Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # howto: Get > Rebuild API calls > Build; The Rebuild, and Build step will state wether a component is enabled or successfully configured (204)
- # Get XML Config of existing edge that needs clean redeploy
- # ./edge_rd_tool.py -G edge-20 -n nsxmanager -u admin -p default > edge-20.xml
- #
- # Rebuild/chop the configs up into smaller API POST/PUTs; creates/overwrites rebuild_<name>.xml* files.
- # ./edge_rd_tool.py -B edge-20.xml
- #
- # Build the edge with rebuild_<name>.xml and rebuild_<name>.xml.<feature> files
- # ./edge_rd_tool.py -R rebuild_edge-20.xml -n nsxmanager -u admin -p default
- #
- # example:
- # :~/edge$ ./edge_rd_tool.py -G edge-20 -n valscar -u admin -p default > edge-20.xml
- #
- # :~/edge$ ./edge_rd_tool.py -B edge-20.xml
- # rebuilding: edge-20
- # named: TestyMcEdge
- # features:
- # l2Vpn not enabled
- # firewall enabled
- # sslvpnConfig not enabled
- # dns enabled
- # routing enabled
- # highAvailability enabled
- # syslog enabled
- # loadBalancer enabled
- # gslb not enabled
- # ipsec enabled
- # dhcp enabled
- # nat enabled
- # bridges not enabled
- #
- # :~/edge$ ls rebuild_* edge-20.xml
- # edge-20.xml rebuild_edge-20.xml.dns rebuild_edge-20.xml.ipsec rebuild_edge-20.xml.routing
- # rebuild_edge-20.xml rebuild_edge-20.xml.firewall rebuild_edge-20.xml.loadBalancer rebuild_edge-20.xml.syslog
- # rebuild_edge-20.xml.dhcp rebuild_edge-20.xml.highAvailability rebuild_edge-20.xml.nat
- #
- # :~/edge$ ./edge_rd_tool.py -R rebuild_edge-20.xml -n nsxmanager -u admin -p default
- # Got new Edge API Path: /api/4.0/edges/edge-38
- # Sending ipsec config
- # 204
- # Sending Firewall config
- # 204
- # Sending routing config
- # 204
- # Sending dhcp config
- # 204
- # Sending LB config
- # 204
- # Sending HA config
- # 204
- # Sending nat config
- # 204
- # Sending Dns config
- # 204
- #
- #
- #
- # BEWARE - THERE BE DRAGONS!!
- import sys, requests, getopt, glob
- import xml.etree.ElementTree as ET
- from requests.packages.urllib3.exceptions import InsecureRequestWarning
- requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
- # Define functions used by the script
- def nsxgetrest ( uri, username, passwd ):
- "This function makes an NSX REST call with the GET method"
- r = requests.get(uri, auth=(username,passwd), headers={'Content-Type': 'application/xml','Accept': "application/xml"}, verify=False)
- return r
- def nsxpmrest ( uri, username, passwd, payload, method ):
- "This function makes an NSX REST call with a payload using the specified method"
- if method == "post" or method == "POST":
- r = requests.post(uri, auth=(username,passwd), headers={'Content-Type': 'application/xml','Accept': "application/xml"}, data = payload, verify=False)
- elif method == "put" or method == "PUT":
- r = requests.put(uri, auth=(username,passwd), headers={'Content-Type': 'application/xml','Accept': "application/xml"}, data = payload, verify=False)
- elif method =="delete" or method == "DELETE":
- r = requests.delete(uri, auth=(username,passwd), headers={'Content-Type': 'application/xml','Accept': "application/xml"}, verify=False)
- else:
- return false
- return r
- def loadfeaturefile (feature):
- "This function loads a file"
- rbef_feature_file = open (feature,'r')
- payload_data = rbef_feature_file.read()
- rbef_feature_file.close()
- return payload_data
- def print_my_help ():
- "This function prints my help message"
- print "edge_rd_tool.py -hGBRDs -n <nsx_fqdn> -u <username> -p <password>"
- print
- print " -h : this help "
- print " -G <edgeid> | --edge <edgeid> "
- print " gets the Edge XML from NSX Manager"
- print " redirect output to a file to process with the -B option"
- print
- print " -B <edgexmlfile> | --edgexml <edgexmlfile> "
- print " creates a Rebuild XML, will emit messages indicating each section that"
- print " needs an additional REST call "
- print " ::warning the Edge name will be changed from <name> to <name>_rebuild"
- print " ::warning the Edge password will be changed to Default12!Default12!"
