VMware Cloud Community
jmedd
Enthusiast
Enthusiast
‎06-27-2014 04:19 AM
Jump to solution

Change Port Group Namespace to Independent via API?

Working with vShield / vCNS 5.5.0a.

Take a Port Group which out of the box will have a Default namespace. Consequently, you see the following information and menu items:

PortGroupNamespace01.PNG

Clicking on the Change to Independent namespace link does just that. We now have a Port Group with Independent namespace and the additional menu tabs, App Firewall and SpoofGuard.

PortGroupNamespace02.PNG

I can obviously change it to Independent via the GUI, but cannot find the equivalent API calls in the vShield API Programming Guide to do so programmatically. Can somebody please advise on how to do that via the API?

Blog: http://jonathanmedd.net | Twitter: @jonathanmedd
0 Kudos
1 Solution

Accepted Solutions
jmedd
Enthusiast
Enthusiast
‎07-04-2014 04:12 AM
Jump to solution

Thought I would report back, since I figured this out in the end - a case of RTFM! Namespaces do appear in the Programming Guide on page 186, but there is no explicit mention of how to make a Port Group independent. However, after revisiting the guide the penny dropped that adding a namespace to the datacenter is the equivalent of changing a Port Group to an Independent namespace. Once you grasp that (may be more obvious to you than it was to me), the examples in the guide can be followed.

So to change a Port Group namespace to Independent you need to do the following:

POST https://<vsm-ip>/api/2.0/namespace/datacenter/<datacenter-id>


<VshieldConfiguration xmlns="vmware.vshield.global.20.namespace">

  <namespace type="PORTGROUP">

  <namespacePortGroup>

  <id>dvportgroup-xxxxx</id>

  </namespacePortGroup>

  </namespace>

</VshieldConfiguration>

Make sure the content type is set to application/xml and not text/xml (which has worked for me elsewhere in the document) otherwise it fails with a complaint about content type.

Blog: http://jonathanmedd.net | Twitter: @jonathanmedd

View solution in original post

0 Kudos
1 Reply
jmedd
Enthusiast
Enthusiast
‎07-04-2014 04:12 AM
Jump to solution

Thought I would report back, since I figured this out in the end - a case of RTFM! Namespaces do appear in the Programming Guide on page 186, but there is no explicit mention of how to make a Port Group independent. However, after revisiting the guide the penny dropped that adding a namespace to the datacenter is the equivalent of changing a Port Group to an Independent namespace. Once you grasp that (may be more obvious to you than it was to me), the examples in the guide can be followed.

So to change a Port Group namespace to Independent you need to do the following:

POST https://<vsm-ip>/api/2.0/namespace/datacenter/<datacenter-id>


<VshieldConfiguration xmlns="vmware.vshield.global.20.namespace">

  <namespace type="PORTGROUP">

  <namespacePortGroup>

  <id>dvportgroup-xxxxx</id>

  </namespacePortGroup>

  </namespace>

</VshieldConfiguration>

Make sure the content type is set to application/xml and not text/xml (which has worked for me elsewhere in the document) otherwise it fails with a complaint about content type.

Blog: http://jonathanmedd.net | Twitter: @jonathanmedd
0 Kudos