Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov,...
Transcript of Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov,...
![Page 1: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/1.jpg)
CODE2544U
Program NSX-T Network and Security Using Python/Java
Yasen Simeonov, VMware, Inc.
#vmworld #CODE2544U
![Page 2: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/2.jpg)
Disclaimer
2©2019 VMware, Inc.
This presentation may contain product features or functionality that are currently
under development.
This overview of new technology represents no commitment from VMware to deliver
these features in any generally available product.
Features are subject to change, and must not be included in contracts, purchase orders,
or sales agreements of any kind.
Technical feasibility and market demand will affect final delivery.
Pricing and packaging for any new features/functionality/technology discussed
or presented, have not been determined.
The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation
to deliver any items presented herein.
![Page 3: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/3.jpg)
vSphere
BRANCH
BRANCH
EDGE/IOT
TELCO/ NFV
BRANCH
BRANCH
DCDC
DC
BRANCH
Virtual Cloud Network
Tied Together—Everywhere.
vRNI
CLEAR VISIBILITY
NSX Intelligence
DEEP INSIGHT
3©2019 VMware, Inc.
![Page 4: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/4.jpg)
How the NSX API isUsed?
Cloud Management Configuration Management
Programming Languages
NSX RESTAPI
NSX Manager(s)
4©2019 VMware, Inc.
![Page 5: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/5.jpg)
©2019 VMware, Inc.
NSX-T – API Verbs
HTTP “Verbs”
GET
POST
PUT
CRUD
Read
Create
Update
Use
Create an NSX object (e.g. logicalswitch)
Retrieve data about a single NSXobject
or multiple objects
Modify all properties of analready
existing NSX object
PATCH Create/EditEdit if exists, Create instead
DELETE DeleteRemove an NSX object
![Page 6: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/6.jpg)
NSX API Documentation
Available directly in NSX manager GUI
Dynamically generated from code
6©2019 VMware, Inc.
![Page 7: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/7.jpg)
Swagger Codegen
nsx_api.yamlswagger-codegen
> swagger-codegen generate -i
nsx_api.json -l python
curl -k -u admin:VMwareVMware1! https://nsx1.yasen.local/api/v1/spec/openapi/nsx_api.json
curl -k -u admin:VMwareVMware1!https://nsx1.yasen.local/api/v1/spec/openapi/nsx_policy_api.json
7©2019 VMware, Inc.
Dynamically create libraries/modules in multiple languages
Pick your favorite language!
Based on OpenAPI
![Page 8: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/8.jpg)
Policy API vs Management API
8©2019 VMware, Inc.
![Page 9: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/9.jpg)
High Level Architecture
Transport Node
NSX Manager
MPA NSX Proxy
MP CCPPolicy
Administrator
Or Integration
9©2019 VMware, Inc.
![Page 10: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/10.jpg)
NSX Policy Manager and NSX Manager Architecture
NSX Manager
CorfuDB
Policy
Proton
UI/APIReverse
Proxy
Reverse Proxy is the entry point to the
Converged Appliance
10©2019 VMware, Inc.
The Policy & Manager UI havebeen
merged in the NSX-T 2.4release
Policy handles all networking and security
polices and enforces them into the
NSX Manager
Proton is the core component of the NSX
Manager. It is responsible for managing
the L2, L3 and DFW verticals.
Both Policy and Proton persistdata
into CorfuDB
![Page 11: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/11.jpg)
Intent vs Realization
Policy NSX
Manager
IntentHTTP Request
11©2019 VMware, Inc.
RealizationHTTP Request
Policy API
Simplified UI
Manager API
Advanced UI
When interacting with the Simplified UI or Policy API, just because the intent has been
accepted successfully, it doesn't mean that it has been configured (realized) on the default
enforcement point (local NSX Manager)
![Page 12: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/12.jpg)
OverviewNSX SDKs for Python and Java are available from the VMWARE {code}™ website
12©2019 VMware, Inc.
![Page 13: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/13.jpg)
1. Create an APIClient object
• Arguments: NSX manager host/ip, authentication
2. Instantiate a service for the API endpoint
• One service for each API endpoint, e.g. /api/v1/transport-zones
3. Create a payload object
4. Call the service's create/get/update/delete method
13©2019 VMware, Inc.
General Workflow
![Page 14: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/14.jpg)
Creating the API Client (Java)
14©2019 VMware, Inc.
ApiClient apiClient = ApiClientUtils.createApiClient(
"https://10.160.33.4/api/v1", "admin",
"VMwarensbu_1".toCharArray());
![Page 15: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/15.jpg)
Creating the Stub Context (Python)
15©2019 VMware, Inc.
conf = Configuration()
conf.host = 'https://nsx1.yasen.local/policy/api/v1'
conf.username = "admin"
conf.password = "VMwareVMware1!"
conf.verify_ssl = False
![Page 16: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/16.jpg)
Creating a Transport Zone Service
16©2019 VMware, Inc.
Java:
Transportzones zoneService =
apiClient.createStub(Transportzones.class);
Python:
transportzones_svc = Transportzones(stub_config)
![Page 17: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/17.jpg)
Creating a Transport Zone (Java)
17©2019 VMware, Inc.
TransportZone transportZone = new TransportZone.Builder(
TransportZone.TRANSPORTTYPE_OVERLAY)
.setDisplayName("My Transport Zone")
.setDescription("Transport zone for demo")
.setHostSwitchName("hostswitch1").build();
TransportZone resultTZ = zoneService.create(transportZone);
Builder constructor arguments are all of the required properties (green). Optional properties
can be set with setters.
![Page 18: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/18.jpg)
Creating a Transport Zone (Python)
18©2019 VMware, Inc.
new_tz = TransportZone(
transport_type=TransportZone.TRANSPORTTYPE_OVERLAY,
display_name="My transport zone",
description="Transport zone for demo",
host_switch_name="hostswitch1"
)
result_tz = transportzones_svc.create(new_tz)
![Page 19: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/19.jpg)
Demo
19©2019 VMware, Inc.
![Page 20: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/20.jpg)
NSX-T Open Source ResourcesWhat’s Next
@VMwareNSX
#runNSX
Learn ContributeTry
Take a
Hands-on Lab
Join VMUG, VMware
Communities (VMTN)
https://github.com/vmware-samples/nsx-t
https://github.com/yasensim/nsxt-ansible
20©2019 VMware, Inc.
![Page 21: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/21.jpg)
ResourcesHow to get started
https://nsx.techzone.vmware.com@VMwareNSX
#runNSX
Learn ConnectTry
Design Guides
Demos
Take a
Hands-on Lab
Join VMUG, VMware
Communities (VMTN)
21©2019 VMware, Inc.
![Page 22: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/22.jpg)
![Page 23: Program NSX-T Network and Security Using Python/Java · Security Using Python/Java Yasen Simeonov, VMware, Inc. #vmworld #CODE2544U. Disclaimer ©2019 VMware, Inc. 2 This presentation](https://reader034.fdocuments.in/reader034/viewer/2022042311/5ed8d4f76714ca7f4768a63f/html5/thumbnails/23.jpg)