opennebula 5.12.12 → 5.13.80.pre

data/lib/nsx_client.rb

@@ -0,0 +1,144 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+module NSXDriver
+
+    ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
+
+    if !ONE_LOCATION
+        RUBY_LIB_LOCATION = '/usr/lib/one/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = '/usr/share/one/gems' \
+            unless defined?(GEMS_LOCATION)
+    else
+        RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = ONE_LOCATION + '/share/gems' \
+            unless defined?(GEMS_LOCATION)
+    end
+
+    if File.directory?(GEMS_LOCATION)
+        real_gems_path = File.realpath(GEMS_LOCATION)
+        if !defined?(Gem) || Gem.path != [real_gems_path]
+            $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
+            require 'rubygems'
+            Gem.use_paths(real_gems_path)
+        end
+    end
+
+    $LOAD_PATH << RUBY_LIB_LOCATION
+
+    require 'net/http'
+    require 'json'
+    require 'nokogiri'
+    require 'opennebula'
+    require 'vcenter_driver'
+    require 'nsx_driver'
+
+    # Class NSXClient
+    class NSXClient
+
+        # ATTIBUTES
+        attr_accessor :nsxmgr
+        attr_accessor :nsx_user
+        attr_accessor :nsx_password
+
+        # CONSTRUCTORS
+        def initialize(nsxmgr, nsx_user, nsx_password)
+            @nsxmgr = nsxmgr
+            @nsx_user = nsx_user
+            @nsx_password = nsx_password
+        end
+
+        def self.new_child(nsxmgr, nsx_user, nsx_password, type)
+            [nsxmgr, nsx_user, nsx_password, type].each do |v|
+                next if !v.nil? && !v.empty?
+
+                return nil
+            end
+
+            case type.upcase
+            when NSXConstants::NSXT
+                NSXTClient.new(nsxmgr, nsx_user, nsx_password)
+            when NSXConstants::NSXV
+                NSXVClient.new(nsxmgr, nsx_user, nsx_password)
+            else
+                error_msg = "Unknown NSX type: #{type}"
+                error     = NSXError::UnknownObject.new(error_msg)
+                raise error
+            end
+        end
+
+        def self.new_from_host(host)
+            nsxmgr = host['TEMPLATE/NSX_MANAGER']
+            nsx_user = host['TEMPLATE/NSX_USER']
+            nsx_password = host['TEMPLATE/NSX_PASSWORD']
+            nsx_type = host['TEMPLATE/NSX_TYPE']
+
+            new_child(nsxmgr, nsx_user, nsx_password, nsx_type)
+        end
+
+        def self.new_from_id(hid)
+            client = OpenNebula::Client.new
+            host   = OpenNebula::Host.new_with_id(hid, client)
+
+            rc = host.info(true)
+
+            if OpenNebula.is_error?(rc)
+                raise "Could not get host info for ID: #{hid} - #{rc.message}"
+            end
+
+            new_from_host(host)
+        end
+
+        # METHODS
+
+        # Return response if match with responses codes, If response not match
+        # with expected responses codes then raise an IncorrectResponseCodeError
+        def check_response(response, codes_array)
+            unless response.nil?
+                return response if codes_array.include?(response.code.to_i)
+
+                response_json = JSON.parse(response.body)
+                nsx_error = "\nNSX error code: " \
+                            "#{response_json['errorCode']}, " \
+                            "\nNSX error details: " \
+                            "#{response_json['details']}"
+                raise NSXError::IncorrectResponseCodeError, nsx_error
+            end
+            raise NSXError::IncorrectResponseCodeError, nsx_error
+        end
+
+        # Return: respose.body
+        def get(url, aditional_headers = []); end
+
+        # Return: response
+        def get_full_response(url, aditional_headers = []); end
+
+        # Return: id of the created object
+        def post(url, data, aditional_headers = []); end
+
+        def put(url, data, aditional_headers = []); end
+
+        def delete(url); end
+
+        def get_token(url); end
+
+        # Prepare headers
+        def add_headers(aditional_headers = []); end
+
+    end
+
+end

