From ab0f90795c8909c1e0066a8e93546a19c314d9bb Mon Sep 17 00:00:00 2001 From: mabuaisha Date: Sun, 23 Aug 2020 16:29:44 +0300 Subject: [PATCH] CZ-96 Add support for tier1 node type (#5) * CZ-96 Add support for tier1 node type * CZ-96 Update tier1 node * CZ-96 Update plugin yaml file * CZ-96 Update handling state for tier1 resource * CZ-96 Update handling state for tier1 resource * CZ-96 Add extra state for check if tier1 resource is ready or not * CZ-96 Update state handling for tier1 * CZ-96 Update readme file --- README.md | 59 ++++++++++- examples/blueprint.yaml | 15 ++- examples/inputs.yaml | 26 +++-- nsx_t_plugin/constants.py | 37 +++++++ nsx_t_plugin/segment/segment.py | 67 +++---------- nsx_t_plugin/tier1/__init__.py | 0 nsx_t_plugin/tier1/tier1.py | 53 ++++++++++ nsx_t_plugin/utils.py | 107 ++++++++++++++++++-- nsx_t_sdk/common.py | 5 +- nsx_t_sdk/resources.py | 29 ++++-- plugin.yaml | 171 +++++++++++++++++++++++++++++++- 11 files changed, 478 insertions(+), 91 deletions(-) create mode 100644 nsx_t_plugin/constants.py create mode 100644 nsx_t_plugin/tier1/__init__.py create mode 100644 nsx_t_plugin/tier1/tier1.py diff --git a/README.md b/README.md index 93e3f06..245b88e 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,10 @@ The plugin provides the following features for interacting with NSX-T API: 2. DHCP Server Config: - Create DHCP Server Config - Delete DHCP Server Config + +3. Tier1 Gateway: + - Create Tier1 Gateway + - Delete Tier1 Gateway ## Authentication with NSX-T @@ -65,6 +69,7 @@ This node type refers to a DHCP Server Config. * `id`: _String_. _Required_. This is the ID of the DHCP Server Config * `display_name`: _String_. _Not required_. The name of DHCP Server Config. if not provided, it will take the same ID value. + * `description`: _String_. _Not required_. The resource description. * `edge_cluster_path`: _String_. Edge cluster path * `lease_time`: _Integer_. IP address lease time in seconds. * `server_addresses`: _List_: DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. @@ -100,6 +105,7 @@ This node type refers to a Segment. * `id`: _String_. _Required_. This is the ID of the Segment * `display_name`: _String_. _Not required_. The name of Segment. if not provided, it will take the same ID value. + * `description`: _String_. _Not required_. The Segment description. * `subnet`: _Dict_: Segment Subnet Configuration. The following keys are part of `subnet`: - `ip_v4_config`: _Dict_: IP V4 Configuration. - `dhcp_config`: _Dict_: The DHCP Configuration @@ -186,6 +192,55 @@ This node type refers to a Segment. target: dhcb_server_config ``` +### **cloudify.nodes.nsx-t.Tier1** + +This node type refers to a Tier1 Gateway. + +**Resource Config** + + * `id`: _String_. _Required_. This is the ID of the Tier1 Gateway + * `display_name`: _String_. _Not required_. The name of Tier1 Gateway. if not provided, it will take the same ID value. + * `tier0_path`: _String_. _Not required_. Specify Tier-1 connectivity to Tier-0 instance. + * `type`: _String_. Tier1 connectivity type for reference. + * `dhcp_config_paths`: _List_. DHCP configuration for Segments connected to Tier-1 + * `disable_firewall`: _Boolean_: Disable or enable gateway firewall. Default False + * `enable_standby_relocation`: _Boolean_: Flag to enable standby service router relocation. + * `failover_mode`: _String_: Determines the behavior when a Tier-1 instance restarts after a failure. Default NON_PREEMPTIVE + * `intersite_config`: _Dict_: Inter site routing configuration when the gateway is streched. + * `fallback_sites`: _List_: Fallback site to be used as new primary site on current primary site failure. + * `intersite_transit_subnet`: _String_: IPv4 subnet for inter-site transit segment connecting service routers across sites for stretched gateway. Default `169.254.32.0/20` + * `last_admin_active_epoch`: _Integer_: Epoch(in seconds) is auto updated based on system current timestamp when primary locale service is updated + * `primary_site_path`: _String_: Primary egress site for gateway. + * `ipv6_profile_paths`: _List_: Configuration IPv6 NDRA and DAD profiles . Either or both NDRA and/or