-
Notifications
You must be signed in to change notification settings - Fork 0
/
plugin.yaml
683 lines (651 loc) · 23.2 KB
/
plugin.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
########
# Copyright (c) 2020 Cloudify Technologies Ltd. All rights reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# * See the License for the specific language governing permissions and
# * limitations under the License.
plugins:
nsx-t:
package_name: cloudify-nsx-t-plugin
source: https://github.com/cloudify-incubator/cloudify-nsx-t-plugin/archive/0.3.3.zip
package_version: '0.3.3'
executor: central_deployment_agent
dsl_definitions:
client_config: &client_config
client_config:
type: cloudify.types.nsx-t.ClientConfig
description: Your NSX-T Client Configuration.
required: true
id: &data_type_id
id:
description: >
ID for nsxt resource.
type: string
required: true
display_name: &data_type_name
display_name:
description: >
Display name of this resource
type: string
required: false
default: ''
description: &data_type_description
description:
description: Description of this resource
type: string
required: false
data_types:
cloudify.types.nsx-t.ClientConfig:
properties:
host:
type: string
description: Your NSX-T Manager Host IP.
required: true
port:
type: string
description: Your NSX-T Manager Port that listen on.
required: true
username:
type: string
description: Your NSX-T Manager Username.
required: true
password:
type: string
description: Your NSX-T Manager Password.
required: true
auth_type:
type: string
description: >
Authentication Type
1. basic
2. session
default: basic
required: false
insecure:
type: string
description: If true, SSL validation is skipped.
required: false
cert:
type: string
description: Your cert file path.
required: false
cloudify.types.nsx-t.SegmentDhcpConfig:
properties:
dns_servers:
type: list
required: false
default: []
description: >
IP address of DNS servers for subnet. DNS server IP address must
belong to the same address family as segment gateway_address
property.
lease_time:
type: integer
required: false
description: >
DHCP lease time for subnet
DHCP lease time in seconds. When specified, this property overwrites
lease time configured DHCP server config.
server_address:
type: string
required: false
description: >
IP address of the DHCP server in CIDR format.
The server_address is mandatory in case this segment has provided a
dhcp_config_path and it represents a DHCP server config.
If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must
be an IPv4 address. If this is a SegmentDhcpV6Config, the address must
be an IPv6 address.
This address must not overlap the ip-ranges of the subnet, or the
gateway address of the subnet, or the DHCP static-binding addresses
of this segment.
options:
type: dict
required: false
default: {}
description: >
DHCP options.
cloudify.types.nsx-t.SegmentDhcpV4Config:
derived_from: cloudify.types.nsx-t.SegmentDhcpConfig
properties:
resource_type:
type: string
required: false
default: SegmentDhcpV4Config
cloudify.types.nsx-t.SegmentDhcpV6Config:
derived_from: cloudify.types.nsx-t.SegmentDhcpConfig
properties:
resource_type:
type: string
required: false
default: SegmentDhcpV6Config
cloudify.types.nsx-t.SegmentIPConfig:
properties:
dhcp_ranges:
type: list
required: false
default: []
description: >
DHCP address ranges are used for dynamic IP allocation.
Supports address range and CIDR formats. First valid
host address from the first value is assigned to DHCP server
IP address. Existing values cannot be deleted or modified,
but additional DHCP ranges can be added.
gateway_address:
type: string
required: false
description: >
Gateway IP address in CIDR format for both IPv4 and IPv6.
cloudify.types.nsx-t.SegmentIPV4Config:
derived_from: cloudify.types.nsx-t.SegmentIPConfig
properties:
dhcp_config:
type: cloudify.types.nsx-t.SegmentDhcpV4Config
required: false
default: {}
cloudify.types.nsx-t.SegmentIPV6Config:
derived_from: cloudify.types.nsx-t.SegmentIPConfig
properties:
dhcp_config:
type: cloudify.types.nsx-t.SegmentDhcpV6Config
required: false
default: {}
cloudify.types.nsx-t.SegmentSubnet:
properties:
ip_v4_config:
type: cloudify.types.nsx-t.SegmentIPV4Config
required: false
default: {}
description: >
IP V4 Configuration.
ip_v6_config:
type: cloudify.types.nsx-t.SegmentIPV6Config
required: false
default: {}
description: >
IP V6 Configuration.