data/lib/nsx_component.rb

@@ -0,0 +1,28 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+module NSXDriver
+
+    # Class Transport Zone
+    class NSXComponent
+
+        # CONSTRUCTOR
+        def initialize(nsx_client)
+            @nsx_client = nsx_client
+        end
+
+    end
+
+end

data/lib/nsx_constants.rb

@@ -0,0 +1,149 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                             #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+module NSXDriver
+
+    ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
+
+    if !ONE_LOCATION
+        RUBY_LIB_LOCATION = '/usr/lib/one/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = '/usr/share/one/gems' \
+            unless defined?(GEMS_LOCATION)
+    else
+        RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = ONE_LOCATION + '/share/gems' \
+            unless defined?(GEMS_LOCATION)
+    end
+
+    if File.directory?(GEMS_LOCATION)
+        real_gems_path = File.realpath(GEMS_LOCATION)
+        if !defined?(Gem) || Gem.path != [real_gems_path]
+            $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
+            require 'rubygems'
+            Gem.use_paths(real_gems_path)
+        end
+    end
+
+    $LOAD_PATH << RUBY_LIB_LOCATION
+
+    class NSXConstants
+
+        # CONSTANTS
+        NSXT = 'NSX-T'
+        NSXV = 'NSX-V'
+        HEADER_JSON = { 'Content-Type' => 'application/json' }
+        HEADER_XML = { 'Content-Type' => 'application/xml' }
+        # NSX Manager
+        NSXT_EXTENSION_LIST = 'com.vmware.nsx.management.nsxt'
+        NSXV_EXTENSION_LIST = 'com.vmware.vShieldManager'
+        NSXT_BASE = '/api/v1'
+        NSXV_BASE = '/api/2.0'
+        # Transport Zones
+        NSXV_TZS = NSXV_BASE + '/vdn/scopes'
+        NSXV_TZS_XPATH = '//vdnScope'
+        NSXT_TZS = NSXT_BASE + '/transport-zones'
+        # VirtualWire
+        NSXV_AUTH = NSXV_BASE + '/services/auth/token'
+        NSXV_LS_TYPE = 'NSX-V'
+        NSXV_LS_NAME_XPATH = '//virtualWire/name'
+        NSXV_LS_VNI_XPATH = '//virtualWire/vdnId'
+        NSXV_LS_BACKING_XPATH = '//virtualWire/vdsContextWithBacking' \
+                                '/backingValue'
+        NSXV_LS_OBJECTID_XPATH = '//virtualWire/vdsContextWithBacking' \
+                                 '/switch/objectId'
+        NSXV_LS_XPATH = '//virtualWire'
+        NSXV_LS_SECTION = NSXV_BASE + '/vdn/virtualwires/'
+        NSXV_TZ_SECTION = NSXV_BASE + '/vdn/scopes/'
+        NSXV_TZ_XPATH = '//virtualWire/vdnScopeId'
+        # OpaqueNetwork
+        NSXT_AUTH = NSXT_BASE + '/aaa/registration-token'
+        NSXT_LS_TYPE = 'Opaque Network'
+        NSXT_LS_SECTION = NSXT_BASE + '/logical-switches/'
+        # DFW
+        ONE_SECTION_NAME = 'OpenNebula'
+        NSXT_DFW_BASE = NSXT_BASE + '/firewall'
+        NSXV_DFW_BASE = '/api/4.0/firewall/globalroot-0/config'
+        NSXT_DFW_SECTIONS = '/sections'
+        NSXV_DFW_SECTIONS = '/layer3sections'
+        NSXV_DFW_SECTION_XPATH = '//section'
+        NSXV_DFW_RULE_XPATH = '//rule'
+        # RULE
+        NSXT_RULE_BASE = NSXT_BASE + '/firewall/rules'
+        NSXT_RULE_PROTOCOL = {
+            'TCP' => {
+                :service => {
+                    :l4_protocol => 'TCP',
+                    :source_ports => [],
+                    :destination_ports => [],
+                    :resource_type => 'L4PortSetNSService'
+                }
+            },
+            'UDP' => {
+                :service => {
+                    :l4_protocol => 'UDP',
+                    :source_ports => [],
+                    :destination_ports => [],
+                    :resource_type => 'L4PortSetNSService'
+                }
+            },
+            'ICMP' => {
+                :service => {
+                    :protocol => 'ICMPv4',
+                    :resource_type => 'ICMPTypeNSService'
+                }
+            },
+            'ICMPv6' => {
+                :service => {
+                    :protocol => 'ICMPv6',
+                    :resource_type => 'ICMPTypeNSService'
+                }
+            }
+        }
+        NSXV_RULE_BASE = 'xxx'
+        NSX_RULE_IPSEC_PORTS = %w[500 4500]
+        # Logical Ports
+        NSXT_LP_BASE = NSXT_BASE + '/logical-ports/'
+        NSXV_LP_BASE = ''
+        # Messages
+        MSG_INCOMPLETE_REQ = 'Incomplete request, NSX_MANAGER, NSX_USER, \
+                              NSX_PASSWORD and NSX_TYPE are needed'
+        MSG_INVALID_REQ = 'Invalid request, check that NSX_MANAGER, NSX_USER, \
+                           NSX_PASSWORD and NSX_TYPE are correct'
+        MSG_INVALID_NSXTYPE = 'Invalid NSX-TYPE: Only NSX-T and NSX-V are \
+                               supported'
+        # Responses codes
+        # 2xx
+        CODE_OK = 200
+        CODE_CREATED = 201
+        CODE_ACCEPTED = 202
+        CODE_NO_CONTENT = 204
+        # 4xx
+        CODE_BAD_REQUEST = 400
+        CODE_UNAUTHORIZED = 401
+        CODE_FORBIDDEN = 403
+        CODE_NOT_FOUND = 404
+        CODE_METHOD_NOT_ALLOWED = 405
+        CODE_NOT_ACCEPTABLE = 406
+        # 5xx
+        CODE_INTERNAL_SERVER_ERROR = 500
+        CODE_BAD_GATEWAY = 502
+        CODE_SERVICE_UNAVAILABLE = 503
+        CODE_GATEWAY_TIMEOUT = 504
+
+    end
+
+end