- print " ::warning to change either of these values manually edit the xml files are your own peril"
- print " ::warning IPSEC / SSL VPN PSKs will be lost and literally changed to *'s"
- print " ::warning SSL VPN local users are lost due to an API issue"
- print
- print " a new xml file will be created named rebuild_<xmlfilename>"
- print " other files may be generated/overwritten depending if features are enabled or not"
- print " naming format will be rebuild_<xmlfilename>.<featurename>"
- print " Example if you specify 'edge-20.xml' as the <edgexmlfile>"
- print " the following files will appear:"
- print " rebuild_edge-20.xml"
- print " rebuild_edge-20.xml.firewall"
- print " rebuild_edge-20.xml.dns"
- print
- print " -R <rebuildxmlfile> | --rebuild <rebuildxmlfile> "
- print " sends NSX REST calls to NSX Manager to recreate the Edge"
- print
- print " -D <edgeapipath>"
- print " deletes an Edge"
- print
- print "-n <nsx_fqdn>"
- print " NSX manager to communicate with"
- print
- print "-u <username>"
- print " Username to use for NSX Manager communication"
- print
- print "-p <password>"
- print " Password to use for NSX Manager communication"
- print "Options n, u, p are only required for G, R, and D"
- #Parse options / Print Help Message
- try:
- opts, args = getopt.getopt(sys.argv[1:],"hG:B:R:D:n:u:p:",['edge=','edgexml=','rebuild='])
- except getopt.GetoptError:
- print_my_help()
- sys.exit(2)
- if len(opts) == 0:
- print_my_help()
- sys.exit(2)
- for opt, arg in opts:
- if opt in ("-G","--edge"):
- my_edge = arg
- my_action = 1
- elif opt in ("-B","--edgexml"):
- my_edge_xml_file = arg
- my_action = 2
- elif opt in ("-R","--rebuild"):
- my_edge_rebuild_file_name = arg
- my_action = 3
- elif opt == "-D":
- my_edge_api_path = arg
- my_action = 4
- elif opt == '-u':
- my_username = arg
- elif opt == '-n':
- my_nsxmanager = arg
- elif opt == '-p':
- my_password = arg
- elif opt == '-h':
- print_my_help()
- sys.exit(2)
- if my_action == 1 or my_action == 3 or my_action == 4:
- paramTest = 0
- if 'my_username' not in locals():
- print "Error: Missing Username (-u <username>)"
- paramTest = 1
- if 'my_nsxmanager' not in locals():
- print "Error: Missing NSX Manager (-n <nsxmanager_fqdn>)"
- paramTest = 1
- if 'my_password' not in locals():
- print "Error: Missing Password (-p <password>)"
- paramTest = 1
- if paramTest == 1:
- print_my_help()
- sys.exit(2)
- # Simply get and output the Edge XML data from NSX Manager
- if my_action == 1:
- uri = "https://" + my_nsxmanager + "/api/4.0/edges/" + my_edge
- edge_request = nsxgetrest(uri,my_username,my_password)
- print edge_request.content
- if my_action == 4:
- if my_edge_api_path.find("edge-") == -1:
- print "edge-id not found"
- print_my_help()
- sys.exit(2)
- uri = "https://" + my_nsxmanager + my_edge_api_path
- edge_request = nsxpmrest(uri,my_username,my_password,"","DELETE")
- print edge_request.status_code
- if edge_request.content is not None:
- print edge_request.content
- # Parse an existing Edge definition and recreate seperate XML files
- # to rebuild the edge, and reconfigure it's features
- # if a tag is not processed
- # it either caused problems on rebuild (such as id/version/names of objects)
- # or is not part of the API doc nsx_62_api.pdf
- # to rebuild an edge you must first post the base information, I've encountered issues when sending PUTs for "ALL" edge config
- # either due to size of request or certain features erroring our due to "interface" configuration not being in place
- # and then make PUT statements to update the <features> sections returned by the GET above
- #
- elif my_action == 2:
- rbef = ET.Element("edge")