DAD profiles can be configured. + * `pool_allocation`: _String_: Supports edge node allocation at different sizes for routing and load balancer service to meet performance and scalability requirements. Default ROUTING + * `qos_profile`: _Dict_: QoS Profile configuration for Tier1 router link connected to Tier0 gateway. + * `egress_qos_profile_path`: _String_: Policy path to gateway QoS profile in egress direction. + * `ingress_qos_profile_path`: _String_: Policy path to gateway QoS profile in ingress direction. + * `route_advertisement_rules`: _List_: Route advertisement rules and filtering. + * `route_advertisement_types`: _List_: Enable different types of route advertisements. + * `children`: _List_: subtree for this type within policy tree containing nested elements. + * `tags`: _List_: Opaque identifiers meaningful to the API user + + +### Tier1 Example + +```yaml + tier1: + type: cloudify.nodes.nsx-t.Tier1 + properties: + client_config: + host: { get_input: host } + port: { get_input: port } + username: { get_input: username } + password: { get_input: password } + resource_config: + id: test_tier1 + display_name: Test Tier1 Router + description: Test Tier1 Router + tier0_path:{ get_input: tier0_path } +``` + Note: The configuration for the above resources are based on the NSX-T API documentation: - 1. https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/method_CreateOrReplaceInfraSegment.html - 2. https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/method_CreateOrReplaceDhcpServerConfig.html + 1. https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/policy_networking_connectivity_segment.html + 2. https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/policy_networking_ip_management_dhcp_dhcp_server_configs.html + 3. https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/policy_networking_connectivity_tier-1_gateways_tier-1_gateways.html diff --git a/examples/blueprint.yaml b/examples/blueprint.yaml index 0937e6e..0c40006 100644 --- a/examples/blueprint.yaml +++ b/examples/blueprint.yaml @@ -20,8 +20,8 @@ inputs: password: type: string - tier1_gateway_id: - type: string + tier1_config: + type: dict dhcp_server_config: type: dict @@ -68,12 +68,21 @@ dsl_definitions: allow_insecure: true node_templates: + tier1: + type: cloudify.nodes.nsx-t.Tier1 + properties: + client_config: *client_config + resource_config: { get_input: tier1_config } + dhcb_server_config: type: cloudify.nodes.nsx-t.DhcpServerConfig properties: client_config: *client_config - tier1_gateway_id: { get_input: tier1_gateway_id } + tier1_gateway_id: { get_attribute: [ tier1, id ] } resource_config: { get_input: dhcp_server_config } + relationships: + - type: cloudify.relationships.depends_on + target: tier1 segment: type: cloudify.nodes.nsx-t.Segment diff --git a/examples/inputs.yaml b/examples/inputs.yaml index b2bec2a..d3d8902 100644 --- a/examples/inputs.yaml +++ b/examples/inputs.yaml @@ -4,24 +4,28 @@ port: -YOUR_PORT- username: -YOUR_USERNAME- password: -YOUR_PASSWORD- -tier1_gateway_id: test-tier1 +tier1_config: + id: mo_tier1 + display_name: MO Tier1 Router + description: MO Tier1 Router + tier0_path: /infra/tier-0s/tier0 dhcp_server_config: - id: test_dhcp_server - display_name: Test DHCP Server - description: Test DHCP Server Config - edge_cluster_path: /infra/sites/default/enforcement-points/default/edge-clusters/b004f47e-f18d-42b3-a226-ed33e534ebe0 + id: mo_dhcp_server + display_name: MO DHCP Server + description: MO DHCP Server Config + edge_cluster_path: /infra/sites/default/enforcement-points/default/edge-clusters/272cfe43-ebcc-49bb-8471-62a261ed8931 tags: - scope: Name - tag: Test DHCP + tag: MO DHCP segment_config: - id: test_segment - display_name: Test Segment - description: Test Segment Config + id: mo_segment + display_name: MO Segment + description: MO Segment Config transport_zone_path: /infra/sites/default/enforcement-points/default/transport-zones/1b3a2f36-bfd1-443e-a0f6-4de01abc963e - connectivity_path: /infra/tier-1s/test-tier1 - dhcp_config_path: /infra/dhcp-server-configs/test_dhcp_server + connectivity_path: { get_attribute: [ tier1, path ] } + dhcp_config_path: { get_attribute: [ dhcb_server_config, path ] } subnet: ip_v4_config: dhcp_config: diff --git a/nsx_t_plugin/constants.py b/nsx_t_plugin/constants.py new file mode 100644 index 0000000..a15d144 --- /dev/null +++ b/nsx_t_plugin/constants.py @@ -0,0 +1,37 @@ +######## +# Copyright (c) 2020 Cloudify Technologies Ltd. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. + +# STATE VALUES +STATE_PENDING = 'pending' +STATE_IN_PROGRESS = 'in_progress' +STATE_IN_SYNC = 'in_sync' +STATE_SUCCESS = 'success' + +# SEGMENTS +TASK_DELETE = 'delete_task' + +# OPERATIONS +DELETE_OPERATION = 'cloudify.interfaces.lifecycle.delete' +CREATE_OPERATION = 'cloudify.interfaces.lifecycle.create' + +# RUNTIME PROPERTIES +BASIC_RUNTIME_PROPERTIES = ( + 'id', + 'resource_type' +) +NSXT_ID_PROPERTY = 'id' +NSXT_NAME_PROPERTY = 'name' +NSXT_TYPE_PROPERTY = 'type' +NSXT_RESOURCE_CONFIG_PROPERTY = 'resource_config' diff --git a/nsx_t_plugin/segment/segment.py b/nsx_t_plugin/segment/segment.py index d3c0897..4d98ad3 100644 --- a/nsx_t_plugin/segment/segment.py +++ b/nsx_t_plugin/segment/segment.py @@ -14,20 +14,22 @@ # * limitations under the License. from cloudify import ctx -from cloudify.exceptions import OperationRetry, NonRecoverableError from nsx_t_plugin.decorators import with_nsx_t_client +from nsx_t_plugin.constants import ( + STATE_IN_PROGRESS, + STATE_SUCCESS, + STATE_PENDING, +) +from nsx_t_plugin.utils import ( + validate_if_resource_started, + validate_if_resource_deleted +) from nsx_t_sdk.resources import ( Segment, SegmentState, SegmentPort ) -from nsx_t_sdk.exceptions import NSXTSDKException - -SEGMENT_TASK_DELETE = 'segment_delete_task' -SEGMENT_STATE_PENDING = 'pending' -SEGMENT_STATE_IN_PROGRESS = 'in_progress' -SEGMENT_STATE_SUCCESS = 'success' def _update_subnet_configuration(resource_config): @@ -52,19 +54,12 @@ def create(nsx_t_resource): @with_nsx_t_client(SegmentState) def start(nsx_t_resource): - segment_state = nsx_t_resource.get() - state = segment_state.state - if state in [SEGMENT_STATE_PENDING, SEGMENT_STATE_IN_PROGRESS]: - raise OperationRetry( - 'Segment state ' - 'is still in {0} state'.format(state) - ) - elif state == SEGMENT_STATE_SUCCESS: - ctx.logger.info('Segment started successfully') - else: - raise NonRecoverableError( - 'Segment failed to started {0}'.format(state) - ) + validate_if_resource_started( + 'Segment', + nsx_t_resource, + [STATE_PENDING, STATE_IN_PROGRESS], + [STATE_SUCCESS] + ) @with_nsx_t_client(Segment) @@ -89,34 +84,4 @@ def stop(nsx_t_resource): @with_nsx_t_client(Segment) def delete(nsx_t_resource): - try: - nsx_t_resource.get() - except NSXTSDKException: - ctx.logger.info('Segment {0} is deleted successfully' - .format(nsx_t_resource.resource_id)) - return - - if SEGMENT_TASK_DELETE not in ctx.instance.runtime_properties: - try: - nsx_t_resource.delete() - except NSXTSDKException: - ctx.logger.info( - 'Segment {0} cannot be deleted now, try again' - ''.format(nsx_t_resource.resource_id) - ) - raise OperationRetry( - message='Segment {0} deletion is in progress.' - ''.format(nsx_t_resource.resource_id) - ) - else: - ctx.instance.runtime_properties[SEGMENT_TASK_DELETE] = True - else: - ctx.logger.info( - 'Waiting for segment "{0}" to be deleted'.format( - nsx_t_resource.resource_id, - ) - ) - raise OperationRetry( - message='Segment {0} deletion is in progress.' - ''.format(nsx_t_resource.resource_id) - ) + validate_if_resource_deleted(nsx_t_resource) diff --git a/nsx_t_plugin/tier1/__init__.py b/nsx_t_plugin/tier1/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/nsx_t_plugin/tier1/tier1.py b/nsx_t_plugin/tier1/tier1.py new file mode 100644 index 0000000..c8155e1 --- /dev/null +++ b/nsx_t_plugin/tier1/tier1.py @@ -0,0 +1,53 @@ +######## +# Copyright (c) 2020 Cloudify Technologies Ltd. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +from cloudify import ctx + +from nsx_t_plugin.decorators import with_nsx_t_client +from nsx_t_plugin.constants import ( + STATE_IN_PROGRESS, + STATE_SUCCESS, + STATE_PENDING, + STATE_IN_SYNC +) +from nsx_t_plugin.utils import ( + validate_if_resource_started, + validate_if_resource_deleted, +) +from nsx_t_sdk.resources import Tier1, Tier1state + + +@with_nsx_t_client(Tier1) +def create(nsx_t_resource): + # Trigger the actual call to the NSXT Manager API + resource = nsx_t_resource.create() + # Update the resource_id with the new "id" returned from API + nsx_t_resource.resource_id = resource.id + # Save path as runtime property to use it later on + ctx.instance.runtime_properties['path'] = resource.path + + +@with_nsx_t_client(Tier1state) +def start(nsx_t_resource): + validate_if_resource_started( + 'Tier1', + nsx_t_resource, + [STATE_IN_PROGRESS, STATE_PENDING], + [STATE_SUCCESS, STATE_IN_SYNC] + ) + + +@with_nsx_t_client(Tier1) +def delete(nsx_t_resource): + validate_if_resource_deleted(nsx_t_resource) diff --git a/nsx_t_plugin/utils.py b/nsx_t_plugin/utils.py index 3a0c5d4..f24944d 100644 --- a/nsx_t_plugin/utils.py +++ b/nsx_t_plugin/utils.py @@ -13,20 +13,21 @@ # * See the License for the specific language governing permissions and # * limitations under the License. -from cloudify.exceptions import NonRecoverableError +from cloudify import ctx +from cloudify.exceptions import NonRecoverableError, OperationRetry from cloudify.constants import NODE_INSTANCE, RELATIONSHIP_INSTANCE -DELETE_OPERATION = 'cloudify.interfaces.lifecycle.delete' -CREATE_OPERATION = 'cloudify.interfaces.lifecycle.create' - -BASIC_RUNTIME_PROPERTIES = ( - 'id', - 'resource_type' +from nsx_t_sdk.exceptions import NSXTSDKException +from nsx_t_sdk._compat import text_type +from nsx_t_plugin.constants import TASK_DELETE +from nsx_t_plugin.constants import ( + DELETE_OPERATION, + CREATE_OPERATION, + NSXT_ID_PROPERTY, + NSXT_NAME_PROPERTY, + NSXT_TYPE_PROPERTY, + NSXT_RESOURCE_CONFIG_PROPERTY ) -NSXT_ID_PROPERTY = 'id' -NSXT_NAME_PROPERTY = 'name' -NSXT_TYPE_PROPERTY = 'type' -NSXT_RESOURCE_CONFIG_PROPERTY = 'resource_config' def get_relationship_subject_context(_ctx): @@ -156,3 +157,87 @@ def update_runtime_properties_for_instance(nsx_t_resource, _ctx, operation): set_basic_runtime_properties_for_instance(nsx_t_resource, _ctx) elif operation == DELETE_OPERATION: delete_runtime_properties_from_instance(_ctx) + + +def validate_if_resource_started( + resource_name, + nsx_t_state, + pending_states, + ready_states +): + """ + This method will validate if the nsx_t_resource is ready to use and started + :param resource_name: The name of the resource we need to get state for + :param nsx_t_state: Instance derived from "NSXTResource" class + :param pending_states: List of pending state to wait for + :param ready_states: List of ready states to say that resource is ready + """ + resource_state = nsx_t_state.get() + state = getattr(resource_state, nsx_t_state.state_attr, 'state') + if not isinstance(state, text_type): + state = state.state + if state in pending_states: + raise OperationRetry( + '{0} state ' + 'is still in {1}'.format(resource_name, state) + ) + elif state in ready_states: + ctx.logger.info('{0} started successfully' + ''.format(resource_name)) + else: + raise NonRecoverableError( + '{0} failed to start {1}'.format( + resource_name, + state + ) + ) + + +def validate_if_resource_deleted(nsx_t_resource): + """ + This method will validate if the NSXT resource get deleted or not + :param nsx_t_resource: Instance derived from "NSXTResource" class + """ + try: + nsx_t_resource.get() + except NSXTSDKException: + ctx.logger.info( + '{0} {1} is deleted successfully'.format( + nsx_t_resource.resource_type, + nsx_t_resource.resource_id + ) + ) + return + + if TASK_DELETE not in ctx.instance.runtime_properties: + try: + nsx_t_resource.delete() + except NSXTSDKException: + ctx.logger.info( + '{0} {1} cannot be deleted now, try again' + ''.format( + nsx_t_resource.resource_type, + nsx_t_resource.resource_id + ) + ) + raise OperationRetry( + message='{0} {1} deletion is in progress.'