data/lib/nsx_driver.rb

@@ -0,0 +1,78 @@
+# ---------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                  #
+#                                                                              #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may      #
+# not use this file except in compliance with the License. You may obtain      #
+# a copy of the License at                                                     #
+#                                                                              #
+# http://www.apache.org/licenses/LICENSE-2.0                                   #
+#                                                                              #
+# Unless required by applicable law or agreed to in writing, software          #
+# distributed under the License is distributed on an "AS IS" BASIS,            #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.     #
+# See the License for the specific language governing permissions and          #
+# limitations under the License.                                               #
+# ---------------------------------------------------------------------------- #
+
+# ---------------------------------------------------------------------------- #
+# Set up the environment for the driver                                        #
+# ---------------------------------------------------------------------------- #
+
+ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
+
+if !ONE_LOCATION
+    BIN_LOCATION  = '/usr/bin'     unless defined?(BIN_LOCATION)
+    LIB_LOCATION  = '/usr/lib/one' unless defined?(LIB_LOCATION)
+    ETC_LOCATION  = '/etc/one/'    unless defined?(ETC_LOCATION)
+    VAR_LOCATION  = '/var/lib/one' unless defined?(VAR_LOCATION)
+    GEMS_LOCATION = '/usr/share/one/gems' unless defined?(GEMS_LOCATION)
+else
+    BIN_LOCATION  = ONE_LOCATION + '/bin' unless defined?(BIN_LOCATION)
+    LIB_LOCATION  = ONE_LOCATION + '/lib'  unless defined?(LIB_LOCATION)
+    ETC_LOCATION  = ONE_LOCATION + '/etc/' unless defined?(ETC_LOCATION)
+    VAR_LOCATION  = ONE_LOCATION + '/var/' unless defined?(VAR_LOCATION)
+    GEMS_LOCATION = ONE_LOCATION + '/share/gems' unless defined?(GEMS_LOCATION)
+end
+
+ENV['LANG'] = 'C'
+
+if File.directory?(GEMS_LOCATION)
+    real_gems_path = File.realpath(GEMS_LOCATION)
+    if !defined?(Gem) || Gem.path != [real_gems_path]
+        $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
+        require 'rubygems'
+        Gem.use_paths(real_gems_path)
+    end
+end
+
+$LOAD_PATH << LIB_LOCATION + '/ruby'
+$LOAD_PATH << LIB_LOCATION + '/ruby/nsx_driver'
+
+# ---------------------------------------------------------------------------- #
+# NSX Library                                                                  #
+# ---------------------------------------------------------------------------- #
+require 'nsx_constants'
+require 'nsx_error'
+require 'nsx_component'
+require 'nsx_client'
+require 'nsxt_client'
+require 'nsxv_client'
+require 'logical_switch'
+require 'opaque_network'
+require 'transport_zone'
+require 'nsxt_tz'
+require 'nsxv_tz'
+require 'virtual_wire'
+require 'distributed_firewall'
+require 'nsxt_dfw'
+require 'nsxv_dfw'
+require 'logical_port'
+require 'nsxt_logical_port'
+require 'nsxv_logical_port'
+require 'nsx_rule'
+require 'nsxt_rule'
+require 'nsxv_rule'
+
+# NSX Driver module
+module NSXDriver
+end

