#!/usr/bin/env python# -*- coding: utf-8 -*-# Author: SAVITHRU LOKANATH# Con

1. #!/usr/bin/env python
2. # -*- coding: utf-8 -*-
3.  
4. # Author: SAVITHRU LOKANATH
5. # Contact: SAVITHRU AT JUNIPER.NET
6. # Copyright (c) 2016 Juniper Networks, Inc. All rights reserved.
7.  
8. import os
9. import timeit
10. import argparse
11. from vnc_api import vnc_api
12.  
13.  
14. def update_SG(vnc, project, sg_old, sg_new):
15.  
16. """ FUNCTION TO UPDATE SECURITY-GROUPS """
17.  
18. try:
19. if sg_old != sg_new:
20. security_grp = vnc.security_group_read(fq_name=['default-domain', project, sg_new])
21. vmi_list = vnc.virtual_machine_interfaces_list()['virtual-machine-interfaces']
22.  
23. for vmi in vmi_list:
24. if vmi['fq_name'][1] == project and vmi['fq_name'][2].startswith('contrail'):
25. vmi_obj = vnc.virtual_machine_interface_read(vmi['fq_name'])
26. sg_ref_old = vmi_obj.get_security_group_refs()[0]['to'][2]
27.  
28. if sg_ref_old == sg_old:
29. start_time = timeit.default_timer()
30. vmi_obj.set_security_group(security_grp)
31. vnc.virtual_machine_interface_update(vmi_obj)
32. elapsed = timeit.default_timer() - start_time
33. sg_ref_new = vmi_obj.get_security_group_refs()[0]['to'][2]
34. print 'INFO: Security group on VMI "{}" updated from "{}" to "{}" in {} seconds'.format(vmi['fq_name'][2], sg_ref_old, sg_ref_new, elapsed)
35.  
36. elif sg_ref_old == sg_new:
37. print 'INFO: Security group "{}" on VMI "{}" already exists'.format(sg_ref_old, vmi['fq_name'][2])
38.  
39. else:
40. pass
41.  
42. else:
43. pass
44.  
45. else:
46. print '\nERROR: Old & new security groups are the same\n'
47.  
48. except:
49. print '\nERROR: The security group does not exist\n'
50.  
51.  
52. def main():
53.  
54. """ INIT FUNCTION """
55.  
56. try:
57. username = os.environ.get('OS_USERNAME')
58. password = os.environ.get('OS_PASSWORD')
59. api_server = os.environ.get('OS_AUTH_URL').split("//")[1].split(":")[0]
60. project = os.environ.get('OS_TENANT_NAME')
61.  
62. parser = argparse.ArgumentParser()
63. parser.add_argument('--from', action='store', dest='old_sg', help='Old security-group name')
64. parser.add_argument('--to', action='store', dest='new_sg', help='New security-group name')
65. args = parser.parse_args()
66.  
67. if args.old_sg and args.new_sg:
68. sg_old, sg_new = args.old_sg, args.new_sg
69. vnc = vnc_api.VncApi(username=username, password=password, api_server_host = api_server, tenant_name=project)
70. update_SG(vnc, project, sg_old, sg_new)
71. else:
72. print '\nMissing arguments\n\nUse "./update-sg.py --help"\n'
73.  
74. except:
75. print '\nERROR: Please source openstackrc file\n'
76.  
77. if __name__=="__main__":
78.  
79. start_time = timeit.default_timer()
80. main()
81. elapsed = timeit.default_timer() - start_time
82.  
83. print '\nExecution Time: {}\n'.format(elapsed)