Download OpenAPI specification:Download
This is the spec that defines the APIs provided by the tenant service to create a tenant and add the networks to the tenant, configure network parameters and configure switches with the tenant network's specific configurations.
Get specified Port-channel details.
name | string Unique name of the Port-channel to be fetched. |
tenant_name | string tenant to which this port channel belongs. |
po_id | string filter by port-channel id allocated on device. This should be combined with device_ip param. |
device_ip | string device ip to which the po_id belongs |
Create a new Port-channel.
Create Port-channel parameter.
name required | string Identifier of the Port-channel unique to the tenant service. |
description | string Description of the Port-channel. |
speed required | string Enum: "100Mbps" "1Gbps" "10Gbps" "25Gbps" "40Gbps" "100Gbps" Configure speed for the Port-channel and its Member ports. |
negotiation required | string Enum: "active" "passive" "static" Configure LACP negotiation mode for Port-channel. |
required | Array of objects (Device) |
tenantName required | string Name of tenant to which this Port-channel belongs. |
lacpTimeout required | string Enum: "short" "long" Configure LACP timeout for Port-channel. |
minLinkCount | string Minimum number of links provided for a Port-channel. |
{- "name": "po101",
- "description": "Port-channel po101",
- "speed": "<100Mbps|1Gbps|10Gbps|25Gbps|40Gbps|100Gbps>",
- "negotiation": "<active|passive|static>",
- "memberinterfaces": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
], - "tenantName": "Tenant-1",
- "lacpTimeout": "<short|long>",
- "minLinkCount": "2"
}
Delete the given Port-channel.
name required | string Unique name of the Port-channel unique to a device to be deleted. |
force | boolean Use force parameter to remove the tenant network forcefully. This will remove the relevant configurations from the devices in this tenant network and update the record with tenant service. |
tenant_name required | string tenant to which this port channel belongs. |
Update the parameters of Port-channel.
Update the Port-channel parameter.
name required | string Identifier of the Port-channel unique to the tenant service. |
operation required | string Enum: "port-add" "port-delete" "lacp-timeout" "description" "min-link-count" Add ports, Delete ports, modify description, minimum links or lacp-timeout for Portchannel. |
required | Array of objects (Device) |
tenantName required | string Tenant to which this Port-channel belongs. |
lacpTimeout | string Enum: "short" "long" Configure LACP timeout for Port-channel. |
description | string Description of the Port-channel. |
minLinkCount | string Minimum number of links provided for a Port-channel. |
{- "name": "po101",
- "operation": "port-add | port-delete | lacp-timeout | description | min-link-count",
- "memberinterfaces": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
], - "tenantName": "Tenant-1",
- "lacpTimeout": "<short|long>",
- "description": "port-channel description",
- "minLinkCount": "2"
}
Create a new router for a tenant.
Create Vrf.
tenant_name required | string Tenant Name. |
Array of objects (Vrf) |
{- "tenant_name": "Tenant-A",
- "vrf-list": [
- {
- "name": "vrf-red",
- "tenantName": "Tenant-1",
- "routing-type": "distributed",
- "centralized-router": [
- {
- "mgmt-ip": "10.20.10.50"
}
], - "vrf-state": "vrf-delete-pending | vrf-static-route-delete-pending | vrf-static-route-bfd-delete-pending",
- "dev-state": "dev-provisioned | dev-not-provisioned | dev-provisioned-failed",
- "app-state": "app-config-ready | app-config-insync | app-config-refreshed | app-config-refreshed-err",
- "local-asn": 1024,
- "route-target": [
- {
- "route-target": "100:100",
- "route-target-type": "<both | imoprt | export>"
}
], - "static-route": [
- {
- "mgmt-ip": "10.25.25.100",
- "static-route-list": [
- {
- "afi": "<ipv4|ipv6>",
- "network": "<20.0.0.0/24|2001:1::/64>",
- "nexthopIP": "<16.0.0.2|3001::2>",
- "distance": 3
}
]
}
], - "static-route-bfd": [
- {
- "mgmt-ip": "10.25.25.100",
- "static-route-bfd-list": [
- {
- "afi": "<ipv4|ipv6>",
- "DestIPAddr": "<16.0.0.2|3001::2>",
- "SrcIPAddr": "<16.0.0.2|3001::2>",
- "interval": 300,
- "minRx": 300,
- "multiplier": 3
}
]
}
], - "max-path": 8,
- "redistribute": [
- "static"
], - "rh-max-path": 8,
- "rh-ecmp-enable": true,
- "graceful-restart-enable": true
}
]
}
Update the parameters of vrf
Update the vrf parameter.
name required | string Identifier of the vrf unique to the tenant service. |
operation required | string Enum: "local-asn-add" "local-asn-delete" "static-route-add" "static-route-delete" "static-route-bfd-add" "static-route-bfd-delte" "max-path-add" "max-path-delete" "redistribute-add" "redistribute-delete" "rh-max-path-add" "rh-max-path-delete" "rh-ecmp-update" "centralized-router-add" "centralized-router-delete" Below operation are supported -
|
localAsn | integer <int64> Local Asn for vrf |
tenantName required | string Tenant to which this Vrf belongs. |
Array of objects (StaticRouteBfd) | |
Array of objects (StaticRoute) | |
max-path | integer <int> Maximum-paths for vrf. |
redistribute | Array of strings Items Enum: "static" "connected" |
rh-max-path | integer <int> Resilient hashing maximum-paths for vrf. |
rh-ecmp-enable | boolean Resilient Hashing is enabled or not for vrf |
Array of objects Users can provide only one multi-homed BL pair or one single-homed BL device as centralized-routers. | |
graceful-restart-enable | boolean Graceful restart is enabled or not for vrf |
{- "name": "vrf-red",
- "operation": "local-asn-add | local-asn-delete | static-route-add | static-route-delete | static-route-bfd-add | static-route-bfd-delete | max-path-add | max-path-delete | redistribute-add | redistribute-delete | rh-max-path-add | rh-max-path-delete | rh-ecmp-update | centralized-router-add | centralized-router-delete",
- "localAsn": 1024,
- "tenantName": "Tenant-1",
- "static-route-bfd": [
- {
- "mgmt-ip": "10.25.25.100",
- "static-route-bfd-list": [
- {
- "afi": "<ipv4|ipv6>",
- "DestIPAddr": "<16.0.0.2|3001::2>",
- "SrcIPAddr": "<16.0.0.2|3001::2>",
- "interval": 300,
- "minRx": 300,
- "multiplier": 3
}
]
}
], - "static-route": [
- {
- "mgmt-ip": "10.25.25.100",
- "static-route-list": [
- {
- "afi": "<ipv4|ipv6>",
- "network": "<20.0.0.0/24|2001:1::/64>",
- "nexthopIP": "<16.0.0.2|3001::2>",
- "distance": 3
}
]
}
], - "max-path": 8,
- "redistribute": [
- "static"
], - "rh-max-path": 8,
- "rh-ecmp-enable": true,
- "centralized-router": [
- {
- "mgmt-ip": "10.20.10.50"
}
], - "graceful-restart-enable": true
}
This API will create a tenant and reserve resources like Physical Ports, L2VNI, L3VNI, VLAN and Number of VRFs for the tenant. Tenant Name must be a unique key while creating a tenant with the tenant service. While creating a tenant for an underlay fabric, VNI parameters are not required and will be considered as invalid rquest.
Add a new tenant.
name required | string Unique Name of the tenant. |
description | string Description about tenant |
l2-vni-range | string Contiguous Range of L2 VNIs in ascending order will be reserved for the tenant within the scope of a fabric. L2 networks will consume the VNIs from this range. |
l3-vni-range | string Contiguous Range of L3 VNIs in ascending order will be reserved for the tenant within the scope of a fabric. L3 networks will consume the VNIs from this range. |
vlan-range | string Range of VLANs to be reserved for the tenant. |
num-of-vrf | integer Number of VRFs reserved for the tenant. |
enable-bd | boolean Enable bridge-domain so that overlapping vlans can be supported. |
type | string Enum: "shared" "private" POs of shared tenant are available to other tenants. Create VRF, EPG, BGP Peer and BGP Peer-Group is not allowed for the shared tenant. Default tenant type is private. |
Array of objects (Device) |
{- "name": "Tenant-A",
- "description": "Tenant-A's Description",
- "l2-vni-range": "1-100",
- "l3-vni-range": "4096-5000",
- "vlan-range": "10-20,50-60",
- "num-of-vrf": 20,
- "enable-bd": true,
- "type": "shared | private",
- "port-list": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
]
}
This API will delete the tenant if no tenant network is created by this tenant. If it has any tenant network, a force option is required to delete this tenant. The delete request with force parameter will trigger a delete operation for all its networks.