data/lib/nsx_error.rb

@@ -0,0 +1,77 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+module NSXDriver
+
+    class NSXError < StandardError
+
+        # Class IncorrectResponseCodeError
+        class IncorrectResponseCodeError < NSXError
+
+            def initialize(msg = 'Incorrect response code')
+                super(msg)
+            end
+
+        end
+
+        # Class ObjectNotFound
+        class ObjectNotFound < NSXError
+
+            def initialize(msg = 'Object not found')
+                super(msg)
+            end
+
+        end
+
+        # Class UnknownObject
+        class UnknownObject < NSXError
+
+            def initialize(msg = 'Unknown object type')
+                super(msg)
+            end
+
+        end
+
+        # Class CreateError
+        class CreateError < NSXError
+
+            def initialize(msg = 'Error creating NSX object')
+                super(msg)
+            end
+
+        end
+
+        # Class DeleteError
+        class DeleteError < NSXError
+
+            def initialize(msg = 'Error deleting NSX object')
+                super(msg)
+            end
+
+        end
+
+        # Class DeleteError
+        class MissingParameter < NSXError
+
+            def initialize(parameter)
+                msg = "Missing NSX parameter #{parameter}"
+                super(msg)
+            end
+
+        end
+
+    end
+
+end

data/lib/nsx_rule.rb

@@ -0,0 +1,193 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2021, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+
+require 'ipaddr'
+
+# Module NSXDriver
+module NSXDriver
+
+    ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
+
+    if !ONE_LOCATION
+        RUBY_LIB_LOCATION = '/usr/lib/one/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = '/usr/share/one/gems' \
+            unless defined?(GEMS_LOCATION)
+    else
+        RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby' \
+            unless defined?(RUBY_LIB_LOCATION)
+        GEMS_LOCATION     = ONE_LOCATION + '/share/gems' \
+            unless defined?(GEMS_LOCATION)
+    end
+
+    if File.directory?(GEMS_LOCATION)
+        real_gems_path = File.realpath(GEMS_LOCATION)
+        if !defined?(Gem) || Gem.path != [real_gems_path]
+            $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
+            require 'rubygems'
+            Gem.use_paths(real_gems_path)
+        end
+    end
+
+    $LOAD_PATH << RUBY_LIB_LOCATION
+
+    require 'nsxt_rule'
+    require 'nsxv_rule'
+
+    # Class Logical Switch
+    module NSXRule
+
+        include NSXTRule
+        include NSXVRule
+
+        def to_nets(ip_start, size)
+            nets = []
+            ipaddr = IPAddr.new ip_start
+            ip_i = ipaddr.to_i
+
+            if ipaddr.ipv4?
+                ip_length = 32
+            elsif ipaddr.ipv6?
+                ip_length = 128
+            else
+                return
+            end
+
+            # Find the largest address block (look for the first 1-bit)
+            lblock = 0
+
+            lblock += 1 while ip_i[lblock] == 0 && lblock < ip_length
+
+            # Allocate whole blocks till the size fits
+            while size >= 2**lblock
+                nets << "#{IPAddr.new(ip_i, ipaddr.family)}" \
+                        "/#{ip_length-lblock}"
+
+                ip_i += 2**lblock
+                size -= 2**lblock
+
+                lblock += 1 while ip_i[lblock] == 0 && lblock < ip_length
+            end
+
+            # Fit remaining address blocks
+            ip_length.downto(0) do |i|
+                next if size[i] == 0
+
+                nets << "#{IPAddr.new(ip_i, ipaddr.family)}/#{ip_length-i}"
+
+                ip_i += 2**i
+            end
+
+            nets