cloudify.types.nsx-t.Segment:
properties:
<<: *data_type_id
<<: *data_type_name
<<: *data_type_description
admin_state:
type: string
required: false
default: UP
description: >
Represents Desired state of the Segment
- UP
- DOWN
replication_mode:
type: string
required: false
default: MTEP
description: >
Replication mode of the Segment
If this field is not set for overlay segment, then the default of MTEP
will be used
The allowed valued are
- MTEP
- SOURCE
transport_zone_path:
type: string
required: false
description: >
Policy path to the transport zone. Supported for VLAN backed segments
as well as Overlay Segments. This field is required for VLAN backed
Segments. Auto assigned if only one transport zone exists in the
enforcement point. Default transport zone is auto assigned for
overlay segments if none specified
connectivity_path:
type: string
required: false
description: >
Policy path to the connecting Tier-0 or Tier-1. Valid only for
segments created under Infra.
dhcp_config_path:
type: string
required: false
description: >
Policy path to DHCP server or relay configuration to use for all
IPv4 & IPv6 subnets configured on this segment
l2_extension:
type: dict
required: false
description: >
Configuration for extending Segment through L2 VPN
domain_name:
type: string
required: false
description: >
DNS domain name
extra_configs:
type: list
required: false
description: >
Extra configs on Segment
This property could be used for vendor specific configuration in key value
string pairs, the setting in extra_configs will be automatically inheritted
by segment ports in the Segment.
https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/types_SegmentExtraConfig.html
metadata_proxy_paths:
type: list
required: false
description: >
Metadata Proxy Configuration Paths
Policy path to metadata proxy configuration.
Multiple distinct MD proxies can be configured.
mac_pool_id:
type: string
required: false
description: >
Allocation mac pool associated with the Segment
Mac pool id that associated with a Segment
overlay_id:
type: integer
required: false
description: >
Overlay connectivity ID for this Segment
Used for overlay connectivity of segments. The overlay_id
should be allocated from the pool as definied by enforcement-point.
If not provided, it is auto-allocated from the default pool on the
enforcement-point.
subnet:
type: cloudify.types.nsx-t.SegmentSubnet
required: false
default: {}
tags:
type: list
required: false
description: >
Opaque identifiers meaningful to the API user by having pairs of
scope and tag to associate with this policy
- scope: scop1
tag: tag1
- scope: sope2
tag: tag2
- scope: scop3
tag: tag3
address_bindings:
type: list
required: false
description: >
Address bindings for the Logical switch. Array of PacketAddressClassifier
https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/types_PacketAddressClassifier.html
Example
- ip_address: 10.0.0.6
mac_address: a4:5e:60:e5:29:65
vlan_id: 22
- ip_address: 10.0.0.6
mac_address: b3:2b:41:d5:18:74
vlan_id: 23
bridge_profiles:
type: list
required: false
description: >
Bridge Profile Configuration
Multiple distinct L2 bridge profiles can be configured.
Example
- bridge_profile_path: /profile/bridge
uplink_teaming_policy_name: policy1
vlan_ids:
- 22
- 25
- 29
vlan_transport_zone_path: /vlan/transport/zone
children:
type: list
required: false
description: >
subtree for this type within policy tree containing nested elements.
https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/method_PatchInfraSegment.html
advanced_config:
type: dict
required: false
default: {}
description: >
Advanced configuration for Segment.
the advanced config contains the following configuration
address_pool_paths:
- /path/address/pool1
- /path/address/pool2
connectivity: ON
hybrid: false
local_egress: false
local_egress_routing_policies:
- nexthop_address: 10.0.0.8
prefix_list_paths:
- /path/prefix1
- /path/prefix2
- nexthop_address: 10.0.0.12
prefix_list_paths:
- /path/prefix3
- /path/prefix4
multicast: false
uplink_teaming_policy_name: policy-name
vlan_ids:
type: list
required: false
description: >
VLAN ids for VLAN backed Segment. Can be a VLAN id or a range of VLAN ids specified with '-' in between.
- 33
- 44
- 50-200
cloudify.types.nsx-t.DhcpServerConfig:
properties:
<<: *data_type_id
<<: *data_type_name
<<: *data_type_description
edge_cluster_path:
type: string
required: false
description: >
Edge cluster path. Auto assigned if only one edge cluster is configured
on enforcement-point.
Modifying edge cluster will reallocate DHCP server to the new edge cluster.
Please note that re-allocating edge-cluster will result in losing of all exisitng
DHCP lease information.