- edge_xml_tree = ET.parse(my_edge_xml_file)
- exroot = edge_xml_tree.getroot()
- for child in exroot:
- if child.tag == 'id':
- print "rebuilding: " + child.text
- if child.tag == 'datacenterMoid':
- xdcMoid = ET.SubElement(rbef,'datacenterMoid')
- xdcMoid.text = child.text
- if child.tag == 'tenant':
- xtenant = ET.SubElement(rbef,'tenant')
- xtenant.text = child.text
- if child.tag == 'name':
- xname = ET.SubElement(rbef,'name')
- xname.text = child.text+"_rebuild"
- print "named: " + child.text
- if child.tag == 'fqdn':
- xfqdn = ET.SubElement(rbef,'fqdn')
- xfqdn.text = child.text
- if child.tag == 'enableAesni':
- xaes = ET.SubElement(rbef,'enableAesni')
- xaes.text = child.text
- if child.tag == 'enableFips':
- xfips = ET.SubElement(rbef,'enableFips')
- xfips.text = child.text
- if child.tag == 'vseLogLevel':
- xlogl = ET.SubElement(rbef,'vseLogLevel')
- xlogl.text = child.text
- if child.tag == 'vnics':
- xvnics = ET.SubElement(rbef,"vnics")
- for vnic in child:
- if vnic.tag == "vnic" and vnic.find("./subInterfaces") is None:
- xvnic = ET.SubElement(xvnics,"vnic")
- for vChild in vnic:
- if vChild.tag == 'label':
- xvnicl = ET.SubElement(xvnic,"label")
- xvnicl.text = vChild.text
- if vChild.tag == 'name':
- xvnicname = ET.SubElement(xvnic,"name")
- xvnicname.text = vChild.text
- if vChild.tag == 'mtu':
- xvnicmtu = ET.SubElement(xvnic,"mtu")
- xvnicmtu.text = vChild.text
- if vChild.tag == 'type':
- xvnictype = ET.SubElement(xvnic,"type")
- xvnictype.text = vChild.text
- if vChild.tag == "isConnected":
- xvniciscon = ET.SubElement(xvnic,"isConnected")
- xvniciscon.text = vChild.text
- if vChild.tag == "index":
- xvnicindex = ET.SubElement(xvnic,"index")
- xvnicindex.text = vChild.text
- if vChild.tag == "portgroupId":
- xvnicpg = ET.SubElement(xvnic,"portgroupId")
- xvnicpg.text = vChild.text
- if vChild.tag == "enableProxyArp":
- xvnicepa = ET.SubElement(xvnic,"enableProxyArp")
- xvnicepa.text = vChild.text
- if vChild.tag == "enableSendRedirects":
- xvnicesr = ET.SubElement(xvnic,"enableSendRedirects")
- xvnicesr.text = vChild.text
- if vChild.tag == "addressGroups":
- xvnicags = ET.SubElement(xvnic,"addressGroups")
- for ags in vChild:
- xvnicag = ET.SubElement(xvnicags,"addressGroup")
- for ag in ags:
- if ag.tag == "primaryAddress":
- xvnicagpa = ET.SubElement(xvnicag,"primaryAddress")
- xvnicagpa.text = ag.text
- if ag.tag == "subnetMask":
- xvnicagsm = ET.SubElement(xvnicag,"subnetMask")
- xvnicagsm.text = ag.text
- if ag.tag == "subnetPrefixLength":
- xvnicagpl = ET.SubElement(xvnicag,"subnetPrefixLength")
- xvnicagpl.text = ag.text
- if ag.tag == 'secondaryAddresses':
- xvnicagsa = ET.SubElement(xvnicag,"secondaryAddresses")
- for ipaddr in ag:
- if ipaddr.tag == 'ipAddress':
- xvnicagsaip = ET.SubElement(xvnicagsa,"ipAddress")
- xvnicagsaip.text = ipaddr.text
- if vnic.tag == "vnic" and vnic.find("./subInterfaces") is not None:
- xvnic = ET.Element("vnic")
- for vChild in vnic:
- if vChild.tag == 'label':
- xvnicl = ET.SubElement(xvnic,"label")
- xvnicl.text = vChild.text
- if vChild.tag == 'name':
- xvnicname = ET.SubElement(xvnic,"name")
- xvnicname.text = vChild.text
- if vChild.tag == 'mtu':
- xvnicmtu = ET.SubElement(xvnic,"mtu")
- xvnicmtu.text = vChild.text
- if vChild.tag == 'type':
- xvnictype = ET.SubElement(xvnic,"type")
- xvnictype.text = vChild.text
- if vChild.tag == "isConnected":
- xvniciscon = ET.SubElement(xvnic,"isConnected")
- xvniciscon.text = vChild.text
- if vChild.tag == "index":
- xvnicindex = ET.SubElement(xvnic,"index")
- xvnicindex.text = vChild.text
- if vChild.tag == "portgroupId":
- xvnicpg = ET.SubElement(xvnic,"portgroupId")
