class NSXDriver::NSXVdfw
Class Logical Switch
Attributes
ATTRIBUTES
Public Class Methods
CONSTRUCTOR Creates OpenNebula section if not exists
# File lib/nsxv_dfw.rb, line 26 def initialize(nsx_client) super(nsx_client) # Construct base URLs @base_url = NSXConstants::NSXV_DFW_BASE @url_sections = @base_url + \ NSXConstants::NSXV_DFW_SECTIONS @one_section_id = init_section end
Public Instance Methods
Create new rule
# File lib/nsxv_dfw.rb, line 164 def create_rule(rule_spec, section_id = @one_section_id) # etag is needed to add a new header If-Match etag = section_etag(section_id) raise NSXError::ObjectNotFound('etag') \ unless etag aditional_headers = [{ 'If-Match' => etag }] url = @url_sections + '/' + section_id + '/rules' @nsx_client.post(url, rule_spec, aditional_headers) end
Create new section Params:
-
section_name [String] Name of the section
Return:
- Nokogiri::XML::NodeSet
# File lib/nsxv_dfw.rb, line 102 def create_section(section_name) section_spec = "<section name=\"#{section_name}\"\ stateless=\"false\" tcpStrict=\"true\" useSid=\"false\">\ </section>" section = Nokogiri::XML @nsx_client .post(@url_sections, section_spec) section_id = section.xpath('//section/@id').text result = section_by_id(section_id) raise 'Section was not created in DFW' unless result result end
Delete rule
# File lib/nsxv_dfw.rb, line 190 def delete_rule(rule_id, section_id = @one_section_id) url = @url_sections + '/' + section_id + '/rules/' + rule_id # etag is needed to add a new header If-Match etag = section_etag(section_id) raise "Cannot get etag from section: #{section_id}" unless etag aditional_headers = [{ 'If-Match' => etag }] @nsx_client.delete(url, aditional_headers) end
Delete section Params:
-
section_id: [String] ID of the section or @one_section_id
# File lib/nsxv_dfw.rb, line 120 def delete_section(section_id = @one_section_id) url = @url_sections + '/' + section_id @nsx_client.delete(url) end
Sections Get all sections Creates OpenNebula section if not exists and returns its section_id. Returns its section_id if OpenNebula section already exists
# File lib/nsxv_dfw.rb, line 40 def init_section one_section = section_by_name(NSXConstants::ONE_SECTION_NAME) one_section ||= create_section(NSXConstants::ONE_SECTION_NAME) return one_section.xpath('@id').text if one_section end
Get rule by id Return:
-
rule | nil
# File lib/nsxv_dfw.rb, line 140 def rule_by_id(rule_id, section_id = @one_section_id) url = @url_sections + '/' + section_id + '/rules/' + rule_id valid_codes = [NSXConstants::CODE_CREATED, NSXConstants::CODE_OK, NSXConstants::CODE_BAD_REQUEST, NSXConstants::CODE_NOT_FOUND] additional_headers = [] result = @nsx_client.get(url, additional_headers, valid_codes) result.xpath(NSXConstants::NSXV_DFW_RULE_XPATH) end
Rules Get all rules Params:
-
section_id: [String] ID of the section or @one_section_id
Return:
- Nokogiri::XML::NodeSet
# File lib/nsxv_dfw.rb, line 131 def rules(section_id = @one_section_id) url = @url_sections + '/' + section_id rules = @nsx_client.get(url) rules.xpath(NSXConstants::NSXV_DFW_RULE_XPATH) end
Get rules by name Return:
- Nokogiri::XML::NodeSet
# File lib/nsxv_dfw.rb, line 154 def rules_by_name(rule_name, section_id = @one_section_id) rules = Nokogiri::XML::NodeSet.new(Nokogiri::XML::Document.new) all_rules = rules(section_id) return rules unless all_rules all_rules.xpath("//rule[name=\"#{rule_name}\"]") end
Get section by id Params:
-
section_id: [String] ID of the section or @one_section_id
Return:
-
nil | [Nokogiri::XML::NodeSet] section
# File lib/nsxv_dfw.rb, line 63 def section_by_id(section_id = @one_section_id) url = @url_sections + '/' + section_id result = @nsx_client.get(url) xp = NSXConstants::NSXV_DFW_SECTION_XPATH section = result.xpath(xp) return section unless section.empty? end
Get section by name Params:
-
section_name: [String] Name of the section
Return:
-
nil | [Nokogiri::XML::NodeSet] section
# File lib/nsxv_dfw.rb, line 88 def section_by_name(section_name) url = @url_sections + '?name=' + section_name result = @nsx_client.get(url) rescue nil return if result.nil? xp = NSXConstants::NSXV_DFW_SECTION_XPATH result.xpath(xp) end
Get section etag needed to manage FW rules Params:
-
section_id: [String] ID of the section or @one_section_id
Return:
-
nil | etag [String] ID of the etag header
# File lib/nsxv_dfw.rb, line 76 def section_etag(section_id = @one_section_id) url = @url_sections + '/' + section_id response = @nsx_client.get_full_response(url) etag = response['etag'] return etag.delete('\"') if etag end
Get all sections Params:
-
None
Return:
-
nil | [Nokogiri::XML::NodeSet] sections
# File lib/nsxv_dfw.rb, line 51 def sections result = @nsx_client.get(@base_url) xp = NSXConstants::NSXV_DFW_SECTION_XPATH sections = result.xpath(xp) return sections unless sections.empty? end
Update rule
# File lib/nsxv_dfw.rb, line 176 def update_rule(rule_id, rule_spec, section_id = @one_section_id) url = @url_sections + '/' + section_id + '/rules/' + rule_id rule = rule_by_id(rule_id) raise "Rule id #{rule_id} not found" unless rule # etag is needed to add a new header If-Match etag = section_etag(section_id) raise "Cannot get etag from section: #{section_id}" unless etag aditional_headers = [{ 'If-Match' => etag }] @nsx_client.put(url, rule_spec, aditional_headers) end