Troubles setting security policy when creating vSwitch with pyvmomi

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Troubles setting security policy when creating vSwitch with pyvmomi

Jeremy
Hello,

I'm having trouble setting the security policy when creating a vSwitch with pyvmomi. I also posted this on github, but thought I'd reach out here to make sure I'm not doing something stupid.
https://github.com/vmware/pyvmomi-community-samples/issues/403

It works just fine if I don't try to add the network_policy to the spec object.

def AddHostSwitch(host, vswitchName):
    vswitch_spec = vim.host.VirtualSwitch.Specification()
    vswitch_spec.numPorts = 32
    vswitch_spec.mtu = 9000
    #Set security policies. For this use case need it wide open
    network_policy = vim.host.NetworkPolicy()
    network_policy.security = vim.host.NetworkPolicy.SecurityPolicy()
    network_policy.security.allowPromiscuous = True
    network_policy.security.macChanges = True
    network_policy.security.forgedTransmits = True

    vswitch_spec.policy = network_policy
    host.configManager.networkSystem.AddVirtualSwitch(vswitchName,vswitch_spec)

I get the following error message:
(Pdb) host.configManager.networkSystem.AddVirtualSwitch(vswitchName,vswitch_spec)
*** vmodl.fault.InvalidArgument: (vmodl.fault.InvalidArgument) {
   dynamicType = <unset>,
   dynamicProperty = (vmodl.DynamicProperty) [],
   msg = 'A specified parameter was not correct: ',
   faultCause = <unset>,
   faultMessage = (vmodl.LocalizableMessage) [],
   invalidProperty = <unset>
 #}

Any ideas of what I'm doing wrong?



Here is what vswitch_spec looks like before calling host.configManager.networkSystem.AddVirtualSwitch(vswitchName,vswitch_spec):

(Pdb) print vswitch_spec
(vim.host.VirtualSwitch.Specification) {
   dynamicType = <unset>,
   dynamicProperty = (vmodl.DynamicProperty) [],
   numPorts = 32,
   bridge = <unset>,
   policy = (vim.host.NetworkPolicy) {
      dynamicType = <unset>,
      dynamicProperty = (vmodl.DynamicProperty) [],
      security = (vim.host.NetworkPolicy.SecurityPolicy) {
         dynamicType = <unset>,
         dynamicProperty = (vmodl.DynamicProperty) [],
         allowPromiscuous = true,
         macChanges = true,
         forgedTransmits = true
      },
      nicTeaming = <unset>,
      offloadPolicy = <unset>,
      shapingPolicy = <unset>
   },
   mtu = 9000
}


Any pointers are much appreciated.

Thanks,

-J
Loading...