Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AV-198224: Fixed NSX-T migration issues #2897

Merged
merged 6 commits into from
Mar 7, 2024
Merged

AV-198224: Fixed NSX-T migration issues #2897

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c66dd5c
AV-199689: Changed pool group name to primary pool name
shardullatkar Feb 21, 2024
cf4bb6d
AV-200240: Fixed ansible converter issue for object names containing …
shardullatkar Feb 29, 2024
f6e8c38
AV-200557: Fix for application profile ssl_client_certificate_mode pr…
shardullatkar Feb 29, 2024
9b18a0c
AV-200568: Fixed config for https monitor without ssl profile
shardullatkar Mar 4, 2024
b65613a
AV-201245: Fixed command to fetch ssl certificates
shardullatkar Mar 7, 2024
1d4e904
AV-201241: Fixed issue of missing newly created objects in nsx-t outp…
Mar 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions python/avi/migrationtools/ansible/ansible_config_converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,10 @@ def transform_ref(self, x, obj):
# query.pop('cloud', None)
u = u._replace(query=urlencode(query, True))
x = urlunparse(u)
if '+' in x:
# Spaces get replaced with '+' which further causes error like 'Object not found'.
# Hence, replacing all the '+' back to spaces
x = x.replace('+', ' ')
return unquote(x)

def transform_obj_refs(self, obj):
Expand Down
16 changes: 9 additions & 7 deletions python/avi/migrationtools/nsxt_converter/conversion_util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1062,13 +1062,13 @@ def clone_pool_if_shared(self, ref, avi_config, vs_name, tenant, p_tenant,
pool_obj = [pool for pool in avi_config['Pool'] if pool['name'] == ref
and pool['tenant_ref'] == self.get_object_ref(tenant,
'tenant')]
pool_per_ref = pool_obj[0].get(
pool_persis_ref = pool_obj[0].get(
'application_persistence_profile_ref') if pool_obj else None
pool_per_name = self.get_name(pool_per_ref) if pool_per_ref else None
pool_per_types = [obj['persistence_type'] for obj in (avi_config[
pool_persis_name = self.get_name(pool_persis_ref) if pool_persis_ref else None
pool_persis_types = [obj['persistence_type'] for obj in (avi_config[
'ApplicationPersistenceProfile']) if obj['name'] ==
pool_per_name] if pool_per_name else []
pool_per_type = pool_per_types[0] if pool_per_types else None
pool_persis_name] if pool_persis_name else []
pool_persis_type = pool_persis_types[0] if pool_persis_types else None
if not pool_obj:
pool_group_obj = [pool for pool in avi_config['PoolGroup']
if pool['name'] == ref and
Expand Down Expand Up @@ -1149,6 +1149,8 @@ def clone_pool_if_shared(self, ref, avi_config, vs_name, tenant, p_tenant,
ref = self.clone_pool_group(ref, vs_name, avi_config, True,
tenant, cloud_name=cloud_name)
else:
if isinstance(shared_vs[0], str):
shared_vs = [obj for obj in avi_config['VirtualService'] if obj['name'] == shared_vs[0]]
shared_appref = shared_vs[0].get('application_profile_ref')
shared_apptype = None
if shared_appref:
Expand All @@ -1168,7 +1170,7 @@ def clone_pool_if_shared(self, ref, avi_config, vs_name, tenant, p_tenant,

if self.is_pool_clone_criteria(
controller_version, app_prof_type, shared_apptype,
persist_type, pool_per_type, shared_appobj,
persist_type, pool_persis_type, shared_appobj,
app_prof_obj):
LOG.debug('Cloned the pool %s for VS %s', ref, vs_name)
ref = self.clone_pool(ref, vs_name, avi_config['Pool'],
Expand Down Expand Up @@ -1361,7 +1363,7 @@ def add_placement_network_to_pool(self, avi_pool_list, pool_ref, pool_segment, c
:param pool_ref: name of the pool
"""
for pool_obj in avi_pool_list:
if pool_ref == pool_obj["name"]:
if pool_ref == pool_obj["name"] and pool_segment:
pool_obj["placement_networks"] = list()
for sub in pool_segment:
ip_addreses = dict(
Expand Down
14 changes: 8 additions & 6 deletions python/avi/migrationtools/nsxt_converter/nsxt_util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,10 +164,10 @@ def get_certificate_data(certificate_ref, nsxt_ip, ssh_root_password):
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(nsxt_ip, username='root', password=ssh_root_password,
allow_agent=False, look_for_keys=False, banner_timeout=60)
allow_agent=False, look_for_keys=False, banner_timeout=60)

