Vinod Borole

Vinod Borole

I like building things to solve problems

Support for Group Based Policy in Openstack4j

posted in Cloud Computing, Java on by
Support for Group Based Policy in Openstack4j

Openstack4j is a Java based fluent open source Openstack client SDK which allows provisioning and control of an Openstack deployment. The library has been broken out into several major API abstractions. Know more

Group Based Policy

Openstack Group-Based Policy (GBP) framework, designed to offer a new set of abstraction that allows to manage Openstack infrastructure through declarative policy abstractions. It provides declarative abstractions for achieving scalable intent-based infrastructure automation.Know more

Support for Group Based Policy in Openstack4j

We have recently added support for Group Based Policy in Openstack4j that makes it easier for developers to interact with GBP based openstack cloud. For maven users just add the following dependency to get the openstack4j library with Group based policy support. By default this uses the jersey2 connector, in order to use different connectors go through the getting started guide
As of today the GBP implementation is part of the latest snapshot version of openstack4j library.

<dependency>
<groupId>org.pacesys</groupId>
<artifactId>openstack4j/artifactId>
<version>3.0.1-SNAPSHOT</version>
<classifier>withdeps</classifier>
</dependency>

Example code

Let’s look at some of the examples code related to Group based policy using openstack4j.

Policy Action

  • Create
PolicyAction policyAction = Builders.policyAction().name("test-Action").actionType(PolicyActionProtocol.ALLOW).description("test-action-desc").build();
policyAction=osClientv2.gbp().policyAction().create(policyAction);
  • Get
PolicyAction policyAction = osClientv2.gbp().policyAction().get(id);
  • List
List<? extends PolicyAction> policyActionList = osClientv2.gbp().policyAction().list();
  • Update
PolicyActionUpdate policyActionUpdate= Builders.policyActionUpdate().name("redirect").build();
PolicyAction policyAction = osClientv2.gbp().policyAction().update(id, policyActionUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().policyAction().delete(id);

Policy Classifier

  • Create
PolicyClassifier policyClassifierCreate= Builders.policyClassifier().name("icmp").direction(Direction.BI).protocol(Protocol.ICMP).build();
PolicyClassifier policyClassifier = osClientv2.gbp().policyClassifier().create(policyClassifierCreate);
  • Get
PolicyClassifier policyclassifier = osClientv2.gbp().policyClassifier().get(id);
  • List
List<? extends PolicyClassifier> policyClasifierList = osClientv2.gbp().policyClassifier().list();
  • Update
PolicyClassifierUpdate policyClassifierUpdate= Builders.policyClassifierUpdate().name("icmp").description("icmp-update").build();
PolicyClassifier policyClassifier = osClientv2.gbp().policyClassifier().update(id, policyClassifierUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().policyClassifier().delete(id);

Policy Rule

  • Create
PolicyRule policyRuleCreate= Builders.policyRule().name("icmp-rule").actions(actionIds).classifier(classifierId).build();
PolicyRule policyRule = osClientv2.gbp().policyRule().create(policyRuleCreate);
  • Get
PolicyRule policyrule = osClientv2.gbp().policyRule().get(id);
  • List
List<? extends PolicyRule> policyRuleList = osClientv2.gbp().policyRule().list();
  • Update
PolicyRule policyRuleUpdate= Builders.policyRule().name("icmp-rule-update").description("icmp-rule-desc-update").build();
PolicyRule policyRule = osClientv2.gbp().policyRule().update(id, policyRuleUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().policyRule().delete(id);

Policy Rule Set

  • Create
PolicyRuleSet policyRuleSet=Builders.policyRuleSet().name("test-rule-set").description("test-rule-set-desc").rules(ruleIds).build();
policyRuleSet = osClientv2.gbp().policyRuleSet().create(policyRuleSet);
  • Get
PolicyRuleSet policyruleSet = osClientv2.gbp().policyRuleSet().get(id);
  • List
List<? extends PolicyRuleSet> policyRuleSetList = osClientv2.gbp().policyRuleSet().list();
  • Update
PolicyRuleSet policyRuleSetUpdate= Builders.policyRuleSet().name("test-rule-set-update").description("test-rule-set-desc-update").build();
PolicyRuleSet policyRuleSet = osClientv2.gbp().policyRuleSet().update(id, policyRuleSetUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().policyRuleSet().delete(id);