- xvnicpg.text = vChild.text
- if vChild.tag == "enableProxyArp":
- xvnicepa = ET.SubElement(xvnic,"enableProxyArp")
- xvnicepa.text = vChild.text
- if vChild.tag == "enableSendRedirects":
- xvnicesr = ET.SubElement(xvnic,"enableSendRedirects")
- xvnicesr.text = vChild.text
- if vChild.tag == "subInterfaces":
- xvnicsis = ET.SubElement(xvnic,"subInterfaces")
- for vnicsis in vChild:
- if vnicsis.tag == "subInterface":
- xvnicsi = ET.SubElement(xvnicsis,"subInterface")
- for vnicsi in vnicsis:
- if vnicsi.tag == "isConnected":
- xvnicsicon = ET.SubElement(xvnicsi,"isConnected")
- xvnicsicon.text = vnicsi.text
- if vnicsi.tag =="label":
- xvnicsilab = ET.SubElement(xvnicsi,"label")
- xvnicsilab.text = vnicsi.text
- if vnicsi.tag =="name":
- xvnicsinam = ET.SubElement(xvnicsi,"name")
- xvnicsinam.text = vnicsi.text
- if vnicsi.tag =="tunnelId":
- xvnicsitun = ET.SubElement(xvnicsi,"tunnelId")
- xvnicsitun.text = vnicsi.text
- if vnicsi.tag =="mtu":
- xvnicsimtu = ET.SubElement(xvnicsi,"mtu")
- xvnicsimtu.text = vnicsi.text
- if vnicsi.tag =="vlanId":
- xvnicsivln = ET.SubElement(xvnicsi,"vlanId")
- xvnicsivln.text = vnicsi.text
- if vnicsi.tag =="enableSendRedirects":
- xvnicsiesr = ET.SubElement(xvnicsi,"enableSendRedirects")
- xvnicsiesr.text = vnicsi.text
- if vnicsi.tag =="addressGroups":
- xvnicsiags = ET.SubElement(xvnicsi,"addressGroups")
- for ags in vnicsi:
- xvnicsiag = ET.SubElement(xvnicsiags,"addressGroup")
- for ag in ags:
- if ag.tag == "primaryAddress":
- xvnicsiagpa = ET.SubElement(xvnicsiag,"primaryAddress")
- xvnicsiagpa.text = ag.text
- if ag.tag == "subnetMask":
- xvnicsiagsm = ET.SubElement(xvnicsiag,"subnetMask")
- xvnicsiagsm.text = ag.text
- if ag.tag == "subnetPrefixLength":
- xvnicsiagpl = ET.SubElement(xvnicsiag,"subnetPrefixLength")
- xvnicsiagpl.text = ag.text
- if ag.tag == 'secondaryAddresses':
- xvnicsiagsa = ET.SubElement(xvnicsiag,"secondaryAddresses")
- for ipaddr in ag:
- if ipaddr.tag == 'ipAddress':
- xvnicsiagsaip = ET.SubElement(xvnicsiagsa,"ipAddress")
- xvnicsiagsaip.text = ipaddr.text
- if vChild.tag == "addressGroups":
- xvnicags = ET.SubElement(xvnic,"addressGroups")
- for ags in vChild:
- xvnicag = ET.SubElement(xvnicags,"addressGroup")
- for ag in ags:
- if ag.tag == "primaryAddress":
- xvnicagpa = ET.SubElement(xvnicag,"primaryAddress")
- xvnicagpa.text = ag.text
- if ag.tag == "subnetMask":
- xvnicagsm = ET.SubElement(xvnicag,"subnetMask")
- xvnicagsm.text = ag.text
- if ag.tag == "subnetPrefixLength":
- xvnicagpl = ET.SubElement(xvnicag,"subnetPrefixLength")
- xvnicagpl.text = ag.text
- if ag.tag == 'secondaryAddresses':
- xvnicagsa = ET.SubElement(xvnicag,"secondaryAddresses")
- for ipaddr in ag:
- if ipaddr.tag == 'ipAddress':
- xvnicagsaip = ET.SubElement(xvnicagsa,"ipAddress")
- xvnicagsaip.text = ipaddr.text
- #
- rebuild_xmlstring = ET.tostring(xvnic)
- rebuild_file_name = "rebuild_" + my_edge_xml_file + ".subInterface." + xvnicindex.text
- rebuild_file = open(rebuild_file_name,"w")
- rebuild_file.write(rebuild_xmlstring)
- rebuild_file.close()
- if child.tag == 'appliances':
- xapps = ET.SubElement(rbef,"appliances")
- for appChild in child:
- if appChild.tag == 'applianceSize':
- xappSize = ET.SubElement(xapps,"applianceSize")
- xappSize.text = appChild.text
- if appChild.tag =='appliance':
- xapp = ET.SubElement(xapps,"appliance")
- for vappChild in appChild:
- if vappChild.tag == "resourcePoolId":
- xapprpid = ET.SubElement(xapp,"resourcePoolId")
- xapprpid.text = vappChild.text
- if vappChild.tag == "datastoreId":
- xappdsid = ET.SubElement(xapp,"datastoreId")
- xappdsid.text = vappChild.text
- if vappChild.tag == "vmFolderId":
