Module vyos#
License: ASL2.0
Version: 3.0.6
Upstream project: https://github.com/inmanta/vyos.git
Typedefs#
- typedef vyos::abrtype_t#
Base type
string
Type constraint
(self in ['cisco','ibm','shortcut','standard'])
- typedef vyos::area#
Base type
number
Type constraint
((self >= 0) and (self < 4294967296))
- typedef vyos::duplex#
Base type
string
Type constraint
(((self == 'auto') or (self == 'half')) or (self == 'full'))
- typedef vyos::ospf_metric_t#
Base type
number
Type constraint
((self > 0) and (self <= 16))
- typedef vyos::ospf_metric_type_t#
Base type
number
Type constraint
(self in [1,2])
- typedef vyos::redistribute_t#
Base type
string
Type constraint
(self in ['bgp','connected','kernel','rip','static'])
- typedef vyos::speed#
Base type
string
Type constraint
(self in ['10','100','1000','2500','10000','auto'])
- typedef vyos::tunnel_encap_t#
Base type
string
Type constraint
(self in ['gre','gre-bridge','ipip','sit','ipip6','ip6ip6'])
- typedef vyos::tunnel_key_t#
Base type
number
Type constraint
((self >= 0) and (self <= 99999))
- typedef vyos::tunnel_mtu_t#
Base type
number
Type constraint
((self >= 64) and (self <= 8024))
- typedef vyos::vlan_id#
Base type
int
Type constraint
((self >= 0) and (self < 4095))
- typedef vyos::firewall::action_t#
Base type
string
Type constraint
(self in ['accept','drop','reject'])
- typedef vyos::firewall::protocol_t#
Base type
string
Type constraint
(self in ['tcp_udp','all','icmp','tcp','udp'])
- typedef vyos::routemap::rm_action_t#
Base type
string
Type constraint
(self in ['permit','deny'])
- typedef vyos::vpn::auth_mode_t#
Base type
string
Type constraint
(self in ['pre-shared-secret','rsa','x509'])
- typedef vyos::vpn::conn_type_t#
Base type
string
Type constraint
(self in ['initiate','respond'])
- typedef vyos::vpn::dh_group_t#
Base type
string
Type constraint
(self in [2,5,14,15,16,17,18,19,20,21,22,23,24,25,26])
- typedef vyos::vpn::encryption_t#
Base type
string
Type constraint
(self in ['aes128','aes256','3des'])
- typedef vyos::vpn::esp_mode_t#
Base type
string
Type constraint
(self in ['tunnel','transport'])
- typedef vyos::vpn::hash_t#
Base type
string
Type constraint
(self in ['md5','sha1','sha256','sha384','sha512'])
- typedef vyos::vpn::kex_t#
Base type
string
Type constraint
(self in ['ikev1','ikev2'])
- typedef vyos::vpn::local_address_t#
Base type
string
Type constraint
(ip::is_valid_ip_v10(self) or (self == 'any'))
Entities#
- entity vyos::Address#
Parents:
std::Entity
An address entity to add multiple addresses to an interface
- attribute ip::cidr_v10 ip#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::BaseHost#
Parents:
ip::Host
A vyos (or derivative) based host.
- attribute string user='inmanta'#
- attribute string password='inmanta'#
- attribute number port=22#
- attribute bool skip_on_connect_error=false#
When true, vyos resources deployed on this host will be skipped when the handler fails to connect to the host. Otherwise the resource will be marked as failed.
- relation vyos::Credential credential [1]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vyosConfig
constrainttrue
constraint
true
- entity vyos::BaseInterface#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute ip::cidr_v10? address=null#
- attribute bool dhcp=false#
- relation vyos::Address addresses [0:*]#
- relation vyos::PolicyRoute policy_route [0:1]#
Set a policy route for this interface.
- relation vyos::Shaper traffic_policy_out [0:1]#
other end:
vyos::Shaper.interfaces_in [0:*]
- relation vyos::Shaper traffic_policy_in [0:1]#
other end:
vyos::Shaper.interfaces_out [0:*]
- relation vyos::Bridge bridge_group [0:1]#
other end:
vyos::Bridge.members [0:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::ifacePolicyRoute
constraintpolicy_route is defined
- entity vyos::Bridge#
Parents:
vyos::BaseInterface
- attribute string type='bridge'#
- relation vyos::BaseInterface members [0:*]#
other end:
vyos::BaseInterface.bridge_group [0:1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::bridge
constrainttrue
- entity vyos::Config#
Parents:
vyos::ConfigItem
,std::PurgeableResource
VYOS config block resource
This is the central resource, that is used to deploy specific configlets.
