cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1059
Views
2
Helpful
8
Replies
Highlighted
Enthusiast

onePK (1.1.0) Python basic tutorial

Hi a wrote small tutorial for onePK python beginners. (I have not access to create documents to onePK place.)

#!/usr/bin/env python
import onep.element as onepElement
import onep.core.util.OnepConstants as onepConstants

import onep.interfaces.InterfaceFilter as onepInterfaceFilter


import onep.policy as onepPolicy
import onep.policy.L3Acl as onepL3ACL
import onep.policy.L3Ace as onepL3ACE


import onep.policyservice.BulkService as onepBulkService
import onep.policyservice.PolicyQuery as onepPolicyQuery
import onep.policyservice.Match as onepMatch

import onep.vty.VtyService as onepVTYService


def vty_handle(network_element, cmd="show proto\r\n"):
    #Very basic function of onepk
    #Look into documentation for parser state etc..
    vty = onepVTYService.VtyService(network_element)
    vty.open()
    response = vty.write(cmd)
    vty.close()
    print response


def interface_list(network_element, interface_name="GigabitEthernet0/0"):
    #Write all interface name

    #these are objects, we can do more operation with it
    list_of_interfaces = network_element.get_interface_list(onepInterfaceFilter())

    for interface in list_of_interfaces:
        print interface, "type: ", type(interface)

    named_interface = network_element.get_interface_by_name(interface_name)
    print named_interface
    #return object interface default GigabitEthernet0/0
    return named_interface


def acl_ace(id_ace=1, permit=True):
    #Create element in  ACL
    #1 permit any any
    ace = onepL3ACE(id_ace, permit)
    ace.set_src_prefix_any()
    ace.set_dst_prefix_any()
    return ace


def acl(network_element):
    #Create transient ACL, that exists only if application is connected: show onep session
    acl = onepL3ACL(network_element, onepConstants.OnepAddressFamilyType.ONEP_AF_INET,
                    onepL3ACL.OnepLifetime.ONEP_TRANSIENT)
    #Print name
    print acl.get_name()
    #Element (ace) add to ACL
    acl.add_ace(acl_ace())
    #Apply to interface (both way)
    acl.apply_to_interface(interface_list(network_element), acl.Direction.ONEP_DIRECTION_BOTH)
    #show ACL
    vty_handle(network_element, "show ip access-list dynamic")
    return acl


def bulk_service(network_element):
    #bulkservice is important when we want create policy map or class map
    return onepBulkService(network_element)


def class_map(network_element):
    #create class map type QOS_INGRESS with name 'Nazov' (I don't know if user defined name works)
    blk_src = bulk_service(network_element)
    cl_map = (blk_src.create_class
              (onepPolicyQuery.PolicyCapabilitiesType.QOS_INGRESS, network_element, "Nazov"))
    #Lifetime
    cl_map.storage_type = onepPolicy.L3Acl.OnepLifetime.ONEP_TRANSIENT
    #add ACL to class-map
    cl_map.add_match(onepMatch.ACL(acl(network_element)))
    #send to device
    blk_src.submit_class_map(cl_map)
    #SHOW RESULTS
    vty_handle(network_element, "show class-map")

if __name__ == '__main__':

    network_element = onepElement.NetworkElement('120.120.120.2', 'onepk_tutorial')
    session_config = onepElement.SessionConfig(onepElement.SessionConfig.SessionTransportMode.TLS)
    session_config.ca_certs = "/home/cisco/ca.pem"
    session_handle = network_element.connect('cisco1', 'cisco1', session_config)

    #Function calls other user defined functions.

    class_map(network_element)

    #disconnect
    network_element.disconnect()

8 REPLIES 8
Highlighted
Hall of Fame Cisco Employee

Very cool.  I have granted you doc privilege.  Can you recreate this as a doc?  Thanks!

Highlighted
Hall of Fame Cisco Employee

Also, as a challenge it would be cool to see things like the NE address, path to root cert, username, password, interface, etc. as arguments one can pass to the script.

Highlighted

Ok, I will rewrite script, but not now :-)

Highlighted

Joe,

Can you point me to this document area?

chomjakricard,

Few review comments:

Why go through the effort to rename imports to very similar names?  Renaming imports is usually done because the names are long.

I like the ACL, VTY, and class-map wrappers but the other wrappers really don't help much and seem to be for internal use.

The class-map wrapper does not check with the platform to see if it is capable of doing QOS INGRESS functions, match ACL, and ACLs can be TRANSIENT.  Policy service set is really complex so wrappers are great to have.

Thanks for the effort!

Highlighted
Hall of Fame Cisco Employee

Michael, you're in the document area.  That's where this is posted.

Highlighted
Hall of Fame Cisco Employee

Sorry, I thought this was the doc version.  The doc version is at onePK (1.1.0) Python basic tutorial .  That will take you to the "document" area.

Highlighted

Thanks Joe.  Didn't realize there were subcategories to onePK.  New to DevNet.  How do I search to see other subcategories?  I went to onePK base and looked around but did not see listing.

Highlighted

That "simple tutorial" is about only what is possible to do create with onepk. Ok I will rewrite it.

Why rename import? Because default imports is very LONG for 80-100 chars for lines are too long

To wrappers, this only "how Can I create and apply ACL". Ok my mistake, that ^ way is wrong way. I will rewrite it.

And add some things :-)) stay tunned :-D

But not today, mb tomorrow.