Policy Target Group

  • Create
PolicyTargetGroupCreate policyTargetGroupCreate= Builders.policyTargetGroup().name("test-policy-target-group-update").description("test-policy-target-group-desc-update").build();
PolicyTargetGroup policyTargetGroup = osClientv2.gbp().group().update(id, policyTargetGroupCreate);
  • Get
PolicyTargetGroup policyTargetGroup = osClientv2.gbp().group().get(id);
  • List
List<? extends PolicyTargetGroup> policytargetGroupList = osClientv2.gbp().group().list();
  • Update
PolicyTargetGroupCreate policyTargetGroupCreate= Builders.policyTargetGroup().name("test-policy-target-group-update").description("test-policy-target-group-desc-update").build();
PolicyTargetGroup policyTargetGroup = osClientv2.gbp().group().update(id, policyTargetGroupCreate);
  • Delete
ActionResponse result = osClientv2.gbp().group().delete(id);

Policy Target

  • Create
PolicyTarget policyTargetCreate= Builders.policyTarget().name("test-policytarget").description("test-policytarget-desc").build();
PolicyTarget policyTarget = osClientv2.gbp().policyTarget().create(policyTargetCreate);
  • Get
PolicyTarget policyTarget = osClientv2.gbp().policyTarget().get(id);
  • List
List<? extends PolicyTarget> policytargetList = osClientv2.gbp().policyTarget().list();
  • Update
PolicyTarget policyTargetCreate= Builders.policyTarget().name("test-policytarget-update").description("test-policytarget-desc-update").build();
PolicyTarget policyTarget = osClientv2.gbp().policyTarget().update(id, policyTargetCreate);
  • Delete
ActionResponse result = osClientv2.gbp().policyTarget().delete(id);

External Segment

  • Create
ExternalSegment externalSegment = osClientv2.gbp().externalSegment().create(Builders.externalSegment().ipVersion(4).cidr("172.16.0.0/12").name("extSeg01").description("extSeg01-desc").build());
  • Get
ExternalSegment externalSegment = osClientv2.gbp().externalSegment().get(id);
  • List
List<? extends ExternalSegment> externalSegList = osClientv2.gbp().externalSegment().list();
  • Update
ExternalSegment externalSegment = osClientv2.gbp().externalSegment().update(id, Builders.externalSegment().name("extSeg01-update").description("extSeg01-desc-update").build());
  • Delete
ActionResponse result = osClientv2.gbp().externalSegment().delete(id);

External Policy

  • Create
ExternalPolicy externalPolicy = osClientv2.gbp().externalPolicy().create(Builders.externalPolicy().consumedPolicyRuleSets(consumedPolicyRuleSet).providedPolicyRuleSets(providedPolicyRuleSet).externalSegments(externalSegmentIds ).name("test-ext-policy").description("test-ext-policy-desc").build());
  • Get
ExternalPolicy externalPolicy = osClientv2.gbp().externalPolicy().get(id);
  • List
List<? extends ExternalPolicy> externalPolicyList = osClientv2.gbp().externalPolicy().list();
  • Update
ExternalPolicy externalPolicy = osClientv2.gbp().externalPolicy().update(id, Builders.externalPolicy().name("test-ext-policy-update").description("test-ext-policy-desc-update").build());
  • Delete
ActionResponse result = osClientv2.gbp().externalPolicy().delete(id);

L3 Policy

  • Create
L3Policy l3PolicyCreate= Builders.l3Policy().name("default").description("Implicitly created L3 policy").build();
L3Policy l3Policy = osClientv2.gbp().l3Policy().create(l3PolicyCreate);
  • Get
L3Policy l3policy = osClientv2.gbp().l3Policy().get(id);
  • List
List<? extends L3Policy> l3policyList = osClientv2.gbp().l3Policy().list();
  • Update
L3Policy l3PolicyUpdate= Builders.l3Policy().name("default-update").description("Implicitly created L3 policy-update").build();
L3Policy l3Policy = osClientv2.gbp().l3Policy().update(id, l3PolicyUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().l3Policy().delete(id);

NAT Pool

  • Create
NatPool natPool= Builders.natPool().name("ptg_nat_pool").build();
NatPool npool = osClientv2.gbp().natPool().create(natPool);
  • Get
NatPool natPool = osClientv2.gbp().natPool().get(id);
  • List
List<? extends NatPool> natpoolList = osClientv2.gbp().natPool().list();
  • Update
NatPool natPoolUpdate= Builders.natPool().name("ptg_nat_pool-update").build();
NatPool natPool = osClientv2.gbp().natPool().update(id, natPoolUpdate);
  • Delete
ActionResponse result = osClientv2.gbp().natPool().delete(id);

In case you find any issues please report it here. For more information visit Fluent API Client for Openstack – Group Based Policy

DROP A COMMENT

Your email address will not be published. Required fields are marked *