Table Of Contents
System Actions, Default Variables, and Resource Attribute Variables
System Actions and Default Variables in Service Network Templates
Network-Wide System Actions and Default Variables
Firewall and Firewall HA Logical Element
ExternNet Logical Elements
Layer 2 Switch Logical Elements
Layer 3 Switch Logical Elements
Server Group Logical Elements
Layer 3 Switch HA Logical Elements
Resource Attribute Variables
System Actions, Default Variables, and Resource Attribute Variables
The following topics provide information system actions, default variables, and resource attribute variables:
•
System Actions and Default Variables in Service Network Templates
•Resource Attribute Variables
System Actions and Default Variables in Service Network Templates
Most logical elements in service network templates have system actions (default macros) and default variables attached to them. These system actions and default variables perform various basic functions. In this way, you do not need to create user macros for every function, only the additional custom functions that are specific to your network requirements.
Because service network templates can contain many different combinations of logical elements in several configurations, determining which system actions and default variables are attached to which logical elements can be difficult. Therefore, the system actions and default variables for service network logical elements are described in this appendix.
The following topics provide information about the system actions and default variables associated with the network as a whole and each of the logical elements:
•Network-Wide System Actions and Default Variables
•Firewall and Firewall HA Logical Element
•ExternNet Logical Elements
•Layer 2 Switch Logical Elements
•Layer 3 Switch Logical Elements
•Server Group Logical Elements
•Layer 3 Switch HA Logical Elements
Network-Wide System Actions and Default Variables
Table A-1 lists the system actions and default variables that are attached to the network.
Table A-1 Network System Actions and Default Variables
System Action
|
Description
|
Default Variables
|
create-vlans
|
Creates VLANs on all managed switches. If the VLAN creation fails on an acquired switch, the configuration fails. If the VLAN creation fails on a managed but not acquired switch, the configuration reports a warning.
By default, this system action is attached to the Deploy Network event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
cleanup-vlans
|
Removes VLANs on all managed switches.
By default, this system action is attached to the Undeploy Network event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
verify-vlans
|
Verifies that the specified VLAN exists on all managed switches.
By default, this system action is attached to the Verify Network event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
Firewall and Firewall HA Logical Element
Firewall and Firewall HA logical elements contain several system actions and default variables. Table A-2 lists the system actions and default variables that are attached to these logical elements.
Table A-2 Firewall and Firewall HA Logical Elements—System Actions and Default Variables
System Action
|
Description
|
Default Variables
|
add-vlans-to-vlan-
group
|
Adds VLANs to the firewall vlan-group associated with the Firewall Services Module. By default, this system action is attached to the Deploy Network event.
|
•InterfaceGroup—Variables for the firewall interface. For every endpoint, there is one instance of InterfaceGroup defined.
–VLAN—VLAN for the firewall interface.
–Name—Name of the firewall interface.
–SecurityLevel—Security level of the firewall interface (range 0-100).
•InterfaceIPAddressGroup—IP address group for the firewall interface.
–IPAddress —IP address for the firewall interface.
|
remove-vlans-from-
vlan-group
|
Remove the VLANs from the firewall vlan-group associated Firewall Services Module. By default, this system action is attached to the Undeploy Network event.
|
•InterfaceGroup—Variables for the firewall interface. For every endpoint, there is one instance of InterfaceGroup defined.
–VLAN—VLAN for the firewall interface.
–Name—Name of the firewall interface.
–SecurityLevel—Security level of the firewall interface (range 0-100).
•InterfaceIPAddressGroup—IP address group for the firewall interface.
–IPAddress —IP address for the firewall interface.
|
verify-firewall-vlans
|
Verifies whether the VLANs have been added to the firewall vlan-group associated with the Firewall Services Module, and if the Auto Correct Detected Changes option is enabled and it finds that the VLAN is missing from the firewall vlan-group, it re-adds the VLAN to the firewall vlan-group.
|
•InterfaceGroup—Variables for the firewall interface. For every endpoint, there is one instance of InterfaceGroup defined.
–VLAN—VLAN for the firewall interface.
–Name—Name of the firewall interface.
–SecurityLevel—Security level of the firewall interface (range 0-100).
•InterfaceIPAddressGroup—IP address group for the firewall interface.
–IPAddress —IP address for the firewall interface.
|
ExternNet Logical Elements
ExternNet logical elements do not contain any system actions or default variables. However, when they are connected to a Layer 3 HA switch logical element, the corresponding Layer 3 HA switches have uplink interfaces that are used as the tracking interfaces in HSRP configurations. You can create HSRP tracking interfaces on Layer 3 switches from the network map on the Resources tab.