+        end
+
+        # Adapt port from ["22, 443"] to '22, 443'
+        # Adapt port from ["22", "443"] to '22, 443'
+        def parse_ports(rule_ports)
+            unless rule_ports.empty?
+                rule_ports = rule_ports.join(',')
+            end
+            rule_ports
+        end
+
+        def extract_vnet_data(vnet_id)
+            if vnet_id == ''
+                return {
+                    :nsxid => '',
+                    :name => ''
+                }
+            end
+            # Create client to communicate with OpenNebula
+            one_client = OpenNebula::Client.new
+            # Get the network XML from OpenNebula
+            # This is potentially different from the Netowrk Template
+            # provided as the API call argument
+            one_vnet = OpenNebula::VirtualNetwork.new_with_id(vnet_id,
+                                                              one_client)
+            rc = one_vnet.info
+            if OpenNebula.is_error?(rc)
+                err_msg = rc.message
+                raise CreateNetworkError, err_msg
+            end
+            {
+                :nsxid => one_vnet['TEMPLATE/NSX_ID'],
+                :name => one_vnet['NAME']
+            }
+        end
+
+        def extract_rule_data(xml_rule)
+            sg_id = xml_rule.xpath('SECURITY_GROUP_ID').text
+            sg_name = xml_rule.xpath('SECURITY_GROUP_NAME').text
+            in_out = xml_rule.xpath('RULE_TYPE').text.upcase
+            in_out == 'INBOUND' ? sg_direction = 'IN' : sg_direction = 'OUT'
+            # Protocol: TCP, UDP, ICMP...
+            sg_protocol = xml_rule.xpath('PROTOCOL').text
+            if sg_protocol == 'ICMP'
+                sg_icmp_type = xml_rule.xpath('ICMP_TYPE').text
+            end
+            # OpenNebula network ID
+            sg_network_id = xml_rule.xpath('NETWORK_ID').text
+            vnet_data = extract_vnet_data(sg_network_id)
+
+            # ip / netmask
+            sg_ip = xml_rule.xpath('IP').text
+            sg_ipsize = xml_rule.xpath('SIZE').text
+            sg_subnets = []
+            if sg_ip != '' && sg_ipsize != ''
+                sg_subnets = to_nets(sg_ip, sg_ipsize.to_i)
+            end
+            # Ports
+            sg_ports = ''
+            sg_range_port = xml_rule.xpath('RANGE').text
+            if sg_range_port
+                if sg_range_port.index(':')
+                    sg_port_from = sg_range_port[0..sg_range_port.index(':')-1]
+                    sg_port_to = sg_range_port[sg_range_port.index(':')+1,
+                                               sg_range_port.length]
+                    sg_ports = "#{sg_port_from}-#{sg_port_to}"
+                else
+                    sg_ports = sg_range_port
+                end
+            end
+            # Create hash with data
+            {
+                :id => sg_id,
+                :name => sg_name,
+                :direction => sg_direction,
+                :protocol => sg_protocol,
+                :icmp_type => sg_icmp_type,
+                :network_id => sg_network_id,
+                :network_name => vnet_data[:name],
+                :network_nsxid => vnet_data[:nsxid],
+                :subnets => sg_subnets,
+                :ports => sg_ports.split(',')
+            }
+        end
+
+        def rule_spec(rule, vm_data, nic_data, nsx_client)
+            case nsx_client.nsx_type
+            when NSXDriver::NSXConstants::NSXT
+                nsxt_rule_spec(rule, vm_data, nic_data)
+            when NSXDriver::NSXConstants::NSXV
+                nsxv_rule_spec(rule, vm_data, nic_data)
+            else
+                raise "Unsupported NSX type: #{nsx_type}"
+            end
+        end
+
+    end
+
+end