VyCenter Alpha Stage Announcement - VyOS Web Interface

robertoberto · April 30, 2020, 11:44am

Hi guys,

I’m developing a frontend in early stages. Any help / comments will be welcome!

github GitHub - vycontrol/vycontrol: vyos frontend
containers at docker hub Docker

VyOS frontend made in Python / Django using VyOS new 1.3 API server

It will work with a single VyoS server or to multiple VyOS servers, so datacenters which do not want share same firewall to different customers will not need to install several vycenter to each customer. That’s why the name vycenter.

features

in alpha stage we’re going to provide just essential device config, interfaces and firewall, as proof of concencept, as well config module basic cruds (users, groups and vyOS Servers)

interfaces module

list interfaces - alpha
show interface - alpha
unset/set firewall interface - todo
change interface parameters - todo

firewall module

basic firewall rules creation proof of concept - done
basic list firewall rules - done
basic add firewall rules - done
basic edit firewall rules - done
basic firewall create - done
change firewall rules order - todo
delete firewall rules - todo

other modules - todo

ospf
bgp
ipsec
openvpn
reports (maybe collecting using snmp)
ssh management
system login managament
nat
dhcp servers
static routes

config module

vycenter users crud - todo
vycenter groups crud - todo
vyos instance using database - done
full vyos instances crud - todo
add new VyoS instances test connection while adding - todo
add new VyoS instances test connection all servers crontab - todo
associate groups to VyOS instances

dockerhub

latest vycenter is being autobuilt at dockerhub

docker pull robertoberto/vycenter

docker composer

Right now we are using db.sqlite3, but I used composer so we can change to mySQL if needed.

docker-compose build
docker-compose  up

manual install instructions

setup virtual env and pip requirements

virtualenv env
source env/bin/activate
pip3 install -r requirements.txt

setup initial database

cd vycenter
python3 manage.py migrate

run webserver

python3 manage.py runserver

access webpage

setup vyos new instance

click on Add new instance
configure vyos services like explained at docs
click on List Instances
click on Test Connection

Current README:

vycenter

VyOS frontend made in Python / Django using VyOS new 1.3 API server

It will work with a single VyoS server or to multiple VyOS servers, so datacenters which do not want share same firewall to different customers will not need to install several vycenter to each customer. That’s why the name vycenter.

features

in alpha stage we’re going to provide just essential device config, interfaces and firewall, as proof of concencept, as well config module basic cruds (users, groups and vyOS Servers)

interfaces module

list interfaces - alpha
show interface - alpha
unset/set firewall interface - todo
change interface parameters - todo

firewall module

basic firewall rules creation proof of concept - done
basic list firewall rules - done
basic add firewall rules - done
basic edit firewall rules - done
basic firewall create - done
change firewall rules order - todo
delete firewall rules - todo

other modules - todo

ospf
bgp
ipsec
openvpn
reports (maybe collecting using snmp)
ssh management
system login managament
nat
dhcp servers
static routes

config module

vycenter users crud - todo
vycenter groups crud - todo
vyos instance using database - done
full vyos instances crud - todo
add new VyoS instances test connection while adding - todo
add new VyoS instances test connection all servers crontab - todo
associate groups to VyOS instances

dockerhub

latest vycenter is being autobuilt at dockerhub

docker pull robertoberto/vycenter

docker composer

Right now we are using db.sqlite3, but I used composer so we can change to mySQL if needed.

docker-compose build
docker-compose  up

manual install instructions

setup virtual env and pip requirements

virtualenv env
source env/bin/activate
pip3 install -r requirements.txt

setup initial database

cd vycenter
python3 manage.py migrate

run webserver

python3 manage.py runserver

setup vyos new instance

click on Add new instance
configure vyos services like explained in docs
click on List Instances
click on Test Connection

robertoberto · April 30, 2020, 11:45am

slack channel: Slack

syncer · April 30, 2020, 11:46am

Thanks @robertoberto!
i pinned topic so people can see it more often

robertoberto · May 8, 2020, 12:57pm

(post deleted by author)

robertoberto · May 9, 2020, 5:38pm

20.05.01 - version created to start project framework, organize permission systems and concept test with some firewall and interface functions and statics routes released

please test and give me feedbacks thanks

syncer · May 9, 2020, 7:39pm

put some screenshots in first post to capture more attention

robertoberto · May 9, 2020, 8:56pm

@syncer I cannot edit, on edit icon I can only see history

robertoberto · May 10, 2020, 4:15pm

robertoberto · May 10, 2020, 4:15pm

List VyOS Instances

robertoberto · May 10, 2020, 4:16pm

List Firewall

olofl · May 11, 2020, 8:28am

This looks very interesting! If I understand this correctly, you will be able to create firewall rules, or other configuration snippets, that will be able to push to multiple devices?
For instance in a datacenter where multiple vyos routers share the same firewall groups and rules.

robertoberto · May 11, 2020, 4:45pm

Yes, that’s right. Our users cases will be:

datacenter which want to offer Firewall to multiple customers
individual installations are supported too and are not harder to implement than multi VyOS instances

We think about ran VyControl inside VyOS or directly as Python django runserver or inside a Docker if we add Docker function inside VyOS for whom want to enable

robertoberto · May 15, 2020, 6:23am

new screenshoot

robertoberto · May 16, 2020, 10:06pm

VyControl alpha released 20.05.02.1000 - working firewall without zones

check at github
subscribe announce list at our homepage

VyControl: VyOS Web Frontend

VyControl is a single frontend interface to manage a single or multiple VyoS servers. Only download VyOS Rolling Release, since VyControl needs the latest VyOS API.

Still in 2020, the most important functionalities that until then were only possible through CLI (command line interface), will be possible through a friendly and web interface developed in Django / Python.

Standalone VyoS installations can now have a control panel.

Datacenter installations with multiple VyoS will be able to offer their customers (with users, groups and granular control) firewall as a service

robertoberto · June 15, 2020, 2:46pm

VyControl 20.05.10 - released

Release Description:

Full zone based firewall features.

AlexB · July 29, 2020, 3:43pm

If managing multiple VyOS instances/routers, it’s becoming somekind of “SDN controller”?

wornet-mwo · September 9, 2020, 6:50am

This is a really interesting project. Looking into code, it seems to use django (which is fine) and allow management by hand for instances.

This is nice for smaller environments. Are there thoughts about also allow management of “many” vyos instances in an automatic way?

jhjacobs81 · January 23, 2021, 8:10pm

This looks nice

I was looking for a firewall that could be easily managed, especially for the SMB market. This project could help bring “managed firewall services” to VyOS big time

robertoberto · April 2, 2021, 8:40pm

Yes, that’s idea. You can manage several VyOS instances using VyControl.

If you are a Datacenter, your internal team can use VyControl to manage your customers. Or you can give public access to your customers, so they can directly manage their Firewall using VyControl.

Network between VyControl and VyOS intances can be a private VLAN, so users will not need to have public SSH access to VyOS instances anymore.