FloodlightAPI.docx
- 文档编号:24470226
- 上传时间:2023-05-27
- 格式:DOCX
- 页数:30
- 大小:25.58KB
FloodlightAPI.docx
《FloodlightAPI.docx》由会员分享,可在线阅读,更多相关《FloodlightAPI.docx(30页珍藏版)》请在冰豆网上搜索。
FloodlightAPI
FloodlightRESTAPI
/wm/core/module/all/json
GET
Retrieveallregistered(butnotloaded)modules.
none
/wm/core/module/loaded/json
GET
Retrieveallmodulesactivelyloadedbythemoduleloader.
none
TBA:
/wm/core/role/json
GET
Retrievethecurrenthighavailabilityroleofthecontroller.
None
TBA:
POST
Setthehighavailabilityroleofthecontroller.
{"role":
"
new-role:
"ACTIVE"or"STANDBY"
/wm/core/switch/all/role/json
GET
Retrievetherolesofallthepresentlyconnectedswitches.
POST
Settheroleofallpresentlyconnectedswitches.
{"role":
"
new-role:
"MASTER","SLAVE",or"EQUAL"
/wm/core/switch/
GET
Retrievetheroleofaparticularconnectedswitch.
POST
Settheroleofaparticularconnectedswitch.
{"role":
"
role:
"MASTER","SLAVE",or"EQUAL"
/wm/core/switch/all/
GET
Retrieveaggregatestatsacrossallswitches.
SomestatsnotsupportedbyallallOpenFlowversions.
Metersuntested.
statType:
aggregate,desc,flow,group,group-desc,group-features,meter,meter-config,meter-features,port,port-desc,queue,table,features
/wm/core/switch/
GET
Retrieveperswitchstats.
SomestatsnotsupportedbyallallOpenFlowversions.
Metersuntested.
switchId:
ValidSwitchDPID(XX:
XX:
XX:
XX:
XX:
XX:
XX:
XX)
statType:
aggregate,desc,flow,group,group-desc,group-features,meter,meter-config,meter-features,port,port-desc,queue,table,features
/wm/core/controller/switches/json
GET
ListofallswitchDPIDsconnectedtothecontroller
none
/wm/core/controller/summary/json
GET
Controllersummary(#ofSwitches,#ofLinks,etc.)
none
/wm/core/counter/
GET
Listofcounterspermodule,includingswitchcounters.
moduleName:
Thenameofthespecificmoduleforwhichtofetchcounters."OFSwitchManager"shouldbeusedforswitchcounters.
counterTitle:
"all"orthenameofthecounterasdefinedinthemodule.Countersaredefinedinahierarchicalfashionandcanbequeriedingroupsbytheircommonparentpathinthecounterhierarchy.
Forexample,switchcountersaredefinedattherootas"
0x
00:
00:
00:
00:
00:
00:
01:
0x01"where
Amongmanycountersinthehierarchy,allswitcheshavespecific"read"and"write"counters,whichcanbeaddedtothecounterTitlee.g. "00:
00:
00:
00:
00:
00:
00:
01:
0x01/read".
/wm/core/memory/json
GET
Currentcontrollermemoryusage
none
/wm/core/health/json
GET
Status/HealthofRESTAPI
none
/wm/core/storage/tables/json
GET
TablespresentinStorage.
none
/wm/core/system/uptime/json
GET
Controlleruptime
none
/wm/topology/links/json
GET
Listalltheinter-switchlinks.Notethattheseareonlyforswitchesconnectedtothesamecontroller.
none
/wm/topology/switchclusters/json
GET
Listofallswitchclustersconnectedtothecontroller.
none
/wm/topology/external-links/json
GET
Show"external"links,i.e.,multi-hoplinksdiscoveredbyBDDPinsteadofLLDPpackets
none
/wm/topology/links/json
GET
ShowDIRECTandTUNNELlinksdiscoveredbasedonLLDPpackets
none
/wm/topology/route/
GET
GetaroutedefinedbyswitchDPIDsandswitchportsfromthesourceswitchandporttothedestinationswitchandport.
src-dpid:
ValidSwitchDPID(XX:
XX:
XX:
XX:
XX:
XX:
XX:
XX)
src-port:
ValidSwitchPortNumber
dst-dpid:
ValidSwitchDPID(XX:
XX:
XX:
XX:
XX:
XX:
XX:
XX)
dst-port:
ValidSwitchPortNumber
/wm/device/
GET
Listofalldevicestrackedbythecontroller.ThisincludesMACs,IPs,andattachmentpoints.
PassedasGETparameters:
mac (colon-separatedhex-encoded), ipv4 (dotteddecimal), vlan, dpid attachmentpointDPID(colon-separatedhex-encoded)and port theattachmentpointport.
/wm/staticflowpusher/json
POST/DELETE
Add/Deletestaticflow
HTTPPOSTdata(addflow),HTTPDELETE(fordeletion)
/wm/staticflowpusher/list/
GET
Liststaticflowsforaswitchorallswitches
switch:
ValidSwitchDPID(XX:
XX:
XX:
XX:
XX:
XX:
XX:
XX)or"all"
/wm/staticflowpusher/clear/
GET
Clearstaticflowsforaswitchorallswitches
switch:
ValidSwitchDPID(XX:
XX:
XX:
XX:
XX:
XX:
XX:
XX)or"all"
Moreinformationavailableon HowtoUseStaticFlowPusherAPI
/networkService/v1.1/tenants/
PUT/POST/DELETE
Createsanewvirtualnetwork.NameandIDarerequired,gatewayisoptional.
