction": "out",
- "name": "http-src"
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
}
],
- "action-ref": [
- {
- "name": "allow1",
- "order": 0
- }
- ],
-
"name": "allow-http-rule"
}
]
{
"classifier-ref": [
{
- "name": "icmp"
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
}
],
- "action-ref": [
- {
- "name": "allow1",
- "order": 0
- }
- ],
-
"name": "allow-icmp-rule"
}
]
"subject-feature-instances": {
"classifier-instance": [
{
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"name": "http-dest",
"parameter-value": [
{
]
},
{
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"name": "http-src",
"parameter-value": [
{
]
},
{
- "classifier-definition-id": "Classifier-IP-Protocol",
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
"name": "icmp",
"parameter-value": [
{
]
}
],
- "action-instance": [
- {
- "name": "allow1",
- "action-definition-id": "Action-Allow"
- }
- ]
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
+ }
+ ]
},
"subnet": [
{
"classifier-instance": [
{
"name": "icmp",
- "classifier-definition-id": "Classifier-IP-Protocol",
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
"parameter-value": [
{
"name": "proto",
},
{
"name": "http-dest",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
},
{
"name": "http-src",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
"action-instance": [
{
"name": "allow1",
- "action-definition-id": "Action-Allow"
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
}
]
}
}
-}
\ No newline at end of file
+}
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:06",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.6",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_6",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:07",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.7",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_7",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:08",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.8",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_8",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:09",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.9",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_9",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:06",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.6",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_6",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:07",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.7",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_7",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:08",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.8",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_8",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:09",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.9",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_9",
+ "tenant": "tenant-blue"
+ }
+}
\ No newline at end of file
{
-"tenants": {
-
- "tenant": [{
+ "policy:tenant": {
"contract": [
{
"clause": [
]
}
],
- "id": "22282cca-9a13-4d0c-a67e-a933ebb0b0ae",
+ "id": "icmp-http-contract",
"subject": [
{
"name": "allow-http-subject",
"classifier-ref": [
{
"direction": "in",
- "name": "http-dest"
+ "name": "http-dest",
+ "instance-name": "http-dest"
},
{
"direction": "out",
- "name": "http-src"
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
}
],
- "action-ref": [
- {
- "name": "allow1",
- "order": 0
- }
- ],
-
"name": "allow-http-rule"
}
]
{
"classifier-ref": [
{
- "name": "icmp"
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
}
],
- "action-ref": [
- {
- "name": "allow1",
- "order": 0
- }
- ],
-
"name": "allow-icmp-rule"
}
]
"consumer-named-selector": [
{
"contract": [
- "22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ "icmp-http-contract"
],
- "name": "e593f05d-96be-47ad-acd5-ba81465680d5-1eaf9a67-a171-42a8-9282-71cf702f61dd-22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ "name": "webservers-clients-icmp-http-contract"
}
],
- "id": "1eaf9a67-a171-42a8-9282-71cf702f61dd",
- "network-domain": "d2779562-ebf1-45e6-93a4-78e2362bc418",
+ "id": "clients",
"provider-named-selector": []
},
{
"consumer-named-selector": [],
- "id": "e593f05d-96be-47ad-acd5-ba81465680d5",
- "network-domain": "2c71d675-693e-406f-899f-12a026eb55f1",
+ "id": "webservers",
"provider-named-selector": [
{
"contract": [
- "22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ "icmp-http-contract"
],
