Module vyos¶
License: ASL2.0
Version: 1.1.1
Upstream project: https://github.com/inmanta/vyos.git
Typedefs¶
-
typedef
vyos::abrtype_t
¶ Base type
string
Type constraint
(self in ['cisco','ibm','shortcut','standard'])
-
typedef
vyos::area
¶ Base type
number
Type constraint
((self >= 0) and (self < 4294967296))
-
typedef
vyos::duplex
¶ Base type
string
Type constraint
(((self == 'auto') or (self == 'half')) or (self == 'full'))
-
typedef
vyos::ospf_metric_t
¶ Base type
number
Type constraint
((self > 0) and (self <= 16))
-
typedef
vyos::ospf_metric_type_t
¶ Base type
number
Type constraint
(self in [1,2])
-
typedef
vyos::redistribute_t
¶ Base type
string
Type constraint
(self in ['bgp','connected','kernel','rip','static'])
-
typedef
vyos::speed
¶ Base type
string
Type constraint
(self in ['10','100','1000','2500','10000','auto'])
-
typedef
vyos::tunnel_encap_t
¶ Base type
string
Type constraint
(self in ['gre','gre-bridge','ipip','sit','ipip6','ip6ip6'])
-
typedef
vyos::tunnel_key_t
¶ Base type
number
Type constraint
((self >= 0) and (self <= 99999))
-
typedef
vyos::tunnel_mtu_t
¶ Base type
number
Type constraint
((self >= 64) and (self <= 8024))
-
typedef
vyos::firewall::action_t
¶ Base type
string
Type constraint
(self in ['accept','drop','reject'])
-
typedef
vyos::firewall::protocol_t
¶ Base type
string
Type constraint
(self in ['tcp_udp','all','icmp','tcp','udp'])
-
typedef
vyos::routemap::rm_action_t
¶ Base type
string
Type constraint
(self in ['permit','deny'])
-
typedef
vyos::vpn::auth_mode_t
¶ Base type
string
Type constraint
(self in ['pre-shared-secret','rsa','x509'])
-
typedef
vyos::vpn::conn_type_t
¶ Base type
string
Type constraint
(self in ['initiate','respond'])
-
typedef
vyos::vpn::dh_group_t
¶ Base type
string
Type constraint
(self in [2,5,14,15,16,17,18,19,20,21,22,23,24,25,26])
-
typedef
vyos::vpn::encryption_t
¶ Base type
string
Type constraint
(self in ['aes128','aes256','3des'])
-
typedef
vyos::vpn::esp_mode_t
¶ Base type
string
Type constraint
(self in ['tunnel','transport'])
-
typedef
vyos::vpn::hash_t
¶ Base type
string
Type constraint
(self in ['md5','sha1','sha256','sha384','sha512'])
-
typedef
vyos::vpn::kex_t
¶ Base type
string
Type constraint
(self in ['ikev1','ikev2'])
-
typedef
vyos::vpn::local_address_t
¶ Base type
string
Type constraint
(ip::is_valid_ip_v10(self) or (self == 'any'))
Entities¶
-
entity
vyos::Address
¶ Parents:
std::Entity
An address entity to add multiple addresses to an interface
-
attribute ip::cidr_v10
ip
¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute ip::cidr_v10
-
entity
vyos::BaseHost
¶ Parents:
ip::Host
A vyos (or derivative) based host.
-
attribute string
user
='inmanta'¶
-
attribute string
password
='inmanta'¶
-
attribute number
port
=22¶
-
relation vyos::Credential
credential
[1]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vyosConfig
constrainttrue
constraint
true
-
attribute string
-
entity
vyos::BaseInterface
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute ip::cidr_v10?
address
=null¶
-
attribute bool
dhcp
=false¶
-
relation vyos::Address
addresses
[0:*]¶
-
relation vyos::PolicyRoute
policy_route
[0:1]¶ Set a policy route for this interface.