cmd = "curl --header 'Content-Type: application/json' --header 'x-nsx-username: admin' " \
"http://'admin':'{}'@127.0.0.1:7440/nsxapi/api/v1/trust-management/certificates".\
"http://127.0.0.1:7440/nsxapi/api/v1/trust-management/certificates".\
format(ssh_root_password)
stdin, stdout, stderr = ssh.exec_command(cmd)

Expand Down Expand Up @@ -290,7 +290,7 @@ def call_api_with_retry(self, api, *args, **kwargs):
results = api_resp.to_dict().get("results", [])

while 'cursor' in api_resp.to_dict() and api_resp.to_dict()['cursor']:
print(f"Cursor: {api_resp.to_dict()['cursor']}")
LOG.debug(f"Cursor: {api_resp.to_dict()['cursor']}")
kwargs['cursor'] = str(api_resp.to_dict()['cursor'])
api_resp = api(*args, **kwargs)
if api_resp and "results" in vars(api_resp):
Expand Down Expand Up @@ -1192,6 +1192,7 @@ def create_and_update_nsgroup(self, pool_name, alb_config, pool_members):
"https://{}/policy/api/v1/infra/domains/{}/groups/{}".format(self.nsxt_ip, domain_id, ns_name),
auth=(self.nsxt_un, self.nsxt_pw), headers=headers, verify=False)
response = json.loads(response.text)
LOG.debug("NS group get response: {}".format(response))

if response.get('httpStatus') == "NOT_FOUND":
ip_address_list = list()
Expand All @@ -1213,20 +1214,21 @@ def create_and_update_nsgroup(self, pool_name, alb_config, pool_members):
data=json.dumps(data), auth=(self.nsxt_un, self.nsxt_pw),
headers=headers, verify=False)
response = json.loads(response.text)
LOG.debug("NS group post response: {}".format(response))

for pool in alb_config["Pool"]:
if pool["name"] == pool_name:
pool["nsx_securitygroup"] = [response["path"]]
# Make sure to update the pool server port to be retained
if pool_members:
if pool_members and 'port' in pool_members[0].keys():
pool["default_server_port"] = pool_members[0]["port"]
if "servers" in pool:
del pool["servers"]
break

LOG.debug("ns group created for pool {}".format(pool_name))
except Exception:
LOG.debug("Error in creating ns group for pool {}".format(pool_name))
except Exception as e:
LOG.debug("Error in creating ns group for pool {}. Error: {}".format(pool_name, str(e)))

def create_network_service_obj(self, name, se_group_ref, cloud_ref, vrf_ref, floating_ip, tenant_ref):
new_network_service = dict()
Expand Down
4 changes: 3 additions & 1 deletion python/avi/migrationtools/nsxt_converter/persistant_converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ def convert(self, alb_config, nsx_lb_config, prefix, tenant):
conv_utils.print_progress_bar(progressbar_count, total_size, msg,
prefix='Progress', suffix='')

LOG.info('[ApplicationPersistenceProfile] Migration completed for HM {}'.format(lb_pp['display_name']))
LOG.info('[ApplicationPersistenceProfile] Migration completed for {}'.format(lb_pp['display_name']))

except Exception as e:
LOG.error(
Expand Down Expand Up @@ -276,6 +276,8 @@ def create_datascript(self, lb_pp, avi_config, alb_pp,tenant):
% (lb_pp.get('cookie_name'), lb_pp.get('cookie_path', '/'), lb_pp.get('cookie_domain'),
cookie_max_idle, cookie_max_life, lb_pp.get('cookie_httponly', False))
is_ds_created = True
else:
LOG.debug("No cookie_path or cookie_domain for {}".format(lb_pp.get('display_name')))