- "name": "e593f05d-96be-47ad-acd5-ba81465680d5-1eaf9a67-a171-42a8-9282-71cf702f61dd-22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ "name": "webservers-clients-icmp-http-contract"
}
]
}
],
- "id": "f5c7d344-d1c7-4208-8531-2c2693657e12",
+ "id": "tenant-red",
"l2-bridge-domain": [
{
- "id": "7b796915-adf4-4356-b5ca-de005ac410c1",
- "parent": "cbe0cc07-b8ff-451d-8171-9eef002a8e80"
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
}
],
"l2-flood-domain": [
{
- "id": "1ddde8d8-c2bc-48d7-8ce0-d78eb6ed4b5b",
- "parent": "7b796915-adf4-4356-b5ca-de005ac410c1"
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
},
{
- "id": "03f69af2-481c-4554-97d6-c4fedca5d126",
- "parent": "7b796915-adf4-4356-b5ca-de005ac410c1"
+ "id": "flood-domain1",
+ "parent": "bridge-domain1"
}
],
"l3-context": [
{
- "id": "cbe0cc07-b8ff-451d-8171-9eef002a8e80"
+ "id": "l3-context-vrf-red"
}
],
"name": "GBPPOC",
]
}
],
- "action-instance": [
- {
- "name": "allow1",
- "action-definition-id": "Action-Allow"
- }
- ]
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
},
"subnet": [
{
- "id": "d2779562-ebf1-45e6-93a4-78e2362bc418",
+ "id": "subnet-10.0.35.0/24",
"ip-prefix": "10.0.35.1/24",
- "parent": "1ddde8d8-c2bc-48d7-8ce0-d78eb6ed4b5b",
+ "parent": "flood-domain-1",
"virtual-router-ip": "10.0.35.1"
},
{
- "id": "2c71d675-693e-406f-899f-12a026eb55f1",
+ "id": "subnet-10.0.36.0/24",
"ip-prefix": "10.0.36.1/24",
- "parent": "03f69af2-481c-4554-97d6-c4fedca5d126",
+ "parent": "flood-domain1",
"virtual-router-ip": "10.0.36.1"
}
]
- }]
-
}
}
--- /dev/null
+{
+ "policy:tenant": {
+ "contract": [
+ {
+ "clause": [
+ {
+ "name": "allow-http-clause",
+ "subject-refs": [
+ "allow-http-subject",
+ "allow-icmp-subject"
+ ]
+ }
+ ],
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "allow-http-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "direction": "in",
+ "name": "http-dest",
+ "instance-name": "http-dest"
+ },
+ {
+ "direction": "out",
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-http-rule"
+ }
+ ]
+ },
+ {
+ "name": "allow-icmp-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-icmp-rule"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint-group": [
+ {
+ "consumer-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ],
+ "id": "clients",
+ "provider-named-selector": []
+ },
+ {
+ "consumer-named-selector": [],
+ "id": "webservers",
+ "provider-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ]
+ }
+ ],
+ "id": "tenant-blue",
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain1",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "name": "GBPPOC",
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-dest",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-src",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "name": "icmp",
+ "parameter-value": [
+ {
+ "int-value": "1",
+ "name": "proto"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "subnet": [
+ {
+ "id": "subnet-10.0.35.0/24",
+ "ip-prefix": "10.0.35.1/24",
+ "parent": "flood-domain-1",
+ "virtual-router-ip": "10.0.35.1"
+ },
+ {
+ "id": "subnet-10.0.36.0/24",
+ "ip-prefix": "10.0.36.1/24",
+ "parent": "flood-domain1",
+ "virtual-router-ip": "10.0.36.1"
+ }
+ ]
+ }
+}
"classifier-instance": [
{
"name": "icmp",
- "classifier-definition-id": "Classifier-IP-Protocol",
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
"parameter-value": [
{
"name": "proto",
},
{
"name": "http-dest",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
},
{
"name": "http-src",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
"action-instance": [
{
"name": "chain1",
- "action-definition-id": "Action-Chain",
+ "action-definition-id": "3d886be7-059f-4c4f-bbef-0356bea40933",
"parameter-value": [
{
"name": "sfc-chain-name",
},
{
"name": "allow1",
- "action-definition-id": "Action-Allow"
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
}
]
},
]
}
]
-}
\ No newline at end of file
+}
+
--- /dev/null
+{
+ "tenant": [
+ {
+ "id": "tenant-red",
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain-2",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "name": "DockerTenant",
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "subnet": [
+ {
+ "id": "subnet-10.0.36.0/24",
+ "virtual-router-ip": "10.0.36.1",
+ "parent": "flood-domain-2",
+ "ip-prefix": "10.0.36.1/24"
+ },
+ {
+ "id": "subnet-10.0.35.0/24",
+ "virtual-router-ip": "10.0.35.1",
+ "parent": "flood-domain-1",
+ "ip-prefix": "10.0.35.1/24"
+ }
+ ],
+ "endpoint-group": [
+ {
+ "id": "webservers",
+ "name": "webservers",
