1
2
3
4 package hcn
5
6 import (
7 "encoding/json"
8 )
9
10 func CreateSubnet(AddressPrefix string, NextHop string, DestPrefix string) *Subnet {
11 return &Subnet{
12 IpAddressPrefix: AddressPrefix,
13 Routes: []Route{
14 {
15 NextHop: NextHop,
16 DestinationPrefix: DestPrefix,
17 },
18 },
19 }
20 }
21
22 func GetDefaultSubnet() *Subnet {
23 return CreateSubnet("192.168.100.0/24", "192.168.100.1", "0.0.0.0/0")
24 }
25
26 func cleanup(networkName string) {
27
28 testNetwork, err := GetNetworkByName(networkName)
29 if err != nil {
30 return
31 }
32 if testNetwork != nil {
33 err := testNetwork.Delete()
34 if err != nil {
35 return
36 }
37 }
38 }
39
40 func HcnGenerateNATNetwork(subnet *Subnet) *HostComputeNetwork {
41 ipams := []Ipam{}
42 if subnet != nil {
43 ipam := Ipam{
44 Type: "Static",
45 Subnets: []Subnet{
46 *subnet,
47 },
48 }
49 ipams = append(ipams, ipam)
50 }
51 network := &HostComputeNetwork{
52 Type: "NAT",
53 Name: NatTestNetworkName,
54 MacPool: MacPool{
55 Ranges: []MacRange{
56 {
57 StartMacAddress: "00-15-5D-52-C0-00",
58 EndMacAddress: "00-15-5D-52-CF-FF",
59 },
60 },
61 },
62 Ipams: ipams,
63 SchemaVersion: SchemaVersion{
64 Major: 2,
65 Minor: 0,
66 },
67 }
68 return network
69 }
70
71 func HcnCreateTestNATNetworkWithSubnet(subnet *Subnet) (*HostComputeNetwork, error) {
72 cleanup(NatTestNetworkName)
73 network := HcnGenerateNATNetwork(subnet)
74 return network.Create()
75 }
76
77 func HcnCreateTestNATNetwork() (*HostComputeNetwork, error) {
78 return HcnCreateTestNATNetworkWithSubnet(GetDefaultSubnet())
79 }
80
81 func CreateTestOverlayNetwork() (*HostComputeNetwork, error) {
82 cleanup(OverlayTestNetworkName)
83 subnet := GetDefaultSubnet()
84 network := &HostComputeNetwork{
85 Type: "Overlay",
86 Name: OverlayTestNetworkName,
87 MacPool: MacPool{
88 Ranges: []MacRange{
89 {
90 StartMacAddress: "00-15-5D-52-C0-00",
91 EndMacAddress: "00-15-5D-52-CF-FF",
92 },
93 },
94 },
95 Ipams: []Ipam{
96 {
97 Type: "Static",
98 Subnets: []Subnet{
99 *subnet,
100 },
101 },
102 },
103 Flags: EnableNonPersistent,
104 SchemaVersion: SchemaVersion{
105 Major: 2,
106 Minor: 0,
107 },
108 }
109
110 vsid := &VsidPolicySetting{
111 IsolationId: 5000,
112 }
113 vsidJson, err := json.Marshal(vsid)
114 if err != nil {
115 return nil, err
116 }
117
118 sp := &SubnetPolicy{
119 Type: VSID,
120 }
121 sp.Settings = vsidJson
122
123 spJson, err := json.Marshal(sp)
124 if err != nil {
125 return nil, err
126 }
127
128 network.Ipams[0].Subnets[0].Policies = append(network.Ipams[0].Subnets[0].Policies, spJson)
129
130 return network.Create()
131 }
132
133 func HcnCreateTestEndpoint(network *HostComputeNetwork) (*HostComputeEndpoint, error) {
134 Endpoint := &HostComputeEndpoint{
135 Name: NatTestEndpointName,
136 SchemaVersion: SchemaVersion{
137 Major: 2,
138 Minor: 0,
139 },
140 }
141
142 return network.CreateEndpoint(Endpoint)
