Skip to content

Releases: nutanixdev/zerotouch-framework

v2.0.0

Choose a tag to compare

@nxBroome nxBroome released this 11 Jun 14:25
7927871

Notice

ZTF 2.0.0 is a ground-up rewrite using the Nutanix v4 API Python SDK. The legacy
v2 / v3 / Foundation Central / NCM-Calm / NDB workflows from the 1.x line
are not yet ported (see Migrating from ZTF 1.x
in the project README); 2.x establishes the new declarative,
multi-domain, plan-and-apply foundation.

What's New

Framework Rewrite

  • New declarative configuration model: input.yml (resources & data
    sources) + global.yml (SDK / connection settings).
  • New ztf Click CLI replacing the legacy python main.py --workflow
    invocation. Commands: init, plan, apply, refresh, destroy,
    import, examples, repl.
  • Multi-domain orchestration: a single run can target many Prism
    Centrals in parallel, each with its own data sources, resources,
    and credentials.
  • Dependency resolution: automatic topological ordering via
    interpolation analysis ({resource_name.extId},
    {domain.resource.field}) plus explicit depends_on.
  • State management: YAML state file with advisory file locking,
    automatic backups, and incremental writes.
  • Auto-refresh: plan, apply, and destroy reconcile state with
    live infrastructure first; --no-refresh and --strict available
    for CI flows.
  • Confirmation prompt before apply / destroy; --auto-approve
    for trusted CI/CD.
  • Post-apply summary with created / updated / deleted / failed counts.

v4 SDK Coverage

  • 16 Nutanix v4 namespaces wired through ntnx-*-py-client packages:
    clustermgmt, networking, prism, vmm, iam, volumes,
    microseg, dataprotection, monitoring, lifecycle, aiops,
    security, licensing, objects, opsmgmt, datapolicies,
    multidomain.
  • Schema negotiation: per-PC-version request body filtering driven by
    multi_namespace_compatibility_map.json so the same input.yml
    works across PC minors that ship different namespace versions.
  • ETag / If-Match round-trip handled automatically via SDK reserved
    fields and a curated 268-entity etag_required map.
  • NTNX-Request-Id auto-injection on every mutation (SDK-level).

Plan / Apply Lifecycle

  • Field-level diff output in plan showing exactly which fields will
    change on update.
  • Plan-file workflow: ztf plan --out plan.json writes a canonical
    plan; ztf apply --plan plan.json [--force] replays it with hash
    verification to guarantee plan/apply consistency.
  • Selective destroy via --target (repeatable).
  • Cross-domain reverse-wave destroy: dependent domains tear down
    before the domains they reference.
  • --strict makes refresh errors a hard failure (CI-friendly).

Configuration Surface

  • Variables and var-files with multi-source override precedence.
  • Auto-loaded variable files: ztfvars.yml and *.auto.ztfvars.yml.
  • Dynamic resources: for_each expansion plus the new count: N
    sugar (desugars to for_each: {str(i): i} with each.index).
  • Lifecycle rules: prevent_destroy, ignore_changes,
    create_before_destroy (beta).
  • Data sources: read-only lookups of existing infrastructure with
    filter support; resolved at apply time.
  • Outputs section with YAML / JSON file export via --output-file.
  • User-defined {fn.*} functions (functions.py) for computed
    values, templates, and base64 encoding.
  • Interpolation tokens: {var.name}, {each.key}, {each.value},
    {each.index}, {fn.name(args)}, {data.entity.name.field},
    {resource_name.extId}, {domain.resource.field}.

Import & Examples

  • ztf import <resource> <domain> brings existing infrastructure under
    state with a suggested config snippet printed for the user.
  • ztf import --file <manifest> for bulk import.
  • ztf examples auto-generates per-entity YAML examples and Markdown
    reference docs (field descriptions, enum values, version
    availability) under examples/ plus a starter functions.py.
  • ztf repl opens a read-only Python REPL with data sources loaded
    for ad-hoc value discovery.