+ "provider-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ },
+ {
+ "id": "clients",
+ "name": "clients",
+ "consumer-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ }
+ ],
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "name": "icmp",
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "parameter-value": [
+ {
+ "name": "proto",
+ "int-value": 1
+ }
+ ]
+ },
+ {
+ "name": "http-dest",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "name": "http-src",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "chain1",
+ "action-definition-id": "Action-Chain",
+ "parameter-value": [
+ {
+ "name": "sfc-chain-name",
+ "string-value": "SFCGBP"
+ }
+ ]
+ },
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "contract": [
+ {
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "icmp-subject",
+ "rule": [
+ {
+ "name": "allow-icmp-rule",
+ "order": 0,
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "http-subject",
+ "rule": [
+ {
+ "name": "http-chain-rule",
+ "classifier-ref": [
+ {
+ "name": "http-dest",
+ "instance-name": "http-dest",
+ "direction": "in"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "chain1",
+ "order": 0
+ }
+ ]
+ },
+ {
+ "name": "http-out-rule",
+ "classifier-ref": [
+ {
+ "name": "http-src",
+ "instance-name": "http-src",
+ "direction": "out"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "clause": [
+ {
+ "name": "icmp-http-clause",
+ "subject-refs": [
+ "icmp-subject",
+ "http-subject"
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
"classifier-instance": [
{
"name": "icmp",
- "classifier-definition-id": "Classifier-IP-Protocol",
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
"parameter-value": [
{
"name": "proto",
},
{
"name": "http-dest",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
},
{
"name": "http-src",
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"parameter-value": [
{
"int-value": "6",
"action-instance": [
{
"name": "chain1",
- "action-definition-id": "Action-Chain",
+ "action-definition-id": "3d886be7-059f-4c4f-bbef-0356bea40933",
"parameter-value": [
{
"name": "sfc-chain-name",
},
{
"name": "allow1",
- "action-definition-id": "Action-Allow"
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
}
]
},
]
}
]
-}
\ No newline at end of file
+}
--- /dev/null
+{
+ "tenant": [
+ {
+ "id": "tenant-red",
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain-2",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "name": "DockerTenant",
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "subnet": [
+ {
+ "id": "subnet-10.0.36.0/24",
+ "virtual-router-ip": "10.0.36.1",
+ "parent": "flood-domain-2",
+ "ip-prefix": "10.0.36.1/24"
+ },
+ {
+ "id": "subnet-10.0.35.0/24",
+ "virtual-router-ip": "10.0.35.1",
+ "parent": "flood-domain-1",
+ "ip-prefix": "10.0.35.1/24"
+ }
+ ],
+ "endpoint-group": [
+ {
+ "id": "webservers",
+ "name": "webservers",
+ "provider-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ },
+ {
+ "id": "clients",
+ "name": "clients",
+ "consumer-named-selector": [
+ {
+ "name": "webservers-clients-icmp-http-contract",
+ "contract": [
+ "icmp-http-contract"
+ ]
+ }
+ ]
+ }
+ ],
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "name": "icmp",
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "parameter-value": [
+ {
+ "name": "proto",
+ "int-value": 1
+ }
+ ]
+ },
+ {
+ "name": "http-dest",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "name": "http-src",
+ "classifier-definition-id": "Classifier-L4",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "chain1",
+ "action-definition-id": "Action-Chain",
+ "parameter-value": [
+ {
+ "name": "sfc-chain-name",
+ "string-value": "SFCGBP"
+ }
+ ]
+ },
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "contract": [
+ {
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "icmp-subject",
+ "rule": [
+ {
+ "name": "allow-icmp-rule",
+ "order": 0,
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "name": "http-subject",
+ "rule": [
+ {
+ "name": "http-chain-rule-in",
+ "classifier-ref": [
+ {
+ "name": "http-dest",
+ "instance-name": "http-dest",
+ "direction": "in"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "chain1",
+ "order": 0
+ }
+ ]
+ },
+ {
+ "name": "http-chain-rule-out",
+ "classifier-ref": [
+ {
+ "name": "http-src",
+ "instance-name": "http-src",
+ "direction": "out"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "chain1",
+ "order": 0
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "clause": [
+ {
+ "name": "icmp-http-clause",