.format( + nsx_t_resource.resource_type, + nsx_t_resource.resource_id + ) + ) + else: + ctx.instance.runtime_properties[TASK_DELETE] = True + else: + ctx.logger.info( + 'Waiting for {0} "{1}" to be deleted'.format( + nsx_t_resource.resource_type, + nsx_t_resource.resource_id, + ) + ) + raise OperationRetry( + message='{0} {1} deletion is in progress.' + ''.format(nsx_t_resource.resource_type, + nsx_t_resource.resource_id + ) + ) diff --git a/nsx_t_sdk/common.py b/nsx_t_sdk/common.py index 87da05f..4ff224d 100644 --- a/nsx_t_sdk/common.py +++ b/nsx_t_sdk/common.py @@ -24,7 +24,7 @@ from com.vmware import nsx_policy_client from com.vmware import nsx_client from com.vmware.nsx_policy import infra_client -from com.vmware.nsx_policy.infra import segments_client +from com.vmware.nsx_policy.infra import segments_client, tier_1s_client from nsx_t_sdk import exceptions from nsx_t_sdk._compat import text_type @@ -67,7 +67,8 @@ def _get_nsx_client_map(): 'nsx': nsx_client, 'nsx_policy': nsx_policy_client, 'nsx_infra': infra_client, - 'segment': segments_client + 'segment': segments_client, + 'tier_1': tier_1s_client } def _get_stub_factory_for_nsx_client(self, stub_config): diff --git a/nsx_t_sdk/resources.py b/nsx_t_sdk/resources.py index a1ff683..ffcb2ce 100644 --- a/nsx_t_sdk/resources.py +++ b/nsx_t_sdk/resources.py @@ -16,6 +16,17 @@ from nsx_t_sdk.common import NSXTResource +class State(NSXTResource): + service_name = 'State' + state_attr = 'state' + allow_create = False + allow_delete = False + allow_get = True + allow_list = False + allow_update = False + allow_patch = False + + class Segment(NSXTResource): client_type = 'nsx_infra' resource_type = 'Segment' @@ -35,17 +46,9 @@ class SegmentPort(NSXTResource): allow_patch = False -class SegmentState(NSXTResource): +class SegmentState(State): client_type = 'segment' - resource_type = 'State' - service_name = 'State' - - allow_create = False - allow_delete = False - allow_get = True - allow_list = False - allow_update = False - allow_patch = False + resource_type = 'SegmentState' class DhcpServerConfig(NSXTResource): @@ -58,3 +61,9 @@ class Tier1(NSXTResource): client_type = 'nsx_infra' resource_type = 'Tier1' service_name = 'Tier1s' + + +class Tier1state(State): + client_type = 'tier_1' + resource_type = 'Tier1State' + state_attr = 'tier1_state' diff --git a/plugin.yaml b/plugin.yaml index 18f4627..3f73a18 100644 --- a/plugin.yaml +++ b/plugin.yaml @@ -402,13 +402,164 @@ data_types: required: false description: > subtree for this type within policy tree containing nested elements. - https://vdc-download.vmware.com/vmwb-repository/dcr-public/9e1c6bcc-85db-46b6-bc38-d6d2431e7c17/30af91b5-3a91-4d5d-8ed5-a7d806764a16/api_includes/method_PatchInfraSegment.html tags: type: list required: false description: > Opaque identifiers meaningful to the API user + cloudift.types.nsx-t.IntersiteGatewayConfig: + properties: + fallback_sites: + type: list + required: false + default: [] + description: > + Fallback site to be used as new primary site on current primary site + failure. Disaster recovery must be initiated via API/UI. Fallback site + configuration is supported only for T0 gateway. T1 gateway will follow + T0 gateway's primary site during disaster recovery. + intersite_transit_subnet: + type: string + default: 169.254.32.0/20 + required: false + description: > + IPv4 subnet for inter-site transit segment connecting service routers + across sites for stretched gateway. For IPv6 link local subnet is + auto configured. + last_admin_active_epoch: + type: integer + required: false + description: > + Epoch(in seconds) is auto updated based on system current timestamp + when primary locale service is updated. It is used for resolving conflict + during site failover. If system clock not in sync then User can optionally + override this. New value must be higher than the current value + primary_site_path: + type: string + required: false + description: > + Primary egress site for gateway. T0/T1 gateway in Active/Standby mode + supports stateful services on primary site. In this mode primary site + must be set if gateway is stretched to more than one site. For T0 gateway + in Active/Active primary site is optional field. If set then secondary site + prefers routes learned from primary over locally learned routes. This field + is not applicable for T1 gateway with no services. + cloudift.types.nsx-t.GatewayQosProfileConfig: + properties: + egress_qos_profile_path: + type: string + required: false + description: > + Policy path to gateway QoS profile in egress direction. + ingress_qos_profile_path: + type: string + required: false + description: > + Policy path to gateway QoS profile in ingress direction + cloudify.types.nsx-t.Tier1: + properties: + <<: *data_type_id + <<: *data_type_name + <<: *data_type_description + tier0_path: + type: string + required: false + description: > + Specify Tier-1 connectivity to Tier-0 instance. + type: + type: string + required: false + description: > + Tier1 connectivity type for reference. Property value is not validated + with Tier1 configuration. + ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled. + ISOLATED: Tier1 is not connected to any Tier0 gateway. + NATTED: Tier1 is in ROUTED type with NAT configured locally. + dhcp_config_paths: + type: list + required: false + default: [] + description: > + DHCP configuration for Segments connected to Tier-1. DHCP service is + enabled in relay mode. + disable_firewall: + type: boolean + default: false + required: false + description: > + Disable or enable gateway firewall. + enable_standby_relocation: + type: boolean + default: false + required: false + description: > + Flag to enable standby service router relocation. + Standby relocation is not enabled until edge cluster is configured + for Tier1. + failover_mode: + type: string + default: NON_PREEMPTIVE + required: false + description: > + Determines the behavior when a Tier-1 instance restarts after a + failure. If set to PREEMPTIVE, the preferred node will take over, + even if it causes another failure. If set to NON_PREEMPTIVE, + then the instance that restarted will remain secondary. + Only applicable when edge cluster is configured in Tier1 + locale-service. + intersite_config: + type: cloudift.types.nsx-t.IntersiteGatewayConfig + required: false + description: > + Inter site routing configuration when the gateway is streched. + ipv6_profile_paths: + type: list + required: false + description: > + Configuration IPv6 NDRA and DAD profiles. Either or both + NDRA and/or DAD profiles can be configured. + pool_allocation: + type: string + default: ROUTING + required: false + description: > + Supports edge node allocation at different sizes for routing and + load balancer service to meet performance and scalability requirements. + ROUTING: Allocate edge node to provide routing services. + LB_SMALL, LB_MEDIUM, LB_LARGE, LB_XLARGE: Specify size of load balancer + service that will be configured on TIER1 gateway. + qos_profile: + type: cloudift.types.nsx-t.GatewayQosProfileConfig + required: false + description: > + QoS Profile configuration for Tier1 router link connected to Tier0 gateway. + route_advertisement_rules: + type: list + required: false + default: [] + description: > + Route advertisement rules and filtering + route_advertisement_types: + type: list + required: false + default: [] + description: > + Enable different types of route advertisements. + When not specified, routes to IPSec VPN local-endpoint subnets + (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised. + children: + type: list + required: false + description: > + subtree for this type within policy tree containing nested elements. + tags: + type: list + required: false + description: > + Opaque identifiers meaningful to the API user + + node_types: cloudify.nodes.nsx-t.Segment: derived_from: cloudify.nodes.Network @@ -452,6 +603,24 @@ node_types: delete: implementation: nsx-t.nsx_t_plugin.dhcp_server.dhcp_server_config.delete + cloudify.nodes.nsx-t.Tier1: + derived_from: cloudify.nodes.Router + properties: + <<: *client_config + resource_config: + type: cloudify.types.nsx-t.Tier1 + required: true + description: A dictionary in order to create Tier1 resource + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: nsx-t.nsx_t_plugin.tier1.tier1.create + start: + implementation: nsx-t.nsx_t_plugin.tier1.tier1.start + delete: + implementation: nsx-t.nsx_t_plugin.tier1.tier1.delete + + relationships: cloudify.relationships.nsx-t.segment_connected_to_dhcp_server_config: derived_from: cloudify.relationships.connected_to