- attribute string device#
- attribute string node#
- attribute bool never_delete=false#
- attribute bool save=true#
- attribute bool send_event=true#
- attribute string[] keys_only=List()#
Only compare these keys, ignore all other keys that are in the current state
- attribute string[] ignore_keys=List()#
Ignore these keys in the current state
- attribute bool facts=false#
When set to true the config is never executed. The value under node is exposed as a fact
- attribute bool skip_on_connect_error#
- relation vyos::Credential credential [1]#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::ConfigItem#
Parents:
std::Entity
- attribute string config#
- relation vyos::ExtraConfig extra [0:*]#
other end:
vyos::ExtraConfig.parent [1]
- entity vyos::ConfigNode#
Parents:
std::Entity
- attribute string node_name#
- attribute bool purged=false#
- attribute bool purge_on_delete=false#
- relation vyos::ConfigItem config [0:1]#
- relation vyos::BaseHost host [1]#
The following implementations are defined for this entity:
- entity vyos::Credential#
Parents:
std::Entity
- attribute string address#
- attribute string user#
- attribute string password#
- attribute number port#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::DhcpServer#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute ip::cidr subnet#
- attribute ip::ip default_router#
- attribute ip::ip[] dns_servers#
- attribute ip::ip range_start#
- attribute ip::ip range_end#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::dhcpServer
constrainttrue
- entity vyos::ExtraConfig#
Parents:
vyos::ConfigItem
- relation vyos::ConfigItem parent [1]#
other end:
vyos::ConfigItem.extra [0:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::extraconfig_depends
constrainttrue
- entity vyos::Host#
Parents:
vyos::BaseHost
The following implements statements select implementations for this entity:
constraint
true
vyos::commonConfig
constrainttrue
- entity vyos::Hostname#
Parents:
vyos::ConfigNode
- attribute string name#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::hostname
constrainttrue
- entity vyos::Interface#
Parents:
vyos::BaseInterface
- attribute bool never_delete=false#
- attribute vyos::duplex duplex='auto'#
- attribute vyos::speed speed='auto'#
- relation vyos::firewall::RuleSet inbound_ruleset [0:1]#
- relation vyos::firewall::RuleSet local_ruleset [0:1]#
- relation vyos::firewall::RuleSet outbound_ruleset [0:1]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::iface
constrainttrue
- entity vyos::IpFact#
Parents:
std::PurgeableResource
Discover interface IP
- attribute string id#
- attribute string device#
- relation vyos::BaseHost host [1]#
- relation vyos::Credential credential [1]#
- relation vyos::Interface interface [1]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::wireup_ipfact
constrainttrue
- entity vyos::Loopback#
Parents:
vyos::ConfigNode
- attribute ip::cidr address#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::loopback
constrainttrue
- entity vyos::Masquerade#
Parents:
vyos::ConfigNode
- attribute string outbound_interface#
- attribute string source_address#
- attribute number rule#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::masq
constrainttrue
- entity vyos::Ospf#
Parents:
vyos::ConfigNode
- attribute vyos::area area=0#
- attribute ip::cidr[] network#
- attribute ip::ip router_id#
- attribute string[]? passive_interfaces=null#
- attribute string[]? passive_interface_excludes=null#
- attribute vyos::abrtype_t abrtype='cisco'#
- relation vyos::OspfRedistribute redistributes [0:*]#
other end:
vyos::OspfRedistribute.ospf [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::ospf
constrainttrue
- entity vyos::OspfRedistribute#
Parents:
std::Entity
- attribute vyos::redistribute_t type#
- attribute vyos::ospf_metric_t? metric=null#
- attribute vyos::ospf_metric_type_t metric_type=2#
- attribute string? route_map=null#
- relation vyos::Ospf ospf [1]#
other end:
vyos::Ospf.redistributes [0:*]
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::PolicyRoute#
Parents:
vyos::ConfigNode
Route policy for Vyos Polciy Based Routing.
- attribute std::alfanum name#
The name for this policy route
- relation vyos::PolicyRouteRule rules [1:*]#
other end:
vyos::PolicyRouteRule.policy [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::policyRoute
constrainttrue
- entity vyos::PolicyRouteRule#
Parents:
vyos::ConfigNode
Rule in a route policy for Vyos Polciy Based Routing.