name required | string Name of the tenant to be deleted. |
force | boolean Use force parameter to remove the tenant forcefully. This will remove the relevant configurations from the devices for its tenant network and delete the relevant record with tenant service. |
This API will update an existing tenant for non-conflicting changes of its resources like L2VNI, L3VNI, vlan range etc for the tenant. Update request to delete ports from the tenant with Networks configured on ports is not allowed without force parameter. Update with operation port_delete will deconfigure networks and port-property configured on that port. Port delete request if determined as long running job, a job id will be returned to caller which can be used to monitor the progress of the job.
tenant_name required | string name of the tenant that needs update. |
Update Tenant Settings can be done by name.
operation required | string Enum: "desc-update" "vni-update" "port-add" "port-delete" "vlan-add" "vlan-delete" "vlan-update" "num-vrf-update" "enable-bd-update" Add or Delete these configurations from tenant. |
force | boolean Use force parameter to delete the assets forcefully. Valid only when operation is set to port-delete |
object (Tenant) |
{- "operation": "desc-update | vni-update | port-add | port-delete | vlan-add | vlan-delete | vlan-update | num-vrf-update | enable-bd-update",
- "force": true,
- "tenant": {
- "name": "Tenant-A",
- "description": "Tenant-A's Description",
- "l2-vni-range": "1-100",
- "l3-vni-range": "4096-5000",
- "vlan-range": "10-20,50-60",
- "num-of-vrf": 20,
- "enable-bd": true,
- "type": "shared | private",
- "port-list": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
]
}
}
An Endpoint Group is a collection of ports and port-channels on which a tenant can apply policies - port-property and network-policy. The validation includes that the port should belong to only one fabric. The parameters like ctag, swithport mode must be non-conflicting.
Create an End point Group.
tenant_name required | string Tenant Name. |
Array of objects (EndpointGroup) |
{- "tenant_name": "Tenant-A",
- "endpoint-group-list": [
- {
- "name": "EndpointGroup-1",
- "description": "EndpointGroup-Sales",
- "type": "l3-hand-off | extension",
- "port-group": {
- "physical-port": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
], - "port-channel": [
- "po101",
- "po102"
]
}, - "port-property": {
- "switchport-mode": "trunk",
- "enable-switchport-native-vlan": false,
- "single-homed-bfd-session-type": "auto | hardware | software"
}, - "network-policy": {
- "ctag-range": "101-102",
- "vrf": "VRF-GREEN",
- "vrf-state": "vrf-delete-pending | vrf-static-route-delete-pending | vrf-static-route-bfd-delete-pending",
- "dev-state": "dev-provisioned | dev-not-provisioned | dev-provisioned-failed",
- "app-state": "app-config-ready | app-config-insync | app-config-refreshed | app-config-refreshed-err",
- "l3-vni": 201,
- "network-property": [
- {
- "ctag": 101,
- "is-native-vlan": true,
- "l2-vni": 101,
- "bridge-domain-name": "BD-101-201",
- "ctag-description": "Description of VLAN/BD",
- "ip-mtu": 9100,
- "anycast": {
- "ipv4-address": "10.10.10.1/24",
- "ipv6-address": "100::1/64"
}, - "local-ip-address": [
- {
- "mgmt-ip": "10.37.18.222",
- "ip-address": [
- {
- "afi": "ipv4 | ipv6",
- "ip-address": "<20.0.0.0/24|2001:1::/64>"
}
]
}
], - "ipv6-nd": {
- "ipv6-nd-mtu": 101,
- "ipv6-nd-managed-config": true,
- "ipv6-nd-other-config": true,
- "ipv6-nd-prefix": [
- {
- "ipv6-address": "5:100::/64",
- "valid-lifetime": 259200,
- "preferred-lifetime": 259200,
- "no-advertise": true,
- "config-type": "no-autoconfig"
}
]
}
}
]
}
}
]
}
This API will delete the endpoint if EndpointGroup is not attached to a tenant network. If it is attached to a tenant network then a force option is required to delete this endpoint. The delete request with force parameter will trigger a delete operation for the network to which this EndpointGroup was attached.