For information about system actions and default variables connected to Layer 3 HA switch logical elements, see Layer 3 Switch HA Logical Elements.
Layer 2 Switch Logical Elements
Layer 2 switch logical elements do not contain any system actions. However, one default variable is used in conjunction with system actions belonging logical elements to which the Layer 2 switch is connected (see Table A-3)
You cannot assign user macros to Layer 2 switch logical elements. However, you can assign user macros to Layer 2 switch endpoints linked to server groups. You can alias the SwitchServerPropertyGroup variable group to user macros assigned to Layer 2 endpoints.
Table A-3 Layer 2 Switch Logical Element—Default Variables
Default Variable Group
|
Description
|
VLANGroup
|
VLAN group. Contains the following variable:
•Vlan—VLAN for logical element (managed switches).
|
Layer 3 Switch Logical Elements
Layer 3 switch logical elements contain several system actions and default variables. Table A-4 lists the system actions and default variables that are attached to Layer 3 switch logical elements.
You can assign user macros to Layer 3 switches or any Layer 3 switch endpoint.
Table A-4 Layer 3 Switch Logical Element—System Actions and Default Variables
System Action
|
Description
|
Default Variables
|
create-svi
|
Configures the SVI and helper IP address on the VLAN interface.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Deploy Network event.
|
•SviVlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•SviIpAddressGroup—SVI IP address.
–IPAddress—IP address.
–IPMask—Netmask for IP address.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
cleanup-svi
|
Removes the SVI and helper IP address on the VLAN interface.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Undeploy Network event.
|
•SviVlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•SviIpAddressGroup—SVI IP address.
–IPAddress—IP address.
–IPMask—Netmask for IP address.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
verify-svi
|
Verifies that the specified SVI and helper IP address have been configured.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Verify Network event.
|
•SviVlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•SviIpAddressGroup—SVI IP address.
–IPAddress—IP address.
–IPMask—Netmask for IP address.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
Server Group Logical Elements
Server group logical elements contain several system actions and default variables. Table A-5 lists the system actions and default variables that are attached to server group logical elements.
Server group endpoints do not contain any system actions; however, they do contain default variables, which can be used in user macros. Table A-6 lists the default variables that are attached to server group endpoints.
You can assign user macros to server group logical elements or any server group endpoint.
Table A-5 Server Group Logical Element—System Actions and Default Variables
System Action
|
Description
|
Default Variables
|
server-group-start
|
Performs system initialization for booting servers.
This system action is included in the Server Group element.
This action is attached to Start Server Group event.
|
None that require user input.
|
server-group-stop
|
Performs system cleanup after servers are shut down.
This system action is included in the Server Group element.
This action is attached to Stop Server Group event.
|
None that require user input.
|
create-server-fc-zone
|
Configures the switch port VSAN to match the server group VSAN.
Creates and activates a zone with the acquired physical server HBA port WWN and array ports. In fabric mode, the target zone member includes the LUN ID.
In array mode, it executes a macro to mask LUNs to acquired physical server HBA port WWNs.
This system action is included in the server group element.
This system action is attached to the Start Server event.
|
None that require user input.
|
remove-server-fc-zone
|
Removes zones from the physical server HBA port WWN that were created during server start.
In array mode, executes a macro to unmask LUNs from the acquired physical server HBA port WWNs.
This system action is included in the server group element.
This system action is attached to the Stop Server event.
|
None that require user input.
|
create-server-nfs-
partition
|
Configures all export rules for NAS storage.
This system action is included in the Server Group element.
This system action is attached to the Start Server event.
|
None that require user input.
|
remove-server-nfs-
partition
|
Removes export rules that were created for NAS storage.
This system action is included in the Server Group element.
This system action is attached to the Stop Server event.
|
None that require user input.
|
server-boot
|
Boots the physical server.
For NAS boot, this system action creates DHCP/PXE configuration.
For Linux NAS boot, this system action also copies the kernel and initrd from the golden image to the PXE boot directory. Powers on the physical server using the LOM interface.
For SAN boot, this system action creates DHCP/PXE configuration to redirect the physical server to boot from the local disk using PXE.
This system action is included in the server group element.
This is attached to the Start Server event.
|
•Hostname Group—Server Group hostname prefix.