+ "subject-refs": [
+ "icmp-subject",
+ "http-subject"
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ]
+}
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "clients",
+ "network-containment": "subnet-10.0.35.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:35:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.35.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h35_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:02",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.2",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_2",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:03",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.3",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_3",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:04",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.4",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_4",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
--- /dev/null
+{
+ "input": {
+ "endpoint-group": "webservers",
+ "network-containment": "subnet-10.0.36.0/24",
+ "l2-context": "bridge-domain1",
+ "mac-address": "00:00:00:00:36:05",
+ "l3-address": [
+ {
+ "ip-address": "10.0.36.5",
+ "l3-context": "l3-context-vrf-red"
+ }
+ ],
+ "port-name": "vethl-h36_5",
+ "tenant": "tenant-red"
+ }
+}
\ No newline at end of file
"subject-feature-instances": {
"classifier-instance": [
{
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"name": "http-dest",
"parameter-value": [
{
]
},
{
- "classifier-definition-id": "Classifier-L4",
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
"name": "http-src",
"parameter-value": [
{
]
},
{
- "classifier-definition-id": "Classifier-IP-Protocol",
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
"name": "icmp",
"parameter-value": [
{
"action-instance": [
{
"name": "allow1",
- "action-definition-id": "Action-Allow"
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
}
]
},
--- /dev/null
+{
+ "policy:tenants": {
+
+ "policy:tenant": [{
+ "contract": [
+ {
+ "clause": [
+ {
+ "name": "allow-http-clause",
+ "subject-refs": [
+ "allow-http-subject",
+ "allow-icmp-subject"
+ ]
+ }
+ ],
+ "id": "22282cca-9a13-4d0c-a67e-a933ebb0b0ae",
+ "subject": [
+ {
+ "name": "allow-http-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "direction": "in",
+ "name": "http-dest",
+ "instance-name": "http-dest"
+ },
+ {
+ "direction": "out",
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-http-rule"
+ }
+ ]
+ },
+ {
+ "name": "allow-icmp-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-icmp-rule"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint-group": [
+ {
+ "consumer-named-selector": [
+ {
+ "contract": [
+ "22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ ],
+ "name": "e593f05d-96be-47ad-acd5-ba81465680d5-1eaf9a67-a171-42a8-9282-71cf702f61dd-22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ }
+ ],
+ "id": "1eaf9a67-a171-42a8-9282-71cf702f61dd",
+ "network-domain": "d2779562-ebf1-45e6-93a4-78e2362bc418",
+ "provider-named-selector": []
+ },
+ {
+ "consumer-named-selector": [],
+ "id": "e593f05d-96be-47ad-acd5-ba81465680d5",
+ "network-domain": "2c71d675-693e-406f-899f-12a026eb55f1",
+ "provider-named-selector": [
+ {
+ "contract": [
+ "22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ ],
+ "name": "e593f05d-96be-47ad-acd5-ba81465680d5-1eaf9a67-a171-42a8-9282-71cf702f61dd-22282cca-9a13-4d0c-a67e-a933ebb0b0ae"
+ }
+ ]
+ }
+ ],
+ "id": "f5c7d344-d1c7-4208-8531-2c2693657e12",
+ "l2-bridge-domain": [
+ {
+ "id": "7b796915-adf4-4356-b5ca-de005ac410c1",
+ "parent": "cbe0cc07-b8ff-451d-8171-9eef002a8e80"
+ }
+ ],
+ "l2-flood-domain": [
+ {
+ "id": "1ddde8d8-c2bc-48d7-8ce0-d78eb6ed4b5b",
+ "parent": "7b796915-adf4-4356-b5ca-de005ac410c1"
+ },
+ {
+ "id": "03f69af2-481c-4554-97d6-c4fedca5d126",
+ "parent": "7b796915-adf4-4356-b5ca-de005ac410c1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "cbe0cc07-b8ff-451d-8171-9eef002a8e80"
+ }
+ ],
+ "name": "GBPPOC",
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
+ "name": "http-dest",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "4250ab32-e8b8-445a-aebb-e1bd2cdd291f",
+ "name": "http-src",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "79c6fdb2-1e1a-4832-af57-c65baf5c2335",
+ "name": "icmp",
+ "parameter-value": [
+ {
+ "int-value": "1",
+ "name": "proto"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "f942e8fd-e957-42b7-bd18-f73d11266d17"
+ }
+ ]
+ },
+ "subnet": [
+ {
+ "id": "d2779562-ebf1-45e6-93a4-78e2362bc418",