143 }
144
145 func HcnCreateTestEndpointWithPolicies(network *HostComputeNetwork, policies []EndpointPolicy) (*HostComputeEndpoint, error) {
146 Endpoint := &HostComputeEndpoint{
147 Name: NatTestEndpointName,
148 Policies: policies,
149 SchemaVersion: SchemaVersion{
150 Major: 2,
151 Minor: 0,
152 },
153 }
154
155 return network.CreateEndpoint(Endpoint)
156 }
157
158 func HcnCreateTestEndpointWithNamespace(network *HostComputeNetwork, namespace *HostComputeNamespace) (*HostComputeEndpoint, error) {
159 Endpoint := &HostComputeEndpoint{
160 Name: NatTestEndpointName,
161 HostComputeNamespace: namespace.Id,
162 SchemaVersion: SchemaVersion{
163 Major: 2,
164 Minor: 0,
165 },
166 }
167
168 return network.CreateEndpoint(Endpoint)
169 }
170
171 func HcnCreateTestNamespace() (*HostComputeNamespace, error) {
172 namespace := &HostComputeNamespace{
173 Type: NamespaceTypeHostDefault,
174 NamespaceId: 5,
175 SchemaVersion: SchemaVersion{
176 Major: 2,
177 Minor: 0,
178 },
179 }
180
181 return namespace.Create()
182 }
183
184 func HcnCreateAcls() (*PolicyEndpointRequest, error) {
185 in := AclPolicySetting{
186 Protocols: "6",
187 Action: ActionTypeAllow,
188 Direction: DirectionTypeIn,
189 LocalAddresses: "192.168.100.0/24,10.0.0.21",
190 RemoteAddresses: "192.168.100.0/24,10.0.0.21",
191 LocalPorts: "80,8080",
192 RemotePorts: "80,8080",
193 RuleType: RuleTypeSwitch,
194 Priority: 200,
195 }
196
197 rawJSON, err := json.Marshal(in)
198 if err != nil {
199 return nil, err
200 }
201 inPolicy := EndpointPolicy{
202 Type: ACL,
203 Settings: rawJSON,
204 }
205
206 out := AclPolicySetting{
207 Protocols: "6",
208 Action: ActionTypeAllow,
209 Direction: DirectionTypeOut,
210 LocalAddresses: "192.168.100.0/24,10.0.0.21",
211 RemoteAddresses: "192.168.100.0/24,10.0.0.21",
212 LocalPorts: "80,8080",
213 RemotePorts: "80,8080",
214 RuleType: RuleTypeSwitch,
215 Priority: 200,
216 }
217
218 rawJSON, err = json.Marshal(out)
219 if err != nil {
220 return nil, err
221 }
222 outPolicy := EndpointPolicy{
223 Type: ACL,
224 Settings: rawJSON,
225 }
226
227 endpointRequest := PolicyEndpointRequest{
228 Policies: []EndpointPolicy{inPolicy, outPolicy},
229 }
230
231 return &endpointRequest, nil
232 }
233
234 func HcnCreateNetworkACLs() (*PolicyNetworkRequest, error) {
235 in := NetworkACLPolicySetting{
236 Protocols: "6",
237 Action: ActionTypeAllow,
238 Direction: DirectionTypeIn,
239 LocalAddresses: "192.168.100.0/24,10.0.0.21",
240 RemoteAddresses: "192.168.100.0/24,10.0.0.21",
241 LocalPorts: "80,8080",
242 RemotePorts: "80,8080",
243 RuleType: RuleTypeSwitch,
244 Priority: 200,
245 }
246
247 rawJSON, err := json.Marshal(in)
248 if err != nil {
249 return nil, err
250 }
251 inPolicy := NetworkPolicy{
252 Type: NetworkACL,
253 Settings: rawJSON,
254 }
255
256 networkRequest := PolicyNetworkRequest{