- attribute number id#
The rule number
- attribute number table#
Routing table for traffic matching this rule
- attribute std::alfanum? description=null#
Description for this rule
- attribute ip::cidr? match_source_address=null#
The source address to match traffic on
- attribute ip::cidr? match_destination_address=null#
The destination address to match traffic on. Can only be specified if match_protocol is set
- attribute ip::port? match_source_port=null#
The source port to match traffic on. Can only be specified if match_protocol in [“tcp”, “udp”]
- attribute ip::port? match_destination_port=null#
The destination port to match traffic on
- attribute std::alfanum? match_protocol=null#
The protocol to match traffic on
- relation vyos::PolicyRoute policy [1]#
other end:
vyos::PolicyRoute.rules [1:*]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::policyRouteRule
constrainttrue
- entity vyos::RouteMap#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute string? description=null#
- relation vyos::routemap::Rule rules [0:*]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::routeMap
constrainttrue
- entity vyos::Shaper#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute string bandwidth#
- attribute string default_bandwidth='50%'#
- attribute string default_ceiling='100%'#
- attribute string default_queue_type='fair-queue'#
- relation vyos::BaseInterface interfaces_in [0:*]#
other end:
vyos::BaseInterface.traffic_policy_out [0:1]
- relation vyos::BaseInterface interfaces_out [0:*]#
other end:
vyos::BaseInterface.traffic_policy_in [0:1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::shaper
constrainttrue
- entity vyos::StaticRoute#
Parents:
vyos::ConfigNode
- attribute ip::cidr destination#
- attribute ip::ip next_hop#
- attribute number table=0#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::staticRouteDefault
constraint(table == 0)
vyos::staticRouteTable
constraint(table > 0)
- entity vyos::Tunnel#
Parents:
vyos::BaseInterface
- attribute string? description=null#
- attribute vyos::tunnel_mtu_t mtu=1476#
- attribute vyos::tunnel_encap_t encapsulation#
- attribute ip::ip_v10 local_ip#
- attribute ip::ip_v10? remote_ip=null#
- attribute vyos::tunnel_key_t? key=null#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::tunnel
constrainttrue
- entity vyos::Vif#
Parents:
vyos::BaseInterface
- attribute vyos::vlan_id vlan#
- attribute string type='vif'#
- attribute string name=''#
- relation vyos::Interface parent [1]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vif
constrainttrue
- entity vyos::firewall::AddressGroup#
Parents:
vyos::firewall::Group
- attribute string[] addresses#
- string vyos::firewall::AddressGroup.description='inmanta managed address-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::addressGroup
constrainttrue
- entity vyos::firewall::Group#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute string group_type#
- entity vyos::firewall::NetworkGroup#
Parents:
vyos::firewall::Group
- attribute ip::cidr[] networks#
- string vyos::firewall::NetworkGroup.description='inmanta managed network-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::networkGroup
constrainttrue
- entity vyos::firewall::PortGroup#
Parents:
vyos::firewall::Group
- attribute string[] ports#
- string vyos::firewall::PortGroup.description='inmanta managed port-group'
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::portGroup
constrainttrue
- entity vyos::firewall::Rule#
Parents:
std::Entity
- attribute number id#
- attribute vyos::firewall::action_t action#
- attribute vyos::firewall::protocol_t protocol#
- string vyos::firewall::Rule.description='inmanta managed rule'
- relation vyos::firewall::Group source [0:*]#
- relation vyos::firewall::Group destination [0:*]#
- relation vyos::firewall::RuleSet ruleset [1]#
other end:
vyos::firewall::RuleSet.rules [0:*]
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::firewall::RuleSet#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute vyos::firewall::action_t default_action#
- string vyos::firewall::RuleSet.description='inmanta managed ruleset'
- relation vyos::firewall::Rule rules [0:*]#
other end:
vyos::firewall::Rule.ruleset [1]
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::firewall::ruleSet
constrainttrue
- entity vyos::openstackext::OpenstackHost#
Parents:
vyos::BaseHost
,openstack::Host
A vyos based host for Openstack
- attribute string? floatingIP=null#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::openstackext::withFip
constraintfloatingIP is defined
vyos::commonConfig
constraint(not floatingIP is defined)
constraint
true
vyos::openstackext::openstackConfig
constrainttrue
- entity vyos::routemap::Match#
Parents:
std::Entity
- attribute string? interface=null#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::routemap::Rule#
