Create a gist now

Instantly share code, notes, and snippets.

@scottdware /srx-ipam-space.go Secret
Last active Mar 14, 2016

package main
import (
"encoding/xml"
"fmt"
"github.com/scottdware/go-junos"
"github.com/scottdware/go-rested"
)
// dynamicHosts parses the overall XML returned from the Infoblox query.
type dynamicHosts struct {
XMLName xml.Name `xml:"list"`
Hosts []hostEntry `xml:"value>ipv4addrs>list>value"`
}
// hostEntry parses the XML for each individual host.
type hostEntry struct {
Name string `xml:"host"`
Address string `xml:"ipv4addr"`
}
var (
searchString = "ware"
ipamGM = "infoblox.company.com"
ipamUser = "ibadmin"
ipamPass = "infoblox"
spaceHost = "junosspace.company.com"
spaceUser = "juniper"
spacePass = "Juniper123!"
groupName = "Dynamic-IPAM-Hosts"
)
// queryIPAM searches throughout Infoblox for the given search string...which matches the "comment" field
// within Infoblox and returns addresses that we will build our address-set for.
func queryIPAM() (*dynamicHosts, error) {
var data dynamicHosts
reqURL := fmt.Sprintf("https://%s/wapi/v1.0/record:host?comment~:=%s", ipamGM, searchString)
r := rested.NewRequest()
r.BasicAuth(ipamUser, ipamPass)
headers := map[string]string{
"Accept": "application/xml",
}
// Send our HTTP request to Infoblox.
resp := r.Send("get", reqURL, nil, headers, nil)
if resp.Error != nil {
fmt.Println(resp.Error)
}
err := xml.Unmarshal(resp.Body, &data)
if err != nil {
return nil, err
}
return &data, nil
}
func main() {
// Connect to Junos Space.
jspace := junos.NewServer(spaceHost, spaceUser, spacePass)
// Run our query against IPAM/Infoblox to get our addresses.
d, err := queryIPAM()
if err != nil {
fmt.Println(err)
}
// Create our address entries/objects in Space.
for _, ae := range d.Hosts {
jspace.AddAddress(ae.Name, ae.Address)
}
// Create the address group and assign the addresses we just created to it.
jspace.AddGroup("address", groupName, "IP addresses from Infoblox")
for _, as := range d.Hosts {
jspace.EditGroup("address", "add", as.Name, groupName)
}
// Let's assume we have a policy named "Fireall Policy" that references the address-group we created above.
// Now we can push the policy out and update the associated SRX's.
jobID, err := jspace.PublishPolicy("Firewall Policy", true)
if err != nil {
fmt.Println(err)
}
fmt.Printf("Job ID: %d\n", jobID)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment