diff --git a/vmware_nsxlib/tests/unit/v3/policy/test_resources.py b/vmware_nsxlib/tests/unit/v3/policy/test_resources.py index dbdb4ed6..d3fa6988 100644 --- a/vmware_nsxlib/tests/unit/v3/policy/test_resources.py +++ b/vmware_nsxlib/tests/unit/v3/policy/test_resources.py @@ -2567,6 +2567,7 @@ class TestPolicyTier0(NsxPolicyLibTestCase): description = 'desc' dhcp_config = '111' subnets = ["2.2.2.0/24"] + ipv6_profile_id = '222' with mock.patch.object(self.policy_api, "create_or_update") as api_call: @@ -2576,6 +2577,7 @@ class TestPolicyTier0(NsxPolicyLibTestCase): force_whitelisting=True, default_rule_logging=True, transit_subnets=subnets, + ipv6_ndra_profile_id=ipv6_profile_id, tenant=TEST_TENANT) expected_def = core_defs.Tier0Def( @@ -2588,6 +2590,7 @@ class TestPolicyTier0(NsxPolicyLibTestCase): ha_mode=constants.ACTIVE_ACTIVE, failover_mode=constants.NON_PREEMPTIVE, transit_subnets=subnets, + ipv6_ndra_profile_id=ipv6_profile_id, tenant=TEST_TENANT) self.assert_called_with_def(api_call, expected_def) diff --git a/vmware_nsxlib/v3/policy/__init__.py b/vmware_nsxlib/v3/policy/__init__.py index b3e15b0e..7c3117cf 100644 --- a/vmware_nsxlib/v3/policy/__init__.py +++ b/vmware_nsxlib/v3/policy/__init__.py @@ -103,6 +103,8 @@ class NsxPolicyLib(lib.NsxLibBase): self.segment_port_qos_profiles = ( core_resources.SegmentPortQosProfilesBindingMapApi( *args)) + self.ipv6_ndra_profile = ( + core_resources.NsxIpv6NdraProfileApi(*args)) self.dhcp_relay_config = core_resources.NsxDhcpRelayConfigApi(*args) self.certificate = core_resources.NsxPolicyCertApi(*args) self.load_balancer = lb_resources.NsxPolicyLoadBalancerApi(*args) diff --git a/vmware_nsxlib/v3/policy/constants.py b/vmware_nsxlib/v3/policy/constants.py index 813afcdb..9f2fd7e1 100644 --- a/vmware_nsxlib/v3/policy/constants.py +++ b/vmware_nsxlib/v3/policy/constants.py @@ -66,3 +66,9 @@ NAT_FIREWALL_MATCH_INTERNAL = 'MATCH_INTERNAL_ADDRESS' ATTACHMENT_PARENT = "PARENT" ATTACHMENT_CHILD = "CHILD" ATTACHMENT_INDEPENDENT = "INDEPENDENT" + +IPV6_RA_MODE_RS_ONLY = "RS_ONLY" +IPV6_RA_MODE_DISABLED = "DISABLED" +IPV6_RA_MODE_SLAAC_RA = "SLAAC_DNS_THROUGH_RA" +IPV6_RA_MODE_SLAAC_DHCP = "SLAAC_DNS_THROUGH_DHCP" +IPV6_RA_MODE_DHCP = "DHCP_ADDRESS_AND_DNS_THROUGH_DHCP" diff --git a/vmware_nsxlib/v3/policy/core_defs.py b/vmware_nsxlib/v3/policy/core_defs.py index 503b1dc7..50136447 100644 --- a/vmware_nsxlib/v3/policy/core_defs.py +++ b/vmware_nsxlib/v3/policy/core_defs.py @@ -45,6 +45,8 @@ IP_DISCOVERY_PROFILES_PATH_PATTERN = (TENANTS_PATH_PATTERN + "ip-discovery-profiles/") MAC_DISCOVERY_PROFILES_PATH_PATTERN = (TENANTS_PATH_PATTERN + "mac-discovery-profiles/") +IPV6_NDRA_PROFILES_PATH_PATTERN = (TENANTS_PATH_PATTERN + + "ipv6-ndra-profiles/") CERTIFICATE_PATH_PATTERN = TENANTS_PATH_PATTERN + "certificates/" REALIZATION_PATH = "infra/realized-state/realized-entities?intent_path=%s" @@ -305,6 +307,19 @@ class RouterDef(ResourceDef): self._set_attr_if_specified(body, 'dhcp_config', body_attr='dhcp_config_paths', value=paths) + + if self.has_attr('ipv6_ndra_profile_id'): + paths = None + if self.get_attr('ipv6_ndra_profile_id'): + ndra_profile = Ipv6NdraProfileDef( + profile_id=self.get_attr('ipv6_ndra_profile_id'), + tenant=self.get_tenant()) + paths = [ndra_profile.get_resource_full_path()] + + self._set_attr_if_specified(body, 'ipv6_ndra_profile_id', + body_attr='ipv6_profile_paths', + value=paths) + return body @@ -1557,6 +1572,35 @@ class MacDiscoveryProfileDef(ResourceDef): return body +class Ipv6NdraProfileDef(ResourceDef): + + @property + def path_pattern(self): + return IPV6_NDRA_PROFILES_PATH_PATTERN + + @property + def path_ids(self): + return ('tenant', 'profile_id') + + @staticmethod + def resource_type(): + return 'Ipv6NdraProfile' + + def path_defs(self): + return (TenantDef,) + + def get_obj_dict(self): + body = super(Ipv6NdraProfileDef, self).get_obj_dict() + self._set_attrs_if_specified(body, ['ra_mode', + 'reachable_timer', + 'retransmit_interval']) + # Use default settings for dns and RA for now + # TODO(annak): expose when required + body['dns_config'] = {} + body['ra_config'] = {} + return body + + class DhcpRelayConfigDef(ResourceDef): @property diff --git