#!/usr/bin/env python# -*- coding: utf-8 -*-# Author: SAVITHRU LOKANATH# Con

1. #!/usr/bin/env python
2. # -*- coding: utf-8 -*-
3.  
4. # Author: SAVITHRU LOKANATH
5. # Contact: SAVITHRU AT JUNIPER.NET
6. # Copyright (c) 2017 Juniper Networks, Inc. All rights reserved.
7.  
8. import os
9. import timeit
10. import argparse
11. from vnc_api import vnc_api
12.  
13. def update_SG(vnc, project, sg_old, sg_new, virtual_network):
14.  
15. """ FUNCTION TO UPDATE SECURITY-GROUPS """
16.  
17. try:
18. if sg_old != sg_new:
19. security_grp = vnc.security_group_read(fq_name=['default-domain', project, sg_new])
20. vn_list = vnc.virtual_networks_list()['virtual-networks']
21.  
22. for vn in vn_list:
23. if vn['fq_name'][1] == project and vn['fq_name'][2] == virtual_network:
24. vn_obj = vnc.virtual_network_read(vn['fq_name'])
25. vmi_list = vn_obj.get_virtual_machine_interface_back_refs()
26.  
27. for vmi in vmi_list:
28. vmi_obj = vnc.virtual_machine_interface_read(vmi['to'])
29. sg_ref_old = vmi_obj.get_security_group_refs()[0]['to'][2]
30.  
31. if sg_ref_old == sg_old:
32. start_time = timeit.default_timer()
33. vmi_obj.set_security_group(security_grp)
34. vnc.virtual_machine_interface_update(vmi_obj)
35. elapsed = timeit.default_timer() - start_time
36. sg_ref_new = vmi_obj.get_security_group_refs()[0]['to'][2]
37. print 'INFO: Security group on VMI "{}" updated from "{}" to "{}" in {} seconds'.format(vmi['to'][2], sg_ref_old, sg_ref_new, elapsed)
38.  
39. elif sg_ref_old == sg_new:
40. print 'INFO: Security group "{}" on VMI "{}" already exists'.format(sg_ref_old, vmi['to'][2])
41.  
42. else:
43. pass
44. else:
45. pass
46. else:
47. print '\nERROR: Old & new security groups are the same\n'
48.  
49. except:
50. print '\nERROR: The security group does not exist\n'
51.  
52.  
53. def main():
54.  
55. """ INIT FUNCTION """
56.  
57. try:
58.  
59. username = os.environ.get('OS_USERNAME')
60. password = os.environ.get('OS_PASSWORD')
61. api_server = os.environ.get('OS_AUTH_URL').split("//")[1].split(":")[0]
62. project = os.environ.get('OS_TENANT_NAME')
63.  
64. parser = argparse.ArgumentParser()
65. required = parser.add_argument_group('Required Arguments')
66. required.add_argument('--from', action='store', dest='old_sg', help='Old security-group name')
67. required.add_argument('--to', action='store', dest='new_sg', help='New security-group name')
68. required.add_argument('--vn', action='store', dest='vn', help='Virtual-Network')
69. args = parser.parse_args()
70.  
71. if args.old_sg and args.new_sg and args.vn:
72. sg_old, sg_new, virtual_network = args.old_sg, args.new_sg, args.vn
73. vnc = vnc_api.VncApi(username=username, password=password, api_server_host = api_server, tenant_name=project)
74. update_SG(vnc, project, sg_old, sg_new, virtual_network)
75. else:
76. parser.print_help()
77.  
78. except:
79. print '\nERROR: Please source openstackrc file\n'
80.  
81. if __name__=="__main__":
82.  
83. start_time = timeit.default_timer()
84. main()
85. elapsed = timeit.default_timer() - start_time
86.  
87. print '\nExecution Time: {}\n'.format(elapsed)