-
relation vyos::Shaper
traffic_policy_out
[0:1]¶ other end:
vyos::Shaper.interfaces_in [0:*]
-
relation vyos::Shaper
traffic_policy_in
[0:1]¶ other end:
vyos::Shaper.interfaces_out [0:*]
-
relation vyos::Bridge
bridge_group
[0:1]¶ other end:
vyos::Bridge.interfaces [0:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::ifacePolicyRoute
constraintpolicy_route is defined
-
attribute string
-
entity
vyos::Bridge
¶ Parents:
vyos::BaseInterface
-
attribute string
type
='bridge'¶
-
relation vyos::BaseInterface
interfaces
[0:*]¶ other end:
vyos::BaseInterface.bridge_group [0:1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::bridge
constrainttrue
-
attribute string
-
entity
vyos::Config
¶ Parents:
vyos::ConfigItem
,std::PurgeableResource
VYOS config block resource
This is the central resource, that is used to deploy specific configlets.
-
attribute string
device
¶
-
attribute string
node
¶
-
attribute bool
never_delete
=false¶
-
attribute bool
save
=true¶
-
attribute bool
send_event
=true¶
-
attribute string[]
keys_only
=List()¶ Only compare these keys, ignore all other keys that are in the current state
-
attribute string[]
ignore_keys
=List()¶ Ignore these keys in the current state
-
attribute bool
facts
=false¶ When set to true the config is never executed. The value under node is exposed as a fact
-
relation vyos::Credential
credential
[1]¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute string
-
entity
vyos::ConfigItem
¶ Parents:
std::Entity
-
attribute string
config
¶
-
relation vyos::ExtraConfig
extra
[0:*]¶ other end:
vyos::ExtraConfig.parent [1]
-
attribute string
-
entity
vyos::ConfigNode
¶ Parents:
std::Entity
-
attribute string
node_name
¶
-
attribute bool
purged
=false¶
-
attribute bool
purge_on_delete
=false¶
-
relation vyos::ConfigItem
config
[0:1]¶
-
relation vyos::BaseHost
host
[1]¶
The following implementations are defined for this entity:
-
attribute string
-
entity
vyos::Credential
¶ Parents:
std::Entity
-
attribute string
address
¶
-
attribute string
user
¶
-
attribute string
password
¶
-
attribute number
port
¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute string
-
entity
vyos::DhcpServer
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute ip::cidr
subnet
¶
-
attribute ip::ip
default_router
¶
-
attribute ip::ip[]
dns_servers
¶
-
attribute ip::ip
range_start
¶
-
attribute ip::ip
range_end
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::dhcpServer
constrainttrue
-
attribute string
-
entity
vyos::ExtraConfig
¶ Parents:
vyos::ConfigItem
-
relation vyos::ConfigItem
parent
[1]¶ other end:
vyos::ConfigItem.extra [0:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::extraconfig_depends
constrainttrue
-
relation vyos::ConfigItem
-
entity
vyos::Host
¶ Parents:
vyos::BaseHost
The following implements statements select implementations for this entity:
constraint
true
vyos::commonConfig
constrainttrue
-
entity
vyos::Hostname
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::hostname
constrainttrue
-
attribute string
-
entity
vyos::Interface
¶ Parents:
vyos::BaseInterface
-
attribute bool
never_delete
=false¶
-
attribute vyos::duplex
duplex
='auto'¶
-
attribute vyos::speed
speed
='auto'¶
-
relation vyos::firewall::RuleSet
inbound_ruleset
[0:1]¶
-
relation vyos::firewall::RuleSet
local_ruleset
[0:1]¶
-
relation vyos::firewall::RuleSet
outbound_ruleset
[0:1]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::iface
constrainttrue
-
attribute bool
-
entity
vyos::IpFact
¶ Parents:
std::PurgeableResource
Discover interface IP
-
attribute string
id
¶
-
attribute string
device
¶
-
relation vyos::BaseHost
host
[1]¶
-
relation vyos::Credential
credential
[1]¶
-
relation vyos::Interface
interface
[1]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::wireup_ipfact
constrainttrue
-
attribute string
-
entity
vyos::Loopback
¶ Parents:
vyos::ConfigNode
-
attribute ip::cidr
address
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::loopback
constrainttrue
-
attribute ip::cidr
-
entity
vyos::Masquerade
¶ Parents:
vyos::ConfigNode
-
attribute string
outbound_interface
¶
-
attribute string
source_address
¶
-
attribute number
rule
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::masq
constrainttrue
-
attribute string
-
entity
vyos::Ospf
¶ Parents:
vyos::ConfigNode
-
attribute vyos::area
area
=0¶
-
attribute ip::cidr[]
network
¶
-
attribute ip::ip
router_id
¶
-
attribute string[]?