- xappfldid = ET.SubElement(xapp,"vmFolderId")
- xappfldid.text = vappChild.text
- if child.tag == 'cliSettings':
- xcli = ET.SubElement(rbef,'cliSettings')
- for cliChild in child:
- if cliChild.tag == 'remoteAccess':
- xclira = ET.SubElement(xcli,"remoteAccess")
- xclira.text = cliChild.text
- if cliChild.tag == 'userName':
- xusername = ET.SubElement(xcli,"userName")
- xusername.text = cliChild.text
- if cliChild.tag == 'sshLoginBannerText':
- xsshbanner = ET.SubElement(xcli,"sshLoginBannerText")
- xsshbanner.text = cliChild.text
- if cliChild.tag == 'passwordExpiry':
- xpwexp = ET.SubElement(xcli,"passwordExpiry")
- xpwexp.text = cliChild.text
- xpassword = ET.SubElement(xcli,"password")
- xpassword.text = "Default12!Default12!"
- if child.tag == 'features':
- print "features:"
- # here we can almost cartblanche use the xml contexts returned
- # so we dump the XML string content and rebuild a new xml entity
- # and strip out the versions tag
- # firewall does not like this # now working with own handler
- # nat does not like this # now working with own handler
- # no docs for gslb
- # l2vpn requires password blankin
- for features in child:
- clip_xmlstring = ET.tostring(features)
- rb_feat = ET.fromstring(clip_xmlstring)
- for ver in rb_feat.findall("version"):
- rb_feat.remove(ver)
- en = rb_feat.find("./enabled")
- if en is not None:
- if en.text == "true":
- print features.tag + " enabled"
- if features.tag == "nat" or features.tag == "firewall":
- rb_feat.remove(en)
- if features.tag == "firewall":
- rb_feat = ET.Element("firewall")
- for fwconfig in features:
- if fwconfig.tag == "globalConfig":
- fwgc = ET.SubElement(rb_feat,"globalConfig")
- for gcparams in fwconfig:
- gcparam = ET.SubElement(fwgc,gcparams.tag)
- gcparam.text = gcparams.text
- if fwconfig.tag == "defaultPolicy":
- dfp = ET.SubElement(rb_feat,"defaultPolicy")
- for dfparams in fwconfig:
- dfparam = ET.SubElement(dfp,dfparams.tag)
- dfparam.text = dfparams.text
- if fwconfig.tag == "firewallRules":
- xfwrs = ET.SubElement(rb_feat,"firewallRules")
- for fwrs in fwconfig:
- if fwrs.tag == "firewallRule":
- rt = fwrs.find("./ruleType")
- if not rt.text == "default_policy" and not rt.text == "internal_high" and not rt.text == "internal_low":
- xfwr = ET.SubElement(xfwrs,"firewallRule")
- for fwr in fwrs: ## ruleTags from UI created are outside of the 1-65536 for "user" specified ruleTags ## TODO write test for ruleTag in user range
- if not fwr.tag == "ruleTag" and not fwr.tag == "id" and not fwr.tag == "ruleType" and not fwr.tag == "source" and not fwr.tag == "destination" and fwr.text is not None:
- xxtag = ET.SubElement(xfwr,fwr.tag)
- xxtag.text = fwr.text
- if fwr.tag == "source" or fwr.tag == "destination":
- xxtag = ET.SubElement(xfwr,fwr.tag)
- for sd in fwr:
- xxxtag = ET.SubElement(xxtag,sd.tag)
- xxxtag.text = sd.text
- rb_feat_xmlstring = ET.tostring(rb_feat)
- rb_feat_file_name = "rebuild_" + my_edge_xml_file + "." + features.tag
- rb_feat_file = open(rb_feat_file_name,'w')
- rb_feat_file.write(rb_feat_xmlstring)
- rb_feat_file.close()
- if features.tag == "nat":
- xnat = ET.Element("nat")
- rb_feat = ET.SubElement(xnat,"natRules")
- for natrules in features:
- if natrules.tag == "natRules":
- for natrule in natrules: ## TODO same as above for user range ruleTag
- if natrule.tag == "natRule":
- rt = natrule.find("./ruleType")
- if rt.text == "user":
- xnatrule = ET.SubElement(rb_feat,"natRule")
- for natruleopt in natrule:
- if not natruleopt.tag == "ruleId" and not natruleopt.tag == "ruleType" and not natruleopt.tag =="ruleTag" and natruleopt.text is not None:
- xxtag = ET.SubElement(xnatrule,natruleopt.tag)
- xxtag.text = natruleopt.text