257 Policies: []NetworkPolicy{inPolicy},
258 }
259
260 return &networkRequest, nil
261 }
262
263 func HcnCreateWfpProxyPolicyRequest() (*PolicyEndpointRequest, error) {
264 policySetting := L4WfpProxyPolicySetting{
265 InboundProxyPort: "80",
266 OutboundProxyPort: "81",
267 FilterTuple: FiveTuple{
268 Protocols: "6",
269 RemoteAddresses: "10.0.0.4",
270 Priority: 8,
271 },
272 OutboundExceptions: ProxyExceptions{
273 IpAddressExceptions: []string{"10.0.1.12"},
274 PortExceptions: []string{"81"},
275 },
276 InboundExceptions: ProxyExceptions{
277 IpAddressExceptions: []string{"12.0.1.12"},
278 PortExceptions: []string{"8181"},
279 },
280 }
281
282 policyJSON, err := json.Marshal(policySetting)
283 if err != nil {
284 return nil, err
285 }
286
287 endpointPolicy := EndpointPolicy{
288 Type: L4WFPPROXY,
289 Settings: policyJSON,
290 }
291
292 endpointRequest := PolicyEndpointRequest{
293 Policies: []EndpointPolicy{endpointPolicy},
294 }
295
296 return &endpointRequest, nil
297 }
298
299 func HcnCreateTestLoadBalancer(endpoint *HostComputeEndpoint) (*HostComputeLoadBalancer, error) {
300 loadBalancer := &HostComputeLoadBalancer{
301 HostComputeEndpoints: []string{endpoint.Id},
302 SourceVIP: "10.0.0.1",
303 PortMappings: []LoadBalancerPortMapping{
304 {
305 Protocol: 6,
306 InternalPort: 8080,
307 ExternalPort: 8090,
308 },
309 },
310 FrontendVIPs: []string{"1.1.1.2", "1.1.1.3"},
311 SchemaVersion: SchemaVersion{
312 Major: 2,
313 Minor: 0,
314 },
315 }
316
317 return loadBalancer.Create()
318 }
319
320 func HcnCreateTestRemoteSubnetRoute() (*PolicyNetworkRequest, error) {
321 rsr := RemoteSubnetRoutePolicySetting{
322 DestinationPrefix: "192.168.2.0/24",
323 IsolationId: 5000,
324 ProviderAddress: "1.1.1.1",
325 DistributedRouterMacAddress: "00-12-34-56-78-9a",
326 }
327
328 rawJSON, err := json.Marshal(rsr)
329 if err != nil {
330 return nil, err
331 }
332 rsrPolicy := NetworkPolicy{
333 Type: RemoteSubnetRoute,
334 Settings: rawJSON,
335 }
336
337 networkRequest := PolicyNetworkRequest{
338 Policies: []NetworkPolicy{rsrPolicy},
339 }
340
341 return &networkRequest, nil
342 }
343
344 func HcnCreateTestHostRoute() (*PolicyNetworkRequest, error) {
345 hostRoutePolicy := NetworkPolicy{
346 Type: HostRoute,
347 Settings: []byte("{}"),
348 }
349
350 networkRequest := PolicyNetworkRequest{
351 Policies: []NetworkPolicy{hostRoutePolicy},
352 }
353
354 return &networkRequest, nil
355 }
356
357 func HcnCreateTestSdnRoute(endpoint *HostComputeEndpoint) (*HostComputeRoute, error) {
358 route := &HostComputeRoute{
359 SchemaVersion: V2SchemaVersion(),
360 Setting: []SDNRoutePolicySetting{
361 {
362 DestinationPrefix: "169.254.169.254/24",
363 NextHop: "127.10.0.34",
364 NeedEncap: false,
365 },
366 },
367 }
368
369 route.HostComputeEndpoints = append(route.HostComputeEndpoints, endpoint.Id)
370
371 return route.Create()