passive_interfaces
¶
-
attribute string[]?
passive_interface_excludes
¶
-
attribute vyos::abrtype_t
abrtype
='cisco'¶
-
relation vyos::OspfRedistribute
redistributes
[0:*]¶ other end:
vyos::OspfRedistribute.ospf [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::ospf
constrainttrue
-
attribute vyos::area
-
entity
vyos::OspfRedistribute
¶ Parents:
std::Entity
-
attribute vyos::redistribute_t
type
¶
-
attribute vyos::ospf_metric_t?
metric
¶
-
attribute vyos::ospf_metric_type_t
metric_type
=2¶
-
attribute string?
route_map
=null¶
-
relation vyos::Ospf
ospf
[1]¶ other end:
vyos::Ospf.redistributes [0:*]
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute vyos::redistribute_t
-
entity
vyos::PolicyRoute
¶ Parents:
vyos::ConfigNode
Route policy for Vyos Polciy Based Routing.
-
attribute std::alfanum
name
¶ The name for this policy route
-
relation vyos::PolicyRouteRule
rules
[1:*]¶ other end:
vyos::PolicyRouteRule.policy [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::policyRoute
constrainttrue
-
attribute std::alfanum
-
entity
vyos::PolicyRouteRule
¶ Parents:
vyos::ConfigNode
Rule in a route policy for Vyos Polciy Based Routing.
-
attribute number
id
¶ The rule number
-
attribute number
table
¶ Routing table for traffic matching this rule
-
attribute std::alfanum?
description
=null¶ Description for this rule
-
attribute ip::cidr?
match_source_address
=null¶ The source address to match traffic on
-
attribute ip::cidr?
match_destination_address
=null¶ The destination address to match traffic on. Can only be specified if match_protocol is set
-
attribute ip::port?
match_source_port
=null¶ The source port to match traffic on. Can only be specified if match_protocol in [“tcp”, “udp”]
-
attribute ip::port?
match_destination_port
=null¶ The destination port to match traffic on
-
attribute std::alfanum?
match_protocol
=null¶ The protocol to match traffic on
-
relation vyos::PolicyRoute
policy
[1]¶ other end:
vyos::PolicyRoute.rules [1:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::policyRouteRule
constrainttrue
-
attribute number
-
entity
vyos::RouteMap
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute string?
description
=null¶
-
relation vyos::routemap::Rule
rules
[0:*]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::routeMap
constrainttrue
-
attribute string
-
entity
vyos::Shaper
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute string
bandwidth
¶
-
attribute string
default_bandwidth
='50%'¶
-
attribute string
default_ceiling
='100%'¶
-
attribute string
default_queue_type
='fair-queue'¶
-
relation vyos::BaseInterface
interfaces_in
[0:*]¶ other end:
vyos::BaseInterface.traffic_policy_out [0:1]
-
relation vyos::BaseInterface
interfaces_out
[0:*]¶ other end:
vyos::BaseInterface.traffic_policy_in [0:1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::shaper
constrainttrue
-
attribute string
-
entity
vyos::StaticRoute
¶ Parents:
vyos::ConfigNode
-
attribute ip::cidr
destination
¶
-
attribute ip::ip
next_hop
¶
-
attribute number
table
=0¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::staticRouteDefault
constraint(table == 0)
vyos::staticRouteTable
constraint(table > 0)
-
attribute ip::cidr
-
entity
vyos::Tunnel
¶ Parents:
vyos::BaseInterface
-
attribute string?
description
=null¶
-
attribute vyos::tunnel_mtu_t
mtu
=1476¶
-
attribute vyos::tunnel_encap_t
encapsulation
¶
-
attribute ip::ip_v10
local_ip
¶
-
attribute ip::ip_v10?
remote_ip
=null¶
-
attribute vyos::tunnel_key_t?
key
=null¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::tunnel
constrainttrue
-
attribute string?
-
entity
vyos::Vif
¶ Parents:
vyos::BaseInterface
-
attribute net::vlan_id
vlan
¶
-
attribute string
type
='vif'¶
-
attribute string
name
=''¶
-
relation vyos::Interface
parent
[1]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vif
constrainttrue
-
attribute net::vlan_id
-
entity
vyos::firewall::AddressGroup
¶ Parents:
vyos::firewall::Group
-
attribute string[]
addresses
¶
-
string vyos::firewall::AddressGroup.description='inmanta managed address-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::addressGroup
constrainttrue
-
attribute string[]
-
entity
vyos::firewall::Group
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute string
group_type
¶
-
attribute string
-
entity
vyos::firewall::NetworkGroup
¶ Parents:
vyos::firewall::Group
-
attribute ip::cidr[]
networks
¶
-
string vyos::firewall::NetworkGroup.description='inmanta managed network-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::networkGroup
constrainttrue
-
attribute ip::cidr[]
-
entity
vyos::firewall::PortGroup
¶ Parents:
vyos::firewall::Group
-
attribute string[]
ports
¶
-
string vyos::firewall::PortGroup.description='inmanta managed port-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::portGroup
constrainttrue
-
attribute string[]
-
entity
vyos::firewall::Rule
¶ Parents:
std::Entity
-
attribute number
id
¶
-
attribute vyos::firewall::action_t
action
¶
-
attribute vyos::firewall::protocol_t
protocol
¶
-
string vyos::firewall::Rule.description='inmanta managed rule'
-
relation vyos::firewall::Group
source
[0:*]¶
-
relation vyos::firewall::Group
destination
[0:*]¶
-
relation vyos::firewall::RuleSet
ruleset
[1]¶ other end:
vyos::firewall::RuleSet.rules [0:*]
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute number
-
entity
vyos::firewall::RuleSet
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute vyos::firewall::action_t
default_action
¶
-
string vyos::firewall::RuleSet.description='inmanta managed ruleset'
-
relation vyos::firewall::Rule
rules
[0:*]¶ other end:
vyos::firewall::Rule.ruleset [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::ruleSet
constrainttrue
-
attribute string
-
entity
vyos::openstackext::OpenstackHost
¶ Parents:
vyos::BaseHost
,openstack::Host
A vyos based host for Openstack
-
attribute string?
floatingIP
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::openstackext::withFip
constraintfloatingIP is defined
vyos::commonConfig
constraint(not floatingIP is defined)
constraint
true
vyos::openstackext::openstackConfig
constrainttrue
-
attribute string?
-
entity
vyos::routemap::Match
¶ Parents:
std::Entity
-
attribute string?
interface
=null¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute string?
-
entity
vyos::routemap::Rule
¶ Parents:
std::Entity
-
attribute number
id
¶
-
attribute vyos::routemap::rm_action_t
action
¶
-
relation vyos::routemap::Match
match
[1]¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute number
-
entity
vyos::vpn::Authentication
¶ Parents:
std::Entity
-
attribute string
id
¶
-
attribute vyos::vpn::auth_mode_t
mode
¶
-
attribute string?
remote_id
=null¶
-
attribute string?
rsa_key_name
=null¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute string
-
entity
vyos::vpn::ESPGroup
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute bool
compression
¶
-
attribute number
lifetime
¶
-
attribute vyos::vpn::esp_mode_t
mode
¶
-
attribute bool
pfs
¶
-
relation vyos::vpn::ESPProposal
proposals
[1:*]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::espGroup
constrainttrue
-
attribute string
-
entity
vyos::vpn::ESPProposal
¶ Parents:
std::Entity
-
attribute number
id
¶
-
attribute vyos::vpn::encryption_t
encryption
¶
-
attribute vyos::vpn::hash_t
hash
='sha1'¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute number
-
entity
vyos::vpn::IKEGroup
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute vyos::vpn::kex_t
key_exchange
='ikev1'¶
-
attribute number
lifetime
¶
-
relation vyos::vpn::IKEProposal
proposals
[1:*]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::ikeGroup
constrainttrue
-
attribute string
-
entity
vyos::vpn::IKEProposal
¶ Parents:
std::Entity
-
attribute number
id
¶
-
attribute vyos::vpn::dh_group_t?