Change edge cluster only when losing DHCP leases is not a real problem,
e.g. cross-site migration or failover and all client hosts will be reboot and
get new IP addresses.
lease_time:
type: integer
required: false
description: >
IP address lease time in seconds
server_addresses:
type: list
required: false
description: >
DHCP server address in CIDR format. Both IPv4 and IPv6 address families
are supported.
Prefix length should be less than or equal to 30 for IPv4 address
family and less than or equal to 126 for IPv6.
When not specified, IPv4 value is auto-assigned to 100.96.0.1/30.
Ignored when this object is configured at a Segment.
preferred_edge_paths:
type: list
required: false
description: >
Edge node path
Policy paths to edge nodes on which the DHCP servers run. The first edge node
is assigned as active edge, and second one as stanby edge. If only one edge node
is specified, the DHCP servers will run without HA support.
When this property is not specified, edge nodes are auto-assigned during
realization of the DHCP server.
children:
type: list
required: false
description: >
subtree for this type within policy tree containing nested elements.
tags:
type: list
required: false
description: >
Opaque identifiers meaningful to the API user
cloudift.types.nsx-t.IntersiteGatewayConfig:
properties:
fallback_sites:
type: list
required: false
default: []
description: >
Fallback site to be used as new primary site on current primary site
failure. Disaster recovery must be initiated via API/UI. Fallback site
configuration is supported only for T0 gateway. T1 gateway will follow
T0 gateway's primary site during disaster recovery.
intersite_transit_subnet:
type: string
default: 169.254.32.0/20
required: false
description: >
IPv4 subnet for inter-site transit segment connecting service routers
across sites for stretched gateway. For IPv6 link local subnet is
auto configured.
last_admin_active_epoch:
type: integer
required: false
description: >
Epoch(in seconds) is auto updated based on system current timestamp
when primary locale service is updated. It is used for resolving conflict
during site failover. If system clock not in sync then User can optionally
override this. New value must be higher than the current value
primary_site_path:
type: string
required: false
description: >
Primary egress site for gateway. T0/T1 gateway in Active/Standby mode
supports stateful services on primary site. In this mode primary site
must be set if gateway is stretched to more than one site. For T0 gateway
in Active/Active primary site is optional field. If set then secondary site
prefers routes learned from primary over locally learned routes. This field
is not applicable for T1 gateway with no services.
cloudift.types.nsx-t.GatewayQosProfileConfig:
properties:
egress_qos_profile_path:
type: string
required: false
description: >
Policy path to gateway QoS profile in egress direction.
ingress_qos_profile_path:
type: string
required: false
description: >
Policy path to gateway QoS profile in ingress direction
cloudify.types.nsx-t.Tier1:
properties:
<<: *data_type_id
<<: *data_type_name
<<: *data_type_description
tier0_path:
type: string
required: false
description: >
Specify Tier-1 connectivity to Tier-0 instance.
type:
type: string
required: false
description: >
Tier1 connectivity type for reference. Property value is not validated
with Tier1 configuration.
ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled.
ISOLATED: Tier1 is not connected to any Tier0 gateway.
NATTED: Tier1 is in ROUTED type with NAT configured locally.
dhcp_config_paths:
type: list
required: false
default: []
description: >
DHCP configuration for Segments connected to Tier-1. DHCP service is
enabled in relay mode.
disable_firewall:
type: boolean
default: false
required: false
description: >
Disable or enable gateway firewall.
enable_standby_relocation:
type: boolean
default: false
required: false
description: >
Flag to enable standby service router relocation.
Standby relocation is not enabled until edge cluster is configured
for Tier1.
failover_mode:
type: string
default: NON_PREEMPTIVE
required: false
description: >
Determines the behavior when a Tier-1 instance restarts after a
failure. If set to PREEMPTIVE, the preferred node will take over,
even if it causes another failure. If set to NON_PREEMPTIVE,
then the instance that restarted will remain secondary.
Only applicable when edge cluster is configured in Tier1
locale-service.
intersite_config:
type: cloudift.types.nsx-t.IntersiteGatewayConfig
required: false
description: >
Inter site routing configuration when the gateway is streched.
ipv6_profile_paths:
type: list
required: false
description: >
Configuration IPv6 NDRA and DAD profiles. Either or both
NDRA and/or DAD profiles can be configured.
pool_allocation:
type: string
default: ROUTING
required: false
description: >
Supports edge node allocation at different sizes for routing and
load balancer service to meet performance and scalability requirements.
ROUTING: Allocate edge node to provide routing services.