372 }
373
374 func HcnCreateTestL2BridgeNetwork() (*HostComputeNetwork, error) {
375 cleanup(BridgeTestNetworkName)
376 subnet := GetDefaultSubnet()
377 network := &HostComputeNetwork{
378 Type: "L2Bridge",
379 Name: BridgeTestNetworkName,
380 MacPool: MacPool{
381 Ranges: []MacRange{
382 {
383 StartMacAddress: "00-15-5D-52-C0-00",
384 EndMacAddress: "00-15-5D-52-CF-FF",
385 },
386 },
387 },
388 Ipams: []Ipam{
389 {
390 Type: "Static",
391 Subnets: []Subnet{
392 *subnet,
393 },
394 },
395 },
396 Flags: EnableNonPersistent,
397 SchemaVersion: SchemaVersion{
398 Major: 2,
399 Minor: 0,
400 },
401 }
402
403 return network.Create()
404 }
405
406 func HcnCreateTierAcls() (*PolicyEndpointRequest, error) {
407 policy := make([]EndpointPolicy, 6)
408
409 tiers := make([]TierAclPolicySetting, 6)
410
411
412 tiers[0] = TierAclPolicySetting{
413 Name: "TierIn1",
414 Direction: DirectionTypeIn,
415 Order: 1001,
416 }
417
418 tiers[0].TierAclRules = make([]TierAclRule, 2)
419
420 tiers[0].TierAclRules[0] = TierAclRule{
421 Id: "TierIn1Rule1",
422 Protocols: "6",
423 TierAclRuleAction: ActionTypePass,
424 LocalAddresses: "192.168.100.0/24,10.0.0.21",
425 RemoteAddresses: "192.168.100.0/24,10.0.0.22",
426 LocalPorts: "80",
427 RemotePorts: "80",
428 Priority: 2001,
429 }
430
431 tiers[0].TierAclRules[1] = TierAclRule{
432 Id: "TierIn1Rule2",
433 TierAclRuleAction: ActionTypeBlock,
434 Priority: 2100,
435 }
436
437 policy[0].Type = TierAcl
438 rawJSON, err := json.Marshal(tiers[0])
439 if err != nil {
440 return nil, err
441 }
442
443 policy[0].Settings = rawJSON
444
445 tiers[1] = TierAclPolicySetting{
446 Name: "TierIn2",
447 Direction: DirectionTypeIn,
448 Order: 1002,
449 }
450
451 tiers[1].TierAclRules = make([]TierAclRule, 3)
452
453 tiers[1].TierAclRules[0] = TierAclRule{
454 Id: "TierIn2Rule1",
455 TierAclRuleAction: ActionTypePass,
456 LocalAddresses: "192.168.100.0/24",
457 RemoteAddresses: "192.168.100.0/24",
458 Priority: 3000,
459 }
460
461 tiers[1].TierAclRules[1] = TierAclRule{
462 Id: "TierIn2Rule2",
463 TierAclRuleAction: ActionTypePass,
464 LocalAddresses: "10.0.0.21",
465 RemoteAddresses: "10.0.0.21",
466 Priority: 3010,
467 }
468
469 tiers[1].TierAclRules[2] = TierAclRule{
470 Id: "TierIn2Rule3",
471 TierAclRuleAction: ActionTypeBlock,
472 Priority: 3100,
473 }
474
475 policy[1].Type = TierAcl
476 rawJSON, err = json.Marshal(tiers[1])
477 if err != nil {
478 return nil, err
479 }
480
481 policy[1].Settings = rawJSON
482
483 tiers[2] = TierAclPolicySetting{
484 Name: "TierIn3",
485 Direction: DirectionTypeIn,
486 Order: 1013,
487 }
488
489 tiers[2].TierAclRules = make([]TierAclRule, 2)
490
491 tiers[2].TierAclRules[0] = TierAclRule{
492 Id: "TierIn3Rule1",
493 Protocols: "17",
494 TierAclRuleAction: ActionTypeAllow,
495 LocalPorts: "8080",
496 RemotePorts: "8080",
497 Priority: 3000,
498 }
499
