Releases: nutanixdev/zerotouch-framework
Release list
v2.0.0
Notice
ZTF 2.0.0 is a ground-up rewrite using the Nutanix v4 API Python SDK. The legacy
v2 / v3 / Foundation Central / NCM-Calm / NDB workflows from the 1.x line
are not yet ported (see Migrating from ZTF 1.x
in the project README); 2.x establishes the new declarative,
multi-domain, plan-and-apply foundation.
What's New
Framework Rewrite
- New declarative configuration model:
input.yml(resources & data
sources) +global.yml(SDK / connection settings). - New
ztfClick CLI replacing the legacypython main.py --workflow
invocation. Commands:init,plan,apply,refresh,destroy,
import,examples,repl. - Multi-domain orchestration: a single run can target many Prism
Centrals in parallel, each with its own data sources, resources,
and credentials. - Dependency resolution: automatic topological ordering via
interpolation analysis ({resource_name.extId},
{domain.resource.field}) plus explicitdepends_on. - State management: YAML state file with advisory file locking,
automatic backups, and incremental writes. - Auto-refresh:
plan,apply, anddestroyreconcile state with
live infrastructure first;--no-refreshand--strictavailable
for CI flows. - Confirmation prompt before
apply/destroy;--auto-approve
for trusted CI/CD. - Post-apply summary with created / updated / deleted / failed counts.
v4 SDK Coverage
- 16 Nutanix v4 namespaces wired through
ntnx-*-py-clientpackages:
clustermgmt,networking,prism,vmm,iam,volumes,
microseg,dataprotection,monitoring,lifecycle,aiops,
security,licensing,objects,opsmgmt,datapolicies,
multidomain. - Schema negotiation: per-PC-version request body filtering driven by
multi_namespace_compatibility_map.jsonso the sameinput.yml
works across PC minors that ship different namespace versions. - ETag /
If-Matchround-trip handled automatically via SDK reserved
fields and a curated 268-entityetag_requiredmap. NTNX-Request-Idauto-injection on every mutation (SDK-level).
Plan / Apply Lifecycle
- Field-level diff output in
planshowing exactly which fields will
change on update. - Plan-file workflow:
ztf plan --out plan.jsonwrites a canonical
plan;ztf apply --plan plan.json [--force]replays it with hash
verification to guarantee plan/apply consistency. - Selective destroy via
--target(repeatable). - Cross-domain reverse-wave destroy: dependent domains tear down
before the domains they reference. --strictmakes refresh errors a hard failure (CI-friendly).
Configuration Surface
- Variables and var-files with multi-source override precedence.
- Auto-loaded variable files:
ztfvars.ymland*.auto.ztfvars.yml. - Dynamic resources:
for_eachexpansion plus the newcount: N
sugar (desugars tofor_each: {str(i): i}witheach.index). - Lifecycle rules:
prevent_destroy,ignore_changes,
create_before_destroy(beta). - Data sources: read-only lookups of existing infrastructure with
filter support; resolved at apply time. - Outputs section with YAML / JSON file export via
--output-file. - User-defined
{fn.*}functions (functions.py) for computed
values, templates, and base64 encoding. - Interpolation tokens:
{var.name},{each.key},{each.value},
{each.index},{fn.name(args)},{data.entity.name.field},
{resource_name.extId},{domain.resource.field}.
Import & Examples
ztf import <resource> <domain>brings existing infrastructure under
state with a suggested config snippet printed for the user.ztf import --file <manifest>for bulk import.ztf examplesauto-generates per-entity YAML examples and Markdown
reference docs (field descriptions, enum values, version
availability) underexamples/plus a starterfunctions.py.ztf replopens a read-only Python REPL with data sources loaded
for ad-hoc value discovery.
Operational Improvements (Phase A–E hardening)
Drop-in fixes from the ztf-2.0-rc branch — no breaking changes:
- Sub-entity updates correctly resolve referenced parent ext-ids and
dispatch the right SDK method, fixing update drift on nested
resources. run_results/resolves relative to the invoking workspace instead
of the package install path.- Deepcopy guard prevents mutation of cached entity payloads across
repeated plan / apply invocations. - Entity cache keys use tuple composition instead of string
concatenation, eliminating cross-entity cache-key collisions. - Deep structural comparison rewritten from quadratic
match-and-delete to a linear multiset freeze; significantly faster
planon large states. - Internal tech-debt cleanup in
provider.pyand
entity_handler.py.
Security
setuptools.packages.findrestricts wheel contents to theztf*
namespace, preventingtests/,scripts/,examples/, and
workflow/from shipping as importable top-level packages on
install.- License switched from MIT (1.x) to Apache-2.0; see
LICENSE.txt
andNOTICE.
Tooling
- Python 3.10, 3.11, 3.12, and 3.13 supported.
- Packaged via
pyproject.toml(legacysetup.pyremoved); managed
withuvand published to PyPI asnutanix-ztf. - Multi-stage
Dockerfileshipping aruntimeimage and a
wheels-exporttarget for dark-site offline installs. - New CI surface:
ci.yml,publish.yml,functional-tests.yml,
black-duck.yml. Linting & formatting viaruff, type checking
viamypy, security scanning viabandit.