dh_group
=null¶
-
attribute vyos::vpn::encryption_t
encryption
¶
-
attribute vyos::vpn::hash_t
hash
='sha1'¶
The following implements statements select implementations for this entity:
std::none
constrainttrue
-
attribute number
-
entity
vyos::vpn::IPSECOptions
¶ Parents:
vyos::ConfigNode
-
attribute string[]
ipsec_interfaces
=List()¶
-
attribute string[]
log_modes
=List()¶
-
attribute bool
nat_traversal
=false¶
-
attribute ip::cidr[]
allowed_nat_networks
=List()¶
The following implements statements select implementations for this entity:
vyos::vpn::ipsecOptions
constrainttrue
-
attribute string[]
-
entity
vyos::vpn::KeyGen
¶ Parents:
std::PurgeableResource
Ensure an RSA key has been generated
-
attribute string
id
='keygen'¶
-
attribute string
device
¶
-
relation vyos::BaseHost
host
[1]¶
-
relation vyos::Credential
credential
[1]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::wireup
constrainttrue
-
attribute string
-
entity
vyos::vpn::RSAKey
¶ Parents:
vyos::ConfigNode
-
attribute string
name
¶
-
attribute string
rsa_key
¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::rsaKey
constrainttrue
-
attribute string
-
entity
vyos::vpn::SiteToSite
¶ Parents:
vyos::ConfigNode
-
attribute string
peer
¶
-
attribute vyos::vpn::conn_type_t
connection_type
¶
-
attribute vyos::vpn::local_address_t
local_address
¶
-
relation vyos::vpn::Authentication
authentication
[1]¶
-
relation vyos::vpn::IKEGroup
ike_group
[1]¶
-
relation vyos::vpn::ESPGroup
default_esp_group
[0:1]¶
-
relation vyos::vpn::Tunnel
tunnels
[0:*]¶
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::siteToSite
constrainttrue
-
attribute string
Implementations¶
-
implementation
vyos::bridge
¶
-
implementation
vyos::commonConfig
¶
-
implementation
vyos::dhcpServer
¶
-
implementation
vyos::extraconfig_depends
¶
-
implementation
vyos::hostname
¶
-
implementation
vyos::iface
¶
-
implementation
vyos::ifacePolicyRoute
¶
-
implementation
vyos::loopback
¶
-
implementation
vyos::masq
¶
-
implementation
vyos::ospf
¶
-
implementation
vyos::policyRoute
¶
-
implementation
vyos::policyRouteRule
¶
-
implementation
vyos::routeMap
¶
-
implementation
vyos::shaper
¶
-
implementation
vyos::staticRouteDefault
¶
-
implementation
vyos::staticRouteTable
¶
-
implementation
vyos::tunnel
¶
-
implementation
vyos::vif
¶
-
implementation
vyos::vyosConfig
¶
-
implementation
vyos::wireup_ipfact
¶
-
implementation
vyos::firewall::addressGroup
¶
-
implementation
vyos::firewall::networkGroup
¶
-
implementation
vyos::firewall::portGroup
¶
-
implementation
vyos::firewall::ruleSet
¶
-
implementation
vyos::openstackext::openstackConfig
¶
-
implementation
vyos::openstackext::withFip
¶
-
implementation
vyos::vpn::espGroup
¶
-
implementation
vyos::vpn::ikeGroup
¶
-
implementation
vyos::vpn::ipsecOptions
¶
-
implementation
vyos::vpn::rsaKey
¶
-
implementation
vyos::vpn::siteToSite
¶
-
implementation
vyos::vpn::wireup
¶
Resources¶
-
class
vyos.
Config
¶ Resource for entity
vyos::Config
Id attribute
nodeid
Agent name
device
Handlers
vyos.VyosHandler
-
class
vyos.
IpFact
¶ Resource for entity
vyos::IpFact
Id attribute
id
Agent name
device
Handlers
vyos.IpFactHandler
-
class
vyos.
KeyGen
¶ Resource for entity
vyos::vpn::KeyGen
Id attribute
id
Agent name
device
Handlers
vyos.KeyGenHandler
Handlers¶
-
class
vyos.
VyosHandler
¶ Handler name
sshconfig
Handler for entity
vyos::Config
-
class
vyos.
KeyGenHandler
¶ Handler name
keygen
Handler for entity
vyos::vpn::KeyGen
-
class
vyos.
IpFactHandler
¶ Handler name
IpFact
Handler for entity
vyos::IpFact