- rb_feat_xmlstring = ET.tostring(xnat)
- rb_feat_file_name = "rebuild_" + my_edge_xml_file + "." + features.tag
- rb_feat_file = open(rb_feat_file_name,'w')
- rb_feat_file.write(rb_feat_xmlstring)
- rb_feat_file.close()
- else:
- rb_feat_xmlstring = ET.tostring(rb_feat)
- rb_feat_file_name = "rebuild_" + my_edge_xml_file + "." + features.tag
- rb_feat_file = open(rb_feat_file_name,'w')
- rb_feat_file.write(rb_feat_xmlstring)
- rb_feat_file.close()
- else:
- print features.tag + " not enabled"
- if child.tag == 'autoConfiguration':
- xautoconfig = ET.SubElement(rbef,'autoConfiguration')
- for acChild in child:
- if acChild.tag == 'enabled':
- xacenabled = ET.SubElement(xautoconfig,"enabled")
- xacenabled.text = acChild.text
- if acChild.tag == 'rulePriority':
- xacrp = ET.SubElement(xautoconfig,"rulePriority")
- xacrp.text = acChild.text
- rebuild_xmlstring = ET.tostring(rbef)
- rebuild_file_name = "rebuild_" + my_edge_xml_file
- rebuild_file = open(rebuild_file_name,"w")
- rebuild_file.write(rebuild_xmlstring)
- rebuild_file.close()
- elif my_action == 3:
- rbef_file = open(my_edge_rebuild_file_name,'r')
- rbef_payload_data = rbef_file.read()
- rbef_file.close()
- uri = "https://" + my_nsxmanager + "/api/4.0/edges"
- edge_request = nsxpmrest(uri,my_username,my_password,rbef_payload_data,"POST")
- edge_api_path = edge_request.headers.get("Location")
- if edge_api_path is None:
- print "failed to get edge api path, duplicate edge name may exist"
- sys.exit(2)
- print "Got new Edge API Path: " + edge_api_path
- feature_files = glob.glob(my_edge_rebuild_file_name + ".*")
- stripchr = len(my_edge_rebuild_file_name) + 1
- features = [f[stripchr:] for f in feature_files]
- if "routing" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".routing")
- uri = "https://" + my_nsxmanager + edge_api_path + "/routing/config"
- print "Sending routing config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "firewall" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".firewall")
- uri = "https://" + my_nsxmanager + edge_api_path + "/firewall/config"
- print "Sending Firewall config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "nat" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".nat")
- uri = "https://" + my_nsxmanager + edge_api_path + "/nat/config"
- print "Sending nat config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "dhcp" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".dhcp")
- uri = "https://" + my_nsxmanager + edge_api_path + "/dhcp/config"
- print "Sending dhcp config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "dns" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".dns")
- uri = "https://" + my_nsxmanager + edge_api_path + "/dns/config"
- print "Sending Dns config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "syslog" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".syslog")
- uri = "https://" + my_nsxmanager + edge_api_path + "/syslog/config"
- print "Sending Syslog config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "loadBalancer" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".loadBalancer")
- uri = "https://" + my_nsxmanager + edge_api_path + "/loadbalancer/config"
- print "Sending LB config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "ipsec" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".ipsec")
- uri = "https://" + my_nsxmanager + edge_api_path + "/ipsec/config"
- print "Sending ipsec config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "highAvailability" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".highAvailability")
- uri = "https://" + my_nsxmanager + edge_api_path + "/highavailability/config"