a/vmware_nsxlib/v3/policy/core_resources.py b/vmware_nsxlib/v3/policy/core_resources.py index ded57050..39f810a0 100644 --- a/vmware_nsxlib/v3/policy/core_resources.py +++ b/vmware_nsxlib/v3/policy/core_resources.py @@ -733,6 +733,7 @@ class NsxPolicyTier1Api(NsxPolicyResourceBase): route_advertisement=IGNORE, dhcp_config=IGNORE, disable_firewall=IGNORE, + ipv6_ndra_profile_id=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT): tier1_id = self._init_obj_uuid(tier1_id) @@ -746,6 +747,7 @@ class NsxPolicyTier1Api(NsxPolicyResourceBase): route_advertisement=route_advertisement, dhcp_config=dhcp_config, disable_firewall=disable_firewall, + ipv6_ndra_profile_id=ipv6_ndra_profile_id, tenant=tenant) self._create_or_store(tier1_def) @@ -773,6 +775,7 @@ class NsxPolicyTier1Api(NsxPolicyResourceBase): failover_mode=IGNORE, tier0=IGNORE, dhcp_config=IGNORE, tags=IGNORE, disable_firewall=IGNORE, + ipv6_ndra_profile_id=IGNORE, tenant=constants.POLICY_INFRA_TENANT): # Note(asarfaty): L2/L3 PATCH APIs don't support partial updates yet # TODO(asarfaty): Remove this when supported @@ -787,6 +790,7 @@ class NsxPolicyTier1Api(NsxPolicyResourceBase): dhcp_config=dhcp_config, tier0=tier0, disable_firewall=disable_firewall, + ipv6_ndra_profile_id=ipv6_ndra_profile_id, tags=tags, tenant=tenant) @@ -1030,6 +1034,7 @@ class NsxPolicyTier0Api(NsxPolicyResourceBase): default_rule_logging=IGNORE, transit_subnets=IGNORE, disable_firewall=IGNORE, + ipv6_ndra_profile_id=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT): @@ -1044,6 +1049,7 @@ class NsxPolicyTier0Api(NsxPolicyResourceBase): default_rule_logging=default_rule_logging, transit_subnets=transit_subnets, disable_firewall=disable_firewall, + ipv6_ndra_profile_id=ipv6_ndra_profile_id, tags=tags, tenant=tenant) self.policy_api.create_or_update(tier0_def) @@ -1073,6 +1079,7 @@ class NsxPolicyTier0Api(NsxPolicyResourceBase): default_rule_logging=IGNORE, transit_subnets=IGNORE, disable_firewall=IGNORE, + ipv6_ndra_profile_id=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT): @@ -1085,6 +1092,7 @@ class NsxPolicyTier0Api(NsxPolicyResourceBase): default_rule_logging=default_rule_logging, transit_subnets=transit_subnets, disable_firewall=disable_firewall, + ipv6_ndra_profile_id=ipv6_ndra_profile_id, tags=tags, tenant=tenant) @@ -3264,6 +3272,65 @@ class NsxMacDiscoveryProfileApi(NsxSegmentProfileBaseApi): return profile_id +class NsxIpv6NdraProfileApi(NsxPolicyResourceBase): + @property + def entry_def(self): + return core_defs.Ipv6NdraProfileDef + + def create_or_overwrite(self, name, + profile_id=None, + description=IGNORE, + ra_mode=IGNORE, + reachable_timer=IGNORE, + retransmit_interval=IGNORE, + tags=IGNORE, + tenant=constants.POLICY_INFRA_TENANT): + + profile_id = self._init_obj_uuid(profile_id) + profile_def = self._init_def( + profile_id=profile_id, + name=name, + description=description, + ra_mode=ra_mode, + reachable_timer=reachable_timer, + retransmit_interval=retransmit_interval, + tags=tags, + tenant=tenant) + self._create_or_store(profile_def) + return profile_id + + def delete(self, profile_id, tenant=constants.POLICY_INFRA_TENANT): + profile_def = self.entry_def(profile_id=profile_id, + tenant=tenant) + self.policy_api.delete(profile_def) + + def get(self, profile_id, tenant=constants.POLICY_INFRA_TENANT): + profile_def = self.entry_def(profile_id=profile_id, + tenant=tenant) + return self.policy_api.get(profile_def) + + def list(self, tenant=constants.POLICY_INFRA_TENANT): + profile_def = self.entry_def(tenant=tenant) + return self._list(profile_def) + + def get_by_name(self, name, tenant=constants.POLICY_INFRA_TENANT): + return super(NsxSegmentProfileBaseApi, self).get_by_name( + name, tenant=tenant) + + def update(self, profile_id, name=IGNORE, description=IGNORE, + ra_mode=IGNORE, reachable_timer=IGNORE, + retransmit_interval=IGNORE, + tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT): + self._update(profile_id=profile_id, + name=name, + description=description, + ra_mode=ra_mode, + reachable_timer=reachable_timer, + retransmit_interval=retransmit_interval, + tags=tags, + tenant=tenant) + + class NsxDhcpRelayConfigApi(NsxPolicyResourceBase): @property def entry_def(self):