elif lb_pp.get("cookie_mode") == 'REWRITE':
script = "ip,port = avi.pool.get_server_info() cookie_name = \"%s\" " \
Expand Down
7 changes: 5 additions & 2 deletions python/avi/migrationtools/nsxt_converter/policy_converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ def convert(self, lb_vs_config, alb_vs_config, alb_config, nsx_lb_config, nsxt_u
[], indirect, ignore_for_defaults, [],
u_ignore, [])

if http_rules or sec_rules or rsp_rules or self.policy_datascript_obj:
if http_rules or sec_rules or rsp_rules:
conv_status["skipped"] = skipped_rule
conv_status["na_list"] = []
if not skipped_rule:
Expand Down Expand Up @@ -518,6 +518,7 @@ def convert_actions_to_avi_actions(self, rule_dict, actions, prefix, cloud_name)
if action["type"] == "LBVariablePersistenceLearnAction" or \
action['type'] == 'LBVariablePersistenceOnAction':
# skip rule
LOG.debug("Rule action of type {} skipped".format(action["type"]))
continue

if action["type"] == "LBHttpRequestUriRewriteAction":
Expand Down Expand Up @@ -643,7 +644,9 @@ def pool_and_poolgroup_sharing(self, pool_ref, cloud_name, prefix):

pool_present = False
if self.lb_vs_config["id"] in vs_select_pool_action_list.keys():
pool_segment = vs_pool_segment_list[self.lb_vs_config["id"]].get("pool_segment")
pool_segment = None
if self.lb_vs_config["id"] in vs_pool_segment_list:
pool_segment = vs_pool_segment_list[self.lb_vs_config["id"]].get("pool_segment")
is_pg_created = False
if pool_ref:
p_tenant, pool_ref = conv_utils.get_tenant_ref(pool_ref)
Expand Down
7 changes: 4 additions & 3 deletions python/avi/migrationtools/nsxt_converter/pools_converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ def convert(self, alb_config, nsx_lb_config, nsxt_util, prefix, tenant):
pool_seg_list,is_member_ip_in_range ,pool_skip= self.check_pool_member_ip_ranges \
(vs_list_for_sorry_pool, pool_count, lb_list, pool_members_list, pool_skip, name,
vs_sorry_pool_segment_list)
if is_member_ip_in_range:
if is_member_ip_in_range or self.skip_datapath_check:
is_sry_pool_present = True
is_pool_orphan=False

Expand Down Expand Up @@ -332,6 +332,7 @@ def convert_servers_config(self, servers_config):
if member.get("port", ""):
server_obj['port'] = int(member.get("port"))
else:
LOG.debug(f"No port value found for {member.get('display_name')}")
server_skipped.append(member.get("display_name"))

if member.get("weight"):
Expand Down Expand Up @@ -533,14 +534,14 @@ def check_pool_member_ip_ranges(self, vs_list, pool_count, lb_list, pool_members
else:
new_pool_name = '%s-%s' % (pool_name, pool_segment[0].get("subnets").get("network_range"))
new_pool_name = new_pool_name.replace('/', '-')
vs_pool_segment_list[vs_id] = {
pool_segment_list[vs_id] = {
"pool_name": new_pool_name,
"pool_segment": pool_segment
}
lb_list[lb] = pool_segment_list.get(vs_id)
pool_count += 1
elif self.skip_datapath_check:
vs_pool_segment_list[vs_id] = {
pool_segment_list[vs_id] = {
"pool_name": pool_name,
"pool_segment": None
}
Expand Down
11 changes: 10 additions & 1 deletion python/avi/migrationtools/nsxt_converter/profile_converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -228,7 +228,7 @@ def convert_http(self, alb_pr, lb_pr):
alb_pr["preserve_client_ip"] = False
if lb_pr.get("http_redirect_to"):
# TODO
print("http_redirect_to")
LOG.debug("TODO: http_redirect_to")

def convert_udp(self, alb_pr, lb_pr):
alb_pr['profile'] = dict(
Expand All @@ -249,3 +249,12 @@ def fast_profile_path(self, lb_pr):
session_idle_timeout=lb_pr.get('idle_timeout')
)
return path


def set_certificate_mode(t_obj_body, certificate_mode):
if 'http_profile' in t_obj_body.keys():
t_obj_body['http_profile']['ssl_client_certificate_mode'] = certificate_mode
else:
t_obj_body.update({"http_profile": {
"ssl_client_certificate_mode": certificate_mode
}})
Loading