LB_SMALL, LB_MEDIUM, LB_LARGE, LB_XLARGE: Specify size of load balancer
service that will be configured on TIER1 gateway.
qos_profile:
type: cloudift.types.nsx-t.GatewayQosProfileConfig
required: false
description: >
QoS Profile configuration for Tier1 router link connected to Tier0 gateway.
route_advertisement_rules:
type: list
required: false
default: []
description: >
Route advertisement rules and filtering
route_advertisement_types:
type: list
required: false
default: []
description: >
Enable different types of route advertisements.
When not specified, routes to IPSec VPN local-endpoint subnets
(TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.
children:
type: list
required: false
description: >
subtree for this type within policy tree containing nested elements.
tags:
type: list
required: false
description: >
Opaque identifiers meaningful to the API user
cloudify.types.nsx-t.inventory.VirtualMachine:
properties:
vm_id:
description: >
External VM ID.
type: string
required: false
vm_name:
description: >
The Name of VM.
type: string
required: false
network_id:
description: >
The network id to get ips from.
type: string
required: true
node_types:
cloudify.nodes.nsx-t.Segment:
derived_from: cloudify.nodes.Network
properties:
<<: *client_config
resource_config:
type: cloudify.types.nsx-t.Segment
required: true
description: A dictionary in order to create segment resource
interfaces:
cloudify.interfaces.lifecycle:
create:
implementation: nsx-t.nsx_t_plugin.segment.segment.create
start:
implementation: nsx-t.nsx_t_plugin.segment.segment.start
stop:
implementation: nsx-t.nsx_t_plugin.segment.segment.stop
delete:
implementation: nsx-t.nsx_t_plugin.segment.segment.delete
cloudify.nodes.nsx-t.DhcpServerConfig:
derived_from: cloudify.nodes.Root
properties:
<<: *client_config
tier1_gateway_id:
type: string
required: false
description: The ID of the Tier 1 Gateway to connect DHCP to
resource_config:
type: cloudify.types.nsx-t.DhcpServerConfig
required: true
description: A dictionary in order to create logical dhcp server config resource
interfaces:
cloudify.interfaces.lifecycle:
create:
implementation: nsx-t.nsx_t_plugin.dhcp_server.dhcp_server_config.create
configure:
implementation: nsx-t.nsx_t_plugin.dhcp_server.dhcp_server_config.configure
stop:
implementation: nsx-t.nsx_t_plugin.dhcp_server.dhcp_server_config.stop
delete:
implementation: nsx-t.nsx_t_plugin.dhcp_server.dhcp_server_config.delete
cloudify.nodes.nsx-t.Tier1:
derived_from: cloudify.nodes.Router
properties:
<<: *client_config
resource_config:
type: cloudify.types.nsx-t.Tier1
required: true
description: A dictionary in order to create Tier1 resource
interfaces:
cloudify.interfaces.lifecycle:
create:
implementation: nsx-t.nsx_t_plugin.tier1.tier1.create
start:
implementation: nsx-t.nsx_t_plugin.tier1.tier1.start
delete:
implementation: nsx-t.nsx_t_plugin.tier1.tier1.delete
cloudify.nodes.nsx-t.inventory.VirtualMachine:
derived_from: cloudify.nodes.Root
properties:
<<: *client_config
resource_config:
type: cloudify.types.nsx-t.inventory.VirtualMachine
required: false
description: A dictionary in order to fetch nsx-t networks attached to specific VM
interfaces:
cloudify.interfaces.lifecycle:
create:
implementation: nsx-t.nsx_t_plugin.virtual_machine.virtual_machine.create
configure:
implementation: nsx-t.nsx_t_plugin.virtual_machine.virtual_machine.configure
relationships:
cloudify.relationships.nsx-t.segment_connected_to_dhcp_server_config:
derived_from: cloudify.relationships.connected_to
cloudify.relationships.nsx-t.inventory_connected_to_server:
derived_from: cloudify.relationships.connected_to
cloudify.relationships.server_connected_to_segment:
derived_from: cloudify.relationships.connected_to
target_interfaces:
cloudify.interfaces.relationship_lifecycle:
preconfigure:
implementation: nsx-t.nsx_t_plugin.segment.segment.add_static_bindings
inputs:
network_unique_id:
default: { get_attribute: [ TARGET, unique_id ] }
ip_v4_address:
default: ''
ip_v6_address:
default: ''
unlink:
implementation: nsx-t.nsx_t_plugin.segment.segment.remove_static_bindings