Parents:
std::Entity
- attribute number id#
- attribute vyos::routemap::rm_action_t action#
- relation vyos::routemap::Match match [1]#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::vpn::Authentication#
Parents:
std::Entity
- attribute string id#
- attribute vyos::vpn::auth_mode_t mode#
- attribute string? remote_id=null#
- attribute string? rsa_key_name=null#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::vpn::ESPGroup#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute bool compression#
- attribute number lifetime#
- attribute vyos::vpn::esp_mode_t mode#
- attribute bool pfs#
- relation vyos::vpn::ESPProposal proposals [1:*]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::espGroup
constrainttrue
- entity vyos::vpn::ESPProposal#
Parents:
std::Entity
- attribute number id#
- attribute vyos::vpn::encryption_t encryption#
- attribute vyos::vpn::hash_t hash='sha1'#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::vpn::IKEGroup#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute vyos::vpn::kex_t key_exchange='ikev1'#
- attribute number lifetime#
- relation vyos::vpn::IKEProposal proposals [1:*]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::ikeGroup
constrainttrue
- entity vyos::vpn::IKEProposal#
Parents:
std::Entity
- attribute number id#
- attribute vyos::vpn::dh_group_t? dh_group=null#
- attribute vyos::vpn::encryption_t encryption#
- attribute vyos::vpn::hash_t hash='sha1'#
The following implements statements select implementations for this entity:
std::none
constrainttrue
- entity vyos::vpn::IPSECOptions#
Parents:
vyos::ConfigNode
- attribute string[] ipsec_interfaces=List()#
- attribute string[] log_modes=List()#
- attribute bool nat_traversal=false#
- attribute ip::cidr[] allowed_nat_networks=List()#
The following implements statements select implementations for this entity:
vyos::vpn::ipsecOptions
constrainttrue
- entity vyos::vpn::KeyGen#
Parents:
std::PurgeableResource
Ensure an RSA key has been generated
- attribute string id='keygen'#
- attribute string device#
- relation vyos::BaseHost host [1]#
- relation vyos::Credential credential [1]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::wireup
constrainttrue
- entity vyos::vpn::RSAKey#
Parents:
vyos::ConfigNode
- attribute string name#
- attribute string rsa_key#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::rsaKey
constrainttrue
- entity vyos::vpn::SiteToSite#
Parents:
vyos::ConfigNode
- attribute string peer#
- attribute vyos::vpn::conn_type_t connection_type#
- attribute vyos::vpn::local_address_t local_address#
- relation vyos::vpn::Authentication authentication [1]#
- relation vyos::vpn::IKEGroup ike_group [1]#
- relation vyos::vpn::ESPGroup default_esp_group [0:1]#
- relation vyos::vpn::Tunnel tunnels [0:*]#
The following implementations are defined for this entity:
The following implements statements select implementations for this entity:
vyos::vpn::siteToSite
constrainttrue
Implementations#
- implementation vyos::bridge#
- implementation vyos::commonConfig#
- implementation vyos::dhcpServer#
- implementation vyos::extraconfig_depends#
- implementation vyos::hostname#
- implementation vyos::iface#
- implementation vyos::ifacePolicyRoute#
- implementation vyos::loopback#
- implementation vyos::masq#
- implementation vyos::ospf#
- implementation vyos::policyRoute#
- implementation vyos::policyRouteRule#
- implementation vyos::routeMap#
- implementation vyos::shaper#
- implementation vyos::staticRouteDefault#
- implementation vyos::staticRouteTable#
- implementation vyos::tunnel#
- implementation vyos::vif#
- implementation vyos::vyosConfig#
- implementation vyos::wireup_ipfact#
- implementation vyos::firewall::addressGroup#
- implementation vyos::firewall::networkGroup#
- implementation vyos::firewall::portGroup#
- implementation vyos::firewall::ruleSet#
- implementation vyos::openstackext::openstackConfig#
- implementation vyos::openstackext::withFip#
- implementation vyos::vpn::espGroup#
- implementation vyos::vpn::ikeGroup#
- implementation vyos::vpn::ipsecOptions#
- implementation vyos::vpn::rsaKey#
- implementation vyos::vpn::siteToSite#
- implementation vyos::vpn::wireup#
Resources#
- class vyos.Config#
Resource for entity
vyos::Config
Id attribute
nodeid
Agent name
device
Handlers
vyos.VyosHandler
- class vyos.IpFact#
Resource for entity
vyos::IpFact
Id attribute
id
Agent name
device
Handlers
vyos.IpFactHandler
- class vyos.KeyGen#
Resource for entity
vyos::vpn::KeyGen
Id attribute
id
Agent name
device
Handlers
vyos.KeyGenHandler
Handlers#
- class vyos.VyosHandler#
Handler name
sshconfig
Handler for entity
vyos::Config
- class vyos.KeyGenHandler#
Handler name
keygen
Handler for entity
vyos::vpn::KeyGen
- class vyos.IpFactHandler#
Handler name
IpFact
Handler for entity
vyos::IpFact