500 tiers[2].TierAclRules[1] = TierAclRule{
501 Id: "TierIn3Rule2",
502 TierAclRuleAction: ActionTypeBlock,
503 Priority: 3010,
504 }
505
506 policy[2].Type = TierAcl
507 rawJSON, err = json.Marshal(tiers[2])
508 if err != nil {
509 return nil, err
510 }
511
512 policy[2].Settings = rawJSON
513
514
515 tiers[3] = TierAclPolicySetting{
516 Name: "TierOut1",
517 Direction: DirectionTypeOut,
518 Order: 1001,
519 }
520
521 tiers[3].TierAclRules = make([]TierAclRule, 2)
522
523 tiers[3].TierAclRules[0] = TierAclRule{
524 Id: "TierOut1Rule1",
525 Protocols: "6",
526 TierAclRuleAction: ActionTypePass,
527 LocalAddresses: "192.168.100.0/24,10.0.0.21",
528 RemoteAddresses: "192.168.100.0/24,10.0.0.22",
529 LocalPorts: "81",
530 RemotePorts: "81",
531 Priority: 2000,
532 }
533
534 tiers[3].TierAclRules[1] = TierAclRule{
535 Id: "TierOut1Rule2",
536 TierAclRuleAction: ActionTypeBlock,
537 Priority: 2100,
538 }
539
540 policy[3].Type = TierAcl
541 rawJSON, err = json.Marshal(tiers[3])
542 if err != nil {
543 return nil, err
544 }
545
546 policy[3].Settings = rawJSON
547
548 tiers[4] = TierAclPolicySetting{
549 Name: "TierOut2",
550 Direction: DirectionTypeOut,
551 Order: 1002,
552 }
553
554 tiers[4].TierAclRules = make([]TierAclRule, 3)
555
556 tiers[4].TierAclRules[0] = TierAclRule{
557 Id: "TierOut2Rule1",
558 TierAclRuleAction: ActionTypePass,
559 LocalAddresses: "192.168.100.0/24",
560 RemoteAddresses: "192.168.100.0/24",
561 Priority: 3000,
562 }
563
564 tiers[4].TierAclRules[1] = TierAclRule{
565 Id: "TierOut2Rule2",
566 Protocols: "6",
567 TierAclRuleAction: ActionTypePass,
568 LocalAddresses: "10.0.0.21",
569 RemoteAddresses: "10.0.0.21",
570 LocalPorts: "8082",
571 RemotePorts: "8082",
572 Priority: 3010,
573 }
574
575 tiers[4].TierAclRules[2] = TierAclRule{
576 Id: "TierOut2Rule3",
577 TierAclRuleAction: ActionTypeBlock,
578 Priority: 3100,
579 }
580
581 policy[4].Type = TierAcl
582 rawJSON, err = json.Marshal(tiers[4])
583 if err != nil {
584 return nil, err
585 }
586
587 policy[4].Settings = rawJSON
588
589 tiers[5] = TierAclPolicySetting{
590 Name: "TierOut3",
591 Direction: DirectionTypeOut,
592 Order: 1013,
593 }
594
595 tiers[5].TierAclRules = make([]TierAclRule, 2)
596
597 tiers[5].TierAclRules[0] = TierAclRule{
598 Id: "TierOut3Rule1",
599 Protocols: "6",
600 TierAclRuleAction: ActionTypeAllow,
601 LocalPorts: "90",
602 RemotePorts: "90",
603 Priority: 3000,
604 }
605
606 tiers[5].TierAclRules[1] = TierAclRule{
607 Id: "TierOut3Rule2",
608 TierAclRuleAction: ActionTypeBlock,
609 Priority: 3010,
610 }
611
612 policy[5].Type = TierAcl
613 rawJSON, err = json.Marshal(tiers[5])
614 if err != nil {
615 return nil, err
616 }
617
618 policy[5].Settings = rawJSON
619
620 endpointRequest := PolicyEndpointRequest{
621 Policies: policy,
622 }
623
624 return &endpointRequest, nil
625 }
626
View as plain text