This patch allow for enabling or disabling multicast on a Tier-1 GW
router. This is simply done by setting a boolean flag in the router's
multicast configuration, which is however a sub-attribute of the
Tier-1 GW object accessed via its own API endpoint.
For the above reason, this patch introduces a definition object for
the Tier-1 Multicast settings.
Change-Id: I8308442ecd9b4d14f4ceb0ea55c4dcd4ee240e17
1. For MP, add logging parameter in snat rule creating api
2. For Policy, change parameter name from log to logging for tier0
and tier1 snat rule object.
Change-Id: I4f03fa6a35f138a7112782d58a1cc5a4b1648d61
In case of none default enforcement point value, the Segment
create might fail, because it is hard coded to use default ep
for querying transport zone, if specified. This change add
support for creating segment with transport zone in none default
enforcement point
Change-Id: Id122f9591c2bded5edc43fad514e6e1e9e6a9fa3
- Expose Building DHCP Config V4 and V6 in NsxPolicyTier1SegmentApi
- Update update_advertisement_rules to allow batch removal of existings
rules via prefix matching even if no new rules are to be added
Change-Id: I215630fb2af41d71431774d88129c08c4aeac904
There is a short gap between NSX-T provider updating the realization
entity with Error state, and attaching with actual alarms. This would
result in nsxlib returning 'Unknown' RealizationErrorStateError
exception, while the real error is something else.
Upon getting a None error code, the get_info funtion should be retried
as well.
Change-Id: Ica3051b4858991738992022df1dd62b47dd9178d
This property is used to specify LS ID when creating segment, this
property is only used in NSX Highline backup/restore case currently.
Change-Id: I5033579623cde5dcf857ffdfd1f2d18390e9ff81
Use the policy 'rules' attribute instead of adding child rules.
This is expected to have better performance on the NSX side.
This patch re-itroduce the fix from: I213616a8b47f11adb1a897568746885f3e77078c
but this time with a flag to not break stuff
Change-Id: Ib6361575642fa96a93dd49107ece1f120a6e61b2
Manager uses elastic-search scoring and display_name as default
primary and secondary sort order respectively. In a Manager cluster,
each Manager has its own elastic-search instance, Thus the relevance
of scoring might differ due to different parameters, so pagination
result may differ too.
When NCP does a multi-page search, like retrieving all existing
logical ports in a scale setup, Manager VIP could be served by
different Managers during the search. Due to the above reason,
some entries could be missing or duplicated in the query result.
This patch appends "sort_by=id" in search url, therefore all
Managers could return the same pagination results.
Change-Id: Id26cf0cbcdaebb965890d5ee7934c11da056b128
Set initial state when a new logical port is created. 'UNBLOCKED_VLAN'
means new port will be unblocked on traffic in creation, also VLAN will
be set with corresponding logical switch setting. This port setting
can only be configured at port creation, and cannot be modified.
VIF_RESTORE indicates proton to fetch and restore VIF attachment from
ESX host
Change-Id: I84c62ec15934fa2cb0f1f8dc8788ea12f43a403d
We will reuse the deprecated ls_id attribute to specify LogicalSwitch ID
when creating segment. The ls_id field will remain deprecated for the
general purpose.
Change-Id: Ie4d1186ac455b752efde9e2aff2e92ddfa24b570
Now that we are python3 only, we should move to using the built
in version of mock that supports all of our testing needs and
remove the dependency on the "mock" package.
Also see commit: Ifcaf1c21bea0ec3c35278e49cecc90a101a82113
Change-Id: I11dc8a80471be347f89a30f59c1cc14cdb879726
1. Support tags in detach
2. Support setting vif_id in detach (reset other attachment
attributes)
3. Use update instead of create for attach, to keep original
port attributes
Change-Id: I7093fbf70a76a7560c9174b209259f167b21f74f
NSX will reject expression list of a group if defined like follows:
---
"expression":
[{"expressions": [
{"member_type": "LogicalPort", "operator": "EQUALS", "value": "tag1|x"},
{"conjunction_operator": "AND", "resource_type": "ConjunctionOperator"},
{member_type": "LogicalPort", "operator": "EQUALS", "value": "tag2|y"}
], "resource_type": "NestedExpression"},
{"conjunction_operator": "OR", "resource_type": "ConjunctionOperator"},
{"expressions": [
{"member_type": "LogicalPort", "operator": "EQUALS", "value": "tag1|x"},
{"conjunction_operator": "AND", "resource_type": "ConjunctionOperator"},
{member_type": "LogicalPort", "operator": "EQUALS", "value": "tag2|y"}
], "resource_type": "NestedExpression"},
"resource_type": "NestedExpression"}
]
---
Because the two NestedExpressions are identical. If patch a group with the
spec above, 'Duplicate expressions specified' error will be returned. This
patch ensures that before a union condition is built, all conditions are
first dedupped.
Change-Id: I0d2d93f6ade992582ad931b3622354e5b9398a1d
Signed-off-by: Yang Ding <dingyang@vmware.com>
Currently nsxlib will generate bad request if ip_pool_id=None
BEFORE: {'address_pool_paths': ['/infra/ip-pools/']}
AFTER: {'address_pool_paths': []}
Change-Id: I10d653abfdb26f919f9a356c2a1e83752b659619
When updating group with empty conditions list, "expression" list
should be explicitly setting to empty list instead of ignored,
so that group gets updated properly with empty expressions.
Change-Id: I779dca3587721f7d9b0da83385a243e3a1132f7c
1. Enabling transaction calls in SecurityPolicies and their related rules
requires the support in create_with_entires and update_with_entries call.
This patch changed these method calls and supports adding list of resource
defs to the transaction.
2. Special logic is added to the update_with_entries since partial patch in
hierarych call for DFW rules only supports updating and adding. However, we expect
the update to be full replacement. Thus add logic to mark the marked_as_delete field
in the unwanted entries as true.
Change-Id: I59ef2e27f6a2f23a44edcd37da88bdc70fda944d
In Policy API, RealizationErrorStateError is raised if an intent
entity gets into ERROR state during wait. Currently only error message
is included in the exception. This patch adds both error_code and
related_error_codes in the exception to make it more informative.
Change-Id: I45b7c50a50b1a69e37b79f684b324bb17496a9df
Manager API: add update_payload_cbk argument in update method in
NsxLibIPSet class
Policy API: add update_payload_cbk argument in update_with_conditions
method in NsxPolicyGroupApi class
Change-Id: I89ae7eb564b09fe15934efa48ab10b69e68de70a
Enhao Cui
asarfaty
Salvatore Orlando
sean
Erica Liu
Shawn Wang
Ran Gu
Shih-Hao Li
Danting Liu
Yang Ding
Jinhao Tang