+ "ip-prefix": "10.0.35.1/24",
+ "parent": "1ddde8d8-c2bc-48d7-8ce0-d78eb6ed4b5b",
+ "virtual-router-ip": "10.0.35.1"
+ },
+ {
+ "id": "2c71d675-693e-406f-899f-12a026eb55f1",
+ "ip-prefix": "10.0.36.1/24",
+ "parent": "03f69af2-481c-4554-97d6-c4fedca5d126",
+ "virtual-router-ip": "10.0.36.1"
+ }
+ ]
+ }]
+
+ }
+}
--- /dev/null
+{
+ "policy:tenant": {
+ "contract": [
+ {
+ "clause": [
+ {
+ "name": "allow-http-clause",
+ "subject-refs": [
+ "allow-http-subject",
+ "allow-icmp-subject"
+ ]
+ }
+ ],
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "allow-http-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "direction": "in",
+ "name": "http-dest",
+ "instance-name": "http-dest"
+ },
+ {
+ "direction": "out",
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-http-rule"
+ }
+ ]
+ },
+ {
+ "name": "allow-icmp-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-icmp-rule"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint-group": [
+ {
+ "consumer-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ],
+ "id": "clients",
+ "provider-named-selector": []
+ },
+ {
+ "consumer-named-selector": [],
+ "id": "webservers",
+ "provider-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ]
+ }
+ ],
+ "id": "tenant-red",
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain1",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "name": "GBPPOC",
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-dest",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-src",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "name": "icmp",
+ "parameter-value": [
+ {
+ "int-value": "1",
+ "name": "proto"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "subnet": [
+ {
+ "id": "subnet-10.0.35.0/24",
+ "ip-prefix": "10.0.35.1/24",
+ "parent": "flood-domain-1",
+ "virtual-router-ip": "10.0.35.1"
+ },
+ {
+ "id": "subnet-10.0.36.0/24",
+ "ip-prefix": "10.0.36.1/24",
+ "parent": "flood-domain1",
+ "virtual-router-ip": "10.0.36.1"
+ }
+ ]
+ }
+}
--- /dev/null
+{
+ "policy:tenants": {
+ "policy:tenant": [
+ {
+ "contract": [
+ {
+ "clause": [
+ {
+ "name": "allow-http-clause",
+ "subject-refs": [
+ "allow-http-subject",
+ "allow-icmp-subject"
+ ]
+ }
+ ],
+ "id": "icmp-http-contract",
+ "subject": [
+ {
+ "name": "allow-http-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "direction": "in",
+ "name": "http-dest",
+ "instance-name": "http-dest"
+ },
+ {
+ "direction": "out",
+ "name": "http-src",
+ "instance-name": "http-src"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-http-rule"
+ }
+ ]
+ },
+ {
+ "name": "allow-icmp-subject",
+ "rule": [
+ {
+ "classifier-ref": [
+ {
+ "name": "icmp",
+ "instance-name": "icmp"
+ }
+ ],
+ "action-ref": [
+ {
+ "name": "allow1",
+ "order": 0
+ }
+ ],
+ "name": "allow-icmp-rule"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "endpoint-group": [
+ {
+ "consumer-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ],
+ "id": "clients",
+ "provider-named-selector": []
+ },
+ {
+ "consumer-named-selector": [],
+ "id": "webservers",
+ "provider-named-selector": [
+ {
+ "contract": [
+ "icmp-http-contract"
+ ],
+ "name": "webservers-clients-icmp-http-contract"
+ }
+ ]
+ }
+ ],
+ "id": "tenant-red",
+ "l2-bridge-domain": [
+ {
+ "id": "bridge-domain1",
+ "parent": "l3-context-vrf-red"
+ }
+ ],
+ "l2-flood-domain": [
+ {
+ "id": "flood-domain-1",
+ "parent": "bridge-domain1"
+ },
+ {
+ "id": "flood-domain1",
+ "parent": "bridge-domain1"
+ }
+ ],
+ "l3-context": [
+ {
+ "id": "l3-context-vrf-red"
+ }
+ ],
+ "name": "GBPPOC",
+ "subject-feature-instances": {
+ "classifier-instance": [
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-dest",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "destport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-L4",
+ "name": "http-src",
+ "parameter-value": [
+ {
+ "int-value": "6",
+ "name": "proto"
+ },
+ {
+ "int-value": "80",
+ "name": "sourceport"
+ }
+ ]
+ },
+ {
+ "classifier-definition-id": "Classifier-IP-Protocol",
+ "name": "icmp",
+ "parameter-value": [
+ {
+ "int-value": "1",
+ "name": "proto"
+ }
+ ]
+ }
+ ],
+ "action-instance": [
+ {
+ "name": "allow1",
+ "action-definition-id": "Action-Allow"
+ }
+ ]
+ },
+ "subnet": [
+ {
+ "id": "subnet-10.0.35.0/24",
+ "ip-prefix": "10.0.35.1/24",
+ "parent": "flood-domain-1",
+ "virtual-router-ip": "10.0.35.1"
+ },
+ {
+ "id": "subnet-10.0.36.0/24",
+ "ip-prefix": "10.0.36.1/24",
+ "parent": "flood-domain1",
+ "virtual-router-ip": "10.0.36.1"
+ }
+ ]
+ }
+ ]
+ }
+}
+
+