Skip to content

Latest commit

 

History

History
151 lines (112 loc) · 4.36 KB

File metadata and controls

151 lines (112 loc) · 4.36 KB

Umbrella Policy Scheduler

This is the Umbrella Policy Scheduler source code. Using Umbrella API's, we can configure a schedule for Web policies and when they should be active or not, as well as the identity targets. Time ranges can be configured to set the active times for the policies.

The schedulers are stored in a database which is queried regularly by the server to determine which policies should be activated or deactivated.

High Level Design

alt text

Contacts

Solution Components

  • Flask
  • Docker
  • Python
  • JavaScript
  • Cisco Umbrella API’s

Installation:

Clone the repo

git clone https://github.com/gve-sw/gve_devnet_umbrella_policy_scheduler.git

Python

Set up a Python venv

First make sure that you have Python 3 installed on your machine. We will then be using venv to create an isolated environment with only the necessary packages.

Install virtualenv via pip
pip install virtualenv
Create a new venv
# Change to your project folder
cd umbrella-scheduler

# Create the venv
virtualenv venv

# Activate your venv
source venv/bin/activate

Install dependencies

pip3 install -r requirements.txt

Docker

You have the option to use a docker image hosted in this repo or to build the docker image from this repo. You may edit docker-compose.yml to use one of the following options:

# To build from scratch and generate an image
build: .
# To pull the image from GitHub docker
image: docker.pkg.github.com/gve-sw/gve_devnet_umbrella_policy_scheduler/umbrella_policy_scheduler:latest

Pulling the image requires a personal access token from Github. Follow this guide to generate an access token with the read:packages scope.

Afterwards, you would need to log in to docker with your Github username and personal access token.

docker login https://docker.pkg.github.com -u USERNAME -p PERSONAL_ACCESS_TOKEN

You can also edit the timezone used in scheduling in the same file:

environment:
      TZ: "Asia/Singapore"

A list of valid timezones is available at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones under TZ Database Name

Setup:

You can deploy this prototype in a lab environment, dCloud instance, or on your own deployment. You would then need to either input your details through the web GUI or edit a config file below.

Umbrella details:

You need to have your Network Devices API Key and Secret, Management API Key and Secret, and Organization ID.

To generate an API KEY, refer to the documentation here.

You must select an organization to manage and use its ORGANIZATION ID. You may do so here.

Fill in the details of your Umbrella deployment in the DETAILS.py file

MGT_KEY = ''
MGT_SECRET = ''
NET_KEY = ''
NET_SECRET = ''
ORG_ID = ''

Usage:

Python

Launch the Scheduler Server. Make sure that you have your venv activated.

flask run --host=0.0.0.0 --port=5000

Docker

Launch the Scheduler Server through the docker-compose file.

docker-compose up

Running

Launch your web browser and navigate to localhost:5000 or with your configured port.

Login Screen

alt text

Policy Selection

alt text

Policy Scheduling

alt text

Deactivated Policy Sample

alt text

Activated Policy Sample

alt text

Links to DevNet Learning Labs

For more resources on Umbrella API's and containers you may refer to the following learning labs:

License

Provided under Cisco Sample Code License, for details see LICENSE

Code of Conduct

Our code of conduct is available here

Contributing

See our contributing guidelines here