tenant_name required | string Tenant Name |
force | boolean Set to true if EPG delete will require deconfiguring networks also. |
required | Array of objects (EndpointGroupName) |
{- "tenant_name": "Tenant-A",
- "force": true,
- "endpoint-group-list": [
- {
- "name": "EPG-1"
}
]
}
Update operation supports addition of new port(s) and/or port-channel(s) to EndpointGroup or deletion of port(s) and/or port-channel(s) from EndpointGroup. If the EndpointGroup is linked to any tenant network, the newly added port or port-channel will become the part of the tenant network and its appropriate L2/L3 configurations will be applied on the newly added port and port-channel and record will be updated with tenant automation service. For deleted port and/or port-channel from EndpointGroup, appropriate configurations will be removed from the device and record will be updated with tenant automation service.
Update Endpoint Group.
tenant_name | string Tenant Name |
operation required | string Enum: "port-group-add" "port-group-delete" Add or Delete these ports from the port group. To delete/add device provide mgmt-ip with empty port to it. |
Array of objects (EndpointGroupPortGroup) |
{- "tenant_name": "Tenant-A",
- "operation": "port-group-add | port-group-delete",
- "endpoint-group-list": [
- {
- "name": "EndpointGroup-1",
- "port-group": {
- "physical-port": [
- {
- "mgmt-ip": "10.37.18.222",
- "port": [
- {
- "int-type": "ethernet",
- "name": "0/1"
}
]
}
], - "port-channel": [
- "po101",
- "po102"
]
}, - "port-property": {
- "switchport-mode": "trunk",
- "enable-switchport-native-vlan": false,
- "single-homed-bfd-session-type": "auto | hardware | software"
}
}
]
}
Update operation supports updating networks belonging to these Endpoint Groups. Below operation are supported -
Update Endpoint Group.
tenant_name | string Tenant Name |
operation | string Enum: "ctag-range-add" "ctag-range-delete" "vrf-add" "vrf-delete" These operations are allowed on endpoint group |
Array of objects (EndpointGroupNetworkPolicy) |
{- "tenant_name": "Tenant-A",
- "operation": "ctag-range-add | ctag-range-delete | vrf-add | vrf-delete",
- "endpoint-group-list": [
- {
- "name": "EndpointGroup-1",
- "network-policy": {
- "ctag-range": "101-102",
- "vrf": "VRF-GREEN",
- "vrf-state": "vrf-delete-pending | vrf-static-route-delete-pending | vrf-static-route-bfd-delete-pending",
- "dev-state": "dev-provisioned | dev-not-provisioned | dev-provisioned-failed",
- "app-state": "app-config-ready | app-config-insync | app-config-refreshed | app-config-refreshed-err",
- "l3-vni": 201,
- "network-property": [
- {
- "ctag": 101,
- "is-native-vlan": true,
- "l2-vni": 101,
- "bridge-domain-name": "BD-101-201",
- "ctag-description": "Description of VLAN/BD",
- "ip-mtu": 9100,
- "anycast": {
- "ipv4-address": "10.10.10.1/24",
- "ipv6-address": "100::1/64"
}, - "local-ip-address": [
- {
- "mgmt-ip": "10.37.18.222",
- "ip-address": [
- {
- "afi": "ipv4 | ipv6",
- "ip-address": "<20.0.0.0/24|2001:1::/64>"
}
]
}
], - "ipv6-nd": {
- "ipv6-nd-mtu": 101,
- "ipv6-nd-managed-config": true,
- "ipv6-nd-other-config": true,
- "ipv6-nd-prefix": [
- {
- "ipv6-address": "5:100::/64",
- "valid-lifetime": 259200,
- "preferred-lifetime": 259200,
- "no-advertise": true,
- "config-type": "no-autoconfig"
}
]
}
}
]
}
}
]
}
Update operation supports updating properties of the networks belonging to these Endpoint Groups. Below operation are supported -
Update Endpoint Group.
