NSX|V New admin utility to list existing NSX policies
The use needs to configure nsx-policies using their IDs, which are hard to find in the VC. The new admin utility will make this easier. Change-Id: I8869272ff02389193ba546833b52734cf4b71ff2
This commit is contained in:
parent
183b86b1f0
commit
5e5af50640
@ -245,6 +245,10 @@ Security Groups, Firewall and Spoofguard
|
||||
|
||||
nsxadmin -r firewall-sections -o nsx-reorder
|
||||
|
||||
- List NSX service composer policies, that can be used in security groups::
|
||||
|
||||
nsxadmin -r firewall-sections -o list-policies
|
||||
|
||||
- Update the default cluster section::
|
||||
|
||||
nsxadmin -r firewall-sections -o nsx-update
|
||||
|
@ -12,6 +12,7 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import operator
|
||||
import re
|
||||
import xml.etree.ElementTree as et
|
||||
|
||||
@ -376,6 +377,18 @@ def fix_security_groups(resource, event, trigger, **kwargs):
|
||||
plugin._add_member_to_security_group(nsx_id, vnic_id)
|
||||
|
||||
|
||||
@admin_utils.output_header
|
||||
def list_policies(resource, event, trigger, **kwargs):
|
||||
"""List nsx service composer policies"""
|
||||
context = n_context.get_admin_context()
|
||||
with utils.NsxVPluginWrapper() as plugin:
|
||||
policies = plugin.get_nsx_policies(context)
|
||||
|
||||
policies.sort(key=operator.itemgetter('id'))
|
||||
_log_info("NSX service composer policies:", policies,
|
||||
attrs=['id', 'name', 'description'])
|
||||
|
||||
|
||||
@admin_utils.output_header
|
||||
def migrate_sg_to_policy(resource, event, trigger, **kwargs):
|
||||
"""Change the mode of a security group from rules to NSX policy"""
|
||||
@ -526,6 +539,10 @@ registry.subscribe(migrate_sg_to_policy,
|
||||
constants.SECURITY_GROUPS,
|
||||
shell.Operations.MIGRATE_TO_POLICY.value)
|
||||
|
||||
registry.subscribe(list_policies,
|
||||
constants.SECURITY_GROUPS,
|
||||
shell.Operations.LIST_POLICIES.value)
|
||||
|
||||
registry.subscribe(reorder_firewall_sections,
|
||||
constants.FIREWALL_SECTIONS,
|
||||
shell.Operations.NSX_REORDER.value)
|
||||
|
@ -59,6 +59,7 @@ class Operations(enum.Enum):
|
||||
MIGRATE_TO_DYNAMIC_CRITERIA = 'migrate-to-dynamic-criteria'
|
||||
NSX_MIGRATE_V_V3 = 'nsx-migrate-v-v3'
|
||||
MIGRATE_TO_POLICY = 'migrate-to-policy'
|
||||
LIST_POLICIES = 'list-policies'
|
||||
UPDATE_LOGGING = 'update-logging'
|
||||
NSX_MIGRATE_EXCLUDE_PORTS = 'migrate-exclude-ports'
|
||||
MIGRATE_VDR_DHCP = 'migrate-vdr-dhcp'
|
||||
@ -193,6 +194,7 @@ nsxv_resources = {
|
||||
[Operations.LIST.value,
|
||||
Operations.FIX_MISMATCH.value,
|
||||
Operations.MIGRATE_TO_POLICY.value,
|
||||
Operations.LIST_POLICIES.value,
|
||||
Operations.UPDATE_LOGGING.value]),
|
||||
constants.FIREWALL_NSX_GROUPS: Resource(
|
||||
constants.FIREWALL_NSX_GROUPS, [Operations.LIST.value,
|
||||
|
Loading…
x
Reference in New Issue
Block a user