[ovirt-users] Re: port_security in external networks-API
On Tue, Aug 6, 2019 at 9:30 AM ada per wrote: > > Thank you very much for all the information it help me understand it better. > Unfortunately i cant get it to work in python :( Could you elaborate more ? You can also take a look at [3], on ovirt's system test project. It does what you're after, but using the OST entities - which are a simple wrapper over the REST API ones. Never the less, that test is useful to understand what needs to be done. > > On Fri, Jul 26, 2019 at 2:09 PM Miguel Duarte de Mora Barroso > wrote: >> >> On Thu, Jul 25, 2019 at 3:50 PM ada per wrote: >> > >> > Hello everyone, >> > >> > I have the following python script that creates an external network, but >> > now after updating ovirt a new option "network port security" exists that >> > is set as enabled by default. >> >> That attribute is specified in >> https://github.com/oVirt/ovirt-provider-ovn#section-network - the >> default on the configuration file is set by engine-setup to true. >> >> > >> > How can i disable the network port security? >> >> You can update it for each network / logical port in the system. >> >> Be advised that updating the port security attribute of a network >> value will *not* impact existing ports - it only impacts newly created >> logical ports. >> >> To disable that property for existing VMs you need to update that >> property in the logical port to which the VM is connected, via the >> logical port's REST API. The logical port follows a subset of the >> networking api, which is defined in [0]. >> >> Some time ago I wrote an example playbook that can be leveraged for >> this type of thing, check [1]. It's usage is described in [2], look >> for 'update_port_security'. You can update it for all port in the >> system, for all ports within a logical network, or for a single port. >> >> Let me know if this helps. >> >> [0] - >> https://github.com/oVirt/ovirt-provider-ovn/blob/master/docs/provider_api_description.adoc#ports >> [1] - >> https://github.com/maiqueb/ovirt-security-groups-demo/blob/master/playbooks/update_port_security.yml >> [2] - https://github.com/maiqueb/ovirt-security-groups-demo#provided-tools [3] - https://github.com/oVirt/ovirt-system-tests/blob/master/network-suite-master/tests/ovs/test_ovn_physnet.py#L137 >> >> > >> > thanks!! :) >> > >> >networks_service = connection.system_service().networks_service() >> > # Use the "add" method to create new VM logical network in data center >> > network = networks_service.add( >> > network=types.Network( >> > name= ext_net_name, >> > description='Network for testing API', >> > data_center=types.DataCenter( >> > name='Default' >> > ), >> > usages=[types.NetworkUsage.VM], >> > external_provider=types.OpenStackNetworkProvider( >> > id=provider.id >> > >> > ) >> > ), >> > ___ >> > Users mailing list -- users@ovirt.org >> > To unsubscribe send an email to users-le...@ovirt.org >> > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >> > oVirt Code of Conduct: >> > https://www.ovirt.org/community/about/community-guidelines/ >> > List Archives: >> > https://lists.ovirt.org/archives/list/users@ovirt.org/message/PZI4SHUNFWPPRNTIA2I445PG6HV7YPVZ/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/ZBWJCH54K7LAIRCS7F2KRBPWOAMWIXGB/
[ovirt-users] Re: port_security in external networks-API
Thank you very much for all the information it help me understand it better. Unfortunately i cant get it to work in python :( On Fri, Jul 26, 2019 at 2:09 PM Miguel Duarte de Mora Barroso < mdbarr...@redhat.com> wrote: > On Thu, Jul 25, 2019 at 3:50 PM ada per wrote: > > > > Hello everyone, > > > > I have the following python script that creates an external network, but > now after updating ovirt a new option "network port security" exists that > is set as enabled by default. > > That attribute is specified in > https://github.com/oVirt/ovirt-provider-ovn#section-network - the > default on the configuration file is set by engine-setup to true. > > > > > How can i disable the network port security? > > You can update it for each network / logical port in the system. > > Be advised that updating the port security attribute of a network > value will *not* impact existing ports - it only impacts newly created > logical ports. > > To disable that property for existing VMs you need to update that > property in the logical port to which the VM is connected, via the > logical port's REST API. The logical port follows a subset of the > networking api, which is defined in [0]. > > Some time ago I wrote an example playbook that can be leveraged for > this type of thing, check [1]. It's usage is described in [2], look > for 'update_port_security'. You can update it for all port in the > system, for all ports within a logical network, or for a single port. > > Let me know if this helps. > > [0] - > https://github.com/oVirt/ovirt-provider-ovn/blob/master/docs/provider_api_description.adoc#ports > [1] - > https://github.com/maiqueb/ovirt-security-groups-demo/blob/master/playbooks/update_port_security.yml > [2] - https://github.com/maiqueb/ovirt-security-groups-demo#provided-tools > > > > > thanks!! :) > > > >networks_service = connection.system_service().networks_service() > > # Use the "add" method to create new VM logical network in data > center > > network = networks_service.add( > > network=types.Network( > > name= ext_net_name, > > description='Network for testing API', > > data_center=types.DataCenter( > > name='Default' > > ), > > usages=[types.NetworkUsage.VM], > > external_provider=types.OpenStackNetworkProvider( > > id=provider.id > > > > ) > > ), > > ___ > > Users mailing list -- users@ovirt.org > > To unsubscribe send an email to users-le...@ovirt.org > > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/PZI4SHUNFWPPRNTIA2I445PG6HV7YPVZ/ > ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/MQGZ3ZMBWRQDNP3AAQD7ZYMC7AGLSBGO/
[ovirt-users] Re: port_security in external networks-API
On Thu, Jul 25, 2019 at 3:50 PM ada per wrote: > > Hello everyone, > > I have the following python script that creates an external network, but now > after updating ovirt a new option "network port security" exists that is set > as enabled by default. That attribute is specified in https://github.com/oVirt/ovirt-provider-ovn#section-network - the default on the configuration file is set by engine-setup to true. > > How can i disable the network port security? You can update it for each network / logical port in the system. Be advised that updating the port security attribute of a network value will *not* impact existing ports - it only impacts newly created logical ports. To disable that property for existing VMs you need to update that property in the logical port to which the VM is connected, via the logical port's REST API. The logical port follows a subset of the networking api, which is defined in [0]. Some time ago I wrote an example playbook that can be leveraged for this type of thing, check [1]. It's usage is described in [2], look for 'update_port_security'. You can update it for all port in the system, for all ports within a logical network, or for a single port. Let me know if this helps. [0] - https://github.com/oVirt/ovirt-provider-ovn/blob/master/docs/provider_api_description.adoc#ports [1] - https://github.com/maiqueb/ovirt-security-groups-demo/blob/master/playbooks/update_port_security.yml [2] - https://github.com/maiqueb/ovirt-security-groups-demo#provided-tools > > thanks!! :) > >networks_service = connection.system_service().networks_service() > # Use the "add" method to create new VM logical network in data center > network = networks_service.add( > network=types.Network( > name= ext_net_name, > description='Network for testing API', > data_center=types.DataCenter( > name='Default' > ), > usages=[types.NetworkUsage.VM], > external_provider=types.OpenStackNetworkProvider( > id=provider.id > > ) > ), > ___ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/PZI4SHUNFWPPRNTIA2I445PG6HV7YPVZ/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/XYVBGU6KSWJPKXGV5LEVTI52VVCAV2VL/