tenant_name | string Tenant Name |
operation | string Enum: "local-ip-add" "local-ip-delete" "anycast-ip-add" "anycast-ip-delete" These operations are allowed on endpoint group |
Array of objects (EndpointGroupNetworkProperty) |
{- "tenant_name": "Tenant-A",
- "operation": "local-ip-add | local-ip-delete | anycast-ip-add | anycast-ip-delete",
- "endpoint-group-list": [
- {
- "name": "EndpointGroup-1",
- "network-property": [
- {
- "ctag": 101,
- "ip-mtu": 9100,
- "anycast": {
- "ipv4-address": "10.10.10.1/24",
- "ipv6-address": "100::1/64"
}, - "local-ip-address": [
- {
- "mgmt-ip": "10.37.18.222",
- "ip-address": [
- {
- "afi": "ipv4 | ipv6",
- "ip-address": "<20.0.0.0/24|2001:1::/64>"
}
]
}
], - "ipv6-nd": {
- "ipv6-nd-mtu": 101,
- "ipv6-nd-managed-config": true,
- "ipv6-nd-other-config": true,
- "ipv6-nd-prefix": [
- {
- "ipv6-address": "5:100::/64",
- "valid-lifetime": 259200,
- "preferred-lifetime": 259200,
- "no-advertise": true,
- "config-type": "no-autoconfig"
}
]
}
}
]
}
]
}
This API helps user to split network or range of networks from the endpoint group into another endpoint group for allowing user to do operations on the newly created endpoint group.
Create an End point Group.
tenant_name required | string Name of tenant to which this EndpointGroup belongs. |
from-epg required | string Unique name of the endpoint group. |
to-epg required | string A new endpoint group name on which these network(s) will be created. |
to-epg-description | string Description about end point group to be created. |
ctag-range | string Range of CTags to be detached. |
{- "tenant_name": "Tenant-1",
- "from-epg": "EndpointGroup-1",
- "to-epg": "EndpointGroup-2",
- "to-epg-description": "EndpointGroup-Finance",
- "ctag-range": "2-30"
}
This API helps user to generate the confg-drift between efa intended and device configuration. If reconcile flag is set then generated config-drift will be pushed to the device.
device_ip required | string Devcie IP for which config drift will be generated. |
reconcile | boolean If flag is set to true, then generated config-drift will be pushed to the device. |
BGP Service Peer Group is a collection of bgp peer-group configuration done on router bgp instance of a device.
Create BGP Service Peer Group.
tenant_name required | string Tenant Name. |
Array of objects (BgpServicePeerGroup) |
{- "tenant_name": "Tenant-A",
- "bgp-service-peer-group-list": [
- {
- "name": "bgp-service-peer-group-1",
- "description": "bgp-service-peer-group-ext-gw1",
- "bgp-service-peer-group": [
- {
- "mgmt-ip": "10.10.10.10",
- "peer-group-list": [
- {
- "peer-group-name": "bgp-peer-group-1",
- "remote-as": 65000,
- "bfd-enable": true,
- "bfd-interval": 300,
- "bfd-rx": 300,
- "bfd-multiplier": 5,
- "next-hop-self": true,
- "update-source-type": "ip",
- "update-source-value": "192.168.1.1"
}
]
}
]
}
]
}
Update operation supports add and delete of peer group config on router bgp instance on device(s). Below operation are supported -
Update BGP Service.
