Update OpenStack SDN connector to support the latest OpenStack releases 6.4.9

Updating dynamic addresses using the OpenStack SDN connector now supports: Rocky, Stein, Train, Ussuri, Victoria, Wallaby, and Xena.

In this example, two OpenStack SDN connectors are configured (OpenStackWallaby and OpenStackXena).

To configure the OpenStack SDN connectors in the GUI:

1. Go to Security Fabric > External Connectors and click Create New.

2. Select OpenStack (Horizon) and configure the following:

   Name	OpenStackWallaby
   Verify certificate	Disable
   Server	Enter the IP address: 34.145.74.207.
   Username	Enter the OpenStack username.
   Password	Enter the OpenStack password.
   Domain	Enter the OpenStack domain.

3. Click OK.

4. Repeat these steps to create another connector with the following settings:

   Name	OpenStackXena
   Verify certificate	Disable
   Server	Enter the IP address: 35.197.67.163.
   Username	Enter the OpenStack username.
   Password	Enter the OpenStack password.
   Domain	Enter the OpenStack domain.

To configure the OpenStack SDN connectors in the CLI:

config system sdn-connector
    edit "OpenStackWallaby"
        set type openstack
        set verify-certificate disable
        set server "34.145.74.207"
        set username "admin"
        set password **********
        set domain "E2-********-ZTNA_HoL_v1.0-************************"
    next
    edit "OpenStackXena"
        set type openstack
        set verify-certificate disable
        set server "35.197.67.163"
        set username "admin"
        set password **********
        set domain "E2-********-ZTNA_HoL_v1.0-************************"
    next
end

To configure dynamic addresses associated with the connectors in the GUI:

1. Go to Policy & Objects > Addresses and click Create New > Address.

2. Configure the following:

   Name	WallabyAddress
   Type	Dynamic
   Sub Type	Fabric Connector Address
   SDN Connector	OpenStackWallaby
   SDN address type	All
   Filter	Name=testvm4

3. Click OK.

4. Repeat these steps to create another dynamic address with the following settings:

   Name	XenaAddress
   Type	Dynamic
   Sub Type	Fabric Connector Address
   SDN Connector	OpenStackXena
   SDN address type	All
   Filter	Name=testvm3

To configure dynamic addresses associated with the connectors in the CLI:

config firewall address
    edit "WallabyAddress"
        set type dynamic
        set sdn "OpenStackWallaby"
        set filter "Name=testvm4"
        set sdn-addr-type all
    next
    edit "XenaAddress"
        set type dynamic
        set sdn "OpenStackXena"
        set filter "Name=testvm3"
        set sdn-addr-type all
    next
end

To test that firewall addresses can resolve the dynamic addresses based on the SDN connector in the GUI:

1. Go to Policy & Objects > Addresses.

2. Hover the cursor over the address name.

   

   The tooltip shows the resolved addresses of the dynamic firewall address.

To test that firewall addresses can resolve the dynamic addresses based on the SDN connector in the CLI:

# show firewall address
config firewall address
    edit "WallabyAddress"
        set uuid e42d9e80-bba2-51ec-9d14-2e85213c4b8f
        set type dynamic
        set sdn "OpenStackWallaby"
        set filter "Name=testvm4"
        set sdn-addr-type all
        config list
            edit "10.0.0.118"
            next
            edit "172.24.4.247"
            next
        end
    next
    edit "XenaAddress"
        set uuid 34b89196-bba5-51ec-30c0-1a12c98806c5
        set type dynamic
        set sdn "OpenStackXena"
        set filter "Name=testvm3"
        set sdn-addr-type all
        config list
            edit "10.0.0.232"
            next
            edit "172.24.4.77"
            next
        end
    next
end