–HostName - Prefix string used to generate the hostname for logical servers in server group. The full hostname is computed using this prefix and appends the character `_' and an index number. The index number is a counter that gets incriminated when a logical server is created.
This variable is also used during generation to populate the parameter file, which may be used to customize servers.
|
assign-switch-port-vlan
|
Assigns the VLAN to the switch port to which the server is connected.
This system action is included when linking a server group to a Layer 3 switch through a physical switch port.
By default, this system action is attached to the Start Server event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
unassign-switch-port-
vlan
|
Removes the VLAN assignment from the switch port to which the server group is connected.
This system action is included when linking a server group to a Layer 2 switch through a physical switch port.
By default, this system action is attached to the Stop Server event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
verify-assign-switch-
port-vlan
|
Verifies that the specified VLAN has been assigned to the switch port on all managed switches to which the server group is connected and corrects any discrepancies it detects.
This system action is included when linking a server group to a Layer 2 switch through a physical switch port.
By default, this system action is attached to the Verify Server event.
|
•VLANGroup—VLAN group.
–Vlan—VLAN for logical element (managed switches).
|
create-etherChannels
|
Creates the port channel group and assigns ports to the port channel group on the switch port to which the server group is connected.
This system action is included when linking a server group to a Layer 2 switch through an EtherChannel switch port.
By default, this system action is attached to the Start Server event.
|
VFrame automatically selects a port channel group ID.
|
cleanup-etherChannels
|
Removes ports from the port channel group and removes the port channel group from the switch port to which the server group is connected.
This system action is included when linking a server group to a Layer 2 switch through an EtherChannel switch port.
By default, this system action is attached to the Stop Server event.
|
Port channel group ID previously selected by VFrame.
|
verify-etherChannels
|
Verifies the ports in the port channel group.
This system action is included when linking a server group to a Layer 2 switch through an EtherChannel switch port.
By default, this system action is attached to the Verify Server event.
|
Port channel group ID previously selected by VFrame.
|
server-shutdown
|
Shuts down the server and removes DHCP/PXE configurations.
If a server is running with the VFrame host agent, the server is shut down gracefully. However, if VFrame times out while waiting for a server to shut down gracefully, LOM is used to shut down the server. Shutting down using LOM as a host agent is not available.
This system action is included in the server group element.
This system action is attached to the Stop Server event.
|
None that require user input.
|
verify-create-server-
vsan-config
|
Verifies the Fibre Channel zone and VSAN membership for servers.
This system action is included in the server group element.
This system action is attached to the Verify Server event.
|
None that require user input.
|
verify-storage-config
|
Verifies the Fibre Channel LUN path.
This system action is included in the server group element.
This system action is attached to the Verify Server event.
|
None that require user input.
|
Table A-6 Server Group Endpoints—Default Variables
Default Variable Group
|
Description
|
IPAddressGroup
|
IP address group for the Ethernet interface. Contains the following variable:
•IPAddress—IP address for the server group interface.
|
SwitchServerPropertyGroup
|
Properties for the server group. Contains the following variables:
•SwitchPortId—Switch port ID.
•ServerMACAddr—Server port MAC address.
|
Layer 3 Switch HA Logical Elements
Layer 3 switch HA logical elements contain several system actions and default variables. Table A-5 lists the system actions and default variables that are attached to Layer 3 switch HA logical elements.
Table A-7 Layer 3 Switch HA Logical Element—System Actions and Default Variables
System Action
|
Description
|
Default Variables
|
create-hsrp
|
If you select HSRP as the interface type, VFrame configures SVI and HSRP standby on both Layer 3 switch VLAN interfaces in the HA pair.
If you select SVI as the interface type, VFrame configures SVI only on both Layer 3 switch VLAN interfaces in the HA pair.
If the Layer 3 switch HA is linked with an ExternNet logical element, tracking interfaces are also configured on both Layer 3 switch VLAN interfaces in the HA pair.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Deploy Network event.
|
•VlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•InterfaceAddressGroup—SVI Interface Address.
–InterfaceIpAddressPrimary—Interface IP address for primary switch.
–InterfaceIpAddressSecondary—Interface IP address for secondary switch.
•HSRPParaGroup1 —HSRP parameters.
–VIPAddress—HSRP virtual IP address.
–GroupId—HSRP group ID (0-255)
–PrimaryPriority—HA primary switch HSRP priority value that is set on the primary switch. Valid values are 0-255, with 0 as the default.
–SecondaryPriority—HA secondary switch HSRP priority value that is set on the secondary switch. Valid values are 0-255, with 0 as the default.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
cleanup-hsrp
|
If you selected HSRP as the interface type, VFrame removes SVI, HSRP standby, and tracking from both Layer 3 switch VLAN interfaces in the HA pair.
If you selected SVI as the interface type, VFrame removes SVI from both Layer 3 switch VLAN interfaces in the HA pair.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Undeploy Network event.
|
•VlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•InterfaceAddressGroup—SVI Interface Address.
–InterfaceIpAddressPrimary—Interface IP address for primary switch.
–InterfaceIpAddressSecondary—Interface IP address for secondary switch.
•HSRPParaGroup1—HSRP parameters.
–VIPAddress—HSRP virtual IP address.
–GroupId—HSRP group ID (0-255)
–PrimaryPriority—HA primary switch HSRP priority value that is set on the primary switch. Valid values are 0-255, with 0 as the default.
–SecondaryPriority—HA secondary switch HSRP priority value that is set on the secondary switch. Valid values are 0-255, with 0 as the default.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
verify-hsrp
|
If you selected HSRP as the interface type, VFrame verifies that SVI, HSRP standby, and tracking are configured on both Layer 3 switch VLAN interfaces in the HA pair.
If you selected SVI as the interface type, VFrame verifies that SVI is configured on both Layer 3 switch VLAN interfaces in the HA pair.
This system action is included when linking a Layer 3 switch to a Layer 2 switch.
By default, this system action is attached to the Verify Network event.
|
•VlanGroup—VLAN for SVI.
–Vlan—VLAN for logical element (Layer 3 switch).
•InterfaceAddressGroup—SVI Interface Address.
–InterfaceIpAddressPrimary—Interface IP address for primary switch.
–InterfaceIpAddressSecondary—Interface IP address for secondary switch.
•HSRPParaGroup1—HSRP parameters.
–VIPAddress—HSRP virtual IP address.
–GroupId—HSRP group ID (0-255)
–PrimaryPriority—HA primary switch HSRP priority value that is set on the primary switch. Valid values are 0-255, with 0 as the default.
–SecondaryPriority—HA secondary switch HSRP priority value that is set on the secondary switch. Valid values are 0-255, with 0 as the default.
•HelperAddressGroup—DHCP helper address.
–HelperAddr—DHCP helper address.
|
Resource Attribute Variables
Resource attribute variables are Perl variables that are provided by default in VFrame. You can use these variables in the macros you create. The resource attribute variables that are available for you to use depend on the supported target type of the logical element associated with the macro.
For example, if you include a load balancer HA logical element in your template, and you set the supported target type to CSM HA, then the CSM_Module resource attribute type (which defines the slot number of the CSM module) is available for you to use. However, if you set the supported device type to CSM HA Supervisor, then this resource attribute variable is not available for you to use.
Only one resource attribute variable is to all macro target types, and that is the autofix resource attribute variable. If this variable is set to 1, then auto-correction during verification is turned on; if it is set to 0, then auto-correction is turned off.
Table A-8 lists the resource attribute variables and their descriptions according to the supported target types to which they belong.
Table A-8 Resource Attribute Variables
Supported Target Type
|
Resource Attribute Variable
|
Description
|
These target types are supported:
•Cat6k Layer 3 Switch IP Interface
•Cat6k HA Layer 3 Switch IP Interface
•Cat6k Layer 2 Ports
•Cat6k Layer 2 Etherchannel Ports
|
Interface_Name
|
Interface name, as follows:
•For Layer 2 ports, the value is PortId, for example, GigabitEthernet1/1.
•For Layer 2 EtherChannel ports, the value is port-channel ChannelId, for example, port-channel 5.
•For Layer 3 SVI interfaces, the value is vlan vlanid, for example, vlan 20.
|
These target types are supported:
•CSM
•CSM HA
|
CSM_Module
|
Slot number for the CSM module.
|
These target types are supported:
•FWSM HA Module
•FWSM HA Virtual Context
•FWSM Module
•FWSM Virtual Context
|
FWSM_User_Context
|
Firewall Context Name.
|
Before you can use resource attribute variables in your macro, you need to import them. You do this by issuing the use vars qw'$ResourceAttributeVariable'; Perl command, where ResourceAttributeVariable refers to the resource attribute variable.
For example, to import the CSM_Module resource attribute variable, you would include the following command in your macro:
use vars qw'$CSM_Module';
After importing the variable, you can use it in your macro.