tenant_name required | string Tenant Name. |
operation required | string Enum: "peer-group-add" "peer-group-delete" "desc-update" |
object (BgpServicePeerGroup) |
{- "tenant_name": "Tenant-A",
- "operation": "peer-group-add | peer-group-delete",
- "bgp-service-peer-group-update": {
- "name": "bgp-service-peer-group-1",
- "description": "bgp-service-peer-group-ext-gw1",
- "bgp-service-peer-group": [
- {
- "mgmt-ip": "10.10.10.10",
- "peer-group-list": [
- {
- "peer-group-name": "bgp-peer-group-1",
- "remote-as": 65000,
- "bfd-enable": true,
- "bfd-interval": 300,
- "bfd-rx": 300,
- "bfd-multiplier": 5,
- "next-hop-self": true,
- "update-source-type": "ip",
- "update-source-value": "192.168.1.1"
}
]
}
]
}
}
This API will delete the BGP Service Peer Group
name required | string Name of the bgp-service-peer-group to delete |
tenant_name required | string tenant to which this bgp service peer group belongs. |
force | boolean Use force parameter to remove the bgp-servicepeer-group forcefully. This parameters allow user to ignore the error thrown by devices during bgp-service-peer-group delete. Useful to delete this object when device is not reachable. If force is used some configuratoin can be left on the device if deconfiguration fails. |
BGP Service is a collection of bgp peer configuration done on router bgp instance of a device for a provided vrf. This provides the means to extend networks created by Endpoint Group to establish bgp session with its peer towards the external gateway and coumpute.
Create BGP Service.
tenant_name required | string Tenant Name. |
Array of objects (BgpPeer) |
{- "tenant_name": "Tenant-A",
- "peer-list": [
- {
- "name": "bgp-peer-group-1",
- "tenantName": "Tenant-1",
- "description": "bgp-peer-group-ext-gw1",
- "peer": [
- {
- "mgmt-ip": "10.10.10.10",
- "vrf-list": [
- {
- "vrf": "VRF-GREEN",
- "afi": "ipv4 | ipv6",
- "safi": "unicast",
- "af-ip-neighbor": [
- {
- "neighbor-address": "10.10.10.1",
- "remote-as": 65000,
- "next-hop-self": true,
- "update-source-ip": "10.10.10.1",
- "bfd-enable": true,
- "bfd-interval": 300,
- "bfd-rx": 300,
- "bfd-multiplier": 5
}
], - "af-ip-dynamic-neighbor": [
- {
- "listen-range": "10.10.10.0/24",
- "peer-group-name": "pg1",
- "listen-limit": 10
}
]
}
]
}
]
}
]
}
Update operation supports add and delete of peer config on a VRF for device(s). Below operation are supported -
Update BGP Service.
tenant_name required | string Tenant Name. |
operation required | string Enum: "peer-add" "peer-delete" "desc-update" |
object (BgpPeer) |
{- "tenant_name": "Tenant-A",
- "operation": "peer-add | peer-delete",
- "peer-list": {
- "name": "bgp-peer-group-1",
- "tenantName": "Tenant-1",
- "description": "bgp-peer-group-ext-gw1",
- "peer": [
- {
- "mgmt-ip": "10.10.10.10",
- "vrf-list": [
- {
- "vrf": "VRF-GREEN",
- "afi": "ipv4 | ipv6",
- "safi": "unicast",
- "af-ip-neighbor": [
- {
- "neighbor-address": "10.10.10.1",
- "remote-as": 65000,
- "next-hop-self": true,
- "update-source-ip": "10.10.10.1",
- "bfd-enable": true,
- "bfd-interval": 300,
- "bfd-rx": 300,
- "bfd-multiplier": 5
}
], - "af-ip-dynamic-neighbor": [
- {
- "listen-range": "10.10.10.0/24",
- "peer-group-name": "pg1",
- "listen-limit": 10
}
]
}
]
}
]
}
}
This API will delete the BGP Service
name required | string Name of the bgp-peer-group to delete |
tenant_name required | string tenant to which this epg belongs. |
force | boolean Use force parameter to remove the bgp-peer-group forcefully. This parameters allow user to ignore the error thrown by devices during bgp-peer-config delete. Useful to delete this object when device is not reachable. If force is used some configuratoin can be left on the device if deconfiguration fails. |