Known Limitations
- Nutanix Files APIs not supported due to an upstream package
dependency conflict; tracking with Nutanix. update,delete,create_before_destroy,operations, and
destroyare functional but beta — always runztf plan
beforeztf applyand review the diff.- Legacy 1.x feature surfaces (Foundation Central imaging, Prism
Element v2 operations, Pod / pod-block conceptual workflows, NCM /
Calm DSL workloads, NDB, NKE / Karbon, legacy script-based Objects
flow) are not yet ported. Use the
1.xbranch
(last releasev1.5.2) until parity lands. See
Migrating from ZTF 1.x.
Migration
Anyone tracking nutanixdev/zerotouch-framework@main on a pinned
SHA will see a large delete-and-rewrite as 2.0.0 ships:
framework/, calm-dsl-bps/, calm-whl/, requirements/,
dev-setup-README.md, setup.py, main.py, and
config/example-configs/ are removed; the new tree is rooted at the
ztf/ Python package plus pyproject.toml. Pin to v1.5.2 or the
1.x branch if you need the legacy surfaces. Forward parity work is
ongoing.
v1.5.2
What's New
Bug Fixes
- Fixed Issue related to Hypervisor Type Field
- Fixed Issue with CMSP Timeout
- Fixed Issue with Enable Network Controller
- Fixed Issue with IPMI Gateway not being Optional
- Fixed Issue with PC 7.x version because of API Version Switching
1.5.1
What's New
Bug Fixes
- Fixed issue with 'missing' commits in the release pipeline
- Added 'IAM' v4 client in requirements.txt
v1.5.0
What's New
Framework Enhancements
- New
site-deployworkflow for deploying sites leveraging Foundation Central - New
cluster-createandimaging-onlyworkflows which also leverage Foundation Central
New PC Operations
- Add IAM entities in PC using v4 APIs, which include create ops for Roles, UserGroups, Users, IAMKeys, AuthorizationPolicy, DirectoryServices
- Enable MarketPlace
- Enable Foundation Central
- Generate Foundation Central API keys
New PE operations
With the v2 API endpoint for virtual switch being deprecated we've added the v4 API endpoint as part of the create_pe_subnets_script
Bug Fixes
- Fixed several bugs in
create_pc_vmsscript - Fixed a bug related to ipmi_netmask field in
foundation_script - Fixed a bug in
create_objectstoresscript
v1.4.1
What's New
Framework Enhancements
- Integrated Unit Test Framework
- Introduced v4 API SDK for PC
- Added backward compatibility for v3 APIs for older PC versions by implementing a mechanism to choose the API version based on the PC build version
Initial NDB Functionality
- Deploy & Configure NDB Management
- Deploy NDB VMs
- Change NDB VM password
- Register NDB Clusters
- Enable NDB Multi-Cluster
- Create Compute Profiles
- Create Network Profiles
- Enable NDB HA
- Enable / Disable Pulse
New Operations Functionalities
Imaging Workflow Update
- Added support to specify VLAN ID in the imaging workflow
PE Operations
- Upload Image to PE
- Create VM in PE
- Power VM On/Off in PE
PC Deployment Operations
- Deploy multiple PC instances to a single Nutanix Cluster
- Select which PC to register with PE
- Enable and configure CMSP during PC deployment
PC Configuration Operations
- Enabled/Disabled Network Controller in PC
- Create VMs and manage power transitions
- New v4 API CRUD Operations for:
- Categories
- Address Groups
- Service Groups
- Security Policies (Flow Network Security Next-Gen)
- VPCs
Bug fixes
- Fixed an issue where hypervisor_hostname was being ignored in the API payload
- Fixed an issue where the IPMI gateway was being passed instead of the IPMI subnet
v1.3.1
v1.3.1
CVM Foundation version enhancement
- An additional script has been included to modify the CVM Foundation version (either upgrade or downgrade)
Create Identity Provider (IDP) in IAM
- We now facilitate the setup of any IDPs compliant with SAML 2.0 in Prism Central
Hypervisor hostname Configuration in Imaging
- "hypervisor_hostname" can now be defined in pod-deploy.yml
to configure the Hypervisor hostname during Imaging
Objects
- It is now possible to define "storage_network" and "public_network" separately when creating an Objectstore
Cyberark
- The Cyberark integration has been enhanced to support the Cyberark AIM API
Cluster Configuration workflow
- HA reservation and Rebuild Capacity Reservation are now supported in the Cluster Configuration workflow
v1.3.0.2
v1.3.0.2
What's New
Improvement
- The framework is now compatible with Python 3.9 and higher, as opposed to its previous compatibility with Python 3.10
v1.3.0.1
v1.3.0.1
What's New
Bug
- Fixed invalid schema bug for "deploy-pc" workflow
v1.3.0
v1.3.0
What's New
Framework Enhancements
- Integration with CyberArk Vault for secure storage. Additional vault integrations will be included in future updates.
- Integration with Infoblox IPAM for efficient IP address management. Support for other IPAM solutions will be added in upcoming iterations.
- Centralized storage of credential and IPAM configurations in global.yml file.
- Introduction of new workflows:
- config-cluster: Configures the cluster settings.
- deploy-pc: Deploys the PC (Prism Central) entity.
- config-pc: Configures the PC entities.
- ZTF now supports delete operations on both PC and PE entities.
- Improved PC deployment: If a file failed to download previously, the download process will now resume instead of starting from scratch.
Imaging and Cluster Creation Features
- Integration with IPAM for Imaging and Cluster deployment.
- Ability to specify CVM, Host, and IPMI IPs for each node individually.
v1.2.1.2
v1.2.1.2
What's New
Bug
- Fixed Module Not Found Error for PCDeploy
- Updated example config