Operational Improvements (Phase A–E hardening)

Drop-in fixes from the ztf-2.0-rc branch — no breaking changes:

  • Sub-entity updates correctly resolve referenced parent ext-ids and
    dispatch the right SDK method, fixing update drift on nested
    resources.
  • run_results/ resolves relative to the invoking workspace instead
    of the package install path.
  • Deepcopy guard prevents mutation of cached entity payloads across
    repeated plan / apply invocations.
  • Entity cache keys use tuple composition instead of string
    concatenation, eliminating cross-entity cache-key collisions.
  • Deep structural comparison rewritten from quadratic
    match-and-delete to a linear multiset freeze; significantly faster
    plan on large states.
  • Internal tech-debt cleanup in provider.py and
    entity_handler.py.

Security

  • setuptools.packages.find restricts wheel contents to the ztf*
    namespace, preventing tests/, scripts/, examples/, and
    workflow/ from shipping as importable top-level packages on
    install.
  • License switched from MIT (1.x) to Apache-2.0; see LICENSE.txt
    and NOTICE.

Tooling

  • Python 3.10, 3.11, 3.12, and 3.13 supported.
  • Packaged via pyproject.toml (legacy setup.py removed); managed
    with uv and published to PyPI as nutanix-ztf.
  • Multi-stage Dockerfile shipping a runtime image and a
    wheels-export target for dark-site offline installs.
  • New CI surface: ci.yml, publish.yml, functional-tests.yml,
    black-duck.yml. Linting & formatting via ruff, type checking
    via mypy, security scanning via bandit.

Known Limitations

  • Nutanix Files APIs not supported due to an upstream package
    dependency conflict; tracking with Nutanix.
  • update, delete, create_before_destroy, operations, and
    destroy are functional but beta — always run ztf plan
    before ztf apply and review the diff.
  • Legacy 1.x feature surfaces (Foundation Central imaging, Prism
    Element v2 operations, Pod / pod-block conceptual workflows, NCM /
    Calm DSL workloads, NDB, NKE / Karbon, legacy script-based Objects
    flow) are not yet ported. Use the
    1.x branch
    (last release v1.5.2) until parity lands. See
    Migrating from ZTF 1.x.

Migration

Anyone tracking nutanixdev/zerotouch-framework@main on a pinned
SHA will see a large delete-and-rewrite as 2.0.0 ships:
framework/, calm-dsl-bps/, calm-whl/, requirements/,
dev-setup-README.md, setup.py, main.py, and
config/example-configs/ are removed; the new tree is rooted at the
ztf/ Python package plus pyproject.toml. Pin to v1.5.2 or the
1.x branch if you need the legacy surfaces. Forward parity work is
ongoing.

v1.5.2

Choose a tag to compare

@nxBroome nxBroome released this 18 Nov 13:38
56487fb

What's New

Bug Fixes

  • Fixed Issue related to Hypervisor Type Field
  • Fixed Issue with CMSP Timeout
  • Fixed Issue with Enable Network Controller
  • Fixed Issue with IPMI Gateway not being Optional
  • Fixed Issue with PC 7.x version because of API Version Switching

1.5.1

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 05 Sep 05:52
1fac8a1

What's New

Bug Fixes

  • Fixed issue with 'missing' commits in the release pipeline
  • Added 'IAM' v4 client in requirements.txt

v1.5.0

Choose a tag to compare

@nxBroome nxBroome released this 03 Sep 19:28
4b89335

What's New

Framework Enhancements

  • New site-deploy workflow for deploying sites leveraging Foundation Central
  • New cluster-create and imaging-only workflows which also leverage Foundation Central

New PC Operations

  • Add IAM entities in PC using v4 APIs, which include create ops for Roles, UserGroups, Users, IAMKeys, AuthorizationPolicy, DirectoryServices
  • Enable MarketPlace
  • Enable Foundation Central
  • Generate Foundation Central API keys

New PE operations

With the v2 API endpoint for virtual switch being deprecated we've added the v4 API endpoint as part of the create_pe_subnets_script

Bug Fixes

  • Fixed several bugs in create_pc_vms script
  • Fixed a bug related to ipmi_netmask field in foundation_script
  • Fixed a bug in create_objectstores script

v1.4.1

Choose a tag to compare

@nxBroome nxBroome released this 24 Feb 18:05
64a586c

What's New

Framework Enhancements

  • Integrated Unit Test Framework
  • Introduced v4 API SDK for PC
  • Added backward compatibility for v3 APIs for older PC versions by implementing a mechanism to choose the API version based on the PC build version

Initial NDB Functionality

  • Deploy & Configure NDB Management
    • Deploy NDB VMs
    • Change NDB VM password
    • Register NDB Clusters
    • Enable NDB Multi-Cluster
    • Create Compute Profiles
    • Create Network Profiles
    • Enable NDB HA
    • Enable / Disable Pulse

New Operations Functionalities

Imaging Workflow Update

  • Added support to specify VLAN ID in the imaging workflow

PE Operations

  • Upload Image to PE
  • Create VM in PE
  • Power VM On/Off in PE

PC Deployment Operations

  • Deploy multiple PC instances to a single Nutanix Cluster
  • Select which PC to register with PE
  • Enable and configure CMSP during PC deployment

PC Configuration Operations

  • Enabled/Disabled Network Controller in PC
  • Create VMs and manage power transitions
  • New v4 API CRUD Operations for:
    • Categories
    • Address Groups
    • Service Groups
    • Security Policies (Flow Network Security Next-Gen)
    • VPCs

Bug fixes

  • Fixed an issue where hypervisor_hostname was being ignored in the API payload
  • Fixed an issue where the IPMI gateway was being passed instead of the IPMI subnet

v1.3.1

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 17 Jun 15:19
8bd8af1

v1.3.1

CVM Foundation version enhancement

  • An additional script has been included to modify the CVM Foundation version (either upgrade or downgrade)

Create Identity Provider (IDP) in IAM

  • We now facilitate the setup of any IDPs compliant with SAML 2.0 in Prism Central

Hypervisor hostname Configuration in Imaging

  • "hypervisor_hostname" can now be defined in pod-deploy.yml
    to configure the Hypervisor hostname during Imaging

Objects

  • It is now possible to define "storage_network" and "public_network" separately when creating an Objectstore

Cyberark

  • The Cyberark integration has been enhanced to support the Cyberark AIM API

Cluster Configuration workflow

  • HA reservation and Rebuild Capacity Reservation are now supported in the Cluster Configuration workflow

v1.3.0.2

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 23 May 06:47
543c640

v1.3.0.2

What's New

Improvement

  • The framework is now compatible with Python 3.9 and higher, as opposed to its previous compatibility with Python 3.10

v1.3.0.1

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 14 May 15:16
321572f

v1.3.0.1

What's New

Bug

  • Fixed invalid schema bug for "deploy-pc" workflow

v1.3.0

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 08 May 11:49
dfcf090

v1.3.0

What's New

Framework Enhancements

  • Integration with CyberArk Vault for secure storage. Additional vault integrations will be included in future updates.
  • Integration with Infoblox IPAM for efficient IP address management. Support for other IPAM solutions will be added in upcoming iterations.
  • Centralized storage of credential and IPAM configurations in global.yml file.
  • Introduction of new workflows:
    • config-cluster: Configures the cluster settings.
    • deploy-pc: Deploys the PC (Prism Central) entity.
    • config-pc: Configures the PC entities.
  • ZTF now supports delete operations on both PC and PE entities.
  • Improved PC deployment: If a file failed to download previously, the download process will now resume instead of starting from scratch.

Imaging and Cluster Creation Features

  • Integration with IPAM for Imaging and Cluster deployment.
  • Ability to specify CVM, Host, and IPMI IPs for each node individually.

v1.2.1.2

Choose a tag to compare

@darshanpyadav93 darshanpyadav93 released this 25 Apr 07:06
dde0e47

v1.2.1.2

What's New

Bug

  • Fixed Module Not Found Error for PCDeploy
  • Updated example config