URIargument:
tenant:
Currentlyignored. network:
ID(notname)ofthenetwork
HTTPdata:
{"network":
{"gateway":
"
"
IP:
GatewayIPin"1.1.1.1"format,canbenull
Name:
Networknameasstring
/networkService/v1.1/tenants/
PUT/DELETE
Attachesahosttoavirtualnetwork.
URIargument:
tenant:
Currentlyignored. network:
ID(notname)ofthenetwork. port:
Logicalportname
HTTPdata:
{"attachment":
{"id":
"
"
NetworkID:
NetworkIDasstring,theoneassignedatcreate
MAC:
MACaddressin"XX:
XX:
XX:
XX:
XX:
XX"format
/networkService/v1.1/tenants/
GET
Showsallnetworksandtheirgateway,ID,andhostsmacinjsonformat.
URIargument:
tenant:
Currentlyignored.
Moreinformationavailableon VirtualNetworkFilterRESTAPI
/wm/firewall/module/status/json
GET
Querythestatusofthefirewall.
/wm/firewall/module/enable/json
PUT
Enablethefirewall.
/wm/firewall/module/disable/json
PUT
Disablethefirewall.
/wm/firewall/module/subnet-mask/json
GET
Getthefirewall'sconfiguredsubnetmask.
None
POST
Setthesubnetmaskofthefirewall.
"subnet-mask":
"X.X.X.X",whereX.X.X.XisavalidIPv4subnetmask.
/wm/firewall/rules/json
GET/POST/DELETE
GET:
None
POST:
{"
"
"
DELETE:
{"
"
Listallexistingrulesinjsonformat
Createnewfirewallrule
Deletearulebyruleid
"field":
"value"pairsbelowinanyorderandcombination:
"switchid":
" xx: xx: xx: xx: xx: xx: xx>", "src-inport": " "src-mac": " xx: xx: xx: xx: xx>","dst-mac": " xx: xx: xx: xx: xx>", "dl-type": " " " "nw-proto": " " " "priority": " " "ruleid": " Moreinformationavailableon FirewallRESTAPI MoreinformationavailableonACL(AccessControlList)RESTAPI ACL(AccessControlList)RESTAPI Introduction FloodlightcontainsafirewallapplicationthatenforcesACLinareactiveway.Inareactiveway,thecontrollerenforcesACLrulesbymonitoringPacket-inmessagesandthenpushingrelevantflowentries. Howeverinaproactiveway,thecontrollerenforcesACLruleswithoutbeingrequestedbytheswitch,thustoavoidadditionaldelays. ThisACLapplicationparsesuser'sRESTrequestforACLupdatingandenforcesthatbystaticflowentriesinaproactivewaywithoutmonitoringPacket-inmessages.ItcanalsoremoveACLflowentryitgeneratedtimelywhenrelatedACLruleisremoved. Issues TherearesomeissuesyoushouldknowbeforeusingtheACLapplication: ∙Intheapplication,earlieraddedACLrulealwayshashigherprioritybecausetheapplication enforcesACLrulesatthetimetheyareadded,sotheordertoaddACLrulesiscritical. TheapplicationhandlestheprioritycarefullysothatearliergeneratedACLflowentryinthesameswitchalwayshashigherpriority(maxto30000),soastoensuretheprioritydefinitioninACLrules. ∙AlltheACLflowentriestheapplicationgeneratedarestaticflowentriesnamedlike: "ACLRule_[RuleId]_[Switch_DPID]",whichcanbeoperatedbytheStaticFlowPusherAPI. ∙TheapplicationisusedforfilteringIPpacketsbetweendifferenthosts,sotheuserhastospecificeithersrc-ip ordst. Theapplication enforcesanewACLrulebyits src-ipattribute bydefault,thatistosay,pushesACLflowentriesintotheingressswitches connectingtothehostwiththesourceIPaddressdefinedinsrc-ip.TheapplicationisalsoabletoenforceanewACLrulewithoutsrc-ipattributevalue,whichmeanstheruleworksonallsourceIPaddressesinthenetwork.Insuchsituation,itpushesACLflowentriesintotheegressswitchesrelevanttotherule'sdst-ipattributeratherthanalltheingressswitchesinthenetwork. ∙Theapplicationallowsallflowsbydefault,theACLrulewith"ALLOW"actionisjustusedtosubtracttheallowingflowfromthedenyingflowwhichhasalargermatchrange,e.g."allowflowwithsrc-ip10.0.0.1/32butdenyallotherflowswithsrc-ip10.0.0.0/24".AnACLrulewith"ALLOW"actionwillbemappedintoACLflowentrieswith"Outputtocontroller"actionsoastoletthecontrollerdeterminehowtoforwardthatflow. ACLRESTInterface AddanACLrule: AddanACLrule curl-XPOST-d'{"src-ip": "10.0.0.1/32","dst-ip": "10.0.0.2/32","action": "deny"}'http: // 8080/wm/acl/rules/json Theapplicationwillgenerateandistinctidforeverynewaddedrule. PropertiesofanACLrule: nw-proto string "TCP"or"UDP"or"ICMP"(ignoringcase) src-ip IPv4address[/mask] Eithersrc-ipordst-ipmustbespecified. dst-ip IPv4address[/mask] Eithersrc-ipordst-ipmustbespecified. tp-dst number Validwhennw-proto=="TCP"or"UDP". action string "DENY"or"ALLOW"(ignoringcase),setto"DENY"ifnotspecified. ListingallACLrules: ListingallACLrules: curlhttp: // 8080/wm/acl/rules/json|python-mjson.tool Remov
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- FloodlightAPI
![提示](https://static.bdocx.com/images/bang_tan.gif)