- print "Sending HA config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- for subInt in range(0,10):
- if "subInterface." + str(subInt) in features:
- uri = "https://" + my_nsxmanager + edge_api_path + "/vnics/" + str(subInt)
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".subInterface."+str(subInt))
- print "Sending vNic_"+str(subInt)+" with subInterface(s)"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "l2Vpn" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".l2Vpn")
- uri = "https://" + my_nsxmanager + edge_api_path + "/l2vpn/config/"
- print "Sending l2Vpn config"
- # password *must* be posted
- if payload_data.find("<password>") == -1:
- payload_data = payload_data.replace("</userId>","</userId><password>Default12!Default12!</password>")
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "bridges" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".bridges")
- uri = "https://" + my_nsxmanager + edge_api_path + "/bridging/config"
- print "Sending bridging config"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- if "sslvpnConfig" in features:
- payload_data = loadfeaturefile(my_edge_rebuild_file_name + ".sslvpnConfig")
- print "Sending sslvpn config"
- xsslvpnConfig = ET.fromstring(payload_data)
- xservsett = xsslvpnConfig.find("./serverSettings")
- if xservsett is not None:
- payload_data = ET.tostring(xservsett)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/server/"
- print " serverSettings"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xprivnet = xsslvpnConfig.find("./privateNetwork")
- if xprivnet is not None:
- payload_data = ET.tostring(xprivnet)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/client/networkextension/privatenetworks/"
- print " privateNetwork"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xwebresource = xsslvpnConfig.find("./webResource")
- if xwebresource is not None:
- payload_data = ET.tostring(xwebresource)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/webresources/"
- print " webResource"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xusers = xsslvpnConfig.find("./users") ## TODO FIX ME?
- if xusers is not None:
- payload_data = ET.tostring(xusers)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/auth/localserver/users/"
- print " users - BROKEN"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xippool = xsslvpnConfig.find("./ipAddressPools")
- if xippool is not None:
- payload_data = ET.tostring(xippool)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/client/networkextension/ippools"
- print " ippool"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xcconf = xsslvpnConfig.find("./clientConfiguration")
- if xcconf is not None:
- payload_data = ET.tostring(xcconf)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/client/networkextension/clientconfig/"
- print " clientConfiguration"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xcip = xsslvpnConfig.find("./clientInstallPackage")
- if xcip is not None:
- payload_data = ET.tostring(xcip)
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/client/networkextension/installpackages"
- print " clientInstallPackage"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
- xlayout = xsslvpnConfig.find("./layoutConfiguration")
- if xlayout is not None:
- xml_string = ET.tostring(xlayout)
- payload_data = xml_string.replace("layoutConfiguration","layout")
- uri = "https://" + my_nsxmanager + edge_api_path + "/sslvpn/config/layout/portal"
- print " layout"
- edge_request = nsxpmrest(uri,my_username,my_password,payload_data,"PUT")
- print edge_request.status_code
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement